introduction to csrmesh

August 2014

Introduction to CSRmesh

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014

2 Confidential Cambridge Silicon Radio Limited 2014

CSRmesh overview

CSRmesh creates a mesh network from existing CSR Bluetooth Smart & Smart Ready devices

CSRmesh enables you to increase the scale of what you can control via your mobile device

This presentation is an overview of the CSRmesh capabilities that are enabling innovative products for The Internet of Things

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRmesh network

CSR1010

BLE CSR1010

BLE CSR1010

BLE

Lighting Heating

CSR1010

BLE

module

CSR1010

BLE CSR1010

BLE

Switches

CSR1010

BLE

Thermostats

Sensors

OR OR

Android iPhone PC

Allows you to control anything from

anywhere in the world

Access

CSR1010

BLE

module

CSR1010

BLE

CSR1010

BLE

CSR1010

BLE

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Extends range of Bluetooth Smart by repeating messages No setup required, no hub or access point required for local network

Minimal propagation delay tens of milliseconds for node to node

Messages can be sent to an individual node or to a group Flood mesh no routing tables

No single point of failure

Simple provisioning Smartphone application and QR codes

The network is secure Messages are encrypted to prevent eavesdropping

Optional authentication to prevent man-in-middle attacks

CSRmesh features

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


The network is robust Messages are sent on 3 separate channels

Channels co-exist very well with WiFi

Uses proven CSR silicon CSR101x, CSR8811, CSR8670 etc.

Communicates directly with the phone Unlike ZigBee, Z-wave or any other proprietary protocol

Simple bridging to Bluetooth Smart Ready devices no additional components

Low power consumption 20x times less than WiFi

CSRmesh features

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRmesh

CSR1010 BLE

S1

CSR1010 BLE

L4

CSR1010 BLE

L3

CSR1010 BLE

L2

CSR1010 BLE

L1

CSR1010 BLE

L5

CSR1010 BLE

L8

CSR1010 BLE

L7

CSR1010 BLE

L6

Tx range S1

Tx range L1-L3

Tx range L4-L5

Tx range L6-L8

Broadcast

Re-Broadcast hop1

Re-Broadcast hop2

Re-Broadcast hop3

Smart phone

Config. &

Control

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Devices are organised into secure networks Up to 65535 devices per network

Networks are secured using a network key

Can be pre-generated or derived from a pass phrase 39MargettStreet => 0x56e62270cacd25283c01f2eee3d7e92b

All devices within network are trusted devices

can send messages to any other group of devices

CSRmesh networks

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Devices can be in "multiple networks"

e.g. Hotel Room Lock (guest, maintenance, room service)

e.g. Hotel Room Lighting (guest, maintenance)

Knowledge of one network key does not enable access to other network keys or their functionality

CSRmesh networks

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


All messages within the same network are encrypted with the network key

Used to identify messages within the network

Prevents messages to be relayed to different networks

Message-based authentication rather than device-based authentication

Network key

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Device is a single node in the network

All communication in the network is performed between devices

Devices are associated with the network during association process

At any point in time, device can exhibit one of the roles:

Source

Relay

Destination

Device

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Device is uniquely identified with 128-bit Device UUID

Public Bluetooth addresses have to be purchased from IEEE

Random addresses are not centrally managed and have only 46 bits of uniqueness

Device may still have a Bluetooth address in order to allow direct connections

Device identification

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


128-bit identifier is a significant impact on the packet size

Only limited set of commands are allowed using full 128-bit Device UUID

After association in the network, protocol layer alias full 128-bit UUID with short 16-bit Device ID

Device identification

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Messages from single devices Each device within the network is configured with a unique 16-bit

DeviceID

Devices can be organised into groups

Messages are sent to destinations Either a DeviceID or a GroupID

Broadcast to all devices in the network (id 0x0000)

GroupIDs can therefore be considered to give semantics

Living Room Set Light to 100%

Messages and groups

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Reliable and best effort transactions

Best effort transactions

Reliable transactions

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


While rotating dimmer switch

only send LIGHT_SET_LEVEL_NO_ACK message

When dimmer switch stops moving

send LIGHT_SET_LEVEL message

Example dimmer switch

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


RGB lights can be changed over time

send LIGHT_SET_RGB with color and duration

LIGHT_STATE is sent to acknowledge this command

then LIGHT_STATE is sent once at commanded color

Example RGB light

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Devices are identified using a 128-bit UUID no MAC Address from IEEE is required

self-management of allocated UUIDs

5,316,911,983,139,663,491,615,228,241,121,378,304 devices

For simple provisioning, in addition to broadcasts, devices can publish QR code with their 128-bit UUID

Devices can also publish a 64-bit Authorisation Code for extra security

either as part of the QR-Code

or as a Short Text code

NDhd-pbbD-Hb9D-9frR-b68T

CSRmesh provisioning

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Secure device association to the network and distribution of the network key

