It has been mandated by the Alliance Board of Directors that all devices receiving Z-Wave Certification must include new advanced Security 2 (S2) framework after April 2, 2017. Security 2 provides the most advanced security for smart home controllers, gateways, hubs, and devices in the market today. The Z-Wave Alliance, which is an association made up of leading global companies deploying the Z-Wave smart home standard, has extended its leadership position by adding a security requirement to its long-established, interoperability certification. Manufacturers will be required to adopt the strongest levels of IoT security in the industry.
New levels of impenetrability were given to the already secure Z-Wave devices with Z-Wave’s Security 2 framework, which was developed in conjunction with cybersecurity hacking experts. Security 2 removes the risk of devices being hacked while they’re included in the network by securing communication in the hub or gateway for cloud functions and for home-based devices. A QR or pin-code is used on the device itself, making it uniquely authenticated to the network. Man in the middle and brute force common hacks are virtually powerless against the Security 2 framework through the implementation of the industry-wide accepted secure key exchange using Elliptic Curve Diffie-Hellman (ECDH). Z-Wave has also strengthened its cloud communication, making it less vulnerable by allowing the tunnelling of all Z-Wave over IP (Z/IP) traffic through a secure TLS 1.1 tunnel.
Third party test facilities in Europe, US, and Asia (first established to test and certify Z-Wave devices in 2005) will administer the changes to Z-Wave’s technical certification program and check that all S2 security solutions, which contain rules for command classes, timers and devices types, are correctly implemented.
If you’re interested in adding Z-Wave friendly devices to your smart home, call our toll free number at 858-693-8887 (7:30 a.m. to 4:30 p.m. Pacific, Monday – Friday) for free support and product advice.