Security Concerns In Wireless Building Automation

August 4, 2006
/ Print / Reprints /
/ Text Size+
New ultra-low power wireless networking technologies are making it practical to embed wireless communications into virtually any building automation product. But is a building that is wirelessly automated inherently vulnerable to malicious security hacks and threats?

Perhaps. Not all wireless environments are created equal. That’s why choosing a wireless system with strong security mechanisms will become increasingly critical as the technology permeates the building automation industry.

Fortunately, the ZigBee™ wireless networking standard requires a security policy based on 128-bit AES encryption to be designed into all ZigBee-compliant devices. ZigBee provides simple yet strong, end-to-end security. It offers a standardized toolbox of security specifications and software, and it is based on a 128-bit AES algorithm incorporating the strong security elements of the IEEE 802.15.4 standard. The ZigBee stack defines security for the MAC, network, and application layers. Its security services include methods for key establishment and transport, device management, and frame protection.

If design engineers choose to use a public application-specific ZigBee profile — such as for lighting or HVAC control — then the security decisions for their applications have already been made for them; they are predefined in the profile. And chances are that even if a developer intends to build a private profile application, he will choose the security mode in one of ZigBee’s predefined stack profiles.

Two levels of security

There are two primary security levels built into the ZigBee specification: a residential mode and a commercial mode. While both modes use the same security mechanisms built on 128-bit AES, the modes have different mechanisms for key distribution, for allowing new devices to join a secure network, and providing network vs. application layer security.

Security at the network layers serves to secure single hop transmissions at each step within the network. The ZigBee Alliance has developed a network layer security option to include additional functionality not available at the MAC layer, including the ability to reject data frames if their freshness cannot be verified.

This network security layer uses a global key that all ZigBee devices on the network share, and is good for applications that need general protection of their network with a basic level of security, e.g., protection against a nefarious device maliciously inserted packets into the network. If a developer needs to establish a route and exchange data between two devices and the network layer frames were not secure, that device could intercept and later replay the packets. Messages received without the proper security level are rejected by all devices in the network.

Typically, in residential applications, ease of installation is a key factor in the design and the security mechanisms must reflect this. Typical methods for allowing new devices to join a network and providing the security key are simple mechanisms such as selected button operations. An application developer within ZigBee can choose to preinstall security keys in such applications or a key can be chosen by the device starting the network and then sent briefly in the clear to a device when it joins the network. Because the start-up of a new device in these residential networks is often based on physical proximity, the risk of rogue devices joining the network is small.

Security is job one

For commercial installations, more security is required and has been provided within ZigBee. Security can be provided at the network level similar to residential security, however, if the application needs the strongest security possible, this can be done at the application layer. Security implemented here utilizes a unique key that can only be authenticated and decrypted by the other device possessing the key. This approach protects against both internal and external attacks, but it requires more memory to implement.

ZigBee commercial security also introduces the concept of a “trust center,” which allows devices into the network, distributes keys, and enables end-to-end security between devices. Only if the trust center approves a device is it allowed into the network and provided the security keys. The key distribution within these commercial networks is done using a master key to encrypt the key being sent to prevent other devices from intercepting a key update. The trust center can also manage encrypted network-wide key updates to ensure security is maintained by the use of new keys. While this centralized trust center requires more memory and imposes restrictions on network formation and growth, it provides a higher level of network and application security required for many applications.

While wireless building automation may pose future security threats, the security mechanisms in ZigBee make it an excellent solution for preventing data and wireless nodes from being compromised, stolen, replayed, or tampered with. The ZigBee security toolbox provides most everything needed by engineers to select the best level of security for their application.IBT

You must login or register in order to post a comment.



Image Galleries

ES Gallery: Snapshots & Systems

Check out highlights from projects featured in our magazine this year!
9/25/14 2:00 pm EDT

Test Anxiety? Learn How and When to Test Your Standby Generator

This webinar will discuss generator reliability, testing, and troubleshooting from a practical perspective and make recommendations for a comprehensive inspection and testing program.

Engineered Systems Magazine


2014 September

Check out the September 2014 issue of Engineered Systems, with features on radiant panels, refrigerant flow systems, and much more!

Table Of Contents Subscribe

System Design

Based on your experience and knowledge level, are you currently comfortable designing or maintaining a system incorporating VRF or radiant ceiling panels?
View Results Poll Archive


The Green Energy Management Book

Learn from our experts how to evaluate job opportunities, market your services, sell a Walk-through Survey, target areas for an Energy Audit, calculate energy savings, do retrofit work, and win continuing contracts for retrofit work.

More Products

Clear Seas Research

Clear Seas Research ImageWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Tomorrow's Environment Podcast

This series from longtime columnist and chronic forward-thinker Howard McKew covers a lot of ground -- from retrocommissioning to systems training, on toward checklists for drawings and tips for meeting minutes. Click HERE to be taken to the podcast page!


new Facebook icon Twitter icon YouTube iconLinkedIn icon  Google+