Danalock & Silicon Labs Case Study - Embedded Computing

By JAKOB BURON

Senior Staff Engineer, IoT Software

Silicon Labs

October 05, 2018

Story

Danalock & Silicon Labs Case Study - Embedded Computing

To develop the most secure door lock possible, Danalock turned to Z-Wave?s newest security protocol ? S2 ? to achieve that goal.

The Challenge: Develop the most secure connected door lock possible for the smart home to be used by end users and installed by integrators.

To develop the most secure door lock possible, Danalock turned to Z-Wave’s newest security protocol—S2—to achieve that goal. As one of the first smart home companies to implement S2 into their access control product, the reason was simple: “We chose Z-Wave with S2 because it is the most secure,” says Anders Pedersen, a Danalock Electrical Engineer responsible for hardware schematics, layout, antenna designs, and the one responsible for ensuring Z-Wave certification of Danalock’s new product: the Danalock V3.

(To read more about Danalock, check out one of our recent blogs here.)

Anders continues, “When it came time to certify our newest door lock, S2 had just been released and we [Danalock] wanted to make sure we took full advantage of that offering.” In 2017, the Z-Wave Alliance board of directors voted to make the implementation of the S2 security framework mandatory for Z-Wave certified smart home products in April of 2017. However, for Danalock, implementing S2 into their newest lock was never about ticking off a check box. Since day one, it has always been about their customers.

“Security holds a lot of weight for people when the product is a lock,” explains Pedersen. “There are other devices, take for example smart bulbs, where security does not have as great an impact for customers but when it comes to locks, it is very important to have the highest standards of security available and implemented. S2 provides that so we wanted to ensure our product met those specifications.”

The Solution: Z-Wave S2 security framework and the Danalock V3 smart door lock.

Pedersen stated, “the selling point for us, not only as a Z-Wave Alliance member but as a lock manufacturer, was the robust enhancements to security provided by S2.” The newest security protocol was designed from the ground up and developed in partnership with cyber security experts who study hacking and advanced intrusion techniques to equip S2 with best-in-class tools to prevent anyone from accessing your smart home network or devices.

“The implementation of asymmetric encryption with S2 and the creation of public and private keys was a feature we were very excited about,” stated Pedersen. Logistically, this public and private key creation simplifies a major process for manufacturers. “Asymmetric encryption is much easier to handle in production from the perspective of a product manufacturer because it means you only have one location where you embed the private key within the lock that needs to be secure and then, the documentation you provide the customer is the public key. In other words, when we complete a lock, both a private key and public key are created but only the public key is printed and follows the product into the outside world. If you have the public key, you have enough information to ensure secure communication but you do not have enough information to break the secure communication – this is all made possible because of S2.”

Z-Wave devices with S2 have a new layer of security – an additional layer on top of an already secure network – to provide virtually impenetrable protection for smart home devices however, in order to be effective, S2 needs to be easy to implement. Pedersen explains, “the S2 implementation was very straightforward. We started using the SDK very early. We ran into a few challenges as with any implementation and addressed those along the way. The S2 security features were so easy to implement that we almost did not need to do anything because all the heavy lifting was handled in the lower levels of the stack and packaged to us as a product manufacturer in such a way that implementation of S2 was a breeze.”

S2 works to secure communications both locally for home or business-based devices and the hub or gateway for cloud functions and virtually removes the risk of devices being hacked while they are being included in the network by using a QR or pin-code to uniquely authenticate the device. S2 defends against common attacks such as man-in-the-middle and brute force through the implementation of the industry-wide accepted secure key exchange using Elliptic Curve Diffie-Hellman (ECHD), which makes it impossible to decipher the network key.

The End Result?

Security remains a top of mind concern for consumers and those adopting smart home technology. It is especially important to them when it comes to devices that are designed to keep them and their loved ones safe such as access control devices. A lot goes into designing and developing the smart home devices that meet the demands of customers, but with Z-Wave S2, you do not need to be a cyber security expert or have security experts on your team in order to ensure best-in-class security is integrated into your device.

“We’re very happy with the newest version of our product, available today as Z-Wave certified and featuring S2,” Pedersen explains. “For customers who may have already heard of S2 security and understand the benefits it provides and for those looking to buy a product now or in the future that has the most secure solution integrated, we wanted to make the certified Danalock door lock product that customers will feel confident buying and partners will feel comfortable recommending because it supports the highest level of security currently available in the smart home today.” 

I enjoy building software for computers, both large and small. I am happy to have a job where I work with both Linux packet routers and small ARM Cortex and 8051 MCUs. I strive to understand the entire computing stack from CPU architecture to Web technology. Software quality and team productivity is important to me. I firmly believe in using the best tools available to support those values. I'm a strong proponent of continuous integration, automated testing and code reviews.

More from JAKOB

Categories
Consumer