Introduction To CSRmesh

Pr
ep
ar
ed
u
fo
rH
ie
iV
Bu
an
cm
-c
se
.h
.e
du
.v
ut
-T
hu
da
rs
ep
y,
S
te
m
be
r2
5,
14
August 2014
20
Introduction to CSRmesh
CSRmesh overview
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
CSRmesh creates a mesh

network from existing CSR
Bluetooth Smart & Smart
Ready devices
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
CSRmesh enables you to

increase the scale of what
you can control via your
mobile device
Confidential Cambridge Silicon Radio Limited 2014
This presentation is an
overview of the CSRmesh
capabilities that are enabling
innovative products for The
Internet of Things
CSRmesh network
Heating
Thermostats
ep
Sensors
CSR1010
BLE
.e
du
.v
Allows you to control anything from

anywhere in the world
-c
se
.h
cm
ut
Switches
-T
hu
rs
da
CSR1010 CSR1010 CSR1010

BLE
BLE
BLE
CSR1010
BLE
module
y,
S
CSR1010
BLE
module
te
m
be
r2
5,
20
14
Lighting
CSR1010
BLE
Bu
Access
fo
rH
ie
CSR1010
BLE
OR
OR
Pr
ep
ar
ed
CSR1010
BLE
iV
an
CSR1010
BLE
Android
iPhone
PC
CSR1010
BLE
CSRmesh features
5,
20
14
Extends range of Bluetooth Smart by repeating messages

y,
S
ep
te
m
be
r2
No setup required, no hub or access point required for local network

Minimal propagation delay tens of milliseconds for node to node
-T
n
cm
ut
.e
du
.v
Flood mesh no routing tables

No single point of failure
hu
rs
da
Messages can be sent to an individual node or to a group
-c
se
.h
Simple provisioning
Bu
iV
an
Smartphone application and QR codes

fo
rH
ie
The network is secure

Pr
ep
ar
ed
Messages are encrypted to prevent eavesdropping

Optional authentication to prevent man-in-middle attacks
CSRmesh features
5,
20
14
The network is robust
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
Messages are sent on 3 separate channels

Channels co-exist very well with WiFi
Uses proven CSR silicon CSR101x, CSR8811, CSR8670 etc.
cm
ut
Communicates directly with the phone
fo
rH
ie
Bu
iV
an
-c
se
.h
Unlike ZigBee, Z-wave or any other proprietary protocol

Simple bridging to Bluetooth Smart Ready devices no additional
components
Pr
ep
ar
ed
Low power consumption

20x times less than WiFi
y,
S
ep
te
m
be
r2
5,
20
14
CSRmesh
CSR1010 BLE
L1
hu
rs
da
CSR1010 BLE
L6
Smart phone
Config. &
Control
-c
se
.h
cm
ut
.e
du
.v
-T
CSR1010 BLE
L4
CSR1010 BLE
L2
CSR1010 BLE
L5
Broadcast
fo
rH
ie
Bu
iV
an
CSR1010 BLE
S1
CSR1010 BLE
L7
ep
ar
ed
Re-Broadcast hop1
CSR1010 BLE
L8
CSR1010 BLE
L3
Re-Broadcast hop2
Pr
Tx range S1
Tx range L1-L3
Re-Broadcast hop3
Tx range L4-L5
Tx range L6-L8
CSRmesh networks
5,
20
14
Devices are organised into secure networks

y,
S
ep
te
m
be
r2
Up to 65535 devices per network
hu
rs
da
Networks are secured using a network key

.e
du
.v
-T
Can be pre-generated or derived from a pass phrase
an
-c
se
.h
cm
ut
39MargettStreet => 0x56e62270cacd25283c01f2eee3d7e92b

Bu
iV
All devices within network are trusted devices
Pr
ep
ar
ed
fo
rH
ie
can send messages to any other group of devices
CSRmesh networks
5,
20
14
Devices can be in "multiple networks"
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
e.g. Hotel Room Lock (guest, maintenance, room service)

e.g. Hotel Room Lighting (guest, maintenance)
Knowledge of one network key does not enable access to
other network keys or their functionality
Network key
ep
te
m
be
r2
5,
20
14
All messages within the

same network are encrypted
with the network key
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
Used to identify messages

within the network
Prevents messages to be
relayed to different networks
Message-based
authentication rather than
device-based authentication
Device
te
m
be
r2
5,
20
14
Device is a single node in

the network
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
All communication in the

network is performed between
devices
Devices are associated with
the network during association
process
At any point in time, device

can exhibit one of the roles:
Source
Relay
Destination
10
Device identification
te
m
be
r2
5,
20
14
Device is uniquely identified

with 128-bit Device UUID
Device may still have a

Bluetooth address in order to
allow direct connections
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
Public Bluetooth addresses

have to be purchased from
IEEE
Random addresses are not
centrally managed and have
only 46 bits of uniqueness
11
Device identification
ep
te
m
be
r2
5,
20
14
128-bit identifier is a
significant impact on the
packet size
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
Only limited set of commands

are allowed using full 128-bit
Device UUID
After association in the
network, protocol layer alias
full 128-bit UUID with short
16-bit Device ID
12
Messages and groups

5,
20
14
Messages from single devices
-T
hu
rs
da
y,
S
ep
te
m
be
r2
Each device within the network is configured with a unique 16-bit

DeviceID
Devices can be organised into groups
ut
.e
du
.v
Messages are sent to destinations
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
Either a DeviceID or a GroupID

Broadcast to all devices in the network (id
0x0000)
Pr
ep
ar
ed
GroupIDs can therefore be

considered to give semantics
Living Room Set Light to 100%
13
Reliable and best effort transactions
an
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
Reliable transactions
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Best effort transactions
14
Example dimmer switch

5,
20
14
While rotating dimmer switch

ep
da
y,
S
When dimmer switch stops moving
te
m
be
r2
only send LIGHT_SET_LEVEL_NO_ACK message
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
send LIGHT_SET_LEVEL message
15
20
5,
RGB lights can be changed over time
14
Example RGB light
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
send LIGHT_SET_RGB with color and duration

LIGHT_STATE is sent to acknowledge this command
then LIGHT_STATE is sent once at commanded color
16
CSRmesh provisioning
r2
te
m
be
ep
y,
S
no MAC Address from IEEE is required

self-management of allocated UUIDs
5,
20
14
Devices are identified using a 128-bit UUID
.e
du
.v
-T
hu
rs
da
5,316,911,983,139,663,491,615,228,241,121,378,304 devices
Bu
iV
an
-c
se
.h
cm
ut
For simple provisioning, in addition to broadcasts,

devices can publish QR code with their 128-bit UUID
ep
ar
ed
fo
rH
ie
Devices can also publish a 64-bit

Authorisation Code for extra security
Pr
either as part of the QR-Code

or as a Short Text code
NDhd-pbbD-Hb9D-9frR-b68T
17
Network security
te
m
be
r2
5,
20
14
Secure device association to the network and distribution

of the network key
.e
du
.v
-T
hu
rs
da
y,
S
ep
Public key exchange to prevent eavesdroppers

Authorisation codes are used to prevent man-in-the-middle attack
cm
ut
Message encryption and authentication
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
Prevents against eavesdropping, replay and man-in-the-middle

attacks
All messages also have Message Authentication Code
18
Security
te
m
be
r2
5,
20
14
To protect against replay attack, each message is sent

with a sequence number
hu
rs
da
y,
S
ep
Handled by higher layers

Messages with old sequence numbers are discarded
ut
.e
du
.v
-T
To protect against eavesdropper attack, a public key

security algorithm is used
Bu
iV
an
-c
se
.h
cm
This enables a public key to be exchanged, preventing a third

party from being able to listen in to the exchange of the Network
Key
ep
ar
ed
fo
rH
ie
To provide security against a man-in-the-middle attack,

an Authorisation Code is used
Pr
This code is never transmitted over the mesh network, and can be
encoded in a QR code or Short Text string
19
Security levels
20
5,
r2
-T
hu
rs
da
y,
S
ep
te
m
be
Protection from replay attacks

Uses public key exchange to protects from eavesdropper attack
Network key can be generated from the passphrase
Secure but doesnt protect from man-in-the-middle attack
.e
du
.v
14
Consumer grade
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
No Authorisation Codes (QR code can still be used for device UUID)
MITM attack requires expensive equipment
20
Security levels
5,
20
14
Industrial grade
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
Protection from replay attacks

