Consider a network wherein a node insecurely joins through a router parent, and the
joining node does not know the network key prior to the join procedure. In this case,
using the APS command to securely communicate the network key from the trust center to
the newly joined router is called the APS tunnel command.
The end-device 0x0beeLL joins router 0x3c08 from packet
#89. The parent router sends an APS Update Device
command (packet #91) to the trust center to inform it whether a node
has joined or left the network. The following table and Figure 5-15 provide details about the update status of the device, from which
the trust center takes necessary action, which is to send the network or remove the key
and associated security counters for the device.Figure 5-14. Tunneling
The trust center sends the APS tunnel command frame in packet #93. The
tunnel command frame contains the secured frame to be sent to the destination in its
payload. Packet #95 shows the APS Transport Key
command frame sent from the router parent to the newly joined end-device. It includes
the key sequence number and the active network key. In case the router joins with a
pre-configured network key, the APS transport packet contains a key sequence number and
the key values as all-zeros. The end-device receives the Transport Key
command frame, sets and activates the network key and does a device announcement to the
network (packets #97 and #98).
Table 5-1. Status Field in APS Update
Device Command
Parameter Name
Type
Valid Range
Description
Status
Integer
0x00-0x07
Indicates the updated status of the device given by the
DeviceAddress parameter.
0x00 =
Standard device secured rejoin
0x01 =
Standard device unsecured join
0x02 = Device
left
0x03 =
Standard device unsecured rejoin
0x04 = High
security device secured rejoin
0x05 = High
security device unsecured join
0x06 =
Reserved
0x07 = High
security device unsecured rejoin
Note: For more details on the status field in
APS update device command, refer to the ZigBee Specification
Revision 22 1.0 (05-3474-22).
Figure 5-15. Update Device Status
The online versions of the documents are provided as a courtesy. Verify all content and data in the device’s PDF documentation found on the device product page.
