Z-Wave Alliance ups security in home automation products

December 2, 2016 OpenSystems Media
  • You’re probably tired of hearing me say it, but it can’t be stressed enough—security must be paramount in your design, whether it’s a financial system, a medical device, or a home-automation product. Don’t get caught closing the barn door after the cows have left, or whatever that saying is.

    In attempt to shut that barn door, so to speak, the Z-Wave Alliance has announced some new security requirements for any IoT devices that comply with its standard. Z-Wave is a communications protocol that allows all types of home-automation products to interact seamlessly. This could include anything from thermostats and garage door openers to lights, locks, and alarm systems.

    The Alliance’s Board of Directors recently mandated that all devices receiving Z-Wave Certification after April of next year must include the latest Security 2 (S2) framework, what it deems as the industry’s strongest levels of IoT security. This affects mostly smart-home devices and controllers, gateways, and hubs.

    The S2 framework was developed by the Alliance, but with the help of leading cybersecurity hacking experts. If followed correctly, S2 removes the risk of networked devices being hacked, in theory at least, in their communications between the devices and the cloud.

    By using a QR or pin-code on the device itself, the devices are uniquely authenticated to the network as well. This should thwart common hacks. In addition, for further protection, Z-Wave strengthened its cloud communication protocol, enabling the tunnelling of all Z-Wave over IP (Z/IP) traffic through a secure TLS 1.1 tunnel.

    More information on Z-Wave security technologies is available from Sigma Designs, one of the leaders in home-automation technologies.

Rich Nass, Embedded Computing Brand Director
Previous Article
Bluetooth and market trends in mesh networking
Bluetooth and market trends in mesh networking

Of all the design decisions associated with an Internet of Things (IoT) deployment, the most fundamental is...

Next Article
Smart home hindered by ease of configuration, cost

Back in the '90s, before online gaming involved centralized servers, connectivity was either locally via LA...

How to Develop Cross-Industry IoT Interoperability

Multi-Part Series