Provides an overview of the security mechanisms of the ZigBee Smart Energy profile. From Metering America/World Meter Design Congress, San Diego, CA, March 2010
ZigBee Smart Energy Security Securing The HAN Network
1. Zin Kyaw, System Applications Engineer
Texas Instruments, San Diego, CA, USA
2. Agenda
• Introduction
• ZigBee Smart Energy 101
• Joining a ZigBee Smart Energy Network
• Establishing an Application Link Key
• Security Maintenance Policies
• Commissioning Considerations
• Example SE HAN Network
3. Introduction
• Paradigm shift towards appliances in the home being able to
intelligently save us money and energy
• Smart appliances must be able to communicate with the
utility back haul network via a device in the home called the
Energy Service Portal (ESP)
• This communications link must not only be robust, but also
secure
• In-depth look at the security model for the ZigBee Smart
Energy Profile
• Device commissioning and network installation procedures
are examined
• Discussion of example eco-system
4. ZigBee Smart Energy 101
• ZigBee Smart Energy is a ZigBee Alliance public
application profile that defines commands (or
clusters) and attributes for the following device
types:
– Energy Service Portal (ESP) – The ESP is the device that
provides a gateway into the home and manages the
ZigBee Smart Energy HAN
– In-Premise Display (IPD) – The IPD is a device that will
present energy consumption data and price information to
the end user either by text or graphical means
– Metering Device – These are typically metering devices
such as gas, water, and heat meters
5. ZigBee Smart Energy 101 (cont.)
• Programmable Communicating Thermostat (PCT) – Device
used to control the cooling and heating systems of the home
• Load Control Device – A device such as a pool pump or water
heater that is capable of receiving demand response and load
control events from the utility head end
• Smart Appliance – Like a load control device, a smart
appliance could be a washer, dryer, oven that is capable of
receiving demand response or pricing events from the utility
head end
• Range Extender – A range extender has no other purpose
than to be a router device for other devices in the HAN
6. ZigBee Smart Energy 101 (cont.)
• A cluster is a ZigBee term for a collection of
commands and attributes specific to a particular
behavior
• In ZigBee Smart Energy, the following clusters are
supported:
– Price – Provides functionality to convey price information
from the utility head end
– Demand Response and Load Control (DRLC) - Provides
functionality for devices such as thermostats and other
devices that perform load control
– Simple Metering - Provides functionality to retrieve usage
data from electric, gas, water metering devices
7. ZigBee Smart Energy 101 (cont.)
• Message – Provides functionality to deliver text messages
• Time – Provides functionality to synchronize time between
the time server (ESP) and other devices. UTC is used as the
common time base
• Key Establishment – Provides functionality for establishing a
link key for secure application level communication between
pairs of devices
8. Joining a ZigBee Smart Energy
Network
• Typically, the ESP is also the ZigBee
Coordinator and Trust Center, and
TrustCenter/
acts as the gate keeper for all joining
Coordinator/ESP
SE Device devices
• Device joins by using a Pre-
BeaconRequest
configured Trust Center Link Key
• Pre-configured Trust Center Link Key
BeaconResponse
is programmed at manufacturing, or
AssociationRequest
via an installation code using the
process outlined in section 5.4.8.1 of
AssociationResponse [1]
• The Pre-configured Trust Center Link
APS TransportKey
(encrypted with Trust Center Link Key)
Key is used to encrypt the APS
transport command containing the
EndDeviceAnnounce network key
• Network key is NOT sent to the
joining device in the clear
9. Establishing an Application Link Key
• After joining the network, the device establishes a link key with the ESP in
order to exchange SE application data
• The procedure is called Certificate Based Key Establishment, or CBKE for
short
• Trust is established by commissioning a Certificate Authority (CA) root key
(public key paired with the CA’s private key) and a digital certificate for
each device
• Upon successful completion of CBKE, both devices achieve to:
– Share the same link key
– Authenticate each other
– Confirm that the other device actually has computed the same key correctly
– All shared link key created per session are unique
• The trust center then updates the pre-configured trust center link key of
the joining device
10. Establishing an Application Link Key
(cont.)
TrustCenter/
SE Device
Coordinator/ESP
Initiate Key EstablishmentRequest
Initiate Key EstablishmentResponse
EphemeralDataRequest
EphemeralDataResponse
Confirm KeyRequest
ConfirmKeyResponse
APS ACK
11. Security Maintenance Policies
• The ZigBee SE system should have policies in place for
managing network key and link key updates
• Updating the network key
– Changing the network key periodically is good practice as it helps
reduce the chance of brute force attacks at the network level
– How often the network key gets updated is a network wide policy
– The core ZigBee specification provides primitives for the trust center
to update the network key and instruct devices to start using the new
network key
– If any device misses the network key update it will try to rejoin the
network using the “unsecured rejoin” procedure specified in the core
ZigBee specification
– The transport key message used to deliver the network key is
encrypted with the link key previously obtained via the CBKE process
12. Security Maintenance Policies (cont.)
• Updating the link key
– The trust center policy for updating the link key could be more
selective, as the established link key is for each pair of devices
– When it is time for the trust center to update the link key, it will mark
it as stale, and can initiate the CBKE procedure to establish a new link
key
– Once the new link key is established, the trust center will then clear
the stale status for that key
– It must mark it as stale and not delete the link key since the link key is
used to deliver the current network key per the unsecure rejoin
process
– Other devices may delete the link key prior to establishing a new link
key
13. Commissioning Considerations
• Typically the ESP (E-meter) would be the device that is installed first,
followed by other metering devices such as the gas meter
• It is expected that these devices would be installed by a service
professional
• However, the homeowner could be expected to install a device such as an
in-premise display that has been approved for use by their utility
• The Pre-Configured Trust Center Link Key for the HAN device should be
commissioned at manufacturing or configured at installation
• In a typical install scenario, the user would have to:
– Enable permit joining of the ZigBee SE HAN for a period of time via an out of
band mechanism. Part of this procedure may require the user to enter the
install code found on the device through a customer portal
– Press a button on the in-home display to tell it to join. The display would
provide the user feedback throughout the device registration process
14. Example SE HAN Network
In Premise Display shows
• All communication with
consumption, price signals and
text messages from ESP
In-Premise Display
the ESP (e-meter) is
ESP Sends PCT Load Control Event to
control HVAC
(IPD)
secured at the
application layer with
Programmable
Communicating
Thermostat (PCT)
the link key established
via CBKE
ESP (E-Meter) Simple Metering Device
Reports Current
Summation Delivered
Attribute Periodically
Simple Metering Device
(Gas, Water, Heat)
15. Conclusion
• Provided an overview of the ZigBee Smart Energy
application profile and described its security model
• The procedures of secure joining and establishing
application link keys were discussed
• Maintenance policies for updating the network and
application link keys were discussed
• ZigBee Smart Energy and ZigBee core specifications
provide all the services and tools for robust security