• State Resolved
  • Locked Locked
  • Replies 9 replies
  • Subscribers 55 subscribers
  • Views 332 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Needed settings when DSECURE is enabled

Bumblebee
Expert 2575 points

Hi TI,

I'm trying to secure the zigbee packets being sent in the Zigbee network. However I couldn't receive a 69-byte packet from ZED.

Steps were as follows:

1.) I enabled DSECURE=1 (compile and download to nodes)

2.) Set the Ubiqua TC Link Key to the default key given by ZigBee Alliance { 0x5a, 0x69, 0x67, 0x42, 0x65, 0x65, 0x41, 0x6c, 0x6c, 0x69, 0x61, 0x6e, 0x63, 0x65, 0x30, 0x39 }.

Anything I've missed here?

  • 0
    Guru 735685 points
    Do you use Ubiqua Packet Analyzer to check if the 69-byte packet is sent from ZED?
  • 0 in reply to YiKai Chen
    Expert 2575 points

    Yes, I did. Please refer to the attachment of captured packets. I triggered a button in ZED to send it to private cluster (Line 114 in ubiqua)

    zc-cannot-receive-data-from-zed.zip

    It's a bit weird because there were multiple "Data Request". I've already set the poll rate to:

    /* The number of milliseconds to wait between data request polls to the coordinator. */
-DPOLL_RATE=60000

/* This is used after receiving a data indication to poll immediately
 * for queued messages...in milliseconds.
 */
-DQUEUED_POLL_RATE=100

/* This is used after receiving a data confirmation to poll immediately
 * for response messages...in milliseconds
 */
-DRESPONSE_POLL_RATE=100

/* This is used as an alternate response poll rate only for rejoin request.
 * This rate is determined by the response time of the parent that the device
 * is trying to join.
 */
-DREJOIN_POLL_RATE=440

    I need to poll as little as possible because in my application, I only need to send the sensor data to ZC (more of like 1-way communication). Is it right to say that I need to poll periodically to make sure the ZED is recognized by ZR or ZC that it is alive?

    Hope you can help with this issue.

  • 0 in reply to Bumblebee
    Guru 735685 points
    I see ZED uses profile ID=0x1234 and cluster ID=0x7777 to ZC. Does ZC uses the same profile ID and Cluster ID?
  • 0 in reply to YiKai Chen
    Expert 2575 points
    Yes, definitely. I tried this with DSECURE = 0 and I could receive the data. Just that when I enabled the security, I could no longer receive the 69-byte data from ZED. I did a breakpoint on ZED AF_DataRequest, and saw that it returned afStatus_SUCCESS. Is this perhaps because of the overhead of security?

    I'm quite confused if DSECURE is an APS security of NWK security. Can you explain how to enable each of the security? Perhaps I'm doing something wrong with the settings.
  • 0 in reply to Bumblebee
    Guru 735685 points
    I don't this is anything to do with security enabled. I see the message is sent from ZED and there is MAC ack from ZC. I would suggest you to set a breakpoint in afBuildMSGIncoming of ZC to debug it.
  • 0 in reply to YiKai Chen
    Expert 2575 points
    This is weird. I just disabled the security and enabled it back on. It works now :)

    Questions though:
    1.) Is DSECURE=0/1 is an APS security or NWK security.
    2.) Can you explain how to enable each of the security?
    3.) What is preconfigured key? Is it APS key?
    4.) What is TC Link key? Which security type does it fall - APS or NWK or additional security feature of ZigBee PRO?
  • 0 in reply to YiKai Chen
    Expert 2575 points
    Much appreciated. Thank you!
  • 0 in reply to Bumblebee
    Guru 735685 points
    You are welcome.