Enhancing Zigbee Security for Industrial Implementation

Abstract: Zigbee network is a popular choice for deploying low power personal area network (LoWPAN). The application areas vary but the most popular are industrial area monitoring and home automation. But Zigbee has been identified to have weak security and is not applicable for industrial implementation. This paper is collaboration with Ericsson to investigate Zigbee network security and implementation. This paper will cover security solutions for Zigbee and touch on how to configure Zigbee network such that it can operate for a long period of time without battery changes. The security solutions will demonstrate how public-key respective symmetric key algorithm can be used for enhancing Zigbee security such that it provide authentication and authorization of joining devices while maintaining confidentiality and integrity of the network communication. Security solutions will also take regards to the power consumption of each proposed solution. For the network configuration part of the thesis, it will present node lifetime for different network configuration, i.e. how polling period between each message will affect the total cur- rent consumption of a node and how the joining procedure, depending on the security solution will affect the total node lifetime. Achieving longer node lifetime is desired because it is assumed that the network will be deployed in remote and unfavorable areas. The result of this paper compares different solutions for enhancing the security. Further, it concludes that Zigbee security with authentication and authorization of joining devices is reached through secret-splitting key establishment - which is the best solution. This is possible while maintaining low power consumption in the network.