EnOcean EASYFIT EMSI Скачать руководство пользователя | Manualshive

Страница: 37 / 97

background image

USER MANUAL

STM 550 / EMSI

–

ENOCEAN MULTISENSOR FOR IOT APPLICATIONS

© 2020 EnOcean | www.enocean.com F-710-017, V1.0

STM 550 / EMSI User Manual | v1.3 | September 2020 | Page 37/97

6.1.3

Dynamic security key modification

One fundamental problem with both content protection and content authorization is that us-
ing the same input data (plain text) with the same key always yields the same encrypted
data and the same signature.

This enables attacks based on monitoring previous system behaviour. If an attacker has
observed that a certain data telegram results in a certain light being turned on then he could
use this information to identify - or even actively send - similar telegrams in the future. This
type of attack is often called

Replay Attack

since it works by reusing (replaying) previously

used data telegrams.

In order to prevent this type of  attack, either the telegram data or the security key must
change  to  ensure  that  identical  input  data  does  not  create  identical  encrypted  radio  tele-
grams. The mechanism used by the transmitter to change the telegram data or the security
key has to be known to the receiver in order to correctly decrypt and authenticate received
data telegrams.

The change of telegram data or security key is typically ensured by means of monotonously
incrementing counters. The value of such counter is then used to either modify the telegram
payload  or  derive a dynamic  key from the device security  key. EnOcean  systems use the
latter approach.

Figure 24

–

Dynamic security key modification

Decryption

Dynamic Key

Unencrypted Data

(Plain Text)

Encryption

Unencrypted Data

(Plain Text)

Encrypted Data

Dynamic Key

Encrypted Data

Secret Key

Incrementing

Counter

Secret Key

Incrementing

Counter

Data Valid?

NO

YES

«
...
35
36
37
38
39
...
»

Содержание EASYFIT EMSI

Страница 1: ...User Manual v1 3 September 2020 Page 1 97 Patent protected WO98 36395 DE 100 25 561 DE 101 50 128 WO 2004 051591 DE 103 01 678 A1 DE 10309334 WO 04 109236 WO 05 096482 WO 02 095707 US 6 747 573 US 7 0...

Страница 2: ...o responsibility is assumed for possible omissions or inaccuracies Circuitry and specifications are subject to change without notice For the latest product specifications refer to the EnOcean website...

Страница 3: ...mode 13 2 2 6 Acceleration test mode 13 2 2 7 Factory reset mode 13 2 3 Reporting interval 14 2 3 1 Energy considerations 14 2 3 2 Standard reporting interval 15 2 3 3 Illumination controlled reportin...

Страница 4: ...modification 37 6 2 Security parameters 38 6 2 1 EURID 38 6 2 2 Security key 38 6 2 3 Rolling code 38 6 2 4 Security algorithm 38 6 3 STM 550 security implementation 39 7 Commissioning 40 7 1 Radio b...

Страница 5: ...4 9 5 17 SOLAR_THRESHOLD 65 9 5 18 SOLAR_TX_INTERVAL 66 9 5 19 LIGHT_THRESHOLD 67 9 5 20 LIGHT_TX_INTERVAL 68 9 5 21 ACCELERATION_THRESHOLD 69 9 5 22 ACCELERATION_TX_INTERVAL 70 9 5 23 TEMPERATURE_THR...

Страница 6: ...n Union 90 12 1 1 Declaration of conformity 90 12 1 2 Waste treatment 90 12 2 FCC United States 91 12 2 1 FCC Grant Of Equipment Authorization 91 12 2 2 FCC United States regulatory statement 92 12 2...

Страница 7: ...e mechanical form factor as the industry standard PTM 21x modules from EnOcean STM 550 implements the following sensors Temperature Humidity Illumination Acceleration Magnet contact STM 550 will repor...

Страница 8: ...ox STM 550 Installation Kit combines the STM 550 multisensor module with a wall mount a design frame a magnet for magnet sensor functionality and an adhesive mounting tape into a ready to use product...

Страница 9: ...n and NFC interface User notification LED red Supported EEP selectable via NFC D2 14 41 default D2 14 40 A5 02 05 A5 04 01 A5 04 03 A5 06 02 A5 06 03 A5 14 05 D5 00 01 Power supply Integrated solar ce...

Страница 10: ...bove Inner box 2 100 units installation material Outer Box Dimensions 360 mm x 234 mm x 178 mm Inner Box Dimensions 232 mm x 176 mm x 174 mm 1 5 3 EMSI EMSI consists of one box with 10 single unit pac...

Страница 11: ...mount a CR1632 backup battery Radio telegrams transmitted by STM 550 can be authenticated and encrypted using AES 128 security based on a device unique private key and a sequence counter in accordance...

Страница 12: ...by mode STM 550 stops operation and conserves as much energy as possible All functionality except those needed to return to standard operation mode are disabled in this mode Standby mode can be select...

Страница 13: ...register as described in chapter 9 5 11 2 2 6 Acceleration test mode During installation STM 550 can visually indicate if detected acceleration exceeds the con figured threshold This provides quick vi...

Страница 14: ...ng interval of STM 550 will increase its power consumption since it will measure and transmit more often Likewise increasing the reporting interval of STM 550 will reduce its power consumption since i...

Страница 15: ...STANDARD_TX_INTERVAL NFC register as described in chapter 9 5 12 Consider the available energy before lowering the reporting interval as discussed in chapter 2 3 1 The default setting for the standar...

Страница 16: ...SOLAR_CELL_TX_INTERVAL STANDARD_TX_INTERVAL SOLAR_CELL_TX_INTERVAL LIGHT_SENSOR_TX_INTERVAL LIGHT_SENSOR_TX_INTERVAL Figure 3 Illumination controlled reporting interval STM 550 can use either the ligh...

Страница 17: ...n use the temperature measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP reg...

Страница 18: ...550 can use the humidity measured by the temperature and humidity sensor to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP...

Страница 19: ...to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register as described in chapter 9 5 8 reports acceleration 2 Configure...

Страница 20: ...contact to trigger a higher update rate To enable this feature use the following steps 1 Make sure that the EEP selected using the EEP register as described in chapter 9 5 8 reports the magnet contac...

Страница 21: ...to mimic the human eye s perception of ambient light This light sensor reports the light level directly underneath the sensor spot measurement Figure 8 shows the spectrum response of the STM 550 illum...

Страница 22: ...re sensor accuracy To determine the overall system accuracy the quantization error reporting step size de termined by the selected EnOcean Equipment Profile EEP has to be added to this value 3 4 Humid...

Страница 23: ...550 is moved or shaken The second case acceleration vector change can be used to determine the presence or absence of small vibrations acceleration vector changes Examples use cases causing such small...

Страница 24: ...g should be sufficient for most use cases Acceleration threshold The acceleration threshold determines the threshold of acceleration vector change required to trigger a wake on vibration event as desc...

Страница 25: ...Refer to Figure 13 and Figure 14 for the location of the mag net contact sensor within STM 550 and to chapter 11 5 for mounting instructions EMSI product packaging includes a block magnet suitable fo...

Страница 26: ...Magnet contact sensor Ventilation slots to ensure airflow to the temperature and humidity sensor Backup battery slot for a CR1632 battery Backup battery ejector slot on the back side Product label on...

Страница 27: ...LED feedback Type LRN Button Action STM 550 Response LED Feedback 1 x Short 1s Press Exit from Sleep Mode Send Learn Telegram Success 1 short blink Error No feedback 2 x Short 1s Press Start Function...

Страница 28: ...when installing a backup battery to avoid contamination of the isolation area between the contacts that could lead to a higher self discharge The backup battery can be removed ejected by using a small...

Страница 29: ...ual v1 3 September 2020 Page 29 97 4 4 Product label Each STM 550 module contains a product label with a commissioning QR code Figure 16 shows the STM 550 product label STM 550U and STM 550J use the s...

Страница 30: ...Note that EnOcean radio transceivers such as TCM 310 or TCM 515 will convert both ERP1 and ERP2 into the same EnOcean Serial Protocol ESP3 format so that this difference is normally not noticeable 5...

Страница 31: ...Humidity 0 100 r h 8 Bit A5 04 03 4BS Temperature 20 C 60 C 10 Bit Humidity 0 100 r h 8 Bit A5 06 02 4BS Light Sensor 0 lx 1020 lx 8 Bit A5 06 03 4BS Light Sensor 0 lx 1000 lx 10 Bit A5 14 05 4BS Vibr...

Страница 32: ...he function group to which this telegram belongs e g the function group of temperature sensors within the four byte sensor telegram type VARIANT or TYPE VARIANT which is confusingly also called TYPE i...

Страница 33: ...load of 4BS telegrams encodes either the sensor status 4BS Data Telegram dur ing normal operation or identifies EEP and manufacturer of the device during teach in 4BS Teach in Telegram The distinction...

Страница 34: ...ta MID Content Data 0x06 Energy status remaining energy 1 byte integer value expressing Valid values 0 100 0x0D Energy delivery of the harvester 1 byte Enumeration Valid values 0x00 best 0x04 worst 0x...

Страница 35: ...security has to be preventing an unauthorized person often referred to as an Attacker both from learning about the current state of a system and from actively changing it These goals can be achieved...

Страница 36: ...ikelihood of two different messages creating the same message signature is inversely proportional to the signature size so for a 32 bit signa ture the likelihood would be approximately one in 4 billio...

Страница 37: ...eplaying previously used data telegrams In order to prevent this type of attack either the telegram data or the security key must change to ensure that identical input data does not create identical e...

Страница 38: ...ice is assigned at manufacturing and cannot be changed 6 2 2 Security key The security key is a random 128 Bit 16 byte value that is known only to the sender and the receiver s It is the basis for enc...

Страница 39: ...an be selected both via the LRN button and via the NFC interface For high security mode the default security level format SLF is set to use a 4 byte sequence counter to generate a 4 byte signature For...

Страница 40: ...is is achieved by exchanging a 128 Bit random security key used by STM 550 to authenticate its radio telegrams STM 550 provides the following options for these tasks Radio based commissioning STM 550...

Страница 41: ...he required parameters from a dedicated QR code in the product label described in chapter 4 4 The parameters are encoded according to the ANSI MH10 8 2 2013 industry standard The QR code on the produc...

Страница 42: ...dation parameters within permitted boundaries before accepting updated NFC parame ters Should an updated parameter be out of bounds then all updated parameters will be re jected and the previous conf...

Страница 43: ...ds the TWN4 Multitech 2 HF NFC Reader or der code T4BT FB2BEL2 SIMPL from Elatec RFID Systems sales rfid elatec com This reader is shown in Figure 25 below Figure 25 Elatec TWN4 MultiTech Desktop NFC...

Страница 44: ...IEC 14443 standard For specific implementation aspects related to the NXP implementation in NT3H2111 please refer to the NXP documentation which at the time of writing was available under this link ht...

Страница 45: ...byte UID using the ANTICOLLISION or SELECT commands for cascade level 1 READY 1 state is exited after the SELECT command from cascade level 1 with the matching complete first part of the UID has been...

Страница 46: ...ge is 4 byte in size For example if the specified address is 03h then pages 03h 04h 05h 06h are returned Spe cial conditions apply if the READ command address is near the end of the accessible memory...

Страница 47: ...mory area can be accessed only after successful password verification via the PWD_AUTH command The PWD_AUTH command takes the password as parameter and if successful returns the password authenticatio...

