1.

INTRODUCTION
ZigBee is a specification for a suite of high level communication protocols using small, low-power digital
radios based on the IEEE 802.15.4-2003standard for wireless personal area networks (WPANs), such as
wireless headphones connecting with cell phones via short-range radio. The technology defined by
the ZigBee specification is intended to be simpler and less expensive than other WPANs, such
as Bluetooth. ZigBee is targeted at radio-frequency (RF) applications that require a low data rate, long
battery life, and secure networking. The ZigBee Alliance is a group of companies that maintain and
publish the ZigBee standard.

ZigBee is a low-cost, low-power, wireless mesh networking proprietary standard. The low cost
allows the technology to be widely deployed in wireless control and monitoring applications, the low
power-usage allows longer life with smaller batteries, and the mesh networking provides high reliability
and larger range.

The ZigBee Alliance, the standards body that defines ZigBee, also publishes application profiles that
allow multiple OEM vendors to create interoperable products. The current list of application profiles
either published or in the works are:

 Home Automation
 ZigBee Smart Energy 1.0/2.0
 Commercial Building Automation
 Telecommunication Applications
 Personal, Home, and Hospital Care
 Toys

The relationship between IEEE 802.15.4 and ZigBee is similar to that between IEEE 802.11 and
the Wi-Fi Alliance. The ZigBee 1.0 specification was ratified on 14 December 2004 and is available to
members of the ZigBee Alliance. Most recently, the ZigBee 2007 specification was posted on 30 October
2007. The first ZigBee Application Profile, Home Automation, was announced 2 November 2007. As
amended by NIST, the Smart Energy Profile 2.0 specification will remove the dependency on IEEE
802.15.4. Device manufacturers will be able to implement any MAC/PHY, such as IEEE 802.15.4(x) and
IEEE P1901, under an IP layer based on 6LowPAN.

ZigBee operates in the industrial, scientific and medical (ISM) radio bands; 868 MHz in Europe,
915 MHz in the USA and Australia, and 2.4 GHz in most jurisdictions worldwide. The technology is

-1-
intended to be simpler and less expensive than other WPANs such as Bluetooth. ZigBee chip vendors
typically sell integrated radios and microcontrollers with between 60K and 128K flash memory, such as
the Jennic JN5148, the Freescale MC13213, the Ember EM250, The Texas Instruments CC2430,
the Samsung Electro-Mechanics ZBS240 and the AtmelATmega128RFA1. Radios are also available
stand-alone to be used with any processor or microcontroller. Generally, the chip vendors also offer the
ZigBee software stack, although independent ones are also available.

Because ZigBee can activate (go from sleep to active mode) in 15 msec or less, the latency can be
very low and devices can be very responsive — particularly compared to Bluetooth wake-up delays,
which are typically around three seconds. Because ZigBee’s can sleep most of the time, average power
consumption can be very low, resulting in long battery life.

The first stack release is now called ZigBee 2004. The second stack release is called ZigBee 2006,
and mainly replaces the MSG/KVP structure used in 2004 with a "cluster library". The 2004 stack is now
more or less obsolete.

ZigBee 2007, now the current stack release, contains two stack profiles, stack profile 1 (simply
called ZigBee), for home and light commercial use, and stack profile 2 (called ZigBee Pro). ZigBee Pro
offers more features, such as multi-casting, many-to-one routing and high security with Symmetric-Key
Key Exchange (SKKE), while ZigBee (stack profile 1) offers a smaller footprint in RAM and flash. Both
offer full mesh networking and work with all ZigBee application profiles.

ZigBee 2007 is fully backward compatible with ZigBee 2006 devices: A ZigBee 2007 device
may join and operate on a ZigBee 2006 network and vice versa. Due to differences in routing options,
ZigBee Pro devices must become non-routing ZigBee End-Devices (ZEDs) on a ZigBee 2006 or ZigBee
2007 network, the same as ZigBee 2006 or ZigBee 2007 devices must become ZEDs on a ZigBee Pro
network. The applications running on those devices work the same, regardless of the stack profile beneath
them.

-2-
1.1 ZIGBEE/IEEE 802.15.4 - GENERAL CHARACTERISTICS:

• Dual PHY (2.4GHz and 868/915 MHz)

• Data rates of 250 kbps (@2.4 GHz), 40 kbps (@ 915 MHz), and 20 kbps (@868 MHz)
• Optimized for low duty-cycle applications (<0.1%)
• CSMA-CA channel access Yields high throughput and low latency for low duty cycle devices
like sensors and controls
• Low power (battery life multi-month to years)
• Multiple topologies: star, peer-to-peer, mesh
• Addressing space of up to:
-18,450,000,000,000,000,000 devices (64 bit IEEE address)
- 65,535 networks
• Optional guaranteed time slot for applications requiring low latency
• Fully hand-shaked protocol for transfer reliability
• Range: 50m typical (5-500m based on environment)

1.2 USES

ZigBee protocols are intended for use in embedded applications requiring low data rates and low power
consumption. ZigBee's current focus is to define a general-purpose, inexpensive, self-organizing mesh
network that can be used for industrial control, embedded sensing, medical data collection, smoke and
intruder warning, building automation, home automation, etc. The resulting network will use very small
amounts of power — individual devices must have a battery life of at least two years to pass ZigBee
certification.

