EnOcean Energy Harvesting, KNX and data security
Issue 02-2015:
read all articles online
read as pdf
The smart home, and thus the building systems engineering of the future, would be inconceivable without wireless technology that offers secure data transmission. Suitable KNX/EnOcean gateways can help by allowing installers to seamlessly integrate data-secure and simultaneously self-powered wireless sensors into a KNX system. The result is an integrated system composed of powerful building systems with secure wireless communication.
The KNX bus standard controls heating, lighting, blinds, ventilation and security systems across disciplines and according to demand. A future-oriented control concept also requires a large number of sensors that detect building states and measured values. “Energy harvesting” is therefore an ideal addition to building systems engineering. The wireless sensors are thus completely maintenance-free and their placement is flexible. At the same time, the wireless communication is encrypted. As a result, they meet even today’s secure data transmission requirements in smart homes.
Data security – high requirements
Unwanted data collection and system manipulation are challenges that need to be taken seriously, especially in the critical smart home mass market.
Therefore, both transmission security and data security play a key role in wireless communication. A radio frequency that has high channel availability guarantees transmission security. The EnOcean wireless technology uses license-free frequency bands sub 1 GHz for this purpose. Multiple telegram transmissions establish redundancy, either by sending telegrams multiple times as a precaution (with unidirectional transmission) or by using energy-efficient “Smart Acknowledge” processes, depending on success. A one-time identification number of the wireless transmitter (32-bit ID), which cannot be changed or copied, also prevents duplicates.
Self-powered wireless technology also makes data more secure with “enhanced security.” This approach adds rolling code and AES 128 encryption to the established radio protocol. A 24-bit rolling code (RC), which is incremented with each telegram, is used as a basis for calculating a 32-bit cipher-based message authentication code (CMAC). The CMAC uses the 128-bit AES encryption algorithm. The sender encrypts the data packets by enciphering the data with a 128-bit AES algorithm.
Energy harvesting and data security – accustomed haptics and range of an EnOcean wireless switch
A high data rate is important for secure data transmission, since more data has to be transmitted than with a protocol that provides only transmission security. Since EnOcean’s 124 kbit/s wireless technology also significantly optimizes the telegram overhead, the EnOcean switch telegram only needs 1.2 ms for transmission, including encryption and rolling code (CMAC).
The energy demand of the transmitting electronics is a minimal 120 µJ. The actuation energy at the converter is thus typically approximately 1.25 mJ. When the button is operated, the actuating force rises to approximately 8 N over a distance of around 2 mm, typical for the haptics of building switches. The actuating haptics of an EnOcean wireless switch, including data encryption and full transmitter range, is thus within the customary range of an established light switch.
The efficiency of an electrodynamic energy converter cannot be increased very much within this energy range. Nor can the mechanical idiosyncrasy of the “switch” system be significantly changed. Telegrams that are longer than 1.2 ms, such as those used in EnOcean wireless technology, inevitably result in higher forces or longer actuating paths. A wireless telegram that has, for example, a much lower data rate, would have to overcome physical limits for an energy harvesting switch.
Gateway – the link between the KNX bus and data-secure energy harvesting wireless systems
A wide range of switches, sensors and actuators that support encrypted EnOcean wireless technology have been available since early 2015. Corresponding wall switches, remote controls, window contacts and actuators can be purchased wholesale. In addition, several providers plan to expand their KNX EnOcean gateways with encrypted wireless communication.
Along with security, downward compatibility is also important. Both the new EnOcean wireless transmitters and the new wireless receivers are designed to optionally send and receive the previous transmissionsecure radio telegrams as well as the new telegrams with additional data security. A KNX gateway that decodes encrypted telegrams can also continue to process standard telegrams.