Страница 48: ...is area contains information about the NFC revision INTERNAL DATA Non accessible This area contains calibration values and internal parameters and cannot be used CONFIGURATION Read and Write access PI...

Страница 49: ...ntifier Length of data excl identifier Value 6P 3 characters Standard ENO 30S 12 characters EURID 6 byte variable 1P 12 characters EnOcean Alliance Product ID STM 550 000B0000004C STM 550U 000B0000004...

Страница 50: ...s set to 0xE0 LENGTH This field identifies the length of the NFC header For STM 550 this field is set to 0x0A since the header structure is 10 bytes long VERSION This field identifies the major revisi...

Страница 51: ...parameter is non valid then all changes made will be rejected and the previous configuration will be restored 9 5 2 CONFIGURATION area structure The structure of the CONFIGURATION area is shown in Fig...

Страница 52: ...ation code as signed by EnOcean Alliance and a 4 byte product identification code assigned by the man ufacturer EnOcean has been assigned the manufacturer identification code 0x000B EnOcean has as sig...

Страница 53: ...aning that it is not possible to read back a user defined security key 9 5 6 SECURITY_KEY_MODE The register SECURITY_KEY_MODE allows selecting if FACTORY_KEY or USER_KEY should be used to encrypt and...

Страница 54: ...RITY_MODE register SECURITY_MODE Default 0x00 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU SECURITY FORMAT SECURITY MODE Figure 34 SECURITY_MODE register The encoding for the SECURITY MODE bit...

Страница 55: ...f data telegrams Figure 35 below shows the structure of the EEP register EEP Default 0x00 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU EEP Figure 35 EEP register The encoding used by the SIZE b...

Страница 56: ...associated configuration bit in the SIGNAL register to 0b1 and disabled by setting the associated con figuration bit to 0b0 By default the reporting of the energy status MID 0x06 is enabled while the...

Страница 57: ...er determines the brightness of the LED Figure 37 below shows the structure of the LED_MODE register LED_MODE Default 0x01 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU LED Figure 37 LED_MODE re...

Страница 58: ...ault 0x00 OOB 0x01 Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 RFU MODE Figure 38 FUNCTIONAL_MODE register The encoding used by the MODE bit field is shown in Table 17 below MODE Functional Mode 0...

Страница 59: ...reporting interval is set by the register STANDARD_TX_INTERVAL shown in Figure 39 below STANDARD_TX_INTERVAL Default 0x003C Bit 15 Bit 14 Bit 1 Bit 0 STANDARD INTERVAL Figure 39 STANDARD_TX_INTERVAL...

Страница 60: ...FG1 register The encoding used by the SOLAR CELL bit field is shown in Table 19 below SOLAR CELL Reporting interval reduction based on solar cell illumination 0b00 Default Disabled No reporting interv...

Страница 61: ...reduction if temperature below threshold 0b10 Enabled Reporting interval reduction if temperature above threshold 0b11 Reserved Do not use Table 21 TEMP SENSOR bit field encoding The encoding used by...

Страница 62: ...SHOLD_CFG2 register The encoding used by the ACC SENSOR bit field is shown in Table 23 below ACC SENSOR Reporting interval reduction based on acceleration 0b00 Default Disabled No reporting interval r...

Страница 63: ...tion of the ambient light sensor and to chapter 3 2 for a description of the solar cell func tionality The selection between these two option is made using the LIGHT_SENSOR_CFG register shown in Figur...

Страница 64: ...NG RATE FULL SCALE Figure 43 ACC_SENSOR_CFG register The encoding used by the FULL SCALE bit field is shown in Table 23 below FULL SCALE Full scale value of the acceleration sensor 0b00 Default 2 g 0b...

Страница 65: ...register as shown in Figure 44 below SOLAR_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 SOLAR CELL THRESHOLD Figure 44 SOLAR_THRESHOLD register The encoding used by the SOLAR CELL THRESHOLD bit field is shown...

Страница 66: ...AL Bit 15 Bit 14 Bit 1 Bit 0 SOLAR CELL INTERVAL Figure 45 SOLAR_TX_INTERVAL register The encoding used by the SOLAR CELL INTERVAL bit field is shown in Table 30 below SOLAR CELL INTERVAL Solar cell i...

Страница 67: ...hreshold is defined by LIGHT_THREHOLD register as shown in Figure 46 below LIGHT_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 LIGHT SENSOR THRESHOLD Figure 46 LIGHT_SENSOR_THRESHOLD register The encoding used...

Страница 68: ...Bit 1 Bit 0 LIGHT SENSOR INTERVAL Figure 47 LIGHT_TX_INTERVAL register The encoding used by the LIGHT SENSOR INTERVAL bit field is shown in Table 32 below LIGHT SENSOR INTERVAL Light sensor illuminati...

Страница 69: ...shown in Figure 48 below Note that this threshold is also used for the wake on acceleration function as described in chapter 3 5 ACCELERATION _THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 ACCELERATION THRESHO...

Страница 70: ...ON_TX_INTERVAL Bit 15 Bit 14 Bit 1 Bit 0 ACCELERATION INTERVAL Figure 49 ACCELERATION_TX_INTERVAL register The encoding used by the ACCELERATION INTERVAL bit field is shown in Table 34 below ACCELERAT...

Страница 71: ...n enabled then the temperature threshold is defined by TEMPERATURE_THREHOLD register as shown in Figure 50 below TEMPERATURE_THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE THRESHOLD Figure 50 TEMPERA...

Страница 72: ...E_TX_INTERVAL Bit 15 Bit 14 Bit 1 Bit 0 TEMPERATURE INTERVAL Figure 51 TEMPERATURE_TX_INTERVAL register The encoding used by the TEMPERATURE INTERVAL bit field is shown in Table 36 below TEMPERATURE I...

Страница 73: ...en enabled then the hu midity threshold is defined by HUMIDITY_THREHOLD register as shown in Figure 52 below HUMIDITY _THRESHOLD Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY THRESHOLD Figure 52 HUMIDITY _THRESH...

Страница 74: ...DITY_TX_INTERVAL Bit 15 Bit 14 Bit 1 Bit 0 HUMIDITY INTERVAL Figure 53 HUMDITY_TX_INTERVAL register The encoding used by the HUMIDITY INTERVAL bit field is shown in Table 38 below HUMIDITY INTERVAL Hu...

Страница 75: ...MAGNET_CONTACT_TX_INTERVAL Bit 15 Bit 14 Bit 1 Bit 0 MAGNET CONTACT INTERVAL Figure 54 MAGNET_CONTACT_TX_INTERVAL register The encoding used by the MAGNET CONTACT INTERVAL bit field is shown in Table...

Страница 76: ...be stored in the ILLUMINA TION_TEST_RESULT register shown in Figure 55 below ILLUMINATION_TEST_RESULT Default Setting 0x0000 Bit 15 Bit 14 Bit 1 Bit 0 ILLUMINATION TEST RESULT Figure 55 ILLUMINATION_...

Страница 77: ...ical interface STM 550 implements the mechanical interface of the PTM 21x module which is described in more detail in this chapter All dimensions and tolerances given are in millimetres unless otherwi...

Страница 78: ...OR FOR IOT APPLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 78 97 10 2 Bottom view Figure 57 below shows the STM 550 module seen from the bott...

Страница 79: ...3 September 2020 Page 79 97 10 3 Cut view A A Figure 58 below shows a cut along the A A line of Figure 56 and highlights the area of the mounting structure B region in more detail Figure 58 Cut view...

Страница 80: ...ENSOR FOR IOT APPLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 80 97 10 5 Side view Figure 60 below shows the STM 550 module seen from the sid...

