manualshive.com logo in svg

EnOcean B6221-K516, User Manual

Share
Download
EnOcean B6221-K516 User Manual Download Page 39

 
USER MANUAL

 

 
 
 

STM 550B / EMSIB - EASYFIT MULTISENSOR FOR IOT APPLICATIONS (2.4 GHZ BLE) 

 

© 2020 EnOcean | www.enocean.com  

F-710-017, V1.0     

 

STM 550B / EMSIB User Manual |  v1.3  | June 2020 | Page 39 / 115 

 

5.4.6

 

Resolvable Private Address mode 

 
For some applications it is desirable to modify (rotate) the source address used by STM 550B 
in order to prevent tracking of its radio transmissions.  At the same time, each  STM 550B 
device must remain uniquely identifiable by the receiver. To achieve these goals, STM 550B 
can be configured via NFC to use resolvable private addresses (RPA).  
 
Using resolvable private addresses requires that both STM 550B and the receiver both know 
a common key 

 the so-called Identity Resolution Key (IRK).  

 
STM  550B  uses  its  device-unique  random  key  as  identity  resolution  key.  This  key  can  be 
modified via the NFC configuration interface as described in chapter 9.5.12. 
 
For resolvable private addresses, the 48 bit address field is split into two sub-fields: 
 

 

prand

 

This field contains a random number which always starts (two most significant bits) 
with 0b10. The 

prand

 value is changed for each telegram that is transmitted. Individ-

ual advertising events used to transmit one telegram use the same 

prand

 value. 

 

 

hash

 

This field contains a verification value (hash) generated from 

prand

 using the IRK 

 

The structure of a random resolvable private address is shown in Figure 25 below. 
  

 

 

Figure 25 

 BLE resolvable private address structure 

 
The 

prand

 value is encrypted using the IRK. The lowest 24 bit of the result (encrypted value) 

are then used as 

hash

. The concatenation of 24 bit 

prand

 and 24 bit 

hash

 will be transmitted 

as 48 bit resolvable private address. 
 
The  receiver  maintains  a  list  of  IRK  for  all  transmitters  that  are  known  to  it  (have  been 
commissioned to work with it). Whenever it receives a radio telegram with resolvable private 
address (identified by the most significant bits being set to 

0b10

), it will itself generate a 24 

bit 

hash

  from  the  24  bit 

prand

  sequentially  using  the  IRK  of  each  device  that  it  has  been 

learned into it. If an IRK matches (i.e. when 

prand

 is encoded with this specific IRK then the 

result matches 

hash

), then the receiver has established the identity of the transmitter. 

 
So conceptually the IRK takes the role of the device source address while 

prand

 and 

hash

 

provide a mechanism to select the correct IRK among a set of IRK.  
 
Figure 26 below illustrates the address resolving scheme for random private addresses. For 
an example of resolving an address, please refer to Appendix C. 
 
 

Summary of Contents for B6221-K516

Page 1: ...B EMSIB User Manual v1 3 June 2020 Page 1 115 Patent protected WO98 36395 DE 100 25 561 DE 101 50 128 WO 2004 051591 DE 103 01 678 A1 DE 10309334 WO 04 109236 WO 05 096482 WO 02 095707 US 6 747 573 US...

Page 2: ...aracteristics No responsibility is assumed for possible omissions or inaccuracies Circuitry and specifications are subject to change without notice For the latest product specifications refer to the E...

Page 3: ...on test mode 13 2 2 6 Acceleration test mode 13 2 2 7 Factory reset mode 13 2 3 Reporting interval 14 2 3 1 Energy considerations 14 2 3 2 Standard reporting interval 15 2 3 3 Illumination controlled...

Page 4: ...4 6 Resolvable Private Address mode 39 5 4 7 Check Sum 40 5 5 Payload structure 41 5 5 1 Sensor status encoding 42 5 5 2 Sensor Data Descriptor 42 5 5 3 Data Size 43 5 5 4 Supported parameters 43 5 5...

