The e-magazine for KNX home & building control

KNX IoT: Part 4 – the architecture of KNX IoT devices

In part 4 of this series on KNX IoT, Bruno Johnson and Wouter van der Beek explain the architecture of KNX IoT devices and show how KNX IoT is compatible with KNX Classic systems.

Digital transformation has been one the main strategy topics on company board meeting agendas for the last few years. The opportunity to develop digital services from cloud-based applications requires Internet protocol (IPv6) based network connections to edge devices that become the customer interface. Businesses of all shapes and sizes in commercial building automation have been asking for wireless IoT solutions to make this happen, and KNX Association responded by releasing KNX IoT Point API (KNX IoT).

The high level flow

To ensure backwards compatibility with KNX Classic systems (e.g. KNX Twisted Pair (KNX TP)), the KNX IoT specification has two fundamental mechanisms implemented which are semantic-equivalent to KNX TP: these mechanisms are the configuring of devices and the run time behaviour. Furthermore, the configuration flow in a Management Client (MAC, e.g., ETS) follows the same steps already used by installers. The result is that for installers, there is no difference between using KNX TP and KNX IoT devices. The flow in how to use the new KNX IoT devices is depicted in Figure 1.

Figure 1 – The high-level configuration flow of KNX IoT devices uses similar steps to the configuration of other existing KNX medium types.

Configuring KNX IoT devices uses all the same information as for KNX TP secure devices, namely:

• Mapping of the serial number to an individual address.

• Downloading the group address configuration.

• Using a password, similar to the Factory Default Setup Key (FDSK) to set up security.

Next to this, a new feature is implemented, namely an installation identification (iid). This allows multiple installations to run over the same IT network. When the device is in run time (i.e. state is ‘loaded’), it exchanges s-mode messages using the configured information. This is depicted in Figure 2.

Figure 2 – Run time communication between two devices.

Note that run time communication can be established between N sending devices to M receiving devices, as with KNX TP.

Device architecture

Web addresses, e.g. URLs, are implemented on the device. Each URL that the device exposes, provides information similar to an HTTP server, and each URL has a different purpose. The URLs are defined in the specification and the specification defines what the URL does in the system. Figure 3 shows the most common URLs in a device.

Figure 3 – The most common URLs in a device.

The URLs have different purposes in the system. However, the same information as with a KNX TP device, is stored via URLs.

Figure 3 shows the URLs at device level, and these convey the data such as:

• Serial number of the device.

• Programming mode, (on or off).

• Installation identifier.

• Load state machine status (‘unloaded’, ‘loading’, ‘loaded’), and action to change the state (‘unload’, ‘starLoading’, ‘loadcompleted’).

• Fingerprint of the loaded state, to track if something has changed.

The URL for configuration

Tables are used to configure the run time communication, e.g., conveying the mapping between Group Address, communication flags, data point (URL), security keys, and the IPv6 multicast address for the group communication.

The following Tables are used:

• Group Object Table – this contains the mapping of the data point URL to the group address, including the communication flags.

• Recipient Table – this contains the group address to group id mapping; the group id is used as part of the multicast address of the s-mode communication or to list the individual address as destination.

(Outwards communication)

• Publisher Table  – this contains the group address to group id mapping. The group id is used as part of the multicast address of the s-mode communication.

(Inwards communication)

• Security Table – this contains the OSCORE security keys containing OSCORE information (‘osc’) and the mapping to KNX for group communication, e.g., list of Group Addresses or the unicast access scopes identified by the list of interfaces.

Figure 4 – Hierarchy of the URLS in the device.

Managing tables

New entries are made with an internet application protocol for constrained devices known as Constrained Application Protocol (CoAP). An example would be a CoAP POST on the table URL using CoAP POST ‘/fp/g’ for the Group Object Table. The values have to define a correct entry. The used ‘id’ will be part of the URL of the new entry. For example, using id = ‘item_1’ will result in a new entry with a sub URL e.g. ‘/fp/g/item_1’. Hence the MAC is in control of defining the entry URLs.

The created URL is listed with a CoAP GET on ‘/fp/g’ as a link format entry in the response. The entry can be inspected by issuing a CoAP GET on ‘/fp/g/item_1’. The response gives the values as per the specification. An entry can be removed by issuing a CoAP Delete on ‘/fp/g/item_1’. This has the effect of the entry being removed from the device, so on a subsequent CoAP GET on ‘/fp/g’ it will no longer be listed. Note that managing the tables for group communication is only possible in the ‘loading’ state.

The URL for run time communication

The ‘/.knx’ URL is used for communication of s-mode messages. The s-mode messages contain the following information:

• Group address (‘ga’).

• Sender individual address (‘sia’).

• Service type (‘st’).

The example s-mode flow shown in Figure 5 below consists of a minimum of 2 devices, namely one that creates an s-mode message, and another that receives the s-mode message. The sending device has a Group Object Entry with group address 5 and a URL that represents/contains the value <value> and has the transmission (‘t’) flag. When something triggers the s-mode message to be set, the s-mode message is constructed and sent on the wire encrypted. The receiving device has a Group Object Entry also with group address = 5, and the communication flag write (‘w’) which means that the corresponding URL will be updated with the received <value>.

Figure 5 – An example of s-mode flow on the receiving device.

Multicast s-mode communication

The recipient and publisher table also have entries. These entries govern which multicast address is being used. For example, an entry with ga = 5 and grpid = 1 will result in the grpid=1 value being part of the sending or receiving multicast address. Hence the entries in the recipient and publisher table for the same group address must match, otherwise the sender might use a different multicast address than the receiver.

Unicast s-mode communication – new for KNX IoT

The unicast communication differs by having a different entry on the sending side. The sender has a destination individual address (‘ia’). The individual address must be resolved to an actual IPv6 address. This can be done via common IT protocols such as CoAP discovery or multicast DNS (mDNS). Then the actual IPv6 address can be used for run time communication.

Semantic information: functional blocks and data points (New for KNX IoT)

KNX TP and ETS work on data lengths. Hence the semantic information of what is contained in the s-mode messages is not transferred. However, with KNX IoT, this has been added at the Device level, e.g., data points used to retrieve or set the value have a (datapoint) URL. The (data point) URL can be used to obtain the ‘dpt’ value by issuing a CoAP GET with the query parameter ‘?m=*’. Next to this, the resource /f list of all functional blocks, e.g. CoAP GET on /f gives a list of all implemented functional blocks in link format. The URL of each functional block entry will give the implemented data points on the functional block.

Figure 6 – List of the implemented functional blocks with the data points.

As can be seen in Figure 6 above, this information gives the semantic information in the same form as with KNX TP.

Summary

The advantage of KNX IoT is that it is perfectly interoperable with existing KNX infrastructure, whilst being IP-based. As such, multiple installations can run simultaneously over the same (IT) network using wired (Ethernet/PoE) and wireless (Thread/WiFi/cellular) infrastructure. It has been developed with guaranteed interoperability with existing KNX technology, and it uses the latest underlying internet-based technologies in its specification, thereby making KNX IoT secure by design.

Bruno Johnson and Wouter van der Beek are the CEO and COO respectively of Cascoda Limited. Cascoda is a communications company that manufactures secure IoT semiconductor radios and modules, and leads the development of secure IoT communications standards for smart building and smart city. Its products solve range, reliability, security, power and scalability issues for industrial and commercial IoT through patented innovations and the latest most secure standards, all integrated into inexpensive ultra-low power IoT modules.

www.cascoda.com

Share on facebook
Share
Share on twitter
Tweet
Share on linkedin
Share

SPONSORS

Interra iX3 4” Touch Panel


Interra iX3 4” Touch Panel
A next-generation room controller that transforms environmental management. With integrated sensors for temperature, humidity, brightness, and air quality (optional ...

Intesis DALI to KNX PRO


Intesis DALI to KNX PRO
The new Intesis DALI-2 to KNX TP PRO Gateway is a multi-master application controller for DALI-2 ballast ...

Clever solution for existing KNX properties


Clever solution for existing KNX properties
Anyone who built their home over three decades ago with the European installation bus can now upgrade it with modern ...

Interra KNX AC Gateway


Interra KNX AC Gateway
Interra KNX AC Gateway: Smart Climate Control Solutions The Interra KNX AC Gateway offers an innovative solution for climate control ...