Temporary lighting systems, particularly in buildings, can include a large number of elementary units such as lighting units, lighting control units, switches, dimming units, sensor units such as occupancy sensors, ballasts for driving lighting units, communication units such as interfaces to other building systems like HVAC, fire alarm. Often the individual units are furnished with a communication capability and require extensive configuration in order to put the physically installed lighting system into service. The process of commissioning the lighting system may include basic tasks of identifying an installed device, determining a location of the identified device and providing a network address to the identified device. If the lighting system, which stands as an example for other building infrastructure systems, includes a large number of infrastructure devices as its elements, the process of commissioning is cumbersome, requires time and involves significant resources.
The process of commissioning becomes even more complex if the lighting system requires secure communication between its infrastructure devices. The commissioning process then requires to provide key information for a secure exchange of information between the devices constituting the lighting system. The key information is a short piece of information which serves to encode/decode or authenticate a message between one or more infrastructure devices, for example to confirm that a message comes from the stated sender (authenticity) as well as that its message content has not been changed during transit (integrity). However, during commissioning of the lighting system the distribution of key information itself has to be managed such that the key information is not to be intercepted or manipulated.
Several wireless or wired networking stacks allow performing a secure commissioning process. As an example, the Thread network protocol is an internet protocol based (IPv6-) protocol for smart infrastructure devices to communicate over a network. Other examples of such protocols include ZigBee and Bluetooth Smart.
The Thread network protocol is based on an IEEE Standard 802.15.4 wireless protocol with a mesh communication structure and employs 6LoWPAN. 6LoWPAN is an acronym of IPv6 over Low Power Wireless Personal Area Networks. 6LoWPAN defines encapsulation and header compression mechanisms that allow IPv6 packets to be sent and received over IEEE 802.15.4 based networks.
Thread in particular may support a number of devices ranging up to 250 in an IP-addressable network with cloud access and employs AES encryption (Advanced Encryption Standard).
Document “Thread Commissioning”, edition 2.0, Jul. 13, 2015, published by the Thread Group Inc. as a technical white paper discloses under the term “commissioning” a process in which a user adds a new device onto a thread network. The disclosed mechanism allows the device joining the network to announce its existence to and in the already existing thread network. A subset of incoming commands is admitted for the joining device in a non-secure network, whereby a full bi-directional communication capability for participation with functionality in the thread network requires secure confirmation of a user.
However the existing commissioning process suffers from only supporting a limited device number of devices in a secure network. The commissioning process basing on the existing solutions is not feasible for secure commissioning of a lighting network comprising hundreds of infrastructure devices in a single building.
Even more severe exchange of information and in particular of key information is performed over the same communication network as the communication to be encrypted. Thus the risk of the key information being subject to eavesdropping and therefore compromising the subsequent allegedly secure communication becomes real.