Zigbee Wireless Communication Protocol
Zigbee is a wireless mesh network protocol developed by the ZigBee Alliance and represents one of the main communication standards in the Internet of Things. ZigBee differs from other protocols for its ability to combine good autonomy (low power consumption) and a fair level of security (128-bit integrated encryption).
It is mainly used for short range communications and, thanks to the IEEE 802.15,4 standard, it offers a high degree of interoperability. Through small antennas with low power and low power consumption for WPAN (Wireless Personal Area Networks), this standard makes explicit a multitude of application profiles that allow to develop a specific communication for different profiles in the field of energy (Smart Energy) and home automation (ZigbeeLightLink). The relationship between ZigBee and IEEE 802.15.4-2003 can be compared to that existing between Wi-Fi Alliance and IEEE 802.11.
The ZigBee protocols are designed for use in embedded applications with low transfer rates and low power consumption. The objective is to define an economic and self-managed Wireless Mesh Network for the control of a network of sensors and actuators in order to create automation and home automation scenarios. The result is the configuration of an intelligent network that can operate for years thanks to the battery integrated in the individual nodes.
The name ZigBee comes from the behaviour pattern of a beehive. In a hive, in fact, the community is led by a single queen (Coordinator), a few male bees (Router) and thousands of working bees (End Device). They communicate with a “zigzag” model where information is shared in the network in order to reach the recipient in the most efficient way possible, sometimes overcoming barriers and obstacles.
ZigBee devices imitate this model of continuous exchange and sharing of information, which is fundamental in the design of an IoT system.
The ZigBee protocols support both “beacon enabled” and “non-beacon enabled” networks and are based on a careful research in the field of routing algorithms (commonly called Ad-Hoc On-Demand Distance Vector) aimed at structuring specific networks of nodes at low speed”.
In non-beacon enabled networks (where the beacon order is 15), a CSMA/CA channel access mechanism is used. These networks are mixed: there are some devices constantly ready to receive, while the rest is limited to transmit in the presence of an activator (stimulus) received from outside. All this allows the network to save a lot of energy.
An example is the typical Wireless switch: the ZigBee node of the lamp can be constantly receiving (or receiving with certain rules) thanks to the connection associated with the electricity network while the on/off command can remain inactive until a signal is sent. At that moment it activates, sends a command, receives an acknowledge signal and then returns inactive. The switch then represents a ZED, the lamp a ZR or a ZC.
In beacon enabled networks, the nodes called ZigBee Routers take care of transmitting beacons at predefined time intervals to confirm their presence to other nodes. The interval at which this time is managed saves energy by lowering the duty cycle by acting on precise timing mechanisms.
The energy saving that this protocol guarantees is therefore due to the fact that the activity time of the radio transmitter is minimized in an efficient and intelligent way.
ZigBee devices must comply with the standards defined in the IEEE 802.15.4-2003 Low-Rate Wireless Personal Area Network (WPAN) standard. This standard specifies both the physical layer protocol (called PHY) and the part of the data link layer of the Medium Access Control (MAC). The peculiarity of this standard is its operability in the 2.4 GHz, 915 MHz and 868 MHz bands.
In the 2.4 GHz band there are 16 Zigbee channels, each with 5MHz. The centre frequency for each channel is calculated as Fc = (2400 + 5k)MHz with k= 1 to 16. Remember that radio transmitters use DSSS encoding, a BPSK modulation is used in the 868 and 915 MHz bands and a QPSK with 4-bit transfer offset (in the 2.4 GHz band). The range of application varies between 10 and 75 meters depending on obstacles and architectural barriers, these obstacles can be overcome thanks to the configuration of an intelligent Mesh network capable of predicting these obstacles and communicate data accordingly. The data rate over the air is 250 kb/s for the 2.4 GHz band, 40 kb/s for the 915 MHz band and 20 kb/s for the 868 MHz band. The maximum transmission power is about 1 mW.
The Carrier Sense Multiple Access / Collision Avoidance (CSMA/CA) defines the basic access modes to the channel specified by the IEEE. This means that the nodes control when the channel is free and when they have to transmit, whether the message is addressed to them or not. Beacon signals are sent according to a predefined pattern, messages and device transmissions in beacon networks use Guaranteed Time Slots (GTS).
The Zigbee technology was developed with the intention of being simple and economical but equally performing, especially for new applications in the IoT field.
The main difference compared to Wi-Fi is the transmission speed, which is much lower for Zigbee but which allows it to achieve equally low power consumption. This point is crucial because sensors and actuators run on batteries and a critical parameter is precisely the management of these consumptions.
Main Application of Zigbee
Zigbee provides the flexibility needed to create intelligent sensor and actuator networks in home automation and building automation. A network can be configured with sensors and actuators from different manufacturers, provided they are Zigbee certified.
An example is the new Amazon ecosystem (Echo Plus), able to manage the Zigbee devices present in the environment and interact with the Alexa virtual assistant.
Let’s deepen these concepts.
The ZigBee stack consists of a set of blocks called layers. Each layer executes a specific set of services for the layer above it. A communication interface called SAP (service access point) is exposed between two contiguous layers. Each SAP supports a number of services.
The ZigBee technology is based for the physical layer (ISO/OSI 1) and for the Medium Access Control layer (MAC – ISO/OSI 2) on the IEEE 802.15.4 standard, the upper layers of network (Network NWK layer) and application (Application APL layer) have been defined by the ZigBee Alliance.
The physical layer operates on the separate frequency: 868/915 MHz and 2.4 GHz.
Protocol stack ZigBee
The IEEE 802.15.4 standard defines two distinct types of devices:
– FFD (Full Function Device): nodes that can perform all the functions defined by the ZigBee standard and in particular are nodes that can act as relays for other nodes.
– RFD (Reduced Function Device): nodes that can only perform a limited number of functions, in particular they are nodes that cannot forward traffic to other nodes, but only act as sources or final recipients of traffic. They are called “leaf” nodes. The fact that they can only perform a limited number of functions allows these nodes to consume less energy.
In the ZigBee network the nodes are divided into:
– ZigBee Coordinator: is an FFD type device. In a ZigBee network there is only one node that can act as coordinator, and it is the first to be activated. The ZigBee Coordinator acts as the IEEE 802.15.4 PAN (Personal Area Network) coordinator. The IEEE 802.15.4 PAN Coordinator is responsible for training the network.
A ZigBee Coordinator then performs the following functions:
- selects the channel to be used in the network
- select the Personal Area Network (PAN) ID
- assigns addresses to other nodes
- allows other nodes to join or leave the network
- takes care of transferring application packages keeps a list of nearby nodes and routers
– ZigBee Routers: it is an FFD type device. Router-type nodes are used only in some types of ZigBee networks (tree and mesh) and allow to extend the network coverage. A router is responsible for forwarding application packets to other nodes to find the best path. It can perform all the functions of a coordinator except establishing a network.
– ZigBee End Device: is an RFD type device. End device nodes are simple devices that send and receive application packages but cannot perform other functions in the network. An end device can be connected to a router or coordinator. They are usually battery-operated devices that only consume power during transmission and therefore the transmission time of an end device is usually short. In addition to the transmission of application packets, an end device can join or leave a network.
The Network layer (NWK) supports three different network topologies:
– Star: in a star network in addition to the ZigBee coordinator there are only end device devices that communicate directly with the coordinator.
– Tree: Unlike the star network, this network can be extended through the use of ZigBee Routers. End devices can therefore be connected to both the ZigBee Coordinator and the ZigBee Routers. A hierarchical routing strategy is used in the tree network. In addition, beacon oriented communication can also be used.
– Mesh: Mesh networks, such as tree networks, can also be extended through the use of ZigBee Routers. In this case, however, hierarchical routing strategies are not used, but allow full peer-to-peer communication. Moreover, ZigBee Routers in mesh networks do not currently emit normal IEEE 802.15.4 beacons.
Over the years there have been several versions of ZigBee. The main versions are as follows:
– 2006: ZigBee 2006 specification
– 2007: ZigBee 2007 specification with the popular ZigBee PRO feature set.
– 2015: ZigBee PRO 2015. These specifications have been integrated into the ZigBee 3.0 version: this new version eliminates all the problems that slowed down its deployment, offering full interoperability between a wide variety of devices that can now work together and interact with each other within the home. ZigBee 3.0 also makes it easy for developers to build applications and services for the smart home and Internet of Things. In detail, the standard includes ZigBee Home Automation, ZigBee Light Link, ZigBee Building Automation, ZigBee Retail Services, ZigBee Health Care and ZigBee Telecommunication.
– 2017: ZigBee PRO 2017,
The ZigBee profiles used for the implementation of the project scenarios are as follows: Home Automation Profile and ZigBee Light Link.
Home automation Profile
ZigBee Home Automation (HA) is the global stand defined by the Alliance of Zigbee for the creation of Smart Home systems for the control of devices in energy management, lighting, HVAC, building automation, etc..
The latest version of the standard is fully interoperable with previous versions of the same, adds new features to improve battery life, makes it easier for installers and end users to install and maintain the system and improves the procedure for pairing new devices to the wireless network.
The main lighting controls that are supported are:
- On/Off Light
- Dimmable Light
- Color Dimmable Light
- On/Off Light Switch
- Dimmer Switch
- Color Dimmer Switch
- Light Sensor
- Occupancy Sensor
Examples of standardized commands in the HVAC field are instead:
- Heating/Cooling Unit
- Temperature Sensor
- Pump Controller
- Pressure Sensor
- Flow Sensor
ZigBee Light Link
ZigBee Light Link (ZLL) is the ZigBee profile designed for the world of lighting that allows you to connect lamps (monochrome and RGB), switches, dimmers and remote controls. Referring to the ISO-OSI standard, the network level on which ZLL relies is Home Automation.
ZLL consists of 2 types of nodes:
– controllers (light switches, room occupancy sensors, remote control units, smartphones, PC/Tablet). Each node can control several devices and make adjustments such as: on/off, color, mood (setting), timer;
– lights (monochromatic and colour).
ZLL is based on ZigBee Pro with these configurations:
- each node is (preferably) a Router;
- a Coordinator is not necessary;
- aTrust Center is not required to implement Security;
- only uses the mesh network;
- uses Cluster, ZCL, to define node aggregations in types: Basic, Identify, Groups, Scenes, On/Off, Level Control, Colour Control. The presence of the ZLL Commissioning Cluster is necessary.
– The simplified Touchlink procedure enables the installation of nodes on the network with a simple touch of a button on the device;
– ZigBee Pro stub supports ZigBee Pro stack for communication between Personal Area Networks (PANs);
– ZLL uses a network-level security where a single network key (randomly generated by the initiator node) is used to encrypt/decrypt communication between nodes on the same network. The key distribution is done using the master-key ZLL, pre-installed in all nodes in production.
The security in a ZigBee network, according to the ZigBee Pro 2015 Standard, is based on its two types of keys:
– Link key: 128-bit key that is used for unicast communication between equal entities at the APL level. The key is shared between two devices.
– Network key: 128-bit key that is used for broadcast communication and network level communication. The network key is shared between all devices in the network.
The recipient always knows with which key the frame has been protected.
A device can acquire the link key in two ways:
- using the key-transport procedure
- during pre-installation (during factory installation)
The network key is acquired only through the key-transport procedure.
Security between devices depends on initialization and secure installation of these keys.
The ZigBee 3.0 standard is also more secure than previous standards because it requires that the security key used to encrypt messages is different for each device. In particular, ZigBee 3.0 introduces install codes. Installation codes consist of 128 bits of random data and a 16-bit CRC. These installation codes are passed to an MMO hash function in order to generate a Trust Center link key, which would then be used instead of the known or default Trust Center link key.
Typically, Trust Center link keys derived from installation codes are encoded in devices that join the network during the manufacturing process. The corresponding installation code is then included with the device and programmed into the node that initializes the network through an out-of-band method such as a user interface.
Distribution of keys
For security reasons, the role of Trust Center is defined in the ZigBee network. The Trust Center is a device that all other devices trust to distribute keys and configure end-to-end applications. All devices must recognize exactly one active Trust Center. The Trust Center is responsible for establishing, managing and updating security policies in the network.
In a Zigbee network there are two security models that control how the network key is deployed:
- Distributed security model
- Centralized security model.
In the distributed security model all routers have the ability to act as a Trust Center and distribute the network key (it is not possible to distribute link keys). In the centralized one there can only be one device acting as a Trust Center. In a centralized security model, the Trust Center establishes policies for device join and network security.
In some applications a device can be preloaded with the Trust Center address and the initial link key, in others if a vulnerability moment is accepted the network key can be sent via a secure key transport APS message using a well-known link key. A default link key exists for this purpose.
In a centralized security network a device communicates securely with its Trust Center using a Trust Center link key. There are two types of link key trust centers: global and unique. The type of trust center link key used by the device can determine how the device handles trust center messages, including whether or not to apply APS encryption.
The link key trust center can also be used to secure APS data messages between the trust Center and the corresponding device. The choice of whether to use APS security or these APS data messages is left to the application levels.
For trust management purposes, a device accepts a Trust Center link key or network key only if it originates from its Trust Center and is sent using a key transport.
For network management purposes, in a centralized security model, a device accepts a network key only from its Trust Center if protected with the Trust Center link key.
For configuration purposes, a device accepts link keys aimed at establishing end-to-end security between two devices only from its Trust Center or by application-level negotiation using a higher-level protocol between the two devices.
Apart from the initial Trust Center link key or network key, additional link type keys or network key updates are accepted by a device only if originated by its Trust Center and sent via secure key transport message or only if negotiated using a higher-level protocol.
A link key between two devices, neither of which is the trust center, is called an application link key.
Architectural choices for security
The following architectural choices have been made in a ZigBee network:
– A Zigbee layer that generates a frame is responsible for its protection. For example, if a NWK command frame needs protection, the NWK layer security must be used.
– If you want to protect your network from malicious devices, all frames must use the NWK layer security. Only a device that has successfully joined the network and received the network key will be able to communicate its messages via multiple hops. In fact, the only step in which the network key can not be used is to join because only after the join a device receives the network key.
– Each level can re-use the keys of another level. For example, the network key can be used by the NWK layer and the APS layer. Reusing keys is allowed to reduce storage costs.
– ZigBee also provides end-to-end security so that only one source and one destination can access messages protected by a shared key.
– All devices and all levels of a device must use the same basic level of security in the network. If an application needs more security for its payload than that provided by the network layer, it can establish an application security level with another device.
BOX-IO and Zigbee Ecosystem
One of the many protocols supported by our control unit is just Zigbee. We use BOX-IO and Zigbee for the home automation of our office. Through BOX-IO with Zigbee protocol we can manage all our sensors and actuators for temperature, humidity, safety, position, detection and lights to create intelligent automation scenarios.
Thanks to Zigbee we have reduced our office’s energy consumption by 65% and its flexibility has allowed us to create specific network configurations for our customers. Our in-depth knowledge of this communication standard allows us to provide proven and reliable solutions by creating networks where different nodes operate to overcome interference and barriers and offer excellent service levels in all conditions inside and outside the network.