The “Internet of Things” (IoT) is a concept referring to networks composed of “smart” versions of a variety of everyday physical objects (e.g., thermostats, sensors, home security systems, cars, and buildings) that have the ability to communicate with the broader Internet. Most IoT devices perform some kind of sensing to collect data about their environment, and many can react to changes with some form of actuator. Hence, the resulting security and privacy implications make IoT devices and networks an alluring target for cyberattacks. On this front, one of their most notable applications is the monitoring and control of potentially critical infrastructure (e.g., smart power grids or buildings). To make such use cases feasible, it is necessary to minimize the need for manual interaction during installation and configuration, ensure network security, make disparate devices compatible, and keep energy and maintenance costs low.
Zigbee, a popular IEEE 802.15.4-based specification for low-power mesh networks, aims to be a solution to the aforementioned problems. It has largely become an industry standard for IoT devices, with over 300 organizations to date having ratified the protocol as members of the Zigbee Alliance. Zigbee composes the network and application layers atop the 802.15.4 protocol's MAC layer and supports ad-hoc mesh networks with a transfer speed of 250 kbit/s, with 128-bit AES encryption, and numerous power-saving features such as sleep with scheduled wakeups. Each Zigbee network includes a single coordinator, which is the root node that manages the network, zero or more routers, which extend the mesh by performing internal routing, and zero or more end devices, which sense and interact with the environment and their neighbors. Although the protocol features both network-wide and pairwise encryption and authentication, the need for automatic network setup and low power consumption ultimately places significant limitations on its security measures, and Zigbee is already known to have a variety of vulnerabilities that have been identified and fixed in the past.