Grab Your Free Pass to CEDIA Expo 2018 -- Limited Time Offer!

Control & Automation

Z-Wave Smart-Home Devices Just Got a Security Mandate

The Z-Wave Alliance will now require mandatory implementation of the new Security 2 (S2) framework.


Z-Wave Smart-Home Devices Just Got a Security Mandate
The Alliance Board of Directors voted unanimously in November 2016 to require mandatory implementation of the new Security 2 (S2) framework.
Chelsea Cafiero · April 6, 2017

The Z-Wave Alliance has been working with chipmaker Sigma Designs to develop new security standards for all Z-Wave devices, and now the alliance will require strict and uniform adoption of a new security protocol for all Z-Wave devices receiving certification.

The Alliance Board of Directors voted unanimously in November 2016 to require mandatory implementation of the new Security 2 (S2) framework, calling it “the most advanced security for smart home devices and controllers, gateways and hubs in the market today.”

According to a 2016 AT&T study, 58 percent of companies reported they were not confident in the security of connected devices. Other consumer studies have shown that security and privacy is a major concern among those looking to adopt smart home.

“We are absolutely committed to making Z-Wave the safest, most secure ecosystem of smart devices on the global market,” says Mitchell Klein, executive director of the Z-Wave Alliance. “Our work, in conjunction with the entire Alliance membership, will ensure that developers, service providers, manufacturers and consumers alike will look to Z-Wave as the most trusted solution with the highest levels of protection.”

Z-Wave’s S2 Framework

Z-Wave’s technical certification program, which is administered through 3rd party test facilities in Europe, US and Asia, will check that all S2 security solutions, which contain rules for command classes, timers and device types are correctly implemented in every new certified device. S2 devices will also be backwards compatible with existing devices on the market.

The Z-Wave S2 framework was developed in conjunction with the cybersecurity expert community to give the already secure Z-Wave devices new levels of impenetrability. By securing communication both locally for home-based devices and in the hub or gateway for cloud functions, S2 aims to virtually remove the risk of devices being hacked while they are included in the network. By using a QR or pin-code on the device itself the devices are uniquely authenticated to the network as well.

The framework is designed to render common hacks such as man in the middle and brute force powerless, through the implementation of the industry-wide accepted secure key exchange using Elliptic Curve Diffie-Hellman (ECDH).

Z-Wave also strengthened its cloud communication, enabling the tunnelling of all Z-Wave over IP (Z/IP) traffic through a secure TLS 1.1 tunnel, removing vulnerability.


This week at ISC West 2017 in Las Vegas, August Home launched a Z-Wave smart lock for home-automation and security pros. Read more here.



  About the Author

Chelsea Cafiero is Senior Web Editor of CE Pro. She also manages the corresponding websites of sister publications Commercial Integrator, Security Sales & Integration, Campus Safety and Electronic House. Chelsea has previously covered politics, local news and consumer electronics. She joined the CE Pro family in 2012. Have a suggestion or a topic you want to read more about? Email Chelsea at ccafiero@ehpub.com

Follow Chelsea on social media:
Twitter · LinkedIn

Chelsea also participates in these groups:
LinkedIn · Google+

View Chelsea Cafiero's complete profile.



  Article Topics


Control & Automation · Automation · Security · News · Cybersecurity · IoT · Z-Wave · All Topics
CE Pro Magazine

Grab Your Free Pass to CEDIA Expo -- Limited Time Offer

More than 20,000 home tech pros and 500+ exhibitors convene for the leading event for home technology professionals. It will be held September 4-8 in San Diego, CA. Register today for your free pass.

Register Today!

Comments

There are no comments. Be the first to post!
There are no comments. Be the first to post!