Uses public key exchange to protects from eavesdropper attack
Network key can be pre-generated and stored on another medium
or generated from the passphrase
Uses Authorisation Codes (QR code or Short Text) to prevent from
man-in-the-middle attacks
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
May require installation
21
Step 1a Installation
Device has a Barcode
App securely distributes

a network key to device
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Scan barcode using App
App knows about switch

Switch is now part of Network
22
Step 1b Installation
Device has a Barcode
App securely distributes

a network key to device
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Scan barcode using App
App knows about light. Switch

and light are now part of Network
23
Step 2: Configuration
te
m
be
r2
5,
20
14
User connects switch with light in App
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
App programs Light to be in Group 1
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
App programs Switch to be in Group 1
Pr
Any number of lights or switches

can be in a single group
24
r2
5,
20
14
Step 3: Use
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
User presses switch to turn light on

Group1: PowerOn
-c
se
.h
User presses switch to turns light off
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
Group1: PowerOff
Messages are secure and

quickly & reliably delivered,
even in a very large building
25
Mesh architecture
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
System consists of three

main elements
Network of devices that
use broadcast
mechanism for
communication
Set of message formats
that allow devices to
send and receive
messages
Set of protocols that
define behaviour of the
devices
26
Mesh architecture
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
System is organised into

three hierarchical layers
Bearers
Transport layer
Protocol layer
27
Mesh architecture: bearers layer
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
This layer defines how

transport layer messages
can be transmitted to one
or many devices
Bearers should be able to
transmit and receive
messages
Bluetooth Smart
non-connectable
advertisements
28
Mesh architecture: transport layer
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Transport layer provides a

service to transmit
messages across devices
in the network
Has no information
regarding devices around
No routing
Devices in the network

can receive and transmit
messages
Some devices in the
network can also
retransmit messages
within the network
29
Mesh architecture: transport layer
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Devices that can

retransmit messages
are called relay capable
devices
Endless retransmission
protection
time-to-live counter
only new messages are
retransmitted (relay
capable device does not
retransmit messages
that it has seen before)
30
Mesh architecture: protocol layer
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
5,
20
14
Defines multiple
protocols that implement
device specifics
Mesh Association
Protocol
Used to associate
devices to the specific
network
Mesh Control Protocol

Enables control and
monitoring of devices
within a specific
network
Grouped by models
31
Models
5,
20
14
Config Server model

y,
S
ep
te
m
be
r2
Device discovery within the model, ID assignments, models

implemented etc.
hu
rs
da
Group model
.e
du
.v
-T
Controls grouping of the devices by physical location or semantic

meaning (Kitchen, Living Room, Security control etc.)
-c
se
.h
cm
ut
Power model
an
Power state of the device on, off, standby

fo
rH
ie
Bu
iV
Switch model
Pr
Light model
ep
ar
ed
Controls individual switches and changes state of the other

devices or groups
Controls brightness and colour of the light
32
Models
5,
20
14
Firmware model
te
m
be
r2
Requests and controls the firmware update procedure

y,
S
ep
Ping model
.e
du
.v
-T
hu
rs
da
Pings specific device or group of devices in the network and

allows estimation of the network physical topology
cm
ut
Relay model
an
-c
se
.h
Remotely controls relay capabilities of the device (and bridging to

the other technologies)
fo
rH
ie
Bu
iV
Data model
ep
ar
ed
Allows streaming of the data in custom format

Pr
Battery model, Sensor model, Event model, Volume

model, Wall Clock model etc.
33
Pr
ep
ar
ed
u
fo
rH
ie
iV
Bu
an
cm
-c
se
.h
.e
du
.v
ut
CSRmesh development resources

-T
hu
da
rs
ep
y,
S
te
m
be
r2
5,
20
14
Resources
5,
20
14
CSRsupport
ut
.e
du
.v
-T
hu
rs
da
y,
S
ep
te
m
be
r2
www.csrsupport.com/CSRmesh
Open to everyone with CSR Energy access or with a purchase of
CSRmesh development kit
CSRmesh library
Application examples on-chip and Android
-c
se
.h
cm
iOS and PC versions are under development
Bu
iV
an
Documentation
fo
rH
ie
Specification will be open publicly

ep
ar
ed
Additional help through forum and wiki

Pr
wiki.csr.com/wiki/CSRmesh
forum.csr.com
35
te
m
be
r2
5,
20
14
CSRmesh development board
hu
-T
n
.e
du
.v
ut
cm
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
RGB LED
2 push buttons (dimmer or volume
control)
Slide on-off switch
External IC temperature sensor
rs
da
y,
S
ep
New demo vehicle for CSR

Mesh applications
Part number: DB-CSR1010-10185-1A

36
r2
5,
20
14
CSRmesh development kit
y,
S
ep
te
m
be
Comprises
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
ut
.e
du
.v
-T
hu
rs
da
3 CSRmesh development boards

Programmer and cables
Quick start guide
Part number: DK-CSR1010-10184-1A

37
CSRmesh milestones
5,
20
14
CSRmesh 1.0
-T
hu
rs
da
y,
S
ep
te
m
be
r2
Targeted for consumer lighting

Light capabilities: on/off, dim, RGB, grouping, configuration,
network management, over-the-air update control
ut
.e
du
.v
CSRmesh 2.0
Pr
ep
ar
ed
fo
rH
ie
Bu
iV
an
-c
se
.h
cm
Adds home automation support

HVAC, home appliance, commercial lighting
Additional capabilities: sensor data, synchronised events,
proximity, beacon messages, remote control and other
38

2014
39
Pr
ep
ar
ed
u
fo
rH
ie
iV
Bu
an
cm
-c
se
.h
.e
du
.v
ut
-T
hu
da
rs
ep
y,
S
te
m
be
r2
5,
20
14

Introduction To CSRmesh

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Introduction To CSRmesh

Uploaded by

Copyright:

Available Formats

Pr

CSRmesh creates a mesh

CSRmesh enables you to

Confidential Cambridge Silicon Radio Limited 2014

Allows you to control anything from

CSR1010 CSR1010 CSR1010

Confidential Cambridge Silicon Radio Limited 2014

Extends range of Bluetooth Smart by repeating messages

No setup required, no hub or access point required for local network

Flood mesh no routing tables

Messages can be sent to an individual node or to a group

Smartphone application and QR codes

The network is secure

Messages are encrypted to prevent eavesdropping

Confidential Cambridge Silicon Radio Limited 2014

The network is robust

Messages are sent on 3 separate channels

Communicates directly with the phone

Unlike ZigBee, Z-wave or any other proprietary protocol

Low power consumption

Confidential Cambridge Silicon Radio Limited 2014

Devices are organised into secure networks

Up to 65535 devices per network

Networks are secured using a network key

Can be pre-generated or derived from a pass phrase

39MargettStreet => 0x56e62270cacd25283c01f2eee3d7e92b

All devices within network are trusted devices

can send messages to any other group of devices

Confidential Cambridge Silicon Radio Limited 2014

Devices can be in "multiple networks"

e.g. Hotel Room Lock (guest, maintenance, room service)

Confidential Cambridge Silicon Radio Limited 2014

All messages within the

Used to identify messages

Confidential Cambridge Silicon Radio Limited 2013

Device is a single node in

All communication in the

Confidential Cambridge Silicon Radio Limited 2013

At any point in time, device

Device is uniquely identified

Device may still have a

Public Bluetooth addresses

Confidential Cambridge Silicon Radio Limited 2013

Only limited set of commands

Confidential Cambridge Silicon Radio Limited 2013

Messages and groups

Messages from single devices

Each device within the network is configured with a unique 16-bit

Messages are sent to destinations

Either a DeviceID or a GroupID

GroupIDs can therefore be

Reliable and best effort transactions

Best effort transactions

Confidential Cambridge Silicon Radio Limited 2014

Example dimmer switch

While rotating dimmer switch

When dimmer switch stops moving

only send LIGHT_SET_LEVEL_NO_ACK message

send LIGHT_SET_LEVEL message

Confidential Cambridge Silicon Radio Limited 2014

RGB lights can be changed over time

Example RGB light

send LIGHT_SET_RGB with color and duration