Page 5: ...RITY_CFG 65 9 5 15 REPORTING_CFG 66 9 5 16 LED_MODE 68 9 5 17 FUNCTIONAL_MODE 69 9 5 18 STANDARD_TX_INTERVAL 70 9 5 19 THRESHOLD_CFG1 71 9 5 20 THRESHOLD_CFG2 73 9 5 21 ACC_SENSOR_CFG 74 9 5 22 SOLAR_...

Page 6: ...States regulatory statement 100 12 2 3 FCC usage conditions 100 12 2 4 FCC OEM requirements 101 12 3 ISED Industry Canada 102 12 3 1 ISED Industry Canada certificate 102 12 3 2 ISED Industry Canada re...

Page 7: ...TM 21x modules from EnOcean STM 550B integrates the following dedicated sensors Temperature Humidity Ambient light level Acceleration Magnet contact STM 550B will report regularly by default approxima...

Page 8: ...r box STM 550B Installation Kit combines the STM 550B multisensor module with a wall mount a design frame a magnet for magnet sensor functionality and an adhesive mounting tape into a ready to use pro...

Page 9: ...60 seconds configurable via NFC Device configuration LRN button and NFC interface User notification LED red Device identification Unique 48 Bit Device ID factory programmed Security AES128 CBC mode w...

Page 10: ...x of 100 units of installation material Packaging Unit 100 units Packaging Method 1 large outer box containing 2 smaller inner boxes Inner box 1 100 units STM 550B same as above Inner box 2 100 units...

Page 11: ...cases where sufficient ambient light is not available there is the option to mount a CR1632 backup battery Radio telegrams transmitted by STM 550B are authenticated AES 128 security based on a device...

Page 12: ...ed periods without oper ation such as device storage or transport In standby mode STM 550B stops operation and conserves as much energy as possible All functionality except those needed to return to s...

Page 13: ...NFC register as described in chapter 9 5 17 2 2 6 Acceleration test mode During installation STM 550B can visually indicate if detected acceleration exceeds the con figured threshold This provides qu...

Page 14: ...mption since it will measure and transmit more often Likewise increasing the reporting interval of STM 550B will reduce its power consumption since it will measure and transmit less often To select th...

Page 15: ...ces will STM 550B report with a longer reporting interval i e a lower update rate than the standard reporting interval The default setting for the standard reporting interval is one status update once...

Page 16: ...SOR_TX_INTERVAL LIGHT_SENSOR_TX_INTERVAL Figure 3 Illumination controlled reporting interval STM 550B can use either the light level at the solar cell harvested energy or the light level at the ambien...

Page 17: ...STM 550B can use the temperature measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the temperature measur...

Page 18: ...550B can use the humidity measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the humidity measurement is en...

Page 19: ...r to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the acceleration measurement is enabled in the REPORTING_CFG register as described in chapter 9 5 15 2...

Page 20: ...es the use of the magnet contact sensor controlled reporting interval Figure 7 Magnet contact sensor controlled reporting interval STM 550B can use the status of the magnet contact to trigger a higher...

Page 21: ...3 June 2020 Page 21 115 2 3 8 Arbitration between reporting intervals If more than one condition for a lower reporting interval applies e g both an acceleration exceeding the acceleration threshold i...

Page 22: ...mized to mimic the human eye s perception of ambient light This light sensor reports the light level directly underneath the sensor spot measurement Figure 8 shows the spectrum response of the STM 550...

Page 23: ...for the typical indoor temperature range Figure 9 below shows the typical accuracy of the STM 550B temperature sensor as a func tion of the ambient temperature Figure 9 Temperature sensor accuracy 3...

Page 24: ...here the device is moved or shaken The second case acceleration vector change can be used to determine the presence or absence of small vibrations acceleration vector changes Examples use cases causin...

