• State Not Answered
  • Replies 1 reply
  • Subscribers 74 subscribers
  • Views 350 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 270639
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Closed Mesh System

materigo

Hi!

If I wanted to use the Nordic Mesh SDK to create a Bluetooth Mesh System, would I have the option to make it closed, so only my dedicated application could provision the Mesh members.

Or would it be open to any application which is able to provision Bluetooth Mesh Systems?

If I run a simple Nordic mesh example: Lightswitch Server.

Then I can see that device from the Nordic's nRF Mesh IOs App as well in various Silicon Vendors similar mesh test applications. I can provision the Nordic SDK example from any of these apps.

Is there any SDK Setting which kind off password protects it so only my application can provision it into a mesh network?

Thanks!

  • 0

    Hi Materigo, 

    The Bluetooth mesh was designed as an open standard and interoperability is something that's in the main focus. 

    That's why any app from different vendors can be used to provision Nordic mesh node. 

    It's not designed to be closed protocol so we don't have out-of-the-box feature that can make it a closed mesh network. 

    You would need to implement your own way of limiting access to the mesh node. What I can think of is to implement a challenge - response authentication: 

    https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication

    So at the beginning of the connection, either GATT or ADV-Bearer the peer would need to provide a correct response before the node accept the provisioning. You just need to modify the code so that it will send a challenge at the beginning of the connection and then wait for a response before it response to any command from the peer. 

    The main draw back for this is that you would need to provide a master key to all of the nodes in production. And if attackers can hack one node to get the key they would be able to access all your nodes. You can think of having a type of key that can be unique to a single node only. We are not expert in security and encryption so you may need to find your own solution. 

Related
Terms of service