Typical application areas include

 Home Entertainment and Control — Smart lighting, advanced temperature control, safety and
security, movies and music

 Home Awareness — Water sensors, power sensors, energy monitoring, smoke and fire detectors,
smart appliances and access sensors

 Mobile Services — m-payment, m-monitoring and control, m-security and access control, m-
healthcare and tele-assist

-3-
  Commercial Building — Energy monitoring, HVAC, lighting, access control

 Industrial Plant — Process control, asset management, environmental management, energy

management.

1.3 DEVICE TYPES

There are three different types of ZigBee devices:

 ZigBee coordinator (ZC): The most capable device, the coordinator forms the root of the
network tree and might bridge to other networks. There is exactly one ZigBee coordinator in each
network since it is the device that started the network originally. It is able to store information about
the network, including acting as the Trust Centre & repository for security keys.
 ZigBee Router (ZR): As well as running an application function, a router can act as an intermediate
router, passing on data from other devices.
 ZigBee End Device (ZED): Contains just enough functionality to talk to the parent node (either the
coordinator or a router); it cannot relay data from other devices. This relationship allows the node to be
asleep a significant amount of the time thereby giving long battery life. A ZED requires the least
amount of memory, and therefore can be less expensive to manufacture than a ZR or ZC.

-4-
1.4 HISTORY

 ZigBee-style networks began to be conceived in about 1998, when many installers realized that
both Wi-Fi and Bluetooth were going to be unsuitable for many applications. In particular, many
engineers saw a need for self-organizing ad-hoc digital radio networks.
 The IEEE 802.15.4 standard was completed in May 2003.
 In the summer of 2003, Philips Semiconductors, a major mesh network supporter, ceased the
investment. Philips Lighting has, however, continued Philips' participation, and Philips remains a
promoter member on the ZigBee Alliance Board of Directors.
 The ZigBee Alliance announced in October 2004 that the membership had more than doubled in
the preceding year and had grown to more than 100 member companies, in 22 countries. By April
2005 membership had grown to more than 150 companies, and by December 2005 membership had
passed 200 companies.
 The ZigBee specifications were ratified on 14 December 2004.
 The ZigBee Alliance announces public availability of Specification 1.0 on 13 June 2005, known
as ZigBee 2004 Specification.
 The ZigBee Alliance announces the completion and immediate member availability of the
enhanced version of the ZigBee Standard in September 2006, known as ZigBee 2006 Specification.
 During the last quarter of 2007, ZigBee PRO, the enhanced ZigBee specification was finalized.

-5-
 2. BLOCK DIAGRAM OF ZIGBEE

Fig1: ZigBee protocol stack

ZigBee builds upon the physical layer and medium access control defined in IEEE standard
802.15.4 (2003 version) for low-rate WPAN's. The specification goes on to complete the standard by
adding four main components: network layer, application layer, ZigBee device objects (ZDO's) and
manufacturer-defined application objects which allow for customization and favor total integration.

Besides adding two high-level network layers to the underlying structure, the most significant
improvement is the introduction of ZDO's. These are responsible for a number of tasks, which include
keeping of device roles, management of requests to join a network, device discovery and security.

At its core, ZigBee is a mesh network architecture. Its network layer natively supports three types
of topologies: both star and tree typical networks and generic mesh networks. Every network must have
one coordinator device, tasked with its creation, the control of its parameters and basic maintenance.
Within star networks, the coordinator must be the central node. Both trees and meshes allow the use of
ZigBee routers to extend communication at the network level (they are not ZigBee coordinators, but may
act as 802.15.4 coordinators within their personal operating space), but they differ in a few important

-6-
details: communication within trees is hierarchical and optionally utilizes frame beacons, whereas meshes
allow generic communication structures but no router beaconing.

2.1 NETWORK LAYER

The main functions of the network layer are to enable the correct use of the MAC sublayer and provide a
suitable interface for use by the next upper layer, namely the application layer. Its capabilities and
structure are those typically associated to such network layers, including routing.

On the one hand, the data entity creates and manages network layer data units from the payload
of the application layer and performs routing according to the current topology. On the other hand, there
is the layer control, which is used to handle configuration of new devices and establish new networks: it
can determine whether a neighboring device belongs to the network and discovers new neighbors and
routers. The control can also detect the presence of a receiver, which allows direct communication and
MAC synchronization.

The routing protocol used by the Network layer is AODV. In order to find the destination device,
it broadcasts out a route request to all of its neighbors. The neighbors then broadcast the request to their
neighbors, etc until the destination is reached. Once the destination is reached, it sends its route reply via
unicast transmission following the lowest cost path back to the source. Once the source receives the reply,
it will update its routing table for the destination address with the next hop in the path and the path cost.

2.2 APPLICATION LAYER

The application layer is the highest-level layer defined by the specification, and is the effective interface
of the ZigBee system to its end users. It comprises the majority of components added by the ZigBee
specification: both ZDO and its management procedures, together with application objects defined by the
manufacturer, are considered part of this layer.

2.3 MAIN COMPONENTS

The ZDO is responsible for defining the role of a device as either coordinator or end device, as mentioned
above, but also for the discovery of new (one-hop) devices on the network and the identification of their
offered services. It may then go on to establish secure links with external devices and reply to binding
requests accordingly.

The application support sublayer (APS) is the other main standard component of the layer, and as
such it offers a well-defined interface and control services. It works as a bridge between the network layer
and the other components of the application layer: it keeps up-to-date binding tables in the form of a

-7-
database, which can be used to find appropriate devices depending on the services that are needed and
those the different devices offer. As the union between both specified layers, it also routes messages
across the layers of the protocol stack.

2.4 802.15.4 – ZIGBEE PHYSICAL LAYER

ZigBee is a wireless technology developed as an open global standard to address the unique needs of low-
cost, low-power wireless M2M networks. The ZigBee standard operates on the IEEE 802.15.4 physical
radio specification and operates in unlicensed bands including 2.4 GHz, 900 MHz and 868 MHz.

Fig2: Xbee

XBee and XBee-PRO ZB ZigBee modules support the latest ZigBee PRO feature set and allow for
interoperability with ZigBee devices from other vendors. With XBee, users can have their ZigBee
network up-and-running in a matter of minutes.

Fig3: RS-232

XBee and XBee-PRO ZB adapters provide simple ZigBee communication via a variety of connection
options including RS-232, RS-485, digital I/O and analog I/O.

Fig4:Zigbee

Connect Port X gateway sallow you to IP-enable ZigBee networks by aggregating device data and
making that information available over an Ethernet, cellular, or Wi-Fi connection. Connect Port X
gateways offer programmability and configuration options to most effectively manage devices on a
ZigBee network.

-8-
2.5 COMMUNICATION MODELS

Fig5: ZigBee high-level communication model

An application may consist of communicating objects which cooperate to carry out the desired tasks. The
focus of ZigBee is to distribute work among many different devices which reside within individual
ZigBee nodes which in turn form a network (said work will typically be largely local to each device, for
instance the control of each individual household appliance).

The collection of objects that form the network communicate using the facilities provided by
APS, supervised by ZDO interfaces. The application layer data service follows a typical request-
confirm/indication-response structure. Within a single device, up to 240 application objects can exist,
numbered in the range 1-240. 0 is reserved for the ZDO data interface and 255 for broadcast; the 241-254
range is not currently in use but may be in the future.

-9-
There are two services available for application objects to use (in ZigBee 1.0):

 The key-value pair service (KVP) is meant for configuration purposes. It enables description,
request and modification of object attributes through a simple interface based on get/set and event
primitives, some allowing a request for response. Configuration uses compressed XML (full XML can
be used) to provide an adaptable and elegant solution.

 The message service is designed to offer a general approach to information treatment, avoiding
the necessity to adapt application protocols and potential overhead incurred on by KPV. It allows
arbitrary payloads to be transmitted over APS frames.

Addressing is also part of the application layer. A network node consists of an 802.15.4-conformant
radio transceiver and one or more device descriptions (basically collections of attributes which can be
polled or set, or which can be monitored through events). The transceiver is the base for addressing, and
devices within a node are specified by an endpoint identifier in the range 1-240.

- 10 -
 3. ZIGBEE PROTOCOL
The ZigBee protocol has been created and ratified by member companies of the ZigBee Alliance. Over
300 leading semiconductor manufacturers, technology firms, OEMs and service companies comprise the
ZigBee Alliance membership. The ZigBee protocol was designed to provide an easy-to-use wireless data
solution characterized by secure, reliable wireless network architectures.
3.1 ZigBee protocol features include:

• Support for multiple network topologies such as point-to-point, point-to-multipoint and mesh
networks
• Low duty cycle – provides long battery life
• Low latency
• Direct Sequence Spread Spectrum (DSSS)
• Up to 65,000 nodes per network
• 128-bit AES encryption for secure data connections
• Collision avoidance, retries and acknowledgements

Fig 6: Mesh Networks

3.2 MESH NETWORKS
A key component of the ZigBee protocol is the ability to support mesh networking. In a mesh network,
nodes are interconnected with other nodes so that multiple pathways connect each node. Connections
between nodes are dynamically updated and optimized through sophisticated, built-in mesh routing table.

Mesh networks are decentralized in nature; each node is capable of self-discovery on the network. Also,
as nodes leave the network, the mesh topology allows the nodes to reconfigure routing paths based on the

- 11 -
new network structure. The characteristics of mesh topology and ad-hoc routing provide greater stability
in changing conditions or failure at single nodes.

3.3 ZIGBEE APPLICATIONS

ZigBee enables broad-based deployment of wireless networks with low-cost, low-power solutions. It
provides the ability to run for years on inexpensive batteries for a host of monitoring and control
applications. Smart energy/smart grid, AMR (Automatic Meter Reading), lighting controls, building
automation systems, tank monitoring, HVAC control, medical devices and fleet applications are just some
of the many spaces where ZigBee technology is making significant advancements.

Digi ZigBee Technology

Digi is a member of the ZigBee Alliance and has developed a wide range of networking solutions based
on the ZigBee protocol. XBee and XBee-PRO modules and other XBee-enabled devices provide an easy-
to-implement solution that provides functionality to connect to a wide variety of devices.

3.4 ZIGBEE/IEEE802.15.4 - TYPICAL TRAFFIC TYPES ADDRESSED

• Periodic data
• Application defined rate (e.g., sensors)
• Intermittent data
• Application/external stimulus defined rate (e.g., light switch)
• Repetitive low latency data

The ZigBee specification is a combination of HomeRF Lite and the 802.15.4 specification. The spec
operates in the 2.4GHz (ISM) radio band - the same band as 802.11b standard, Bluetooth, microwaves
and some other devices. It is capable of connecting 255 devices per network. The specification supports
data transmission rates of up to 250 Kbps at a range of up to 30 meters. ZigBee's technology is slower
than 802.11b (11 Mbps) and Bluetooth (1 Mbps) but it consumes significantly less power.

The ZigBee membership includes Philips, Honeywell and Invensys Metering Systems, and others
and is responsible for defining and maintaining higher layers above the MAC. The alliance is also
developing application profiles, certification programs, logos and a marketing strategy. Philips
Semiconductors and other chip vendors plan to launch their first ZigBee products as early as 2003.
ZigBee was formerly known as PURLnet, RF-Lite, Firefly, and HomeRF Lite.

- 12 -
 The mission of the ZigBee Working Group is to bring about the existence of a broad range of
interoperable consumer devices by establishing open industry specifications for unlicensed, untethered
peripheral, control and entertainment devices requiring the lowest cost and lowest power consumption
communications between compliant devices anywhere in and around the home.

3.5 LICENSING

For non-commercial purposes, the ZigBee specification is available free to the general public. An entry
level membership in the ZigBee Alliance, called Adopter, provides access to the as-yet unpublished
specifications and permission to create products for market using the specifications.

The click through license on the ZigBee specification requires a commercial developer to join the
ZigBee Alliance. "No part of this specification may be used in development of a product for sale without
becoming a member of ZigBee Alliance." The annual fee conflicts with the GNU General Public License.
From the GPL v2, "b) You must cause any work that you distribute or publish, that in whole or in part
contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all
third parties under the terms of this License." Since the GPL makes no distinction between commercial
and non-commercial use it is impossible to implement a GPL licensed ZigBee stack or combine a ZigBee
implementation with GPL licensed code. The requirement for the developer to join the ZigBee Alliance
similarly conflicts with most other free software licenses.

3.6 Protocols

The protocols build on recent algorithmic research (Ad-hoc On-demand Distance Vector, neuRFon) to
automatically construct a low-speed ad-hoc network of nodes. In most large network instances, the
network will be a cluster of clusters. It can also form a mesh or a single cluster. The current profiles
derived from the ZigBee protocols support beacon and non-beacon enabled networks.

In non-beacon-enabled networks (those whose beacon order is 15), an

unslotted CSMA/CA channel access mechanism is used. In this type of network, ZigBee Routers
typically have their receivers continuously active, requiring a more robust power supply. However, this
allows for heterogeneous networks in which some devices receive continuously, while others only
transmit when an external stimulus is detected. The typical example of a heterogeneous network is
a wireless light switch: The ZigBee node at the lamp may receive constantly, since it is connected to the

- 13 -
mains supply, while a battery-powered light switch would remain asleep until the switch is thrown. The
switch then wakes up, sends a command to the lamp, receives an acknowledgment, and returns to sleep.
In such a network the lamp node will be at least a ZigBee Router, if not the ZigBee Coordinator; the
switch node is typically a ZigBee End Device.

In beacon-enabled networks, the special network nodes called ZigBee Routers transmit periodic
beacons to confirm their presence to other network nodes. Nodes may sleep between beacons, thus
lowering their duty cycle and extending their battery life.

Beacon intervals may range from

• 15.36 milliseconds to 15.36 ms * 214 = 251.65824 seconds at 250 kbit/s,

• 24 milliseconds to 24 ms * 214 = 393.216 seconds at 40 kbit/s

• 48 milliseconds to 48 ms * 214 = 786.432 seconds at 20 kbit/s.

However, low duty cycle operation with long beacon intervals requires precise timing, which can conflict
with the need for low product cost.

In general, the ZigBee protocols minimize the time the radio is on so as to reduce power use. In
beaconing networks, nodes only need to be active while a beacon is being transmitted. In non-beacon-
enabled networks, power consumption is decidedly asymmetrical: some devices are always active, while
others spend most of their time sleeping.

Except for the Smart Energy Profile 2.0, which will be MAC/PHY agnostic, ZigBee devices are
required to conform to the IEEE 802.15.4-2003 Low-Rate Wireless Personal Area Network (WPAN)
standard. The standard specifies the lower protocol layers—the physical layer (PHY), and the media
access control (MAC) portion of the data link layer (DLL).

This standard specifies operation in the unlicensed ISM bands:

• 2.4 GHz (worldwide)

• 915 MHz (Americas)

• 868 MHz (Europe)

. In the 2.4 GHz band there are 16 ZigBee channels, with each channel requiring 5 MHz of bandwidth.

The center frequency for each channel can be calculated as,

FC = [2405 + 5 * (ch - 11)] MHz,

- 14 -
 Where ch = 11, 12... 26.

The radios use direct-sequence spread spectrum coding, which is managed by the digital stream into the
modulator. BPSK is used in the 868 and 915 MHz bands, and OQPSK that transmits two bits per symbol
is used in the 2.4 GHz band.

The raw, over-the-air data rate is

• 250 kbit/s per channel in the 2.4 GHz band

• 40 kbit/s per channel in the 915 MHz band

• 20 kbit/s per channel in the 868 MHz band.

Transmission range is between 10 and 75 meters (33 and 246 feet) and up to 1500 meters for ZigBee pro,
although it is heavily dependent on the particular environment. The maximum output power of the radios
is generally 0 dBm (1 mW).

The basic channel access mode is "carrier sense, multiple access/collision avoidance" (CSMA/CA). That
is, the nodes talk in the same way that people converse; they briefly check to see that no one is talking
before they start. There are three notable exceptions to the use of CSMA. Beacons are sent on a fixed
timing schedule, and do not use CSMA. Message acknowledgments also do not use CSMA.

Finally, devices in Beacon Oriented networks that have low latency real-time requirements may also use
Guaranteed Time Slots (GTS), which by definition do not use CSMA.

- 15 -
 4. ZIGBEE RF4CE
On March 3, 2009 the RF4CE (Radio Frequency for Consumer Electronics) Consortium agreed to work
with the ZigBee Alliance to jointly deliver a standardized specification for radio frequency-based remote
controls. ZigBee RF4CE is designed to be deployed in a wide range of remotely-controlled audio/visual
consumer electronics products, such as TVs and set-top boxes. It promises many advantages over existing
remote control solutions, including richer communication and increased reliability, enhanced features and
flexibility, interoperability, and no line-of-sight barrier.

4.1 SOFTWARE AND HARDWARE

The software is designed to be easy to develop on small, inexpensive microprocessors. The radio design
used by ZigBee has been carefully optimized for low cost in large scale production. It has
few analog stages and uses digital circuits wherever possible.

Even though the radios themselves are inexpensive, the ZigBee Qualification Process involves a
full validation of the requirements of the physical layer. This amount of concern about the Physical Layer
has multiple benefits, since all radios derived from that semiconductor mask set would enjoy the same RF
characteristics. On the other hand, an uncertified physical layer that malfunctions could cripple the battery
lifespan of other devices on a ZigBee network. Where other protocols can mask poor sensitivity or other
esoteric problems in a fade compensation response, ZigBee radios have very tight engineering
constraints: they are both power and bandwidth constrained. Thus, radios are tested to the ISO
17025 standard with guidance given by Clause 6 of the 802.15.4-2006 Standard. Most vendors plan to
integrate the radio and microcontroller onto a single chip.

4.2 COMMUNICATION AND DEVICE DISCOVERY

In order for applications to communicate, their comprising devices must use a common application
protocol (types of messages, formats and so on); these sets of conventions are grouped in profiles.
Furthermore, binding is decided upon by matching input and output cluster identifiers, unique within the
context of a given profile and associated to an incoming or outgoing data flow in a device. Binding tables
contain source and destination pairs.

Depending on the available information, device discovery may follow different methods. When
the network address is known, the IEEE address can be requested using uni cast communication. When it
is not, petitions are broadcast (the IEEE address being part of the response payload). End devices will

- 16 -
simply respond with the requested address, while a network coordinator or a router will also send the
addresses of all the devices associated with it.

This extended discovery protocol permits external devices to find out about devices in a network
and the services that they offer, which endpoints can report when queried by the discovering device
(which has previously obtained their addresses). Matching services can also be used.

The use of cluster identifiers enforces the binding of complementary entities by means of the
binding tables, which are maintained by ZigBee coordinators, as the table must be always available within
a network and coordinators are most likely to have a permanent power supply. Backups, managed by
higher-level layers, may be needed by some applications. Binding requires an established communication
link; after it exists, whether to add a new node to the network is decided, according to the application and
security policies.

Communication can happen right after the association. Direct addressing uses both radio address
and endpoint identifier, whereas indirect addressing uses every relevant field (address, endpoint, cluster
and attribute) and requires that they be sent to the network coordinator, which maintains associations and
translates requests for communication. Indirect addressing is particularly useful to keep some devices
very simple and minimize their need for storage. Besides these two methods, broadcast to all endpoints in
a device is available, and group addressing is used to communicate with groups of endpoints belonging to
a set of devices.

4.3 SECURITY SERVICES

As one of its defining features, ZigBee provides facilities for carrying out secure communications,
protecting establishment and transport of cryptographic keys, cyphering frames and controlling devices. It
builds on the basic security framework defined in IEEE 802.15.4. This part of the architecture relies on
the correct management of symmetric keys and the correct implementation of methods and security
policies.

Basic security model

The basic mechanism to ensure confidentiality is the adequate protection of all keying material. Trust
must be assumed in the initial installation of the keys, as well as in the processing of security information.
In order for an implementation to globally work, its general correctness (e.g., conformance to specified
behaviors) is assumed.

- 17 -
Keys are the cornerstone of the security architecture; as such their protection is of paramount importance,
and keys are never supposed to be transported through an insecure channel. There is a momentary
exception to this rule, which occurs during the initial phase of the addition to the network of a previously
unconfigured device. The ZigBee network model must take particular care of security considerations,
as ad hoc networks may be physically accessible to external devices and the particular working
environment cannot be foretold; likewise, different applications running concurrently and using the same
transceiver to communicate are supposed to be mutually trustworthy: for cost reasons the model does not
assume a firewall exists between application-level entities.

Within the protocol stack, different network layers are not cryptographically separated, so access
policies are needed and correct design assumed. The open trust model within a device allows for key
sharing, which notably decreases potential cost. Nevertheless, the layer which creates a frame is
responsible for its security. If malicious devices may exist, every network layer payload must be
cyphered, so unauthorized traffic can be immediately cut off. The exception, again, is the transmission of
the network key, which confers a unified security layer to the network, to a new connecting device. Point-
to-point encryption is also supported.

4.4 SECURITY ARCHITECTURE

ZigBee uses 128-bit keys to implement its security mechanisms. A key can be associated either to a
network, being usable by both ZigBee layers and the MAC sublayer, or to a link, acquired through pre
installation, agreement or transport. Establishment of link keys is based on a master key which controls
link key correspondence. Ultimately, at least the initial master key must be obtained through a secure
medium (transport or pre installation), as the security of the whole network depends on it. Link and
master keys are only visible to the application layer. Different services use different one-way variations of
the link key in order to avoid leaks and security risks.

Key distribution is one of the most important security functions of the network. A secure network
will designate one special device which other devices trust for the distribution of security keys: the trust
center. Ideally, devices will have the trust center address and initial master key preloaded; if a momentary
vulnerability is allowed, it will be sent as described above. Typical applications without special security
needs will use a network key provided by the trust center (through the initially insecure channel) to
communicate.

- 18 -
Thus, the trust center maintains both the network key and provides point-to-point security. Devices will
only accept communications originating from a key provided by the trust center, except for the initial
master key. The security architecture is distributed among the network layers as follows:

 The MAC sub layers are capable of single-hop reliable communications. As a rule, the security
level it is to use is specified by the upper layers.
 The network layer manages routing, processing received messages and being capable of
broadcasting requests. Outgoing frames will use the adequate link key according to the routing, if it is
available; otherwise, the network key will be used to protect the payload from external devices.
 The application layer offers key establishment and transport services to both ZDO and
applications. It is also responsible for the propagation across the network of changes in devices within
it, which may originate in the devices themselves (for instance, a simple status change) or in the trust
manager (which may inform the network that a certain device is to be eliminated from it). It also
routes requests from devices to the trust center and network key renewals from the trust center to all
devices. Besides this, the ZDO maintains the security policies of the device.

The security levels infrastructure is based on CCM*, which adds encryption- and integrity-only features
to CCM.

- 19 -
4.5 WIRELESS STANDARD

After Wi-Fi and Bluetooth, ZigBee is the one now making noises. Though ZigBee is used for
data transfer on devices within a personal or small area network, it is not being positioned as a
threat to the existing technologies. It is targeted towards networked sensing, monitoring, and
controlling applications rather than actual data transfer on Wi-Fi or file transfer over Bluetooth.

ZigBee is supposed to do what Wi-Fi or Bluetooth are not doing-two-way

communication between multiple devices over simple networks using very less power and at
very low cost. It uses the free 2.4 GHz band and the IEEE-defined 802.15.4 standard. And,
unlike many wireless licensed technologies it is an open standard. ZigBee typically transfers a
few bytes of sensor readings between devices, it requires very low bandwidth, and low power. In
fact, the low power proposition gives it an edge over Bluetooth.

In December 2004, ZigBee 1.0 was accepted as an official standard and it is mandatory
for companies to be member of the ZigBee Alliance for manufacturing Zigbee products. Today
the alliance has over 100 members including Ember, Honeywell, Philips, Samsung, and
Motorola who are working towards rolling out ZigBee devices.

The initial markets earmarked for ZigBee are: home control, building automation, and
industrial automation. The underlying benefit is remote control of multiple systems and their
flexible management. In the home and building segment this can be extended to lighting,
heating, air conditioning, and security systems. In the industrial segment it can be used to
improve asset management and extend existing manufacturing and process control systems
reliably.

Once volumes pick up and acceptance of the technology increases, newer application like
patient and fitness monitoring systems in hospitals will come up. On a larger scale, one could
also expect environmental monitoring and energy management applications.

While we wait for ZigBee to make its commercial entry and prove its efficiency, big
noises are being made about its deployment and the moolah it can bring in. Frost & Sullivan not
only predicts $700 million in ZigBee chipset sale by 2008-up 3400 percent from the $18.8

- 20 -
million in 2004-but it also says there would be minimum of 100 to 150 ZigBee chips in every
home in the world in the next two to three years.

Comparison of Wireless Standards

Market Name ZigBee GPRS/GSM Wi-Fi Bluetooth

Standard 802.15.4 1xRTT/CDMA 802.11b 802.15.1

Application Focus Monitoring & Wide Area Voice & Web, Email, Cable
Control Data Video Replacement

System Resources 4Kb - 32 Kb 16Mb+ 1Mb+ 250Kb+

Battery Life (Days) 100-1,000+ 38,359 .5-5 7-Jan

Network Size Unlimited (264) 1 32 7

Bandwidth (Kb/s) 20-250 64-128+ 11,000+ 720

Transmission Range 1-100+ 1000+ 1-100 1-10+

(Meters)

Success Metrics Reliability, Reach, Quality Speed, Cost,

Power, Cost Flexibility Convenience

Table1:Comparision of wireless networks

According to another report by Industrial Wireless Sensor Networking, almost 85.9 million
industrial wireless sensor network nodes would be deployed by 2010 with 85 percent of them
being ZigBee nodes. West Technology Research Solutions says almost 19 million ZigBee chips
would be shipped in 2006. ABI Research puts almost one million devices on ZigBee in 2005.

Though only time would check the veracity of these figures, the wireless technology certainly
seems to be going on a hype crest. Not long ago Bluetooth was also projected to bring a
revolution in data transfer within devices in the personal area network, but they have gained
some acceptance only when applications over mobile phones were proven. ZigBee has to
demonstrate its usefulness and usage efficiency, without which acceptance level might not be as
high as predicted.

- 21 -
Fig7:ZigBee Application

- 22 -
 Fig 8:ZigBee Connections

4.6 DESIGN PROCESS

The design is made using the CAD program Protel DXP 2004. By using DXP 2004 it is possible
to have the schematics and layout designs in the same program environment. The design process
is basically carried out in two steps. First, the schematics is designed.

Second, the schematics is transferred to a layout. With the layout it is possible to manufacture
Printed Circuit Boards.As previously mentioned the main task of the project was to develop fully
functional ZigBee modules. It was decided to develop two divergent modules. One module that
contains both an Radio Frequency part (RF) and a Microcontroller part (MCU), which is called
"RF+MCU module". The other module only contains the RF part of the system, hereafter called
"RF module". The RF module can be used when divergent MCUs are evaluated. The RF+MCU
module is preferably used when developing a completely new application. The RF-part is in the
two modules identical.

- 23 -
 4.6.1 DESIGN DESCRIPTION

Figure 3.1 shows the block diagram of the RF+MCU module. The circuit is described in detail in
the following sections

4.6.2 COMPONENTS

The system is divided into two main parts i.e., RF and MCU. The RF part handles the actual
radio system, including Balanced to Unbalanced (BalUn) components, a matching network (MN)
and an antenna. The MCU part handles the digital interface and the control circuit.

4.6.3 MICROCONTROLLER UNIT

The MCU used is the ATmega128L chip from Atmel. The ATmega128L chip is fully capable of
operating the ZigBee software stack, since it contains 128 kB of Flash memory. For an FFD the
required memory size is up to 32 kB. The circuit shown in Figure 8 shows only the essential
connections for this application. These are the connections required to program and
communicate with the device, and to interface the microcontroller with the RF transceiver.

Fig9: RF+MCU module block diagram

- 24 -
PROGRAMMING

The modules are designed to support In-System Programming (ISP) via the JTAG interface. The
connections required to program the device using an in-system programmer are listed in Table
3.1. In this design, these signals are routed to a connector (JP1) which then connects to a
programmer. To convert the connector style to a standard JTAG connector a converter is needed.
The used in-system programmer is the AVR JTAGICE mkII from Atmel. It is a very powerful
programmer that also supports debugging using the JTAG interface.

