In Part 2 of her four-part series on Light + Building – the world’s leading trade fair for home and building automation, Yasmin Hashmi reports on KNX Association’s three special areas for energy management, IoT technology and cybersecurity.
As a global community, one of the most pressing matters of our time is climate change. Given that buildings account for around 40% of energy consumption, we are fortunate to be involved with powerful technology that can help to reduce this. By expanding into the IoT, KNX systems reach even further, but as we become more dependent on automation, it is essential that it is robust and secure. And so this brings us to the three key areas of focus for KNX Association, namely energy management, IoT and security.
Energy management
To understand just how powerful and all-encompassing KNX is, the Energy Management panel at the KNX Booth showed an enormous diversity of applications that KNX can handle, including multimedia, audio, intercom, access control, cameras, alarm systems, fire protection, lighting, shading, fault detection, voice control, HVAC, coupling with other systems such as IR, and, of course, energy management with connection to charging stations, solar inverters, storage devices and meters.
KNX Association CFO & CTO, Joost Demarest, is keen to point out that there are plenty of products already available for energy management. “For metering, there are devices for either direct or indirect coupling from companies such as Lingg & Janke and Arcus-eds respectively. There are also solutions for solar inverters from companies such as Elausys that can monitor production. He adds, “You can use metering to find out what your general consumption is, but you can also have a submeter in a particular zone, or you can monitor at the level of a circuit, say, for white goods, and it could, for example, flag an unusual level of consumption, indicating that something is wrong. Obviously these systems have to be connected to central intelligence with logic, such as the Gira HomeServer or X1, or the Alexander Maier EisBaer.”
For storage, Joost Demarest notes, “The interface for the Sonnen system (the first KNX-enabled battery storage) currently allows you to fetch data from the Sonnen, but hopefully in the future it will be possible to control the device via KNX.” For charging, he adds, “Since the main protocol for charging stations is currently Modbus, connection to charging stations requires a Modbus gateway, such as those made by Ise and Enertex.”
KNX IoT
Thanks to the KNXnet/IP protocol, KNX has been capable of using IP networks to communicate between devices, as well as between servers and clients. Expanding into the IoT world with KNX IoT however, qualitatively increases interoperability at IP level, making KNX the largest ecosystem in the building control market. By adding new physical layers (mesh networks) demanded by the market, and becoming software-development-friendly, KNX IoT has become accessible and more attractive to IT companies and software developers, who KNX Association is keen to encourage through initiatives such as the KNX Startup Incubator.
There are three types of KNX IoT device, namely KNX IoT 3rd Party API servers, KNX IoT 3rd Party API clients, and KNX Point API devices. In brief, to connect KNX classic devices to the IoT and harvest the ample data available from KNX installations, a standardised vendor-independent web service, called KNX IoT 3rd Party API, allows interested parties – even non-KNX members – to design much quicker clients which connect to 3rd Party API serversdeveloped by different KNX manufacturers.
As KNX Association Membership&BusinessDevelopment specialist, Jesus Arias puts it, “We are in a sweet spot; the specifications are out there, we already have an example of a KNX IoT 3rd Party API server available in the form of the Schneider Electric Wiser, and KNX members who have developed clients for such servers. These include ProKNX with its Aragon smart speaker, and startup SIMLAB with its SIM-ON visualisation.”
KNX now also offers manufacturers more possibilities to use transmission media that are IPv6-compliant, including Wi-Fi, LAN or Thread networks. In this way, a KNX installation may continue to consist of KNX TP (Twisted Pair) and KNX RF (Radio Frequency) products, but can now also include Thread-based devices that talk KNX and are configurable by ETS. These are referred to as KNX Point API devices. As Jesus Arias notes, “By offering new physical layers, we’re providing more options for manufacturers and opening the system up to new software developers. Thanks to this, we see KNX competing in applications that depend on wireless communication, and getting more traction in the IP industry.”
KNX Association has announced the availability of an open-source stack, developed by Cascoda, for KNX devices communicating on IPv6 networks, and a corresponding ETS app for configuring virtual KNX IoT Point API devices. Developers can now use the open-source stack, which is freely available on GitLab. Indeed startup 11 IoT, has already developed a hardware/software bridge between KNX classic devices and KNX Point API devices.
KNX Secure
KNX Secure is designed to prevent attacks on the digital infrastructure of buildings, and there are currently more than 400 KNX Secure devices that are certified for conformity to AES128 authentication and encryption mechanisms. Furthermore, this year KNX Secure received the ‘Information security tested Smart Home and Building’ certification from the VDE (Association for Electrical, Electronic & Information Technologies), which confirms that the security standard protocols are correctly applied.
Within a KNX installation, KNX Data Secure relates to telegrams sent between KNX devices over any line type such as twisted pair (TP), radio frequency (RF) or Power Line (PL). For systems that are connected over a local area network (LAN) using KNXnet/IP, KNX IP Secure adds an extra layer of security. If you wish to communicate over the Internet with your installation using KNXnet/IP, you should continue to use a VPN (Virtual Private Network) connection, in spite of the fact that, for example, a KNXnet/IP Secure tunneling interface will allow you to also authenticate yourself with password.
KNX Association System Architect, Steven De Bruyne, has a clear message for everyone, “Whether your installation is in a smart home or a smart building, if it is not protected, it could be hacked.” He adds, “If your installation is somehow connected to the Internet, you must be very careful. Do not make port 3671 accessible over the Internet in an unprotected way.” Indeed the general advice is to use a VPN (See Simon Buddle’s article on this).
As for KNX IoT, this has completely different security. This uses security mechanisms such as SPARK2+, Oscore, oAuth2, etc, that were designed as RFCs (Request for Comments) by the IETF (Internet Engineering Task Force). Indeed, if a KNX IoT device were to eventually talk with a KNX TP device (assuming this also uses secure communication), then the gateway between KNX IoT and KNX TP would need to translate the KNX IoT security into the KNX Data security and vice versa.
Conclusion
Each one of us needs to do our bit for the planet. From the effort that the KNX Association is putting into the three key areas of energy management, IoT and security, it is clear that this forward-thinking organisation has a clear mission to expand the reach of KNX, safely, and to the benefit of us all.
For an overview of KNX Association’s entire presence at Light + Building, see Light + Building 2022 Show Report: Part 1 – KNX Association overview
Yasmin Hashmi is the Editor of KNXtoday magazine.