Page 25: ...easurement of 2g should be sufficient for most use cases Acceleration threshold The acceleration threshold determines the threshold of acceleration vector change required to trigger a wake on vibratio...

Page 26: ...mity of it Refer to Figure 13 and Figure 14 for the location of the magnet contact sensor within STM 550B and to chapter 11 5 for mounting instructions EMSIB product packaging includes a block magnet...

Page 27: ...LED Magnet contact sensor Ventilation slots to ensure airflow to the temperature and humidity sensor Backup battery slot for a CR1632 battery Backup battery ejector slot on the back side Product label...

Page 28: ...w lists those LRN button actions with the corresponding STM 550B response and LED feedback Type Timing STM 550B Response LED Feedback 1 x short 1s Press Exit from Sleep Mode Send Commissioning Telegra...

Page 29: ...ttery STM 550B provides a backup battery interface to mount a CR1632 battery for cases with insufficient ambient light The backup battery has to be installed with the with the negative pole pointing u...

Page 30: ...g a backup battery Do not insert any tools into the battery slot or the battery ejection slot Doing so could create a short circuit or damage the PCB resulting in permanent damage CAUTION Risk of dama...

Page 31: ...710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 31 115 4 5 Product label Each STM 550B module contains a product label with a commissioning QR code Figure 16 below shows this label The com...

Page 32: ...used for transmission Use of different radio channels within the frequency band from 2402 MHz to 2480 MHz is possible using the NFC configuration interface see chapter 9 5 5 and 9 5 6 Table 5 below su...

Page 33: ...d radio transmission sequences In certain situations it might be desirable to transmit radio telegrams on channels other than the three advertising channels STM 550B therefore allows selecting the rad...

Page 34: ...ibed in chapter 5 3 4 below 5 3 2 Three channel sequence The three channel radio transmission sequence is similar to the default transmission se quence with the difference that the radio channels BLE...

Page 35: ...mission sequence uses a default INTERVAL setting of 20 ms an alternative setting of 10 ms can be configured via NFC as described in chapter 9 5 8 CH_REG1 CH_REG2 INTERVAL 20 ms or 10 ms CH_REG1 CH_REG...

Page 36: ...rgy BLE radio telegrams in the 2 4 GHz band For detailed information about the Bluetooth Low Energy standard please refer to the applicable specifications Figure 21 below summarizes the general BLE fr...

Page 37: ...entifies certain radio telegram parameters Figure 23 below shows the structure of the BLE header Figure 23 BLE header structure 5 4 4 Source address The 6 byte BLE Source Address MAC address uniquely...

Page 38: ...e static source address can be modified via NFC as described in chapter 9 5 4 The structure of STM 550B static addresses is therefore as follows The upper 2 bytes of the source address are for EnOcean...

Page 39: ...ed to transmit one telegram use the same prand value hash This field contains a verification value hash generated from prand using the IRK The structure of a random resolvable private address is shown...

Page 40: ...17 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 40 115 Figure 26 Resolving resolvable private addresses 5 4 7 Check Sum The 3 byte BLE Check Sum is used to verify data integrity of received BLE...

Page 41: ...is always set to 0xFF to designate manufacturer specific data field Manufacturer ID 2 byte The Manufacturer ID field is used to identify the manufacturer of BLE devices based on assigned numbers EnOc...

Page 42: ...e 28 Sensor Status field structure 5 5 2 Sensor Data Descriptor The Sensor Data Descriptor describes type and size of the following sensor data field It explicitly specifies the size to ensure forward...

Page 43: ...ore not possible to report all supported parameters Table 6 below summarizes the parameters that can be reported by STM 550B and notes the ones that are enabled by default Please refer to Appendix A f...

Page 44: ...n vector is shown in Table 7 below STATUS Interpretation 0b00 Acceleration value out of bound 0b01 Periodic update 0b10 Acceleration wake 0b11 Sensor disabled Table 7 Status field encoding for acceler...

