From Wikipedia, the free encyclopedia
Jump to: navigation, search
Z-Wave logo.jpg
Industry Home automation
Physical range 100m

Z-Wave [1] is a wireless communications protocol used primarily for home automation. It is oriented to the residential control and automation market and is intended to provide a simple and reliable method to wirelessly control lighting, HVAC, security systems, home cinema, automated window treatments, swimming pool and spa controls, and garage and home access controls. Like other protocols and systems aimed at the home and office automation market, a Z-Wave automation system can be controlled via the Internet, with a Z-Wave gateway or central control device serving as both the Z-Wave hub controller and portal to the outside.[2] Z-Wave was originally developed by Danish startup Zen-Sys and later acquired by Sigma Designs in 2008.[3] There are over 1,500 interoperable Z-Wave products marketed under different brands,[4] and over 35 million have been sold since 2005.

Standards and the Z-Wave Alliance[edit]

The 1,700 devices that make up the Z-Wave product portfolio are each designed by brands with membership in the Z-Wave Alliance. The alliance is a formal association focussed on both the expansion of Z-Wave and the continued interoperability of any device that utilises Z-Wave.[5] Principal members of the alliance include the ADT Corporation, FAKRO, Ingersoll Rand, Jasco, LG Uplus, Nortek Security & Control, Sigma Designs, and Samsung's SmartThings.[6] In October, 2013, Sigma Designs and the Z-Wave Alliance announced a new protocol and interoperability certification program called Z-Wave Plus,[7] based upon new features and higher interoperability standards bundled together and required for the 500 series system on a chip (SoC), but encompassing some features that had been available since 2012 for the 300/400 series SoCs. In February, 2014 the first product was certified.[8] In December, 2015 Sigma Designs announced the 2016 release of an update to Z-Wave Plus, dubbed Security 2, focussed on enhancing Z-Wave's core security features[9] and allowing Z-Wave devices to receive the UL certifications necessary for use by the security industry.[10]

Some Z-Wave product vendors have open source options for the hobbyist communities. First released in 2010, the project OpenZwave[11] was the first of such software to attempt to offer development support without the need for companies to purchase expensive software development kits from Z-Wave owners Sigma.[12] The net result of elements of the Z-Wave SDK becoming commonly, but incompletely, available was Sigma Designs' September 2016 public release of the Z-Wave wireless protocol specification available without cost.[13]

Technical characteristics[edit]


Z-Wave is designed to provide reliable, low-latency transmission of small data packets at data rates up to 100kbit/s.[14] The throughput is 40kbit/s (9.6kbit/s using old chips) and suitable for control and sensor applications,[15] unlike Wi-Fi and other IEEE 802.11-based wireless LAN systems that are designed primarily for high data rates. Communication distance between two nodes is about 30 meters (40 meters with 500 series chip), and with message ability to hop up to four times between nodes, it gives enough coverage for most residential houses.

Modulation is by Manchester channel encoding.[16]

Z-Wave uses the Part 15 unlicensed industrial, scientific, and medical (ISM) band.[17] It operates at 868.42 MHz in Europe, at 908.42 MHz in the U.S. and Canada but uses other frequencies in other countries depending on their regulations. This band competes with some cordless telephones and other consumer electronics devices, but avoids interference with Wi-Fi, Bluetooth and other systems that operate on the crowded 2.4 GHz band. The lower layers, MAC and PHY, are described by ITU-T G.9959[18] and fully backwards compatible. The Z-Wave transceiver chips are supplied by Sigma Designs and Mitsumi. Output power is 1 mW or 0 dBm.

Table of used frequencies in various parts of the world as of January 2017:

Frequency in MHz Used in
865.2 India
868.1 Malaysia
868.42 ; 869.85 Europe
868.4 China, Korea
869.0 Russia
908.4 ; 916.0 USA
915.0 - 926.0 Israel
919.8 Hong Kong
921.4 ; 919.8 Australia, New Zealand
922.0 - 926.0 Japan

Network setup, topology and routing[edit]

Z-Wave uses a source-routed mesh network architecture. Devices can communicate to one another by using intermediate nodes to actively route around and circumvent household obstacles or radio dead spots that might occur in the multipath environment of a house.[15] A message from node A to node C can be successfully delivered even if the two nodes are not within range, providing that a third node B can communicate with nodes A and C. If the preferred route is unavailable, the message originator will attempt other routes until a path is found to the C node. Therefore, a Z-Wave network can span much farther than the radio range of a single unit; however, with several of these hops a slight delay may be introduced between the control command and the desired result.[19]

The simplest network is a single controllable device and a primary controller. Additional devices can be added at any time, as can secondary controllers, including traditional hand-held controllers, key-fob controllers, wall-switch controllers and PC applications designed for management and control of a Z-Wave network. A Z-Wave network can consist of up to 232 devices, with the option of bridging networks if more devices are required.

A device must be "included" to the Z-Wave network before it can be controlled via Z-Wave. This process (also known as "pairing" and "adding") is usually achieved by pressing a sequence of buttons on the controller and on the device being added to the network. This sequence only needs to be performed once, after which the device is always recognized by the controller. Devices can be removed from the Z-Wave network by a similar process. The controller learns the signal strength between the devices during the inclusion process, thus the architecture expects the devices to be in their intended final location before they are added to the system. Typically, the controller has a small internal battery backup, allowing it to be unplugged temporarily and taken to the location of a new device for pairing. The controller is then returned to its normal location and reconnected.

Each Z-Wave network is identified by a Network ID, and each device is further identified by a Node ID. The Network ID (also called Home ID) is the common identification of all nodes belonging to one logical Z-Wave network. The Network ID has a length of 4 bytes (32 bits) and is assigned to each device, by the primary controller, when the device is "included" into the Network. Nodes with different Network IDs cannot communicate with each other. The Node ID is the address of a single node in the network. The Node ID has a length of 1 byte (8 bits) and must be unique in its network.[20]

Z-Wave units can operate in power-save mode, thus reducing power consumption. For Z-Wave units to be able to route unsolicited messages, they cannot be in sleep mode. Therefore, battery-operated devices are not designed as repeater units. Mobile devices, such as remote controls, are also excluded since Z-Wave assumes that all devices in the network remain in their original detected position.


Z-Wave is based on a proprietary design and a sole chip vendor.[citation needed] Although there have been a number of academic and practical security researches on home automation systems based on ZigBee and X10 protocols, research is still in its infancy to analyze the Z-Wave protocol stack layers, requiring the design of a radio packet capture device and related software to intercept Z-Wave communications.[21][22] An early vulnerability was uncovered in AES-encrypted Z-Wave door locks that could be remotely exploited to unlock doors without the knowledge of the encryption keys, and due to the changed keys, subsequent network messages, as in "door is open", would be ignored by the established controller of the network.[21] This vulnerability was not due to a flaw in the Z-Wave protocol specification but instead was an implementation error by the door lock manufacturer as stated in that same article.


The chip for Z-Wave nodes is the ZW0201, built around an Intel MCS-51 microcontroller with an internal system clock of 16 MHz (32 MHz for 500 series chip). The RF part of the chip contains an GisFSK transceiver for a software selectable frequency. With a power supply 2.2-3.6 volts, it consumes 23mA in transmit mode.[15]


  1. ^ "Z Wave : Brief Introduction". Noor Ul Mushtaq. Retrieved 2016-11-01. 
  2. ^ "Smarten up your dumb house with Z-Wave automation". Digital Trends. Retrieved 2016-03-12. 
  3. ^ "Episode 151 - Discussing Z-Wave with Executive Director Mitch Klein". HomeTech.fm. Retrieved 2017-03-07. 
  4. ^ "Sigma Designs Releases Z-Wave Interoperability Layer Into the Public Domain". 
  5. ^ "Alliance Overview". Z-Wave Alliance. 
  6. ^ "Member Companies of the Z-Wave Alliance - Z-Wave Alliance". Z-Wave Alliance. Retrieved 2016-03-12. 
  7. ^ "Sigma Designs and Z-Wave Alliance Introduce New Z-Wave Plus™ Certification Program - Z-Wave Alliance". 22 October 2013. 
  8. ^ "Leak Gopher Z-Wave Valve Controller". 
  9. ^ "Sigma Designs updates IoT security". IoT Hub. 
  10. ^ "Z-Wave Scores Huge UL Win for Security, a First for Mesh Technology". Z-Wave Alliance. 
  11. ^ "OpenZWave". GitHub. Retrieved 2016-03-17. 
  12. ^ "open-zwave - An open-source interface to Z-Wave networks. - Google Project Hosting". code.google.com. Retrieved 2013-03-17. 
  13. ^ "Z-Wave protocol specification now public [LWN.net]". 
  14. ^ "About Z-Wave Technology". March 2013. Retrieved 2013-05-13. 
  15. ^ a b c Galeev, Mikhail T. "Catching the Z-Wave". Embedded. Retrieved 2016-03-12. 
  16. ^ Mikhail T. Galeev (2006-10-02). "Catching the Z-Wave | Embedded". embedded.com. Retrieved 2015-07-26. 
  17. ^ Online, Sigma Designs. "Z-Wave : Home control". www.sigmadesigns.com. Retrieved 2016-03-12. 
  18. ^ "ITU-T G.9959 standard is close to Z-Wave tech". Jan 17, 2012. Retrieved 2013-05-13. 
  19. ^ Loughlin, Thomas. "Z-Wave Christmas Lights". Thomas Loughlin. Retrieved 3 December 2012. Any further and I would see a slow down in the control of any device on the network. We did get it to work at about 130 feet but it took about 3 minutes for the device to get the on/off message. 
  20. ^ "Understanding Z-Wave Networks, Nodes & Devices". Vesternet.com. Retrieved 2012-11-19. 
  21. ^ a b Fouladi, Behrang; Ghanoun, Sahand (2013). "Security Evaluation of the Z-Wave Wireless Protocol" (PDF). Sense Post. 
  22. ^ Picod, Jean-Michel; Lebrun, Arnaud; Demay, Jonathan-Christofer (2014). "Bringing Software Defined Radio to the Penetration Testing Community" (PDF). BlackHat USA. 

External links[edit]