AnsweredAssumed Answered

Zigbee Security issue with FRDM-KW41Z

Question asked by Jason Jiang on May 21, 2020
Latest reply on Jun 12, 2020 by Sebastián Del Río

We are trying to get the FRDM-KW41Z eval board with  frdmkw41z_wireless_examples_zigbee_3_0_end_device_freertos example(SDK version: 2.2.1) connect with our zigbee network. After our ZC device replied a successful association response, ZED device(KW41D) start to send out a lot of data request, instead of sending a device announcement. Eventually ZED device failed to join the network with  ZPS_APL_APS_E_SECURITY_FAIL(0xAD) as return code (sNwkJoinFailedEvent.u8Status).  The debug messages of KW41D eval board shows as below:

 

$ join

BDB: Disc on Ch 25 from 0x02000000

Nwk Join 00

$ BDB: APP_vGenCallback [0 10]

BDB: vNsTryNwkJoin - index 0 of 1 Nwks

BDB: Try To join 000eddffff438d84 on Ch 25

BDB zdo join network

APP-ZDO: Discovery Complete 0x00

BDB: APP_vGenCallback [0 15]

….

BDB: APP_vGenCallback [0 15]

BDB: APP_vGenCallback [0 8]

FailedToJoin sNwkJoinFailedEvent.u8Status=173 !!!                                                       

BDB: vNsTryNwkJoin - index 0 of 1 Nwks

BDB: Try To join 000eddffff438d84 on Ch 25

BDB zdo join network

failed to join event

 

 

Then we tried to disable APS security feature, yet it gave same error code(ZPS_APL_APS_E_SECURITY_FAIL) with same network capture.

We have modified following places to disable the security of APS:

 

app_zps_cfg.h

#define ZPS_APS_AIB_INIT_TRUST_CENTER_ADDRESS 0xFFFFFFFFFFFFFFFFULL

#define ZPS_APS_AIB_INIT_USE_INSECURE_JOIN TRUE

#define ZPS_NWK_NIB_INIT_SECURITY_LEVEL 0

#define ZPS_NWK_NIB_INIT_SECURE_ALL_FRAMES FALSE

 

bdb_options.h

#define BDB_TRUST_CENTER_REQUIRE_KEYEXCHANGE (FALSE)

 

So what did I miss to disable the security of APS layer? Or maybe I was on the wrong track, sNwkJoinFailedEvent.u8Status=173 was caused by something else.

Any idea will be helpful, and let me know if you need more debug details.

 

Thanks,

Jason

Outcomes