Page 45: ...address and the telegram payload Changing any of these three parame ters will therefore result in a different signature The receiver performs the same signature calculation based on sequence counter...

Page 46: ...is constructed as concatenation of 6 byte Source Address 4 byte Sequence Counter and 3 bytes of value 0x00 for padding Note that both Source Address and Sequence Counter use little endian format least...

Page 47: ...di fied This is achieved by exchanging a 128 Bit random security key used by STM 550B to authenticate its radio telegrams STM 550B provides the following options for these tasks Radio based commission...

Page 48: ...ssioning telegram will by default be transmitted on the BLE advertising channels CH 37 38 and 39 Use of custom radio channels is possible as described in chapter 5 3 The transmission of the commission...

Page 49: ...racters Ordering Code E6221 K516 2P 4 characters Step Code Revision DA 04 S 14 characters Serial Number Table 9 QR code format From this content it is possible to extract the device address E500123456...

Page 50: ...within permitted boundaries before accepting updated NFC param eters Should an updated parameter be out of bounds then all updated parameters will be re jected and the previous configuration will be r...

Page 51: ...tablet NFC SW with read write PIN lock PIN unlock and PIN change functionality For PC applications EnOcean recommends the TWN4 Multitech 2 HF NFC Reader with sim ple CDC interface order code T4BT FB2...

Page 52: ...e ISO IEC 14443 standard For specific implementation aspects related to the NXP implementation in NT3H2111 please refer to the NXP documentation which at the time of writing was available under this l...

Page 53: ...the 7 byte UID using the ANTICOLLISION or SELECT commands for cascade level 1 READY 1 state is exited after the SELECT command from cascade level 1 with the matching complete first part of the UID has...

Page 54: ...ach page is 4 byte in size For example if the specified address is 03h then pages 03h 04h 05h 06h are returned Spe cial conditions apply if the READ command address is near the end of the accessible m...

Page 55: ...ted memory area can be accessed only after successful password verification via the PWD_AUTH command The PWD_AUTH command takes the password as parameter and if successful returns the password authent...

Page 56: ...a contains calibration values and internal parameters and cannot be used CONFIGURATION Read and Write access PIN required This area contains device configuration registers USER DATA Read and Write acc...

Page 57: ...tatic Source Address 6 byte variable Z 32 characters Security Key 16 byte variable 30P 10 characters Ordering Code S6221 K516 2P 4 characters Step Code and Revision CA03 3C 2 characters Header Start A...

Page 58: ...always set to 0xE0 LENGTH This field identifies the length of the NFC header For STM 550B this field is set to 0x0A since the header structure is 10 bytes long VERSION This field identifies the major...

Page 59: ...alid then all changes made will be rejected and the previous configuration will be restored 9 5 2 CONFIGURATION area structure The structure of the CONFIGURATION area is shown in Figure 39 below NFC A...

Page 60: ...ys starts with 0xE500 The four least significant byte of this address can be read from the SOURCE_ADDRESS register The 6 byte address can then be calculated as 0xE500 32 SOURCE_ADDRESS 9 5 5 CH_REG1 C...

Page 61: ...ard Advertising Mode Data telegrams on 2 user defined radio channels 0b0011 Commissioning telegrams in standard Advertising Mode Data telegrams on 1 user defined radio channel 0b0100 Commissioning and...

Page 62: ...the POWER bit field is shown in Table 15 below POWER Transmission Power 0b00 Default 4 dBm 0b01 0 dBm 0b10 0b11 Reserved do not use Table 15 POWER bit field encoding 9 5 8 ADV_INTERVAL The register A...

Page 63: ...The amount of OPTIONAL_DATA to be transmitted 0 1 2 or 4 byte is determined by the OPTIONAL_DATA_SIZE register described below Before making changes to the OPTIONAL_DATA_SIZE and the REPORTING_CFG reg...

Page 64: ...described in chapter 7 1 Figure 45 below shows the structure of the SECURITY_KEY_ACCESS register SECURITY_KEY_ACCESS Default Setting 0x00 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU LRN_TEL_AC...