Public key exchange to prevent eavesdroppers

Authorisation codes are used to prevent man-in-the-middle attack

Message encryption and authentication Prevents against eavesdropping, replay and man-in-the-middle

attacks

All messages also have Message Authentication Code

Network security

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


To protect against replay attack, each message is sent with a sequence number

Handled by higher layers

Messages with old sequence numbers are discarded

To protect against eavesdropper attack, a public key security algorithm is used

This enables a public key to be exchanged, preventing a third party from being able to listen in to the exchange of the Network Key

To provide security against a man-in-the-middle attack, an Authorisation Code is used

This code is never transmitted over the mesh network, and can be encoded in a QR code or Short Text string

Security

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Consumer grade Protection from replay attacks

Uses public key exchange to protects from eavesdropper attack

Network key can be generated from the passphrase

Secure but doesnt protect from man-in-the-middle attack

No Authorisation Codes (QR code can still be used for device UUID)

MITM attack requires expensive equipment

Security levels

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Industrial grade Protection from replay attacks

Uses public key exchange to protects from eavesdropper attack

Network key can be pre-generated and stored on another medium or generated from the passphrase

Uses Authorisation Codes (QR code or Short Text) to prevent from man-in-the-middle attacks

May require installation

Security levels

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Step 1a Installation

Device has a Barcode Scan barcode using App

App securely distributes

a network key to device

App knows about switch

Switch is now part of Network

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Step 1b Installation

Device has a Barcode Scan barcode using App

App securely distributes

a network key to device

App knows about light. Switch and light are now part of Network

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Step 2: Configuration

User connects switch with light in App

App programs Light to be in Group 1

App programs Switch to be in Group 1

Any number of lights or switches can be in a single group

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Step 3: Use

User presses switch to turn light on

Group1: PowerOn

User presses switch to turns light off

Group1: PowerOff

Messages are secure and quickly & reliably delivered, even in a very large building

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Mesh architecture

System consists of three main elements

Network of devices that use broadcast mechanism for communication

Set of message formats that allow devices to send and receive messages

Set of protocols that define behaviour of the devices P

repare

d for

Hieu B

ui Va

n - cs

e.hcm

ut.ed

u.vn -

Thurs

day,

Septe

mber

25, 2

014


Mesh architecture

System is organised into three hierarchical layers

Bearers

Transport layer

Protocol layer

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Mesh architecture: bearers layer

This layer defines how transport layer messages can be transmitted to one or many devices

Bearers should be able to transmit and receive messages

Bluetooth Smart

non-connectable advertisements

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Mesh architecture: transport layer

Transport layer provides a service to transmit messages across devices in the network

Has no information regarding devices around

No routing

Devices in the network can receive and transmit messages

Some devices in the network can also retransmit messages within the network

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Mesh architecture: transport layer

Devices that can retransmit messages are called relay capable devices

Endless retransmission protection

time-to-live counter

only new messages are retransmitted (relay capable device does not retransmit messages that it has seen before)

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Mesh architecture: protocol layer

Defines multiple protocols that implement device specifics

Mesh Association Protocol

Used to associate devices to the specific network

Mesh Control Protocol

Enables control and monitoring of devices within a specific network

Grouped by models

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Config Server model Device discovery within the model, ID assignments, models

implemented etc.

Group model Controls grouping of the devices by physical location or semantic

meaning (Kitchen, Living Room, Security control etc.)

Power model Power state of the device on, off, standby

Switch model Controls individual switches and changes state of the other

devices or groups

Light model Controls brightness and colour of the light

Models

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


Firmware model Requests and controls the firmware update procedure

Ping model Pings specific device or group of devices in the network and

allows estimation of the network physical topology

Relay model Remotely controls relay capabilities of the device (and bridging to

the other technologies)

Data model Allows streaming of the data in custom format

Battery model, Sensor model, Event model, Volume model, Wall Clock model etc.

Models

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014

CSRmesh development resources

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRsupport www.csrsupport.com/CSRmesh

Open to everyone with CSR Energy access or with a purchase of CSRmesh development kit

CSRmesh library

Application examples on-chip and Android

iOS and PC versions are under development

Documentation

Specification will be open publicly Additional help through forum and wiki

wiki.csr.com/wiki/CSRmesh

forum.csr.com

Resources

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRmesh development board

Part number: DB-CSR1010-10185-1A

New demo vehicle for CSR Mesh applications

RGB LED

2 push buttons (dimmer or volume control)

Slide on-off switch

External IC temperature sensor

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRmesh development kit

Part number: DK-CSR1010-10184-1A

Comprises

3 CSRmesh development boards

Programmer and cables

Quick start guide

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014


CSRmesh 1.0 Targeted for consumer lighting

Light capabilities: on/off, dim, RGB, grouping, configuration, network management, over-the-air update control

CSRmesh 2.0 Adds home automation support

HVAC, home appliance, commercial lighting

Additional capabilities: sensor data, synchronised events, proximity, beacon messages, remote control and other

CSRmesh milestones

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014

39 Confidential Cambridge Silicon Radio Limited 2013 39 Confidential Cambridge Silicon Radio Limited 2014

Prepa

red fo

r Hieu

Bui V

an - c

se.hc

mut.e

du.vn

- Thu

rsday

, Sep

tembe

r 25,

2014

introduction to csrmesh

Documents