In the IoT Smart Home, Hack-Proof Security Will Be the Differentiator

Porous security in the Internet of Things will do more damage than just stopping forward-thinking industries from reaching their business potential.
By Raoul Wijgergangs

Z-Wave S2: Making the Smart Home Hacker-Proof
Z-Wave has put security front and center to extend its position as a leading enabling technology for smart homes. The protocol has always employed the same robust AES encryption used in online banking, but the technology's latest implementation features the S2 Security Framework, which takes impermeability to even higher levels. The S2 Framework, which is already resident in the latest Z-Wave devices, is about to become a requirement for all Z-Wave-certified products. S2 Security is an ambitious initiative to make smart homes hacker-proof.

With S2 security, Z-Wave devices are able to utilize a PIN or QR code during installation. This means that as Z-Wave nodes are added to a smart-home network, there is no vulnerability during the all-important pairing process, whether from an innocent neighbor's smart-home devices, or from a remote hacker's "sniffing" software.

Additionally, S2 authentication pre-empts two common hacking techniques used on smart objects. Both "man-in-the-middle" attacks, in which an attacker secretly relays or alters communication between two devices, and "brute force" attacks, which employ trial and error to crack user passwords, are blocked by S2.

Because most security breaches originate from outside the home via the internet, Z-Wave offers a Z/IP Gateway solution for securing cloud communications. This technology sends all household IoT communications traffic—including that from devices not powered by Z-Wave—through a secure TLS 1.1 tunnel. In this way, Z-Wave's S2 Security essentially encrypts all correspondence between the smart home and the internet.

Sigma Designs is so confident in Z-Wave's S2 Security that it has put the specification into the public domain, in order to invite scrutiny and challenges to its capabilities. In an IoT market crowded with challengers, ranging from established industry leaders to crowdfunded newcomers, Z-Wave's mandate of state-of-the-art security measures for both devices and cloud applications currently stands alone. We have taken these steps because at Z-Wave, we believe that features and pricing alone can no longer drive adoption in the competitive IoT market. Hacker-proof security is the ultimate IoT differentiator, and it is our job to help developers achieve that worthy goal.

Raoul Wijgergangs is the VP of the Z-Wave Business Unit at Sigma Designs, a company that designs and builds semiconductor-based technologies for IoT-based smart-home and media devices. A veteran in the smart-home IoT industry, Wijgergangs joined Zensys, the founding company of the Z-Wave communication protocol, in 2004. Zensys was acquired by Sigma Designs in 2008. Prior to working at Zensys, he spent a decade at Philips, where he held key positions, including senior director of global sales and marketing for Wi-Fi and Bluetooth. Wijgergangs also helped found Arcadyan, a Philips joint venture with Accton. He holds a Bachelors of Engineering degree in computer science and an M.B.A. degree from the University of Twente, in the Netherlands.

Simply enter a question for our experts.
Sign up for the RFID Journal Newsletter
We will never sell or share your information
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations