Embedded World 2019 Flashbacks

If you want to keep in touch with the newest trends in embedded systems, Nuremberg Embedded World is the right place for you. In order to heighten your expectations, we want to share our impressions on the latest event.

More and More Chips

This year the embedded market has undergone a serious segmentation of chip manufacturers. One of the main event threads was producing chips for the deep learning and their implementation.

For instance, Nvidia’s video chipsets and their end devices for video cameras. Qualcomm in cooperation with NXP, which is famous for the achievements in vehicle automation, also follow this trend.

Companies that specialize in producing power efficient chipsets also participated in the event. A large variety of solutions with up-to-date FPGA and DSP onboard were introduced as an alternative to the standard CPU. For example, one company, produces chips with long life period for voice recognition that are as small as a pencil point, respond to certain activation words and word phrases, and has extensive battery life.

Foggy Calculations

Teradek attracted a lot of attention with the solutions based on peripheral calculations (also known as fog computing) that make the system more stable and independent from network environment and its quality. The main principle of this approach is making all the calculations on edge devices, excluding any cloud interference, that accelerates the process as there is no delay in receiving and processing the information. This approach reduces price and improves the data transfer security. Developers are now presented with a wider range of opportunities. For instance, such type of solutions can be used for elderly care without the need to install IP cameras that send the video stream to the external end user, as all the necessary information is processed and distributed to the assigned person right here and now.

Another company that uses such type of approach is Elite Vision that produces cameras with high accuracy for manufacturing facilities. They introduced camera with in-built computation module that processes the signal and provides the user with an end result of its computation. The device can be used for counting objects, scanning QR-codes, analyzing road traffic information or in any classification processes.

Such events encourage companies working in the same sphere to start new cooperation and partnerships. In that spirit, DSR is looking for camera and server station manufacturers for joint solution development.

Weapon Detection System in Public

DSR demoed a system for detecting any weapon or another predefined object (for example, products in a store) in the hands of people in a crowd. This system recognizes people and focuses on their hands. That is its peculiar feature. This product can be used for searching for people with a weapon in their hands in a small crowd. The small, power efficient chipset guarantees a long battery life period of the device and allows it to transfer the computed data and video via different types of wireless networks. This implementation of the fogging is unique because it removes the necessity of transferring data using expensive traffic. The algorithm consists of 2 neural networks: first one is responsible for identifying the wrist; the second is in charge of recognizing the object it is holding. We created a new set of data for machine learning, taught the system to accurately analyze the data, optimized the architecture and chose the right framework.

What’s Inside

In the core of the solution is the goal to make devices with such analytical power more power efficient and available to a larger number of customers without dependency on expensive hardware. That’s why our choice for a cheap machine learning device is dragonboard 410 powered by Quad-core ARM® Cortex® A53 CPU and Qualcomm Adreno 306 GPU with WiFi, Bluetooth and 3G/4G modules. Due to differentiated Quadcore CPU and GPU the development board is capable of processing several parallel tasks locally.

In addition, the system contains an Ethernet video camera, a switch, and a display. We also utilized a high performance VGA adapter produced by Nvidia and AMD for deep machine learning. Although this hardware set up meets the system requirements, its cost is still not optimal. Similar solutions are rumored to use hardware that can heat a small apartment, especially once the price of cryptocurrency falls.

This development is deep in the middle of Computer Vision – a self-learning system that is capable of learning on examples of types of weapons and human movement patterns. We are working on evolving the solution to utilize it in the area of video surveillance and public safety.

World Ruled by Robots?

“What’s New in the World of Artificial Intelligence?” asked me Alexa….

Some people believe that artificial intelligence does not exist, while others watch Sci-Fi movies and devise survival plans for when robots rise against us. Artificial intelligence today is weak, meaning many of the tasks and operations being performed now are limited in scope, but that is continuing to change every day. The development of AI is building at a rapid pace and is poised to change how we interact with the world around us on a daily basis.

Recently, with the help of artificial intelligence, companies are beginning to solve individual niche issues.  For example, emails and responses can be automated in the workplace, reducing the need for human attention. Self-driving cars are operating independently and more safely, reducing the number of accidents on roads. Experts have even predicted that in 10 years self-driving cars will be a normal reality in the US, along with radical organizational and cost structure changes for transportation companies like taxi and bus services.

