WirelessDevNet.com Press Release
EnOcean Shows New Security Concept for Energy Harvesting Sensor Systems at ISC West 2012
EnOcean will present a new security concept for its self-powered wireless sensor systems at the International Security Conference (ISC) West 2012 in Las Vegas (28-30 March; booth 19140). The company is the originator of the energy harvesting wireless sensor technology commonly used in buildings and industrial installations. The innovative technology powers wireless communications by collecting energy from ambient sources -- such as motion, indoor light and temperature differentials. In addition to its fundamental security measures, EnOcean will show an expanded security concept that includes two new functions, "Rolling Code" and "Encryption." This offers an additional level of security that is particularly important for sensitive systems such as smart homes or smart metering.
Self-powered sensor networks
A major application of EnOcean's batteryless wireless technology is for example building automation. Products and systems set up on the energy harvesting, maintenance-free technology can be integrated in all common building automation solutions -- also to communicate over LON, KNX, BACnet, TCP/IP or Ethernet. Security plays an all-important role in these networks. Wireless systems need to be guarded by suitable measures so that access is only granted to those who are authorized.
The EnOcean modules have already fundamental security measures implemented. To avoid transmission errors, a checksum is appended to every data packet. This ensures the integrity of the radio telegrams and prevents transmission errors. Moreover, each EnOcean module has a unique 32-bit identification number (ID) that cannot be changed or copied, which protects against duplication.
At the ISC West EnOcean will present to visitors two enhanced security mechanisms:
Rolling Code - an EnOcean wireless node counts all incoming and outgoing data packets continuously and thus ensures the actuality of the telegrams. A 16-bit rolling code (RC) incremented with each telegram is generated as a constantly changing (i.e. rolling) security mechanism. Telegram header, telegram data and current rolling code are used to calculate a 32-bit message authentication code (MAC). The receiver system can then validate the data packet on the basis of the code.
Encryption - another mechanism is the encryption of data packets by the transmitter. The data is encrypted using either the ARC4 algorithm (Alleged Ron's code 4) with a 32-bit key or, for higher security needs, the AES algorithm with a 128-bit key.
Device manufacturers can combine the rolling code and encryption mechanisms to suit individual needs and so implement different security levels flexibly according to the demands of the respective solutions.
"With the increase of interconnected applications such as smart metering, the issue of data security becomes more important. Automated meter readings of water, electricity and heating consumption could be used illegally, for example, to draw conclusions about the behavior of residents. So it is all the more important to have security concepts that prevent such unauthorized invasion of privacy. The enhanced EnOcean security mechanisms meet these specific requirements," says Jim O'Callaghan, President, EnOcean Inc.
EnOcean is the originator of patented self-powered wireless technology. The company manufactures and markets energy harvesting wireless modules for use in building and industrial automation. EnOcean technology combines miniaturized energy converters with ultra-low-power electronics and robust RF communications. Self-powered wireless technology from EnOcean has been successfully deployed in more than 200,000 buildings worldwide. EnOcean is a promoter of the EnOcean Alliance, a consortium of leading companies from the world's building sector that facilitates the creation of innovative solutions for sustainable buildings. The company currently employs 60 people in Germany and the USA.