Page 65: ...a 32 bit message integrity code MIC based on a 128 bit random device unique security key Other security modes might be added in the future SECURITY_MODE Security Mode 0b0000 Default Authentication wi...

Page 66: ...selecting if the voltage of the backup battery and or the en ergy level of the internal energy store containing the harvested energy is reported The en coding for the ENERGY bit field is shown in Tabl...

Page 67: ...5 below TRH SENSOR Temperature and humidity reporting 0b0 Disabled Do not report temperature and humidity 0b1 Default Enabled Report temperature and humidity Table 25 TRH SENSOR bit field encoding The...

Page 68: ...ster determines the brightness of the LED Figure 48 below shows the structure of the LED_MODE register LED_MODE Default Setting 0x01 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU LED Figure 48 L...

Page 69: ...gister The encoding used by the MODE bit field is shown in Table 29 below MODE Functional Mode 0b0000 Default Standard Operation Mode 0b0001 OOB Standby Sleep Mode 0b0010 Learn Mode 0b0011 Function Te...

Page 70: ...rd reporting interval is set by the register STANDARD_TX_INTERVAL shown in Figure 50 below STANDARD_TX_INTERVAL Default Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 STANDARD INTERVAL Figure 50 STANDARD_TX...

Page 71: ...TY SENSOR TEMP SENSOR LIGHT SENSOR SOLAR CELL Figure 51 THRESHOLD_CFG1 register The encoding used by the SOLAR CELL bit field is shown in Table 31 below SOLAR CELL Reporting interval reduction based o...

Page 72: ...terval reduction if temperature below threshold 0b10 Enabled Reporting interval reduction if temperature above threshold 0b11 Reserved Do not use Table 33 TEMP SENSOR bit field encoding The encoding u...

Page 73: ...ure 52 THRESHOLD_CFG2 register The encoding used by the ACC SENSOR bit field is shown in Table 35 below ACC SENSOR Reporting interval reduction based on acceleration 0b00 Default Disabled No reporting...

Page 74: ...AKE SAMPLING RATE FULL SCALE Figure 53 ACC_SENSOR_CFG register The encoding used by the FULL SCALE bit field is shown in Table 35 below FULL SCALE Full scale value of the acceleration sensor 0b00 Defa...

Page 75: ...ster as shown in Figure 54 below SOLAR_THRESHOLD Default Setting 0x00C8 Bit 15 Bit 14 Bit 1 Bit 0 SOLAR CELL THRESHOLD Figure 54 SOLAR_THRESHOLD register The encoding used by the SOLAR CELL THRESHOLD...

Page 76: ...fault Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 SOLAR CELL INTERVAL Figure 55 SOLAR_TX_INTERVAL register The encoding used by the SOLAR CELL INTERVAL bit field is shown in Table 41 below SOLAR CELL INT...

Page 77: ...ld is defined by LIGHT_THREHOLD register as shown in Figure 56 below LIGHT_THRESHOLD Default Setting 0x00C8 Bit 15 Bit 14 Bit 1 Bit 0 LIGHT SENSOR THRESHOLD Figure 56 LIGHT_SENSOR_THRESHOLD register T...

Page 78: ...03C Bit 15 Bit 14 Bit 1 Bit 0 LIGHT SENSOR INTERVAL Figure 57 LIGHT_TX_INTERVAL register The encoding used by the LIGHT SENSOR INTERVAL bit field is shown in Table 43 below LIGHT SENSOR INTERVAL Light...

Page 79: ...n in Figure 62 below Note that this threshold is also used for the wake on acceleration function as described in chapter 3 5 ACCELERATION _THRESHOLD Default Setting 0x0001 Bit 15 Bit 14 Bit 1 Bit 0 AC...

Page 80: ..._INTERVAL Default Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 ACCELERATION INTERVAL Figure 59 ACCELERATION_TX_INTERVAL register The encoding used by the ACCELERATION INTERVAL bit field is shown in Table...

Page 81: ...then the temperature threshold is defined by TEMPERATURE_THREHOLD register as shown in Figure 60 below TEMPERATURE_THRESHOLD Default Setting 0x0000 Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE THRESHOLD Fig...

Page 82: ...NTERVAL Default Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE INTERVAL Figure 61 TEMPERATURE_TX_INTERVAL register The encoding used by the TEMPERATURE INTERVAL bit field is shown in Table 47 be...

Page 83: ...then the hu midity threshold is defined by HUMIDITY_THREHOLD register as shown in Figure 62 below HUMIDITY _THRESHOLD Default Setting 0x0000 Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY THRESHOLD Figure 62 HUM...

Page 84: ...X_INTERVAL Default Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY INTERVAL Figure 63 HUMDITY_TX_INTERVAL register The encoding used by the HUMIDITY INTERVAL bit field is shown in Table 49 below HUM...

Page 85: ...ET_CONTACT_TX_INTERVAL Default Setting 0x003C Bit 15 Bit 14 Bit 1 Bit 0 MAGNET CONTACT INTERVAL Figure 64 MAGNET_CONTACT_TX_INTERVAL register The encoding used by the MAGNET CONTACT INTERVAL bit field...

Page 86: ...l will be stored in the ILLUMINA TION_TEST_RESULT register shown in Figure 65 below ILLUMINATION_TEST_RESULT Default Setting 0x0000 Bit 15 Bit 14 Bit 1 Bit 0 ILLUMINATION TEST RESULT Figure 65 ILLUMIN...

Page 87: ...chanical interface STM 550B implements the mechanical interface of the PTM 21x module which is described in more detail in this chapter All dimensions and tolerances given are in millimetres unless ot...

Page 88: ...R IOT APPLICATIONS 2 4 GHZ BLE 2020 EnOcean www enocean com F 710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 88 115 10 2 Bottom view Figure 67 below shows the STM 550B module seen from th...

Page 89: ...anual v1 3 June 2020 Page 89 115 10 3 Cut view A A Figure 68 below shows a cut along the A A line of Figure 66 and highlights the area of the mounting structure B region in more detail Figure 68 Cut v...

Page 90: ...FOR IOT APPLICATIONS 2 4 GHZ BLE 2020 EnOcean www enocean com F 710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 90 115 10 5 Side view Figure 70 below shows the STM 550B module seen from t...

Page 91: ...the configured update interval by default once every 60 seconds The LED will blink every time a telegram is transmitted unless this has been disabled via NFC 4 Use a suitable receiver to capture the...

Page 92: ...d be mounted such that the influence from disturbances such as the air stream from air condition units is minimized Consider also the possible tempera ture gradient between wall and room when mounting...

Page 93: ...be 1g i e the magnitude of the measured acceleration vector will be equivalent to the magnitude of the earth gravity vector at the location of the device which will be ap proximately 1g Measuring the...

Page 94: ...ation of STM 550 relative to the gravity vector would change The position of the window in the right case window open rotation could not be detected if STM 550 is attached to the window part that is r...

Page 95: ...utilization In both cases STM 550 should be attached to the object for which location or utilization shall be monitored The following chapter gives general guidelines how to do so 11 3 3 Installation...

Page 96: ...ll give a totally different result compared to a white desk surface even when the same luminous flow is directed towards it Obstruction Any obstruction between the sensor and the intended measurement...

Page 97: ...STM 550B should be oriented as much as possible towards that STM 550B is designed to operate self supplied with its standard parameters based on 200 lux of illumination at its solar cell for at least...

Page 98: ...bpage at www enocean com 12 1 2 Waste treatment WEEE Directive Statement of the European Union The marking below indicates that this product should not be disposed with other household wastes througho...

Page 99: ...B EMSIB EASYFIT MULTISENSOR FOR IOT APPLICATIONS 2 4 GHZ BLE 2020 EnOcean www enocean com F 710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 99 115 12 2 FCC United States 12 2 1 FCC United...

Page 100: ...to operate using small amounts of energy and may be powered by a battery The module transmits short radio packets comprised of control signals in some cases the control signal may be accompanied with...

Page 101: ...utside of the final product Attaching a label to a removable portion of the final product such as a battery cover is not permitted The label must include the following text Contains FCC ID SZV TCM515B...

Page 102: ...MSIB EASYFIT MULTISENSOR FOR IOT APPLICATIONS 2 4 GHZ BLE 2020 EnOcean www enocean com F 710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 102 115 12 3 ISED Industry Canada 12 3 1 ISED Indus...

Page 103: ...nditions 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device Le pr sent appareil est conform...

Page 104: ...AL STM 550B EMSIB EASYFIT MULTISENSOR FOR IOT APPLICATIONS 2 4 GHZ BLE 2020 EnOcean www enocean com F 710 017 V1 0 STM 550B EMSIB User Manual v1 3 June 2020 Page 104 115 12 4 ARIB Japan 12 4 1 ARIB ce...

Page 105: ...ts the product history of EMSIB Revision Release Key changes versus previous revision CA 02 Jun 2019 First prototypes for lead customer evaluation CA 03 Jan 2020 Pre series samples for lead customers...

Page 106: ...s sages as shown below Field Length Data Interpretation BLE Access Address 4 byte 0x8E89BED6 Constant always used BLE Frame Control 2 byte 0x2342 Length 35 byte BLE Source Address 6 byte 0xE5007701000...

Page 107: ...e 0x0942 23 70 C 0x06 0b00 8 bit 0b000110 Relative humidity 0x57 43 5 r h 0x8A 0b10 32 bit 0b001010 Acceleration vector 0x5EE691F7 0b01 0b0111101110 0b0110100100 0b0111110111 Periodic Update X 0 18g Y...

Page 108: ...cess Address 4 byte 0x8E89BED6 Constant always used BLE Frame Control 2 byte 0x2542 Length 37 byte BLE Source Address 6 byte 0xE50077010000 Device unique address Length of payload 1 byte 0x1E 30 byte...

Page 109: ...CFFDA03FB2700000268458D0140420906578AF791E6 5E2301 Source address Message sender E50077010000 Security key 4DB34DB3070EFC6713FE39E13CF3C939 Authentication signature to be verified 0F0157D3 Table 57 In...

Page 110: ...hosen Signature size in byte The desired signature size is 4 byte for sensor data telegrams Additionally the RFC3610 implementation derives two algorithm parameters M and L based on the constant algor...

Page 111: ...ased on the input data given in chapter B 1 Parameter Comment Description Value in the example Nonce 13 byte initialization vector based on concatenation of 6 byte little endian source address 4 byte...

Page 112: ...sequence The RFC3610 algorithm uses the variable internal parameters A_0 B_0 B_1 and B_2 together with the private key to generate the authentication vector T_0 using four AES 128 and three XOR operat...

Page 113: ...y X_2 AES128 F919C29A2441412E49F4D75326528DE1 4DB34DB3070EFC6713FE39E13CF3C939 X_2 779D55AA355662EF2512B818FF01E9E1 X_2A XOR X_2 B_2 X_2A XOR 779D55AA355662EF2512B818FF01E9E1 420906578AF791E65E2301000...

Page 114: ...in Figure 77 below Figure 77 Execution flow for resolving private addresses RPA resolution The input to the RPA resolution flow is the prand part of the resolvable private address field of the receiv...

Page 115: ...y looking at the two most significant bit of prand mode prand 0xC00000 22 mode 0b01 Referring to chapter 5 4 6 the setting of 0b01 indicates resolvable private address mode To generate the hash we add...

Reviews:

No comments

Brands by name

Popular brands

Load more brands