manualshive.com logo in svg

EnOcean STM 550X Series, User Manual

The EnOcean STM 550X Series is a cutting-edge smart sensor solution for monitoring and controlling various parameters. Enhance your user experience with the free User Manual available for download from manualshive.com. Simplify installation and configuration with detailed instructions at your fingertips.

Share
Download
background image

 
USER MANUAL

 

 
 
 

STM 550X / EMSIX 

 ENOCEAN MULTI-SENSOR 

 

© 2020 EnOcean | www.enocean.com F-710-017, V1.0       

 

STM 550x / EMSIx User Manual | v1.0 | February 2020 |  Page 35/79 

 

5.2

 

Security parameters 

 
The  following  security  parameters  are  used  to  define  secure  communication  based  on 
EnOcean Alliance security specification between a sender and a receiver: 
 

 

EURID (Device ID of the sender) 
 

 

Security Key of the sender 
 

 

Rolling Code and signature (CMAC) type  

 

Those parameters are communicated from STM 550x to the receiver during teach-in either 
via a secure teach-in telegram, via NFC configuration or via the QR code of STM 550x. 
 

5.2.1

 

EURID 

 
The EURID identifies the  sender of  each  radio  telegram using a unique 6 byte  value.  The 
EURID of an EnOcean device is assigned at manufacturing and cannot be changed. 
 
 

5.2.2

 

Security key 

 
The security key is a random 128 Bit (16 byte) value that is known only to the sender and 
the receiver(s). It is used to encrypt, decrypt and authenticate telegrams.  
 

5.2.3

 

Rolling code and signature (CMAC) type 

 

The rolling code is a monotonously incrementing counter used to modify the content of secure 
telegrams. The rolling code is generated by the sender and monitored by the receiver. 
 
The receiver will store the most recently received rolling code value and only accept tele-
grams with higher rolling code counter values to avoid retransmission of previously transmit-
ted messages. 
 
The signature (CMAC) is generated based on the combination of telegram payload, rolling 
code and security key. It is unique for each telegram meaning that even two consecutive 
telegrams with the same payload will have different CMAC signatures due to using different 
rolling code counter values. 

 

Rolling code and signature type are specified using the security level format (SLF) register 
that is transmitted as part of the secure teach-in telegram. 
 
 

 

 

Summary of Contents for STM 550X Series

Page 1: ...User Manual v1 0 February 2020 Page 1 79 Patent protected WO98 36395 DE 100 25 561 DE 101 50 128 WO 2004 051591 DE 103 01 678 A1 DE 10309334 WO 04 109236 WO 05 096482 WO 02 095707 US 6 747 573 US 7 0...

Page 2: ...without notice For the latest product specifications refer to the EnOcean website http www enocean com As far as patents or other rights of third parties are concerned liability is only assumed for mo...

Page 3: ...3 Learn mode 13 2 3 4 Function test mode 13 2 3 5 Illumination test mode 14 2 3 6 Factory reset mode 14 2 4 Reporting interval 15 2 4 1 Energy considerations 15 2 4 2 Standard reporting interval 16 2...

Page 4: ...de and signature CMAC type 35 5 3 STM 550x security implementation 36 6 Commissioning 37 6 1 Radio based commissioning 38 6 2 QR code commissioning 38 6 3 Commissioning via NFC interface 38 7 NFC inte...

Page 5: ...SOLAR_TX_INTERVAL 63 8 5 19 LIGHT_THRESHOLD 64 8 5 20 LIGHT_TX_INTERVAL 65 8 5 21 ACCELERATION_THRESHOLD 66 8 5 22 ACCELERATION_TX_INTERVAL 67 8 5 23 TEMPERATURE_THRESHOLD 68 8 5 24 TEMPERATURE_TX_INT...

Page 6: ...ilding or industrial control systems communicating using the EnOcean radio standard STM 550x uses the same mechanical form factor as the industry standard PTM 21x modules from EnOcean STM 550x impleme...

Page 7: ...it s Communication range for guidance only 200 m free field 30 m indoor environment Temperature measurement range accuracy 20 C 60 C 0 3 K 1 Humidity measurement range accuracy 0 100 r h 3 r h 1 Illum...

Page 8: ...aging information 1 5 1 STM 550x Packaging Unit 100 units Packaging Method 10 modules per tray 10 trays per box 1 5 2 EMSIx Packaging Unit Individual unit packaging Packaging Method TBD packages withi...

Page 9: ...ecurity based on a device unique private key and a sequence counter in accordance to the EnOcean Alliance Security Specification This ensures integrity confidentiality and au thenticity of the transmi...

Page 10: ...ing STM 550x response and LED feedback Type LRN Button Action STM 550x Response LED Feedback Single Short Press LRN button once 1s Exit from Sleep Mode Send Learn Telegram 1 short blink Double Short P...

Page 11: ...ry has to be installed with the positive pole point ing upwards i e towards the side of the solar cell EnOcean recommends Renata CR1632 due to its low self discharge and high capacity Gloves should be...

Page 12: ...er 8 5 11 2 3 1 Standard operation mode During standard operation STM 550x wakes up periodically and reports the current sensor status using data telegrams The STM 550x wake up timer is by default con...

Page 13: ...ibed in chapter 8 5 11 2 3 3 Learn mode In learn mode STM 550x will transmit a Teach in telegram to communicate the device source address and security key to a receiver After that transmission STM 550...

Page 14: ...s solar cell every 5 seconds for a period of one minute and compute the average illumination based on those measurements The computed average illumination is then available in the NFC register ILLUMIN...

Page 15: ...rting interval of STM 550x will increase its power consumption since it will measure and transmit more often Likewise increasing the reporting interval of STM 550x will reduce its power consumption si...

Page 16: ..._TX_INTERVAL NFC register as described in chapter 8 5 12 Consider the available energy before lowering the reporting interval as discussed in chapter 2 4 1 The default setting for the standard reporti...

Page 17: ...L_TX_INTERVAL STANDARD_TX_INTERVAL SOLAR_CELL_TX_INTERVAL LIGHT_SENSOR_TX_INTERVAL LIGHT_SENSOR_TX_INTERVAL Figure 6 Illumination controlled reporting interval STM 550x can use either the light level...

Page 18: ...e temperature measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register as...

Page 19: ...use the humidity measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register...

Page 20: ...ger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register as described in chapter 8 5 8 reports acceleration 2 Configure the acce...

Page 21: ...ct to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register as described in chapter 8 5 8 reports the magnet contact stat...

Page 22: ...he human eye s perception of ambient light This light sensor reports the light level directly underneath the sensor spot measurement Figure 11 shows the spectrum response of the STM 550x illumination...

Page 23: ...or accuracy To determine the overall system accuracy the quantization error reporting step size de termined by the selected EnOcean Equipment Profile EEP has to be added to this value 3 4 Humidity sen...

Page 24: ...ved or shaken The second case acceleration vector change can be used to determine the presence or absence of small vibrations acceleration vector changes Examples use cases causing such small vibratio...

Page 25: ...be sufficient for most use cases Acceleration threshold The acceleration threshold determines the threshold of acceleration vector change required to trigger a wake on vibration event as described ab...

Page 26: ...to Figure 2 and Figure 3 for the location of the magnet contact sensor within STM 550x and to chapter 9 5 for mounting instructions EMSIx product packaging includes a block magnet suitable for use wit...

Page 27: ...at EnOcean radio transceivers such as TCM 310 or TCM 515 will convert both ERP1 and ERP2 into the same EnOcean Serial Protocol ESP3 format so that this difference is normally not noticeable 4 1 1 ERP1...

Page 28: ...0 100 r h 8 Bit A5 04 03 4BS Temperature 20 C 60 C 10 Bit Humidity 0 100 r h 8 Bit A5 06 02 4BS Light Sensor 0 lx 1020 lx 8 Bit A5 06 03 4BS Light Sensor 0 lx 1000 lx 10 Bit A5 14 05 4BS Vibration De...

Page 29: ...on group to which this telegram belongs e g the function group of temperature sensors within the four byte sensor telegram type VARIANT or TYPE VARIANT which is confusingly also called TYPE identifies...

