An interview with Tim Böth, Brand Manager of Eve Systems (link), about the security features of the smart home standard Matter. What they consist of and what impact they will have on the integration of devices in the future.
Dies ist die Übersetzung eines deutschen Interviews. Zum Original bitte hier entlang.
Security and privacy are already an important aspect of Eve products for HomeKit. Will this also apply to future Matter systems?
Böth: Like HomeKit, Matter is also a purely local protocol, used for communication in the home network. The system design of Matter is even more sophisticated and modern and offers a highly convincing security architecture with comprehensive encryption. As with HomeKit, every manufacturer is of course free to decide to transmit, analyse and monetise parallel data. However, this will still not happen with Eve. As always, the data remains on-site in the user’s home.
What security features does the standard require from the devices?
Böth: Matter specifies all steps necessary for local networking and operation of devices. This includes the set-up utilizing a secure, unique device code, the authentication towards control devices as well as between devices, the mechanisms of encryption and last but not least the language of communication itself. All this on a local level – cloud connections via the internet are not part of the Matter specification. However, they can optionally be included by manufacturers. Basically, the construct is very comparable to HomeKit.
„Matter offers a highly convincing security architecture with comprehensive encryption.“
Are there voluntary elements that are left to the device manufacturer?
Böth: The basic construct of Matter contains numerous mandatory specifications that are a prerequisite for certification. Only details remain voluntary – for example, whether the manufacturer provides a graphical QR code in addition to the prescribed set-up code. Beyond the requirements, manufacturers are of course free to offer additional functions and open up further communication channels, such as to a cloud.
Is it conceivable and technically possible that control systems integrate Matter products but do not support all security features?
Böth: The security architecture makes it unlikely that there will be directly integrated products that are not part of the certificate chain. A software solution, such as Homebridge, that establishes a connection to non-certified devices for HomeKit is therefore hardly feasible. However, there will certainly be solutions that build a bridge to such products. For example, nothing stands in the way of a certified wireless bridge that integrates a variety of devices via a different protocol. In this case, of course, the “security chain” of Matter ends exactly where the other, proprietary protocol begins.
„A solution like there is with Homebridge for HomeKit can hardly be realized in Matter.“
However, a certified bridge will certainly not pass on all products to Matter. Are there any restrictions, as they already exist today under HomeKit?
Böth: Exactly, a certified bridge can only show the Matter system those products and services that Matter itself supports. Depending on the bridge, the range of accessories and the customer’s prior knowledge, this can still mean trial and error.
Software updates during operation are an important safety factor. How is this handled?
Böth: Firmware updates are distributed as part of Matter via the ecosystems of the standard, for example via Amazon Alexa, Apple HomeKit, Google Assistant & Co. In this context, it is important that updates are always checked and verified for authenticity. If a manufacturer is part of the verifiable Matter infrastructure, it can also provide software updates via this route or install them directly. However, we expect that this variant will remain a special path because updates via the ecosystems and their apps are available in any case. Firmware updates via manufacturer apps that are not connected to the verification infrastructure of Matter will not be possible.
There have been a few mentions of blockchain technology in the media. What is it all about?
Böth: There will be an end-to-end verified certificate chain to maintain the integrity and security of the system. This is a Matter-specific solution. Further information is unfortunately not yet available but will certainly be made available in due course by the umbrella organization CSA (“Connectivity Standards Alliance”, editor’s note).
Mr. Böth, thank you very much for this interview.
Diesen Beitrag teilen:
