• State
  • Replies 1 reply
  • Subscribers 55 subscribers
  • Views 92 views
  • Users 0 members are here
Support feedback
Options
Options
Related

CC2652R7: ZigBee network layer sequrity

Pavlo Trofimov
Prodigy 10 points
Part Number: CC2652R7
Other Parts Discussed in Thread: Z-STACK

Tool/software:

Dear TI,

We develop an application based on ZigBee communication. Our device (cc2652r7, end device role) is supposed to be connected to a coordinator. The coordinator is old enough (we don't have an access to it's source code) and on network layer (NWK) doesn't use network layer sequrity. Our device (it uses simplelink_cc13xx_cc26xx_sdk_8_30_01_01) can't be connected to coordinator's network (It waits for security key). We understand that we can't disable security for this Z-stack version, but we still need some solution to have an opportunity to be connected to the coordinator. We want to use TI solution in our further development. Maybe there are an option how to resolve this problem. Will be appritiate for a response and any thoughts about it. Take a look for WireShark log, when we try to connect the end device to the coordinator. Thank you!

  • 0
    TI__Guru**** 216697 points

    Hi Pavlo,

    TI has not invested in non-secure Zigbee solutions for several years, and there is no official or supported solution readily available, however here are some ideas which may work with the release SimpleLink F2 SDK:

    1. Set USE_NWK_SECURITY and SECURITY_LEVEL to 0 in nwk_globals.h
    2. Set requestNewTrustCenterLinkKey to FALSE in zd_sec_mgr.c
    3. Remove BDB_COMMISSIONING_MODE_FINDING_BINDING from DEFAULT_COMISSIONING_MODE in zstach.h and zcl_sampleapps_ui.c
    4. Replace bdbCommissioningProcedureState.bdbJoinState = BDB_JOIN_STATE_WAITING_NWK_KEY; and OsalPortTimers_startTimer(bdb_TaskID,BDB_PROCESS_TIMEOUT, BDB_DEFAULT_DEVICE_UNAUTH_TIMEOUT); with OsalPort_setEvent ( ZDAppTaskID, ZDO_DEVICE_AUTH ); inside the BDB_JOIN_EVENT_ASSOCIATION case of bdb.c
    5. Replace status = ZDSecMgrSendNwkKey( device ); with status = ZSuccess; in zd_sec_mgr.c
    6. Set zgChildAgingEnable to FALSE in zglobals.c

    Please note that these suggestions are based on efforts several years ago for ZC/ZR Z-Stack 3.0 devices to allow non-secure ZEDs to join, however you need the opposite approach so some of these instructions may need to be adjusted accordingly.  Similarly, these changes have not been tested with the SimpleLink F2 SDK v8.30 and developers are responsible for the application of an untested Z-Stack security mode.

    Regards,
    Ryan