Social networks, neural networks, and learning algorithms… Russian search engine Yandex is currently conducting closed testing of a new social network using AI and neural networks. Access is only available by invitation of someone who already exists on the network. By tapping into AI and neural networks, you are able to find completely new friends solely on the information you have provided to the system. The algorithms are configured so that you see people based along your selected features. Interestingly, the development with the use of artificial intelligence began to appear in areas such as beauty, cosmetology, and health.

Other large companies continue to use artificial intelligence to help predict events. Mobile operators can analyze the behavior of subscribers in order to offer services that will help improve the user experience, while other applications of modern development are aimed at helping users make decisions.

Google, Siri, Alexa, Cortana, Alice, how many virtual assistants can you remember?  There are many others, but these are some of the most popular we see today. Each of these assistants can allow you to do basic searches, analyze or processes information, but the fact remains that each assistant relates back to weak AI. Just think about how many times you’ve tried to talk humanly and gotten a response that didn’t quite seem to make any sense.

So why don’t we see strong artificial intelligence?  Well, why grow an artificial tree, if you can grow the present faster and cheaper?  Perhaps humanity doesn’t need strong AI just yet.

We are going to continue to dive deeper into this subject in our next issue. In the meantime, please remember that not all robots can be correlated with artificial intelligence. If you have a floor cleaning robot at home, this does not mean that it can study neural networks, collect or process your personal data.

Nordic Chooses DSR & Wins

Nordic Chooses DSR & Wins

DSR Corporation announces its partnership with Nordic Semiconductor. DSR’s ZBOSS 3.0 Zigbee 3.0 software stack is part of the Nordic offering for the multiprotocol nRF53840 SoC.  ZBOSS software was formally certificated by the Zigbee Alliance in September of 2018 as a Zigbee 3.0 compliant platform.

Satisfied Clients

“We are very satisfied with the choice of the Zigbee 3.0 solution vendor for our nRF52840 multiprotocol System-on-Chip (SoC),” says Nordic’s Pär Håkansson, Strategic Marketing Manager. “DSR Corporation has proven itself as a highly reliable partner, working closely with Nordic to make joint production quality software. We appreciate DSR’s professionalism, teamwork and extensive experience in software engineering and Zigbee to help us deliver a new solution to the market that will broaden Zigbee reach around the world.”

What`s Inside

nRF52840 is designed around an Arm® Cortex-M4 CPU with floating Point unit (FPU) and provides the ability to support complex and demanding applications as a single chip solution. Implementation of Zigbee in the nRF52840 SoC expands Nordic’s already broad portfolio of mesh networking solutions for smart home, industrial, and enterprise industry.

DSR’s ZBOSS 3.0 is a cross-platform, high-performance Zigbee 3.0 software protocol stack implementing Zigbee 3.0. ZBOSS 3.0 is highly interoperable and has been used as a Zigbee Pro compliant platform for several chipset solutions. ZBOSS 3.0 is a market-proven product that is used to provide interoperability between 200+ products at more than 40 companies.  ZBOSS 3.0 allows all devices roles and provides extensive support for various cluster libraries.  User-friendly, high-level APIs support fast creation of applications on a predictable budget.  Built with a fixed memory footprint, ZBOSS does not use dynamic memory allocation, which leads to predictable memory budgeting.  Lastly, an important stack feature is optimized power consumption: ZBOSS interrupt-driven I/O improves battery consumption and excludes polling. Additionally, ZBOSS utilizes low RAM capacity on the target device with a special technique in handling data structures.

Worldwide Acceptance

Following the launch of this product, we are happy to announce that Nordic’s advanced Bluetooth® 5/Thread 1.1/Zigbee PRO solution won “2018 Product of the Year”. The nRF52840 chip was named winner of the “RF/Microwave” category by Electronic Products Magazine, which has been an industry icon for more than 40 years. We are both excited for Nordic and honored that they selected us as a trusted technology partner.

Thoughts After CES 2019

CES 2019 at a Glance

Every year we make our way to CES (Consumer Electronics Show) in Las Vegas for the annual consumer electronics exhibition. Imagine over 4,500 vendors presenting new ideas and technological developments spread across an entire week — it really does give a whole new meaning to the city of lights. CES presents a great opportunity to meet like-minded individuals in similar fields, or different, helping catch new ideas, contacts, and ideas – it’s wonderful here.

The history of CES began over 52 years ago with organizers showing more progress each and every year. With the main theme being innovation and information technology, the width of coverage is vast:

  • Robotics,
  • Artificial Intelligence,
  • Three-dimensional Printing,
  • Design,
  • Drones,
  • Sport Technologies,
  • Smart Home,
  • Family & Lifestyle,
  • Virtual Reality (VR),
  • Games,
  • Unmanned Vehicles,
  • Music,
  • Entertainment & Content,
  • Cryptocurrency,
  • Internet of Things (IoT),
  • and Machine Intelligence.

 

All About IoT

The beginning of the year confirmed that IoT is coming to the mass market.  Focus has shifted from smartphones to other smart devices — and manufactures are taking notice.  Improved air quality sensors, door positions, windows, just to provide a few quick examples.  There are even smart window systems being developed that can inform the home when a window is opened wider than an indicated gap, for example.

Consumers can now choose between a wide variety of smart devices and systems, putting real pressure on manufactures and companies to advance smart home ecosystems. But the problem doesn’t just end there. Consumers need a way to connect many different smart devices to a single system – easy management.  This is where Zigbee and other wireless technologies flex their strength; gateways with multiantenna and customization service suggestions come to the rescue.

Hi Computer, Talk to Me

Voice automation control becomes more the norm than the rarity.  It falls into many devices and almost everyone has them now. People want to have a voice assistant in their home, in the office, and in the car, like Jarvis from Iron Man. Project recipes from the Internet to the kitchen door by voice request?  Yes, please!  Yet, even Alexa from Amazon or Google-assistant do not always suit as a compromising option.  Artificial intelligence is poised to grow wiser and communicate with people better and faster.  Companies that once winced at the idea of software in their products are now flocking to CES.  For example, Procter and Gamble – L’Oreal, are developing mirrors that can look at your face to determine if your skin needs support or treatment.  Maybe just a care cream?  Cameras take pictures of the users face and follow changes of the face in real time.  Maybe they’ll even notice skin cancer in due time.

It is interesting that companies that are seemingly far from “software” come into the sphere of technology.  These companies expand the development zone to such wide branches like automation for pets, children, sleep, and beauty.  There are even smart leashes and collars!  People even get interested in buying devices that can distribute pleasant smells throughout their homes.  And what if you could connect a device that could command three-dimensional TV? Cars? Batteries? Spotify on your steering wheel?  The ideas and possibilities are endless.

Robotics help businesses change their models.  It is especially gratifying that companies competing in the past are starting to cooperate.  To denote such activity, the new term ‘coopetition’ has appeared.  ‘Coopetition’ should bring even greater breakthroughs in overall development.  Teamwork gives rise to new achievements.  SDKs help bring the product to market.  Quick starts are real.

Meet & Talk

DSR had a lot of productive meetings with existing and prospective clients and it was the most successful CES to date. DSR was also a proud  sponsor of the Zigbee Alliance Social – an invitation only event that was a great opportunity to bring all of the members together in one location and celebrate Zigbee successes from 2018. During this event, Zigbee Alliance announced several of the new developments and expansions of the standard and also unveil the location of the next member meeting. The atmosphere for the event was very warm and inviting and perfect for conversations and celebration.

In Closing

Here are seven key CES 2019 takeaways that caught our attention:

  • IoT is finally an emerging mass market (and the data it gathers has lots of financial implications)
  • Amazon and Google are in “hand-to-hand combat” driving voice technology into the Smart Home and beyond
  • 5G, NB-IOT and Cat-M1 are expanding battery-powered WAN connectivity in amazing ways
  • Drones—from airborne to underwater to John Deere—are becoming platforms
  • Robotics are creating business change
  • Artificial Intelligence is getting smarter
  • “Coopetition” is happening in lots of places

IoT is moving capabilities out of smart phones and into different smart things. People want their homes, cars and offices to have a voice like Jarvis (see the Ironman movie franchise). And not everyone wants Amazon Alexa or Google Assistant as the go-between. Battery-powered WAN connectivity in a variety of speeds is making the cloud easier by “losing the gateway.” Drones and robotics platforms are giving new capabilities to businesses and consumers. Artificial Intelligence (“AI”) is changing the way products and services interact with humans. And if Apple and Samsung are teaming up, is it time to evaluate how “coopetition” might help your 2019 business goals?

What is Dotdot?

What is Dotdot?

A bit of history — the creation of Zigbee standard required a lot of effort, time and knowledge to construct. Dotdot is an alias for ZCLIP, which stands for Zigbee Cluster Library (ZCL) over IP. It is about exposing ZCL functionality to the IP world, in contrast to classic Zigbee that is always isolated from IP networks and requires a Zigbee gateway to connect Zigbee mesh with the outer world. This would become a bridge between IoT and other networks. Different manufacturers have Zigbee Gateway solutions mostly for connectivity of Zigbee network with cloud.

In classic Zigbee there are all instruments for organization, self-organization, restoring and stability of the network. Above all of this sits the Cluster Library, which calls functions allowing the clusters to communicate. Although, there is one short fall with this system – it cannot get online. With ZCL exposed to IP, it becomes possible to establish a direct communication channel between Internet/Intranet application and Dotdot device when border device remains transparent for and unaffected by the details of communication. The same way communication between Dotdot devices located on different networks is also possible under condition that device services are properly advertised across network borders or devices appear bound by means of a third-party application.

New Language: Old Terms, New Sense

Dotdot is a standard that allows you to put ZCL on any “rails” other than Zigbee – WiFi, Thread, and so on.  This is an add-on for Zigbee.  An application level protocol that allows smart devices from closed networks (with addresses) to communicate more openly through the address space that is on the Internet and other networks.  It is important to not just reach the device itself, but also to address the command to a specific cluster within, and do so securely.

 

Figuratively, Dotdot receives commands in one language and translates them into a language understandable for smart devices.  This makes smart devices ecosystem more open.  Dotdot uses the Zigbee approach in ZCL and has extended it to other types of transports as well. The mesh built for some Dotdot solution deployments is not mandated to contain only Dotdot-compatible devices.

The Commissioning Application

The Dotdot commissioning application was developed next to and based on Thread that was taken from the official Thread Commissioning App mostly as is, courtesy of the Thread Group. The application allows managing the expansion process of the Dotdot network. Seamless integration of the parts and stabilization of Thread for both mobile platforms was also performed.

This application allows third-party devices to enter, which is critical for maintaining network security.  The top layer works with Dotdot enabled devices over Thread. Thread is responsible for commissioning new Thread enabled devices to the home network and discovering devices that are already there. Dotdot makes use of device lists from Thread and as a result uncovers Dotdot enabled devices and their services. The system interrogates the device, finds what services and clusters are running, on which endpoint, and which commands support the device, allowing for a complete picture of the device’s capabilities.  Once this is completed, you are able to change the attributes and send commands from the application itself.  There are clusters, attributes, bindings and reporting.

Why Should Companies Implement Dotdot?

Speed. Abstraction. Interoperability. Dotdot provides the opportunity to create applications in a more flexible way. This is because Dotdot solutions use “generic” border routers that are standard, easy replaceable even at run time, and are not a “single point of failure.” The same data model is provided for different IoT technologies, despite what protocols are used to send data (WiFi, BLE, Zigbee, Thread, and so on), this means there is a wider market for solution spread. You can create a wider IoT system where all the devices understand each other. This creates an easier entry point for companies to develop solutions and allows application developers to focus on the application and functionality, without delving into the underlying specifics of a particular wireless network.

How to Get Started

  1. Download an SDK from a company that provides the solution.
  2. Study the provided API and Zigbee clusters description. Find the needed clusters and start own device (certified by Zigbee Alliance) implementation.
  3. Gain access to the Dotdot Commissioning Application.
  4. To accelerate your development, engage a company with experience in Dotdot and wireless technologies.
  5. Lastly, consider becoming a member of the Zigbee Alliance (if you are not already) to get access to even more tools and become involved in the development of IoT standards.

CES 2017 Impressions

Every year CES is the culmination of the latest and greatest in technology and invention. From TVs to cars, cellphones to virtual reality, industrial grade hardware to watches and players, everything is competing for consumer attention and it’s barely possible for a person to see everything displayed. CES 2016 was all about TVs, virtual reality and drones. 2017, while still following last year’s trend, moved towards the Smart Home, Smart Appliances, and Artificial Intelligence (AI). The entire IoT industry was there: starting from end-to-end solutions to wireless connectivity chips and platforms. This includes the well-positioned ZigBee Alliance booth, which included the products showcase powered by DSR with an impressive 105 products from 30+ companies for both Residential and Commercial markets.
CES2_1
This was the largest wireless ecosystem display in the entire show and is a true testament to ZigBee interoperability and presence on the market. The devices in the display were connected to DSR’s zHome IoT cloud and mobile apps, working through DSR’s low cost gateway. 
 
CES1_1
The discussion and questions at the ZigBee Alliance products demo were mainly around the gateway and ecosystem. The impressive wall also raised some questions if the products all truly  function together and they do. The impression from previous shows is that consumers as well as installers have experience with a mixed bag of installation and controls. Providing a single display demonstrated a cohesive and diverse ecosystem of interoperable products.
 
CES3_1
 
 
Some other interesting observations from the IoT/Smart Home space showed that Data and Security applications are as relevant as ever. Voice control, driven by the major push in AI is gaining major traction, with Alexa embedded in Echo leading over Google Home. The start-up area is always full of new and reinvented ideas, including speaker products, data analytics, energy consumption profiling, health sensors and apps, analytical mirrors, security and nursing products. Finally, a visible expansion in child caring and monitoring beyond the standard baby monitors and cameras are looking to address the growing needs and demands of the market and modern day parenthood. 
 
To conclude, CES 2017 was as big as ever and full of new, amazing, and improved. DSR was excited to be part of the experience and to also represent the products demo wall at the ZigBee Alliance booth, making it the largest display of products from different companies working together via a single protocol in one space. 
 
For more information about DSR products and services in IoT, please visit www.ioticity.solutions and www.dsr-zboss.com.

DSR`s ZBOSS ZigBee 3.0 stack is now part of ARM IOT offering

DSR is happy to announce that ARM has chosen DSR ZigBee 3.0 stack to support their new product, ARM® Cordio® radio IP. ARM® Cordio® radio IP belongs to the ARM family of 802.15.4 and Bluetooth 5 standards-based low-power wireless IP solutions. It provides a complete RF-to-Application solution for WPAN (Wireless Personal Area Networks) radios.

ARM reckons Cordio radio IP is the only fully integrated platform in the market and includes a transceiver, baseband, and link layer (LL) subsystem including firmware. Moreover, ARM claims devices using Cordio radios will last up to 60 percent longer between battery charges due to falling under the typical wireless circuits that run at 1.2 volts.

ZBOSS 3.0 – ZigBee 3.0 stack from DSR is now offered as the stack of choice for those willing to utilize ZigBee on top of the Cordio radio. Built with great attention to a fixed memory footprint, ZBOSS also provides optimized power consumption, making the end device last even longer.

More information about the ARM Cordio can be found here: https://www.arm.com/about/newsroom/arm-accelerates-secure-iot-from-chip-to-cloud.php.

For additional information about ZBOSS 3.0 ZigBee Stack, please visit: http://www.dsr-zboss.com/#!/.

DSR is an end-to-end IoT partner and is always ready to support your IoT solution. Feel free to contact us with any inquiries at contact@dsr-company.com.

To Mesh and Beyond

Not too long ago Bluetooth® SIG announced that Bluetooth® is going mesh, giving a rise to a new wave of interest to Mesh networking. Although the interest is growing rapidly, solutions available on the market keep using just the trusted star topology. But what are the real possibilities?

Mesh, Ad hoc and MANET

Most networks on the market are declared to be “mesh ad hoc,” so in most cases these terms are used together in turn blurring the difference between them. But there is a difference and it’s important to highlight it.

Mesh network is a kind of a network topology where all the possible connections between nodes are established. This leads to the main mesh network feature – self-healing, where broken routes can be restored using different access links between devices.

Ad hoc network is a decentralized wireless network that does not require any infrastructure to form and maintain. Nodes connection depends on its possibility. This network is self-configuring, which means that devices can join or form it on the fly.

In this way, mesh network is the most robust static type of ad hoc networks. But when both terms are used together, they typically mean ad hoc only. Mesh explains just the physical layer of wireless communication that is broadcasting from its nature where all devices that are close enough hear each other (i.e., connected) and form enough links for self-healing. To be completely accurate, it should be mentioned, that “ad hoc” means that the nodes are stationary. There is a term for mobile nodes – Mobile ad hoc networks (MANET’s). But today in PAN/LAN context (Wi-Fi, Bluetooth, ZigBee) nodes are assumed to be static due to their use cases, even if they can be moved sometimes from place to place.

Wi-Fi

Wi-Fi is an area that already has ad hoc solutions available through documents and open source. Official specification IEEE 802.11S is the less effective and innovative one. It introduces two new kinds of devices: Mesh portals and Mesh points. Mesh portals are ordinary Access points with wired connection to the Internet. Mesh points act as wireless routers between stations and portals. Everything that has “mesh” prefix is connected together where it is possible. The standard is completely the same as B.A.T.M.A.N. adv Wi-Fi mesh that is already included in the Linux core.

In parallel, open source community works on cjdns (Hyperboria) that is a real candidate for the DarkNet set of protocols. Cjdns is developed in the way to create a wireless mesh network that is totally disconnected from the Internet. Its core advantages are:

  • End-to-end encryption
  • Tunnels between segments over the Internet
  • Decentralized generation of IP addresses

The last one is a headache for all Wi-Fi ad hoc networks. Old DHCP conflicts with the essence of the ad hoc network and mobility.

Mesh networking using Wi-Fi sounds ready but not for small low-power devices. Thus, we better pay attention to Bluetooth® Low Energy (BLE) and ZigBee®.

Bluetooth®

The first thing that Mesh-network-sceptics say about Bluetooth® is that it was not designed for Mesh networking. However it is widely spread, so why not to try using it?

Existing solutions on BLE are nothing more than trying to sell things that we already have in ZigBee® under the “Mesh network” label. To build a “mesh” the customer should buy a BLE gateway that forwards packets to the cloud. All main-powered BLE devices act as routers and interconnected with each other, while battery powered devices talk to routers only. Nothing special.

But BLE wins in that it is already in devices that have the Internet connection through 3G, LTE, Wi-Fi, and even the cable. That means that in theory the customer can get more than one gateway connected by the Internet. Moreover, customer’s tablets and smartphones bring the mobility to such network.

The power of the Wi-Fi + BLE collaboration has already been explored by Apple: check out the Multipeer connectivity framework for iOS 7 and, for example, FireChat application that proudly announces “Internet is not needed to chat.”

ZigBee®

When talking about ZigBee® one thing should be kept in mind – it was initially designed to be ad hoc. The routing mechanism implemented in ZigBee® is called Ad hoc On-Demand Distance Vector (AODV). Although RFC is operating IP frames, there are no major differences. The algorithm is quite simple for CPU and gentle to ROM and is available even for a bulb or smart socket or any other main-powered device.

As it was mentioned earlier, ZigBee®-based systems on the market currently prefer to use star topology, even though it has everything to be a mesh network and should be used as such. When Wi-Fi or BLE implement mesh, it is not only a technological step forward, but a marketing reason. The truth is ZigBee® is already a step ahead in terms of technology, but maybe a step behind in terms of marketing.

One might mot like that ZigBee® network is not using IPv6. Well, neither does BLE, but it does not disturb it. Nevertheless, there is IEEE 802.15.4 + IPv6 + UDP solution called 6Lowpan and Thread or JupiterMesh built over it. Though they haven’t still made a splash on the market, probably nobody has positioned them as “mesh.”

As we can see, if the market wants mesh/ad hoc/MANET, there are all the pre-requisites for it. It is already around but the customer is not aware of it because either the market is too “shy” or that field has not yet been covered in depth. Anyway, the results will come soon and they will come from Wi-Fi, BLE, ZigBee or even a collaboration between them.

Keep Calm and Implement ZigBee Security

At the end of last year, a group of researchers from Cognosec presented their “ZigBee exploited” report at the BlackHat conference in the USA. They demonstrated a tool that allows an intruder to open your doors, shut up motion sensors off and even turn the lights off in your bedroom, of course only if these devices are controlled via ZigBee. IT and for the most part non-IT sources repeated the news many times with excessive drama effect and as a result, we had got a categorical accusation of lack of security in ZigBee and even the entire IoT. Based on the forecast that there will be 29 billion of IoT devices in the not so far 2020, “experts” convinced their readers that it is not the problem of the future but the present and that all devices are vulnerable. Now when the panic has calmed down, let’s see what happened in terms of ZigBee.

