Smart devices can control and monitor your home, so they have to be secure. But they're often not and we've all heard stories of hackers hijacking smart systems and cameras. That's why technology such as Secure Vault makes Z-Wave the better choice for a secure smart home.
Engineered to protect connected devices, Secure Vault is a suite of state-of-the-art security features designed to keep your smart home secure. Able to be integrated directly into Z-Wave 800 series, along with other IoT-focusssed communication protocols, Smart Bault helps guard against remote software hacks and local hardware hacks.
Z-Wave's leading security standard, Security 2 (S2), works side-by-side with Secure Vault meaning that 800 series Z-Wave devices have up to 14 separate security technologies built right in.
Don't just take our word for it - Secure Vault is independently certified by third-party labs to the highest level, level 3, of the Platform Security Architecture (PSA).
The security keys used by devices are generated on-boot in Secure Vault. They're also stored in a secure envlace preventing hackers from accessing them or using them for hacks.
It's common for hackers to roll-back firmware to older versions in order to exploit security vulnerabilities. Secure Vault can prevent this, enforcing firmware upgrades on devices but never downgrades.
800 series Z-Wave devices feature anti-tamper technology in chip, preventing physical attempts at attacking a system including voltage glitching, magnetic interference and forced temperature adjustment.
Debug ports are useful for developing and supporting devices. On 800 series Z-Wave devices, Secure Vault protects the debug port from third-party access by securing it with a unique unlock token.
Hacks often happen by infiltrating communication between devices and their hub. Secure Vault limits that possibility by encrypting communication keys using the Diffie-Hellman algorithm and generating new keys on a per session, per device basis.
To prevent boot loading code injections, Secure Vault enhanced products feature Secure Boot with a dual core architecture allowing the loading of application code only once it has been verified and secured.
Random numbers are the basis of crytographic security yet seldom are they truly random. With Secure Vault they are with each generated as high entropy data that meets NIST SP 800-90A/B/C and AIS-31 standards.
Differential power analysis (DPA) allows the use of power monitoring hardware to overcome security measures. Secure Vault prevents this by utilising randomised, timed computations and randomised data masking.