Page 30: ...BS telegrams encodes either the sensor status 4BS Data Telegram dur ing normal operation or identifies EEP and manufacturer of the device during teach in 4BS Teach in Telegram The distinction between...

Page 31: ...ogether with their reported data MID Content Data 0x06 Energy status remaining energy 1 byte integer value expressing Valid values 0 100 0x0D Energy delivery of the harvester 1 byte Enumeration Valid...

Page 32: ...y has to be preventing an unauthorized person often referred to as an Attacker both from learning about the current state of a system and from actively changing it These goals can be achieved via tech...

Page 33: ...ture is inversely proportional to the signature size so for instance for 24 Bit signatures the likelihood would be one in 16 million Conceptually the correspondence between message and signature is li...

Page 34: ...ng replaying previously used data telegrams In order to prevent this type of attack either the telegram data or the security key must change to ensure that identical input data does not create identic...

Page 35: ...y is a random 128 Bit 16 byte value that is known only to the sender and the receiver s It is used to encrypt decrypt and authenticate telegrams 5 2 3 Rolling code and signature CMAC type The rolling...

Page 36: ...lected both via the LRN button and via the NFC interface For high security mode the default security level format SLF is set to use a 4 byte sequence counter to generate a 4 byte signature For backwar...

Page 37: ...d by exchanging a 128 Bit random security key used by STM 550x to authenticate its radio telegrams STM 550x provides the following options for these tasks Radio based commissioning STM 550x can commun...

Page 38: ...n the product label described in chapter 2 2 4 The parameters are encoded according to the ANSI MH10 8 2 2013 industry standard The QR code on the product label in chapter 2 2 4 encodes the following...

Page 39: ...n parameters within permitted boundaries before accepting updated NFC parame ters Should an updated parameter be out of bounds then all updated parameters will be re jected and the previous configurat...

Page 40: ...ith read write PIN lock PIN unlock and PIN change functionality For PC applications EnOcean recommends the TWN4 Multitech 2 HF NFC Reader order code T4BT FB2BEL2 SIMPL from Elatec RFID Systems sales r...

Page 41: ...standard For specific implementation aspects related to the NXP implementation in NT3H2111 please refer to the NXP documentation which at the time of writing was available under this link http cache n...

Page 42: ...using the ANTICOLLISION or SELECT commands for cascade level 1 READY 1 state is exited after the SELECT command from cascade level 1 with the matching complete first part of the UID has been executed...

Page 43: ...byte in size For example if the specified address is 03h then pages 03h 04h 05h 06h are returned Spe cial conditions apply if the READ command address is near the end of the accessible memory area Fig...

Page 44: ...a can be accessed only after successful password verification via the PWD_AUTH command The PWD_AUTH command takes the password as parameter and if successful returns the password authentication acknow...

Page 45: ...ntains information about the NFC revision INTERNAL DATA Non accessible This area contains calibration values and internal parameters and cannot be used CONFIGURATION Read and Write access PIN required...

Page 46: ...Length of data excl identifier Value 6P 3 characters Standard ENO 30S 12 characters EURID 6 byte variable 1P 12 characters EnOcean Alliance Product ID STM 550 000B0000004C STM 550U 000B0000004D STM 55...

Page 47: ...0xE0 LENGTH This field identifies the length of the NFC header For STM 550x this field is set to 0x0A since the header structure is 10 bytes long VERSION This field identifies the major revision and i...

Page 48: ...r is non valid then all changes made will be rejected and the previous configuration will be restored 8 5 2 CONFIGURATION area structure The structure of the CONFIGURATION area is shown in Figure 30 b...

Page 49: ...ID consists of a 2 byte manufacturer identification code as signed by EnOcean Alliance and a 4 byte product identification code assigned by the man ufacturer EnOcean has been assigned the manufacturer...

Page 50: ...that it is not possible to read back a user defined security key 8 5 6 SECURITY_KEY_MODE The register SECURITY_KEY_MODE allows selecting if FACTORY_KEY or USER_KEY should be used to encrypt and authen...

Page 51: ...gister SECURITY_MODE Default 0x00 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU SECURITY FORMAT SECURITY MODE Figure 33 SECURITY_MODE register The encoding for the SECURITY MODE bit field is sho...

