Z-Way: Unsecure Inclusion Issue

Discussion about Z-Uno product. Visit http://z-uno.z-wave.me for more details.
Post Reply
N2641D
Posts: 6
Joined: 06 Feb 2019 13:34

Z-Way: Unsecure Inclusion Issue

Post by N2641D »

Hi,
I'm currently investigating the Z-Way Expert UI software. There is something where I would need some help to understand Z-Way's functionality.

When performing an inclusion of a ZGM130S based always on slave, the full interview session works very fine when using the Network->Control->Device Management: "Force unsecure inclusion" switch. When not using that switch, however, selecting an unsecure inclusion (see attached screen shot) the Z-Way controller still seeks for a "KEX Get" response.

16.03.2021 14:43:16 1 58 100 kbps -75 dBm - - KEX Get

which, of course, will not be answered by the Silicon Labs ZGM130S Z-Wave stack and therefore will result as a "unfinished interview". There are no issues with any of the other options (S0, S2 unauthenticated, S2 authenticated) for inclusion which do finish 100%. Just the one way of inclusion finishes with an "unfinished interview" for command class SECURITY_2.

Any advice? Thanks for your help!.



Screen Shot 2021-03-16 at 14.52.03.png
Screen Shot 2021-03-16 at 14.52.03.png (62.46 KiB) Viewed 1434 times
-----------------------------------------------------------------
For Information:


/**
* Please see the description of app_node_information_t.
*/
static uint8_t cmdClassListNonSecureNotIncluded[] =
{
COMMAND_CLASS_ZWAVEPLUS_INFO, // Z-Wave Plus v2 root device MUST
COMMAND_CLASS_ASSOCIATION,
COMMAND_CLASS_MULTI_CHANNEL_ASSOCIATION_V2,
COMMAND_CLASS_ASSOCIATION_GRP_INFO,
COMMAND_CLASS_TRANSPORT_SERVICE_V2,
COMMAND_CLASS_VERSION,
COMMAND_CLASS_MANUFACTURER_SPECIFIC,
COMMAND_CLASS_DEVICE_RESET_LOCALLY,
COMMAND_CLASS_INDICATOR,
COMMAND_CLASS_POWERLEVEL,
COMMAND_CLASS_SECURITY_2,
COMMAND_CLASS_SUPERVISION,
COMMAND_CLASS_FIRMWARE_UPDATE_MD_V5,

COMMAND_CLASS_CONFIGURATION_V4, // root device optional
COMMAND_CLASS_NOTIFICATION_V4,
COMMAND_CLASS_SENSOR_BINARY_V2,
COMMAND_CLASS_SENSOR_MULTILEVEL_V11,
COMMAND_CLASS_MULTI_CMD
};

/**
* Please see the description of app_node_information_t.
*/
static uint8_t cmdClassListNonSecureIncludedSecure[] =
{
COMMAND_CLASS_ZWAVEPLUS_INFO,
COMMAND_CLASS_TRANSPORT_SERVICE_V2,
COMMAND_CLASS_SECURITY_2,
COMMAND_CLASS_SUPERVISION,

COMMAND_CLASS_CONFIGURATION_V4, // root device optional
};

/**
* Please see the description of app_node_information_t.
*/
static uint8_t cmdClassListSecure[] =
{
COMMAND_CLASS_VERSION,
COMMAND_CLASS_ASSOCIATION,
COMMAND_CLASS_MULTI_CHANNEL_ASSOCIATION_V2,
COMMAND_CLASS_ASSOCIATION_GRP_INFO,
COMMAND_CLASS_MANUFACTURER_SPECIFIC,
COMMAND_CLASS_DEVICE_RESET_LOCALLY,
COMMAND_CLASS_INDICATOR,
COMMAND_CLASS_POWERLEVEL,
COMMAND_CLASS_FIRMWARE_UPDATE_MD_V5,

COMMAND_CLASS_NOTIFICATION_V4,
COMMAND_CLASS_SENSOR_BINARY_V2,
COMMAND_CLASS_SENSOR_MULTILEVEL_V11,
COMMAND_CLASS_MULTI_CMD
};
User avatar
PoltoS
Posts: 6334
Joined: 26 Jan 2011 19:36

Re: Z-Way: Unsecure Inclusion Issue

Post by PoltoS »

If you don't want to grant any key, use unsecure inclusion. Otherwise the interview will fail for an obvious reason.
N2641D
Posts: 6
Joined: 06 Feb 2019 13:34

Re: Z-Way: Unsecure Inclusion Issue

Post by N2641D »

Thank you for your information. However, I lack the logic that Z-Way itself wouldn't use insecure inclusion if none of the security options were selected. But my thought might be too philosophical :-)
User avatar
PoltoS
Posts: 6334
Joined: 26 Jan 2011 19:36

Re: Z-Way: Unsecure Inclusion Issue

Post by PoltoS »

May be you are right. We should think about it.
Post Reply