Whitepaper
Introduction to Z-Wave SmartStart
This whitepaper provides an overview of the Z-Wave SmartStart feature and the key user scenarios. When deploying smart end devices user interaction is often restricted to extremely rudimentary interfaces, such as buttons or switches. The gateway typically presents a more user-friendly interface, through a web browser or a smartphone app.
Summary
This whitepaper provides an overview of the Z-Wave SmartStart feature and the key user scenarios. When deploying smart end devices user interaction is often restricted to extremely rudimentary interfaces, such as buttons or switches. The gateway typically presents a more user-friendly interface, through a web browser or a smartphone app.
Z-Wave SmartStart aims to shift the tasks related to inclusion of an end device into a Z-Wave network away from the end device itself, and towards the more user-friendly interface of the gateway.
Z-Wave SmartStart removes the need for initiating the end device to start inclusion. Inclusion is initiated automatically on power-ON, and repeated at dynamic intervals for as long as the device is not included into a Z-Wave network. As the new device announces itself on power-ON, the protocol will provide notifications, and the gateway can initiate the inclusion process in the background, without the need for user interaction or any interruption of normal operation. This improvement also removes the possibility of other devices being included, as the SmartStart inclusion process only includes authenticated devices.
By moving the device authentication process into the manufacturing and distribution phase or service provider domain, the end user is no longer required to do anything but to power on the devices. This enables a simplified user experience where the device is genuinely ready to use, right out of the box . The device manufacturer or service provider can now prepare inclusion prior to the devices ending up at the end user’s house.
Building on the elements introduced by S2 security, the Z-Wave SmartStart is not only easy for the end user, but also secure. Z-Wave SmartStart uses the same device specific keys (DSK) that form the foundation of the secure inclusion process of S2. Only authorized and intended devices are included in the Z-Wave network. Z-Wave SmartStart is based on the embedded SDK 6.8x and related gateway software components.
This whitepaper is limited in scope to the exchange of the DSK between end device and gateway, and how this process relates to Z-Wave SmartStart. For more information regarding the Z-Wave Security Ecosystem, more details on the key exchange during the inclusion process, and implementation requirements of S2 security, refer to the whitepapers on that topic [1] and ZTS for additional technical information.
Building on Z-Wave S2 Security
Z-Wave SmartStart Under the Hood
This chapter further explores the technical elements of how Z-Wave SmartStart works. It will introduce the main concepts and describe examples of how elements can be used together, to create improvements to the user experience.
Improved Inclusion Process
QR Data Structure
The QR format introduced with S2 features additional data, which enables the optimal user experience of SmartStart in gateways. This data allows gateways to provide the user with information prior to inclusion. In addition to the unique DSK used for authentication, the QR code format also contains product information, including manufacturer and product ID. The extra data also contains information that let the gateway determine if the device supports SmartStart.
Introducing the Provisioning List
Example - Ad-Hoc End User Network Expansion
Example - Service Provider
Example – Removing SmartStart devices from a Z-Wave network
Because SmartStart always includes end devices securely, it is possible to do remote reset of an end device when it is removed from the provisioning list. The gateway can automatically perform these steps. If a device is reset without being removed from the gateway’s provisioning list, it will automatically be included again the next time it is powered on.
High Level Overview of Z-Wave SmartStart Implementation
This chapter gives a high level overview for developers that can be used for initial implementation planning, and describes the requirements to implement Z-Wave SmartStart for different types of products. The document focus on new device development, although the same guidelines apply for porting devices to the latest application framework to enable SmartStart.
Developers that are creating a portfolio of devices may require the implementation of different Z-Wave devices types; for example, both end devices and a gateway. This chapter is not intended as an implementation guide or for certification requirements. Those are covered in the relevant documentation on ZTS.
End Device
For new end devices, the application framework already provides most of the S2 and SmartStart work. This is done by implementing end devices as S2 Authenticated or S2 Access Control devices, complete with DSK, and manufactured with the QR code printed on the device. Best practices also recommend that the QR code is also placed on the outside of the product box, allowing distribution centers to provision the devices to a customer without anyone having to open the boxes. This ensures that products arrive at the end user without any box content missing, or accidental drainage of battery.
Migrating to SDK 6.8x (the embedded SDK version supporting Z-Wave SmartStart) from an S2 enabled device is a simple process. There are no new command classes to implement. Some minor modifications to the inclusion process make the device transmit SmartStart inclusion requests when it is not yet part of a network. It is important that product developers maintain the functionality to support classic inclusion. This ensures that devices can still be included by controllers that do not support SmartStart. The protocol changes build on top of classic inclusion, and require no additional work from the developer side.
To test an end device’s SmartStart functionality without access to a commercial gateway supporting the feature, developers can use the tools provided in the Z-Wave development kit.
Only existing OTA devices manufactured as S2 Authenticated or S2 Access Control devices can be OTA updated to support SmartStart. Other devices will either not have the unique S2 DSK, or will not have the means for the user to read out the DSK. Without a DSK to read out, a device cannot be added to a SmartStart provisioning list.