Page 52: ...legrams Figure 34 below shows the structure of the EEP regis ter EEP Default 0x00 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU EEP Figure 34 EEP register The encoding used by the SIZE bit field...

Page 53: ...ed configuration bit in the SIGNAL register to 0b1 and disabled by setting the associated con figuration bit to 0b0 By default the reporting of the energy status MID 0x06 is enabled while the reportin...

Page 54: ...ines the brightness of the LED Figure 36 below shows the structure of the LED_MODE register LED_MODE Default 0x01 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU LED Figure 36 LED_MODE register Th...

Page 55: ...ODE Default 0x00 OOB 0x01 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU MODE Figure 37 FUNCTIONAL_MODE register The encoding used by the MODE bit field is shown in Table 17 below MODE Functional...

Page 56: ...ng interval is set by the register STANDARD_TX_INTERVAL shown in Figure 38 below STANDARD_TX_INTERVAL Default 0x003C Bit 15 Bit 14 Bit 1 Bit 0 STANDARD INTERVAL Figure 38 STANDARD_TX_INTERVAL register...

Page 57: ...OR LIGHT SENSOR SOLAR CELL Figure 39 THRESHOLD_CFG1 register The encoding used by the SOLAR CELL bit field is shown in Table 19 below SOLAR CELL Reporting interval reduction based on solar cell illumi...

Page 58: ...on if temperature below threshold 0b10 Enabled Reporting interval reduction if temperature above threshold 0b11 Reserved Do not use Table 21 TEMP SENSOR bit field encoding The encoding used by the HUM...

Page 59: ...G2 register The encoding used by the ACC SENSOR bit field is shown in Table 23 below ACC SENSOR Reporting interval reduction based on acceleration 0b00 Default Disabled No reporting interval reduction...

Page 60: ...the ambient light sensor and to chapter 3 2 for a description of the solar cell functionality The selection between these two option is made using the LIGHT_SENSOR_CFG register shown in Figure 41 belo...

Page 61: ...FULL SCALE Figure 42 ACC_SENSOR_CFG register The encoding used by the FULL SCALE bit field is shown in Table 23 below FULL SCALE Full scale value of the acceleration sensor 0b00 Default 2 g 0b01 4 g 0...

Page 62: ...r as shown in Figure 43 below SOLAR_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 SOLAR CELL THRESHOLD Figure 43 SOLAR_THRESHOLD register The encoding used by the SOLAR CELL THRESHOLD bit field is shown in Tabl...

Page 63: ...5 Bit 14 Bit 1 Bit 0 SOLAR CELL INTERVAL Figure 44 SOLAR_TX_INTERVAL register The encoding used by the SOLAR CELL INTERVAL bit field is shown in Table 30 below SOLAR CELL INTERVAL Solar cell illuminat...

Page 64: ...is defined by LIGHT_THREHOLD register as shown in Figure 45 below LIGHT_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 LIGHT SENSOR THRESHOLD Figure 45 LIGHT_SENSOR_THRESHOLD register The encoding used by the LI...

Page 65: ...t 0 LIGHT SENSOR INTERVAL Figure 46 LIGHT_TX_INTERVAL register The encoding used by the LIGHT SENSOR INTERVAL bit field is shown in Table 32 below LIGHT SENSOR INTERVAL Light sensor illumination based...

Page 66: ...n Figure 51 below Note that this threshold is also used for the wake on acceleration function as described in chapter 3 5 ACCELERATION _THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 ACCELERATION THRESHOLD Figur...

Page 67: ...TERVAL Bit 15 Bit 14 Bit 1 Bit 0 ACCELERATION INTERVAL Figure 48 ACCELERATION_TX_INTERVAL register The encoding used by the ACCELERATION INTERVAL bit field is shown in Table 38 below ACCELERATION INTE...

Page 68: ...d then the temperature threshold is defined by TEMPERATURE_THREHOLD register as shown in Figure 49 below TEMPERATURE_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE THRESHOLD Figure 49 TEMPERATURE_THR...

Page 69: ...RVAL Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE INTERVAL Figure 50 TEMPERATURE_TX_INTERVAL register The encoding used by the TEMPERATURE INTERVAL bit field is shown in Table 36 below TEMPERATURE INTERVAL T...