First, let’s talk about silent motion detectors. Motion detection in the system that was hacked works the following way: when a sensor detects a movement it sends a ZigBee message to a gateway (you may call it smart hub, ZigBee hub, etc.), which uses TCP/IP to deliver this message to the user. Cognosec researchers used a jammer to break the ZigBee link between the sensor and the gateway. Even when the jammer had been turned off, the motion alarm was not retransmitted because the retransmit attempts were over or the sensor decided that the link was lost (we can only guess). Samsung, whose hub was attacked during the research, has already given the proper comment and we agree with it 100%: ZigBee Motion sensors are not designed to be a professional, highly secure alarm system. We wonder if anybody has already seen a professional alarm based on a wireless protocol. Although the jammer attack is not specially a weakness of ZigBee, it may be useful for those customers, who want to get an alarm but do not want to pay a high cost.

Moving on, now we are going to discuss the weakness that was introduced as a supermassive hole in the ZigBee security, but it is actually not ZigBee specification’s fault. The reality is that a large number of ZigBee devices available on the market use the default Trust center link key to encrypt active network key transport. This key is open and there is not much difference for security in sending the network key as plain text or encrypted by the default key. ZigBee specification warns developers about such threat and recommends out of band or not-by-the-air methods to deliver an initial master key to both the trust center and the device. Researchers criticize this recommendation because it is not a requirement when the required by the specification default trust center link key in its turn breaks the security. But why shouldn’t the not in-band key delivery be a part of wireless protocol specification? Moreover, as anybody, even researchers, agree, unsecured key transport is ideally performed only once, during an association and most likely is not a threat, of course unless a maniac with an enabled ZigBee sniffer is spying on your house 24/7. And here the thing that everyone is talking about comes to the surface. Assuming that a quick, low-power, unsecured key transmission is performed once, hackers enable their jammer again to force link loss. When the link is lost, there are two ways to get the key:

  • A “typical” user triggers association one more time when an intruder’s sniffer is enabled;
  • Device tries an unsecured rejoin (that is allowed by the specification).

Respectively, there are two ways to dispute:

  • Strictly saying a “typical” user will most likely reset the device, reset doesn’t mean a factory reset, just power off/on. The reset will trigger a rejoin process and now we move on to the second point;
  • Although ZigBee allows unsecured rejoin, secured one is not forbidden; it’s just a policy, an option that can be configured by the manufacturers. The problem wouldn’t exist if the devices under the test implemented secured rejoin. There also wouldn’t be any problem, if there weren’t high security requests to the devices that implement unsecured rejoin.

The main conclusion from our dispute is that the found exploit is not a “ZigBee” one, it’s “Current ZigBee implementation exploit.” It will not be superfluous to say that researchers from Cognosec are ZigBee users too and they pointed out that ZigBee specification provides all the good recommendations to build a secure system. But dramatic headlines and maybe mass hysteria turned the device problem into the core standard one. There won’t be any panic, if anybody interested in IoT (or ZigBee), based their opinion on the original source:

https://www.youtube.com/watch?v=9xzXp-zPkjU

https://www.blackhat.com/docs/us-15/materials/us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly.pdf

The Secure Remote Access Challenge for IoT Cloud

The Internet of Things (IoT) often brings us convenience, economy, fun, and security, but it’s also a source of numerous challenges for developers, installers, and maintainers. In this article, we are talking about one facet of the global IoT challenge – secure remote access.

Every small piece of a Smart Home, be it a Thermostat, a Security Sensor, or a Light bulb, has direct, or more often indirect, access to the Internet. Local or near-field security is a very important topic – but its meaning can’t be compared with security of access to the Cloud services responsible for configuring, notification, alarms, and all other things that make our homes smart. Personal computers, smartphones, printers, NAS have network connectivity that lasts a very long time, but we should not forget that compromising some of the small home devices mentioned above would allow an attacker some control over the physical world, which is definitely a different type of risk than associated with a personal computer.