Gateway
The most important part of implementing SmartStart in a gateway is management of the provisioning list, which is covered by the following functionality:
- Include device: Functionality to include a device on the provisioning list into the network.
- Manage devices on the provisioning list: Functionality to add/remove/query devices on the provisioning list.
- Obtain DSK from a device: Functionality to scan, enter, or otherwise transport the DSK from a device to the provisioning list.
- Classic inclusion: A method for a user to enter classic inclusion mode on the gateway, for devices not supporting SmartStart.
Best practices recommend the implementation of each component independently, for easier planning, testing, and future maintenance with updated functionality.
Include Devices
This component handles inclusion requests from SmartStart capable devices. The device’s DSK is crossreferenced against the provisioning list and the device is included if authenticated.
For gateways based on the ZIPGW middleware, this process is handled automatically. For gateways not based on ZIPGW middleware, functionality that handles inclusion requests, and initiates the appropriate inclusion protocol commands, must be implemented.
This component also initiates update of the gateway UI to make the new end device available to the end user.
Manage Devices on the Provisioning List
This component allows manipulation of the provisioning list, making it possible to add and remove devices. Best practices recommend that the gateway user interface should show the list and status of devices. The user can use this to confirm if a specific device is on the list and if it is currently included in the network.
For gateways based on the ZIPGW the provisioning list is contained in ZIPGW, and API calls for manipulating the list are available. An implementation of a user interface must allow the user to add or remove devices. For gateways not based on ZIPGW the provisioning list storage as well as functions to manipulate the list must be included in the implementation.
An important thing to remember is to remove devices from the provisioning list if they are excluded manually by classic exclusion. Removing the device from the provisioning list is important if the device is to be used in another nearby network, as it may be included again automatically in the first network if it is still in the provisioning list of the first gateway.
Obtain DSK from Device
This component can have a lot of variance, depending on the architecture of the gateway product and the end devices. All products will have QR codes with the DSK available, while some products may offer alternative means of obtaining the key. For simplicity, this document is focused on generic products with QR codes.
There are two main ways to obtain the DSK of a device:
- Recommended: Utilize a smartphone camera to scan and decode the QR code, particularly if the gateway already has a smartphone app that can be used as an administrative interface, showing the included end device on the gateway provisioning list
- Alternative: The user can enter the DSK in an input field using a keyboard or keypad. Best practices recommend implementation of both if possible, to give end users an alternative if a QR code will not scan, e.g. because it was damaged.
Classic Inclusion
For interoperability, the gateway must maintain the capability to include devices using classic inclusion. Best practices recommend implementing user assistance in the user interface if a device does not have a QR code
to scan or a DSK to enter. When using classic inclusion the user interface should inform the user to initiate inclusion on the end device.
Service Provider Backend
This section assumes a gateway implemented with Z-Wave SmartStart, as well as connection to the service provider backend with means to control the Z-Wave gateways remotely.
In order to provide a good service to end users, the service provider backend must have access to the gateway provisioning list, and information regarding the devices shipped to an end user. Once the backend process is in place for obtaining the DSKs of end devices shipped to a customer, they need to be transferred to the gateway. When using ZIPGW, API calls for adding DSKs to the provisioning list are provided for the backend to use. When using a custom middleware implementation, the method will depend on the middleware implementation.
It is important to ensure that the gateway user interface has the means to manually import DSKs to the provisioning list. This ensures an alternative method for adding devices, in the event that something has gone wrong in the backend process. It will also support scenarios where a technician has brought a replacement device along or the user has purchased a new device from a local home improvement store.
Starter Kit Controller
The purpose of the starter kit controller is to provide network management functionality for a Z-Wave starter kit with end devices. It is capable of setting up a network of the devices in the kit, and configuring basic operating functions, such as turning devices ON/OFF, by pressing buttons.
A starter kit controller can come in a number of different architectural designs that are treated differently in SmartStart implementation. If the controller is based on ZIPGW it mainly follows the guidelines for the gateway. It is still a best practice to maintain as much generic functionality as possible to make the device more useful. Please refer to certification guidelines for controllers for more information [2].
For starter kit controllers on embedded platforms that cannot use the ZIPGW middleware, the implementation requires a few more steps. A general prerequisite is that the developer has already implemented and certified the controller as S2 compliant. Programming the provisioning information during production ensures that the simple controller is not dependent on an online service to obtain the DSKs of the included devices before it can construct the network. In the future this implementation will be supported in the SDK allowing for fast an easy product creation based on sample code.
For Existing Products - Start with implementing S2 security
SmartStart requires S2 security. For all existing devices, the first step is to port the application to the latest application framework and implement support for S2 Authenticated and/or S2 Access Control. Because Z-Wave SmartStart relies heavily on the availability of the unique device specific keys (DSKs) introduced with S2 security, the unauthenticated class is not supporting SmartStart. Best practice is to certify products on the respective S2 SDK releases prior to starting SmartStart implementation. This ensures that any implementation related to S2 is already completed, and implementation of SmartStart will be faster.