Page 70: ...d then the hu midity threshold is defined by HUMIDITY_THREHOLD register as shown in Figure 51 below HUMIDITY _THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY THRESHOLD Figure 51 HUMIDITY _THRESHOLD regis...

Page 71: ...NTERVAL Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY INTERVAL Figure 52 HUMDITY_TX_INTERVAL register The encoding used by the HUMIDITY INTERVAL bit field is shown in Table 38 below HUMIDITY INTERVAL Humidity ba...

Page 72: ...CONTACT_TX_INTERVAL Bit 15 Bit 14 Bit 1 Bit 0 MAGNET CONTACT INTERVAL Figure 53 MAGNET_CONTACT_TX_INTERVAL register The encoding used by the MAGNET CONTACT INTERVAL bit field is shown in Table 38 be l...

Page 73: ...d in the ILLUMINA TION_TEST_RESULT register shown in Figure 54 below ILLUMINATION_TEST_RESULT Default Setting 0x0000 Bit 15 Bit 14 Bit 1 Bit 0 ILLUMINATION TEST RESULT Figure 54 ILLUMINATION_TEST_RESU...

Page 74: ...update interval by default once every 60 seconds The LED will blink every time a telegram is transmitted unless this has been disabled via NFC 4 Use a suitable receiver to capture the STM 550x data te...

Page 75: ...tate can therefore only be detected if the orientation of STM 550x relative to the gravity vector changes Figure 55 below illustrates two cases The position of the window in the left case window tilt...

Page 76: ...nsor integrated into STM 550x accurately measures and reports temperature and humidity present at its surface To achieve the best possible accuracy it is important to consider the following points Ins...

Page 77: ...lly different result compared to a white desk surface even when the same luminous flow is directed towards it Obstruction Any obstruction between the sensor and the intended measurement area desk sur...

Page 78: ...riented as much as possible towards that STM 550x is designed to operate self supplied with its standard parameters based on 200 lux of illumination at its solar cell for at least 6 hours per day The...

Page 79: ...enocean com F 710 017 V1 0 STM 550x EMSIx User Manual v1 0 February 2020 Page 79 79 10 Product history Table 40 below lists the product history of STM 550x Revision Release Key changes versus previous...

Reviews:

No comments

Related manuals for STM 550X Series

IBS DBS Manual preview
DBS
Brand: IBS Pages: 24
Panasonic TY-FB9BD Product Specification preview
TY-FB9BD
Brand: Panasonic Pages: 1
3M Versaflo M Series User Instructions preview
Versaflo M Series
Brand: 3M Pages: 27
3M Speedglas 9100 Series User Instructions preview
Speedglas 9100 Series
Brand: 3M Pages: 64
3M Speedglas 9100 Series Quick Start Manual preview
Speedglas 9100 Series
Brand: 3M Pages: 2
3M Speedglas 9100 Manual preview
Speedglas 9100
Brand: 3M Pages: 2
3M Speedglas 9002NC User Manual preview
Speedglas 9002NC
Brand: 3M Pages: 52
3M L-905 Disassembly preview
L-905
Brand: 3M Pages: 5
3M Speedglas 9100 FX Series Care & Maintenance preview
Speedglas 9100 FX Series
Brand: 3M Pages: 2
Campbell SR50A Series Instruction Manual preview
SR50A Series
Brand: Campbell Pages: 64
Campbell NR01 Instruction Manual preview
NR01
Brand: Campbell Pages: 42
Campbell LWS Product Manual preview
LWS
Brand: Campbell Pages: 19
Campbell LWS Instruction Manual preview
LWS
Brand: Campbell Pages: 26
Campbell HFP01 Product Manual preview
HFP01
Brand: Campbell Pages: 19
Campbell CS511 Product Manual preview
CS511
Brand: Campbell Pages: 27
Raven CR7 Calibration Manual preview
CR7
Brand: Raven Pages: 24
Campbell CS210 Instruction Manual preview
CS210
Brand: Campbell Pages: 14
Campbell WXT520 Specifications preview
WXT520
Brand: Campbell Pages: 2

Brands by name

Popular brands

Load more brands