Страница 81: ...nfigured update interval by default once every 60 seconds The LED will blink every time a telegram is trans mitted unless this has been disabled via NFC 4 Use a suitable receiver to capture the STM 55...

Страница 82: ...possible tempera ture gradient between wall and room when mounting the sensor directly onto a wall Air flow The sensor should be mounted such that the airflow from the target measurement area towards...

Страница 83: ...i e the magnitude of the measured acceleration vector will be equivalent to the magnitude of the earth gravity vector at the location of the device which will be ap proximately 1g Measuring the magnit...

Страница 84: ...of STM 550 relative to the gravity vector would change The position of the window in the right case window open rotation could not be detected if STM 550 is attached to the window part that is rotated...

Страница 85: ...zation In both cases STM 550 should be attached to the object for which location or utilization shall be monitored The following chapter gives general guidelines how to do so 11 3 3 Installation sugge...

Страница 86: ...n the reflectivity of the surface Simply put a dark desk surface will give a totally different result compared to a white desk surface even when the same luminous flow is directed towards it Obstructi...

Страница 87: ...PLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 87 97 on the spectral properties of the ambient light Calibration at the receiver is suggested...

Страница 88: ...ergy harvesting STM 550 is powered by ambient light using its integrated solar cell For best performance it is therefore essential to maximize the amount of light available for harvesting Harvestable...

Страница 89: ...traints based on the available ambient light as discussed in chapter 2 3 1 Be especially careful not to configure higher update rates low reporting intervals before ensuring that sufficient light is a...

Страница 90: ...at www enocean com 12 1 2 Waste treatment WEEE Directive Statement of the European Union The marking below indicates that this product should not be disposed with other household wastes throughout the...

Страница 91: ...550 EMSI ENOCEAN MULTISENSOR FOR IOT APPLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 91 97 12 2 FCC United States 12 2 1 FCC Grant Of Equipme...

Страница 92: ...perate using small amounts of energy and may be powered by a battery The module transmits short radio packets comprised of control signals in some cases the control signal may be accompanied with data...

Страница 93: ...of the final product Attaching a label to a removable portion of the final product such as a battery cover is not permitted The label must include the following text Contains FCC ID SZV TCM515U The e...

Страница 94: ...0 EMSI ENOCEAN MULTISENSOR FOR IOT APPLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 94 97 12 3 ISED Industry Canada 12 3 1 ISED Technical Acce...

Страница 95: ...s 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device Le pr sent appareil est conforme aux C...

Страница 96: ...50 EMSI ENOCEAN MULTISENSOR FOR IOT APPLICATIONS 2020 EnOcean www enocean com F 710 017 V1 0 STM 550 EMSI User Manual v1 3 September 2020 Page 96 97 12 4 ARIB Japan 12 4 1 ARIB construction type confo...

Страница 97: ...EMSI User Manual v1 3 September 2020 Page 97 97 13 Product history Table 40 below lists the product history of STM 550 Revision Release Key changes versus previous revision DA 04 Mar 2020 Initial rele...

Отзывы:

Нет отзывов

Похожие инструкции для EASYFIT EMSI

DS1-MP10RX series

Бренд: NEC Страницы: 39

I-Class Mark II

Бренд: Datamax Страницы: 12

Бренд: Accessory Power Страницы: 36

Бренд: Young Living Страницы: 41

MES ACURAS HEAD

Бренд: Barco Страницы: 131

Бренд: Hama Страницы: 40

Бренд: Rave Sports Страницы: 16

Бренд: GCE Страницы: 16

Бренд: GCC Technologies Страницы: 12

Бренд: IFO Страницы: 8

Бренд: Warrior Products Страницы: 2

Бренд: Vega Страницы: 2

Бренд: Vega Страницы: 11

Бренд: Vauxhall Страницы: 2

Бренд: Wahoo Страницы: 2

Бренд: Datapath Страницы: 16

Бренд: hepco & becker Страницы: 4

Бренд: DigiTech Страницы: 15

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды