Enhancing security in a wireless network
First Claim
1. A method of enhancing security of a wireless communication protocol servicing a plurality of wireless network devices in a mesh communication network, wherein the mesh communication network operates in a process control environment, the method comprising:
- defining a communication timeslot of a predetermined duration;
generating a network schedule including at least one superframe having repeating superframe cycles, each having a number of communication timeslots;
wherein each of the plurality of wireless network devices transmits and receives data according to the network schedule;
maintaining an absolute slot number indicative of a number of communication timeslots scheduled since a start time of the mesh communication network; and
sending a data packet associated with one of a plurality of layers associated with the wireless communication protocol from one of the plurality of wireless network devices to another one of the plurality of wireless network devices, including;
updating a network key at a time based on the absolute slot number (ASN), wherein a respective copy of the ASN is maintained at each wireless network device and the respective copy of the ASN is synchronized with a master ASN maintained at a network manager; and
generating a message integrity code for the data packet using the updated network key.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of enhancing security in a wireless mesh communication network operating in a process control environment and including a plurality of wireless network devices includes processing a join request from a wireless device wishing to join the wireless mesh communication network, providing a limited network functionality to the wireless device if the join request is granted, requesting a complete approval of the wireless device; and granting a full network functionality to the wireless device if the complete approval of the wireless device is received.
167 Citations
5 Claims
-
1. A method of enhancing security of a wireless communication protocol servicing a plurality of wireless network devices in a mesh communication network, wherein the mesh communication network operates in a process control environment, the method comprising:
-
defining a communication timeslot of a predetermined duration; generating a network schedule including at least one superframe having repeating superframe cycles, each having a number of communication timeslots;
wherein each of the plurality of wireless network devices transmits and receives data according to the network schedule;maintaining an absolute slot number indicative of a number of communication timeslots scheduled since a start time of the mesh communication network; and sending a data packet associated with one of a plurality of layers associated with the wireless communication protocol from one of the plurality of wireless network devices to another one of the plurality of wireless network devices, including; updating a network key at a time based on the absolute slot number (ASN), wherein a respective copy of the ASN is maintained at each wireless network device and the respective copy of the ASN is synchronized with a master ASN maintained at a network manager; and generating a message integrity code for the data packet using the updated network key. - View Dependent Claims (4)
-
-
2. A method of enhancing security of a wireless communication protocol servicing a plurality of wireless network devices in a mesh communication network, wherein the mesh communication network operates in a process control environment, the method comprising:
-
defining a communication timeslot of a predetermined duration; generating a network schedule including at least one superframe having repeating superframe cycles, each having a number of communication timeslots;
wherein each of the plurality of wireless network devices transmits and receives data according to the network schedule;maintaining an absolute slot number indicative of a number of communication timeslots scheduled since a start time of the mesh communication network; and sending a data packet associated with one of a plurality of layers associated with the wireless communication protocol from one of the plurality of wireless network devices to another one of the plurality of wireless network devices, including;
generating a message integrity code for the data packet based on the absolute slot number, wherein generating the message integrity code includes;forming a nonce value from the absolute slot number; supplying the nonce value to a message integrity code generator; and supplying a network key to the message integrity code generator, wherein the network key is shared by each fully operational wireless network device in the plurality of wireless network devices. - View Dependent Claims (3)
-
-
5. A method of enhancing security of a wireless communication protocol servicing a plurality of wireless network devices in a mesh communication network, wherein the mesh communication network operates in a process control environment, the method comprising:
-
defining a communication timeslot of a predetermined duration; generating a network schedule including at least one superframe having repeating superframe cycles, each having a number of communication timeslots;
wherein each of the plurality of wireless network devices transmits and receives data according to the network schedule;maintaining an absolute slot number indicative of a number of communication timeslots scheduled since a start time of the mesh communication network; and sending a data packet associated with one of a plurality of layers associated with the wireless communication protocol from one of the plurality of wireless network devices to another one of the plurality of wireless network devices, including;
generating a message integrity code for the data packet based on the absolute slot number, wherein generating the message integrity code for the data packet based on the absolute slot number includes merging the absolute slot number with a source address associated with the data packet.
-
Specification