For example, imagine an attacker has access to notifications from the home’s Thermostat. He can’t control the Thermostat, however, he has access to current mode and temperature. And using this harmless data he not only violates the abstract privacy, but most likely also knows the schedule of the house occupants, as well as if someone is home at that particular moment.

The recent research published by Symantec shows the following vulnerabilities are common for almost all Smart Home Solutions.

While passwords, encryption, account enumeration, and supply chain attacks are more or less obvious and are usually related to the user experience or the corresponding standards, attacks and issues on remote access security (including web vulnerabilities, mitm attacks, and firmware tampering) should be mitigated during design and development.

So yes – it’s recommended to have secure access from Smart Home devices or Gateways. And of course there are dozens of solutions suitable and secure, at least at the current technical level. However, sometimes even a security professional asking, “what to secure?” forgets about the “when.”

What percent of devices in the field are manufactured inside a vendor’s own facilities and prototyping factories? It’s hard to know the exact answer without using floating-point operations. And even the best scheme following all standards and guidelines can be compromised during manufacturing. So here’s where the challenge becomes really intriguing.

This leads to the following requirements:

  • Server side validation (e.g., server must be sure that the client is an approved device).
  • Client side validation (e.g., client must be sure it connects with the right server).
  • Client side security materials should not be accessible by the manufacturer.

With server side validation, everything is more or less standardized. The only thing required to add to the common pattern is custom security materials for each client for the purpose of client identification.

From the client side the solution is trickier – tens of thousands of devices are in sleep mode in a warehouse somewhere when it is discovered that the server is compromised, and, as a consequence, they can’t be reprogrammed. This leads to an additional server validation service. It can be, for example, a dedicated OCSP server or some custom solution with only one function – inform the device that the server’s security materials are compromised.

When talking about compromising during manufacturing, there’s another well known, but not so widely used option – updating security materials when the device is installed. It may be manual activation via the web or just an update on first connection.

In summary:

  • All clients should have pre-programmed security materials containing unique ID for each client that should be updated as soon as the device is installed.
  • Server should have validation scheme for each client. Something simple like white list is more than enough.
  • Separate validation service should be implemented to allow clients to at least detect that the server has been compromised.
    • Note that for better security, it may be reasonable to set the lifetime of the security materials used for access of the validation service to a reasonably short value. For example, instead of years usually used for main services, use 20-30 days.

These 3 simple principles make the entire system much more secure and, as a bonus, this scheme can be implemented using open-source software as described below.

Sample Security Solution
filename

Note that the scheme above is just a sample solution; the services can be replaced with some custom implementation or appropriate analogs.

  • Root CA – In Public Key Infrastructure (PKI) acts as Root Certificate Authority – it signs certificates for Manufacturer, OpenVPN server, and OCSP responder. In addition, you should maintain the list of compromised and expired server certificates as part of the Root infrastructure Certificate Revocation List (CRL).
  • openvpn-server.com – machine (or number of machines) that runs OpenVPN server and Application Server.
    • OpenVPN Server handles VPN connections from devices. Optionally, it can check if device ID extracted from the certificate is listed in the known device list. The device list is provided by the Manufacturer and contains IDs of issued devices. This list can be used to control number of devices issued by the Manufacturer.
    • Note: Server always “knows” if the certificate is issued by the Manufacturer or by the Root CA and can replace certificate on the device after the first successful connection.
  • Manufacturer – 3rd party in the PKI acts as an intermediate Certificate Authority – it issues certificates for devices. In addition, Manufacturer should maintain the list of IDs for all issued devices and provide this list back.
  • Field device – runs different applications. Application sends the gathered info to Data Server performing the following steps:
    • establishes tunnel to OpenVPN server using OpenVPN client
    • checks (using request to OCSP server) that OpenVPN server certificate was not revoked
    • sends data using VPN tunnel to Data Server
    • closes VPN tunnel
  • ocsp-server.com – Instance of OCSP Server.
  • OCSP Server – Online Certificate Status Protocol responder. This is the special service that can be used to check if the OpenVPN server certificate was revoked.
    • Note that the OCSP certificate is equally important as the Root CA certificate since it can be used to block all VPN connections. So it is good idea to run the OCSP service on a separate machine where no additional services are running.