User Guide

ManualsBrandsLinx Technologies ManualsElectronicsHummingbird MCA

– –

76 77

SECOPT - Security Options

Volatile Address = 0xD4; Non-Volatile Address = 0x84

This register selects options for security features.

Each bit in the register sets an option as shown in Figure 85. Unlike other

registers, the non-volatile register (0x84) affects all Join operations. The

EN_UNENC bit in the volatile register affects data packet reception.

When PB_RESET is 1 the Factory Reset function is enabled from the PB

input. This allows a user to reset the module conﬁgurations back to the

factory defaults with 4 short presses and a 3 second hold of a button

connected to the PB input.

When PSHARE is 1 the Share Network Key function is enabled during the

Join Process. This allows an administrator to share the encryption key it

created. When 0, a Join Process sends the network address, but no key.

Figure 84: HumPRC

Series Transceiver Packet Options Command and Response

HumPRC

Series Security Options

Read Command Read Response

Header Size Escape Escape Address ACK Address Value

0xFF 0x03 0xFE 0xFE

0x54

0x04

0x06

0xD4

0x84

Write Command

Header Size Escape Address Value

0xFF 0x03 0xFE

0x54

0x04

HumPRC

Series Transceiver Security Option Codes

Bit Name Description

0 PB_RESET Permit factory reset from PB input sequence

1 PSHARE Permit key sharing

2 PGKEY Permit clearing key and changing key

3 CHGADDR Permit changing an address

4 KEYRCV

1: Receive key and address during Join Process (node)

0: Send key and address during Join Process (admin)

5 EN_UNENC Enable receiving unencrypted packets

6 Reserved Reserved (must be 1)

7 EN_CHANGE Enable changes to security options

Figure 85: HumPRC

Series Transceiver Security Option Codes

When PGKEY is 1 the Join Process is allowed to change or clear the

network key. The key can always be changed through serial commands.

When CHGADDR is 1 the Join Process is allowed to generate a random

network address if the module is an administrator. If the module is a node it

is allowed to accept an address assignment from the administrator.

When KEYRCV is 1 the module is set to receive a network key from an

administrator and act as a node. When it is 0, the module is set as an

administrator and sends a network key and assigns an address to the

node.

In order for this bit to change from 1 to 0, both volatile and non-volatile

copies of the network key must be cleared, preventing nodes from being

manipulated to transmit the key. This bit is cleared by the GENERATE_KEY

push-button function.

When EN_UNENC is 1 the module accepts unencrypted packets. If this bit

is 0, unencrypted received packets are ignored.

When EN_CHANGE is 1, changes are permitted to the SECOPT register,

except as noted for KEYRCV changes.

Clearing this bit prohibits the following SECOPT changes to enhance

security:

1. changing PSHARE from 0 to 1

2. changing EN_CHANGE from 0 to 1.

3. changing EN_UNENC from 0 to 1.

An attempt to make a prohibited change causes a NACK command

response.

When EN_CHANGE is 0, these restrictions can only be removed by

resetting the module conﬁguration to the factory default.