Table 2: Atmel ATmega128L JTAG interface

- 25 -
 Fig 10:8-bit AVR Microcontroller

DATA INTERFACE

The RF+MCU module has a wide range of external data interfaces, this allows the MCU to
communicate with almost any external device. As already mentioned the JTAG interface is very
useful when debugging an application. The JTAG interface is also used to program the MCU.
The Serial Peripheral Interface (SPI) is used to communicate with the RF transceiver. The SPI
interface can also be used to connect other devices to the module. The SPI interface is described
more in the Section 3.2.2. One very commonly used interface is the Universal Synchronous and
Asynchronous Serial Receiver and Transmitter (USART). The USART is used to communicate
with for example a RS-232 or USB chip. The USART uses in particular two pins: Receive Data
(RXD) and Transmit Data (TXD). Some devices, i.e., modems, also use for example

Ready To Send (RTS) and Clear To Send (CTS) signals. There are several I/O pins that
can be used for that purpose. The USART allows the MCU to communicate with any logic-level
USART device that supports standard baud rates. There are two USARTs on the module
connector. To add even more functionality to the module, the Two Wire Interface (TWI) is

- 26 -
routed to the connector. The TWI is fully compatible with the well known I2C standard from
Philips.

The TWI uses only two pins; one clock pin and one data pin. The interface can be used to
communicate with a wide range of devices. There are several pins on the module connector that
can be used as General Purpose Input/Output (GPIO) pins. Even some analog pins are routed to
the connector, which allows for the user to use the integrated 10-bit ADC of the MCU.

CRYSTALS

As shown in Figure 3.2, two external crystals are required for the microcontroller circuit. First,
an 8.000 MHz crystal (X2) is used along with two loading capacitors (C1 and C2) to generate the
system clock of the MCU. It is also possible to use the internal RC-clock, but to meet the timing
accuracy requirement of the IEEE 802.15.4 it is necessary to use an external crystal. Since the
crystal is ultimately used to generate the MAC timing, it must have an overall accuracy of ±40
ppm. Please note that the total accuracy includes initial tolerance, temperature drift and aging.
There are several factors to consider when selecting the 8.000 MHz crystal. One of the goal for
this module was to reduce the size as much as possible, therefore a 5x7 mm crystal is used. For
applications that are more cost-sensitive, a larger package such as the industry-standard HC-49
can be used. To reduce the cost even more the temperature tolerance can be relaxed. Which
package to use is of course application dependent.

The second external crystal, X3, is the Real Time Clock (RTC). The RTC is a 32.768
kHz watch crystal. This crystal is required for the internal low-frequency timer/counter oscillator
which is used when the device is in power-save mode. The MCU has integrated loading
capacitors, which makes external loading capacitors unnecessary. The frequency of the RTC is
chosen such that it is possible to use hours and minutes for the wake-up time of the device, for
instance.

- 27 -
 5. CONCLUSION

We believe that there is definitely a place on the market for ZigBee, since no global standard
exists today in the wireless sensor network area.

Two fully functional ZigBee/802.15.4 modules have been developed. It is possible to

design a module with RF parts on a low cost FR-4 PCB substrate. By using a four layer PCB the
size is reduced significantly.

Finally it is shown that a temperature sensor can be integrated with the developed
ZigBee-ready modules.

- 28 -
 6. REFERENCES

[1] Reinhold Ludvig and Pavel Bretchko, RF Circuit Design - Theory and Applications,

Prenctice Hall 2000, ISBN 0-13-095323-7.

[2] William Stallings, Wireless Communication and Networking, Prenctice Hall 2002,

ISBN 0-13-040864-6.

[3] IEEE Standards 802.15.4, IEEE 2003, ISBN 0-7381-3677-5 SS95127.

[4] Chipcon AS, Chipcon AS SmartRF CC2420 Preliminary Data sheet (rev 1.2)

[5] Atmel Corporation, ATmega128L Data sheet Rev. 2467M-AVR-11/04

[6] ZigBee Alliance, http://www.zigbee.org, 2005-03

[7] Freescale Semiconductor, http://www.freescale.com, 2005-03

[8] Maxim-Ic, http://www.maxim-ic.com, 2005-03

[9] Atmel Corporation, http://www.atmel.com, 2005-03

[10] Chipcon, http://www.chipcon.com, 2005-03

[11] gigaAnt, http://www.gigaant.com, 2005-03

[12] Figure 8 Wireless, http://www._gure8wireless.com, 2005-03

[13] AVR Freaks, http://www.avrfreaks.com, 2005-03

[14] Texas Instruments, http://www.ti.com, 2005-03

- 29 -
LIST OF FIGURES PAGE NO.

Fig1: ZigBee protocol stack 6

Fig2: XBee 8

Fig3: RS-232 8

Fig4: Zigbee 8

Fig5: ZigBee high-level communication model 9

Fig 6: Mesh Networks 11

Fig7: ZigBee Application 22

Fig 8: ZigBee Connections 23

Fig9: RF+MCU module block diagram 24

Fig 10:8-bit AVR Microcontroller 26

LIST OF TABLE PAGE NO.

Table1: Comparison of wireless networks 21

Table 2: Atmel ATmega128L JTAG interface 22

- 30 -