zigbee 3.0 has been designed to allow for interoperability between zigbee 3.0 devices and legacy HA and ZLL devices.  With proper configuration, ZLL and HA devices can join zigbee 3.0 networks and similarly zigbee 3.0 devices have the functionality to join legacy legacy networks operating with either ZLL or HA networking.  This KBA will help you understand the configurations necessary for allowing this.


zigbee 3.0 devices on ZLL or HA networks


Making zigbee 3.0 devices which interoperate with ZLL or HA networks in most cases should be straight forward.  zigbee 3.0 devices can and should contain the profiles necessary to join with HA and ZLL networks, realizing that ZLL is an optional piece within zigbee 3.0.


Joining HA Networks should be simple as the zigbee 3.0 network principles are the same as the HA profiles.  The zigbee 3.0 device will just need to be programmed with the ZigBee default link key and joining should be just like any HA device.


Joining a ZLL network would require that the zigbee 3.0 device includes touchlinking within it's profiles and if that is the case, then the zigbee 3.0 device could initiating touchlinking with the network.


ZLL legacy devices on zigbee 3.0 networks


Because touchlinking is an optional piece of network security within zigbee 3.0, this is something that does not need to be implemented within the security policies of zigbee 3.0 networks.  A device fresh out of the box should support touchlinking, but once a decision for this device to form it's own network is made, it can remove ZLL from it's profiles.


So long as ZLL touchlinking is allowed as a policy within the network, ZLL devices will be able to join.


HA legacy devices on zigbee 3.0 networks


To allow HA device on a zigbee 3.0 network there are two pieces that need to be implemented for this to work; the HA profile for networking and the ZigBee default link key.  If both of these are implemented on the zigbee 3.0 network legacy HA devices can easily join the network.  To join a device to the network it would be a standard HA style join.


Note on security and legacy devices on zigbee 3.0 networks


One of the main reasons that zigbee 3.0 exists is because of security issues within the ZigBee Pro framework.  Because of use of a default link key, ZigBee Pro networks are vulnerable to a number of well known exploits.  Care must be taken when implementing the default link key within zigbee 3.0 networks.  Some options include:

  • Using the default link key as the primary link key within the network.  This solves any HA interoperability issues, but with the concerns of wide open security.
  • Using the default link key as a transient link key (a link key with a timeout after which it will no longer work).  This allows HA devices to join a network for a small window, minimizing security vulnerabilities, but it can cause problem if a legacy device associated using the default link key detaches from the network, it won't be able to rejoin using an unsecured rejoin.
  • There is also the question of legacy devices if they can update their link key.

Ultimately interoperability does raise issues with the security that must be explored and carefully considered before deciding on the path to take within a zigbee 3.0 application.

  • ZigBee and Thread
  • Knowledge Base Articles