Matter update: smart home standard locks out Trojan devices

With a focus on local operation, the Matter smart home standard keeps risks from the internet away from the home network. However, the communication protocol is not yet immune to the use of manipulated Trojan hardware. The responsible certification organization Connectivity Standards Alliance (CSA) has eliminated this vulnerability with an update of the standard to version 1.4.2. In addition, new specifications should make it easier to add, group, and reliably manage devices in large Matter installations.

Kicking out fake hardware

Manufacturers can now add security features to switching hardware ("Matter controllers") to prevent counterfeiting. A new “Vendor ID Verification” then cryptographically confirms that it is a HomePod, an Echo speaker, or a Nest Hub from Apple, Amazon, and Google, for example. In addition, “Access Registration Lists” can be used to restrict access by Matter controllers to sensitive network settings in access points and routers.

This should prevent a malicious roommate or a disappointed lover from taking over the network with manipulated hardware. The standard expressly provides for households to bring their matter controllers so that they can use several platforms in a shared network (“multi-admin”).

Furthermore, manufacturers can use a public key infrastructure (PKI) to blacklist known device certificates that are used in counterfeit hardware (“Certificate Revocation List”). The aim is to warn customers against using them.

“We not only want to offer technical security but also prevent social engineering,” explained engineer Steve Hanna, who deals with security hardware at Infineon and the CSA. Whether and to what extent security incidents or product piracy have already occurred was left open by the CSA in a media interview.

Fine-tuning battery operation, suction bots, scenes

For vacuum robots, Matter 1.4.2 facilitates subsequent entries thanks to a more consistent command set. In the future, a new job can be issued without having to end a current one first. New specifications for "Quieter Reporting" are designed to prevent unnecessary status queries so that sensors, for example, can last longer without a battery change.

Scenes transferred from one Matter platform to another can now also contain time-based actions. For example, groups of lights can increasingly be dimmed for going to sleep and waking up. In the future, such newly installed software features will be available immediately, eliminating the need for a hardware restart, which was often necessary in the past.

In addition, Matter initial contact with Wi-Fi devices will no longer require Bluetooth radio as a bridge builder. However, whether manufacturers will now also retrofit older devices without a built-in Bluetooth chip with Matter depends on whether the RAM is sufficient for the complex code, explained CSA Head of Technology Chris LaPré.

If devices are added via Matter and at the same time via a cloud interface, new, permanently assigned codes should prevent duplicate entries. In the future, thread-border routers certified for Matter must be able to manage at least 150 devices, while WLAN access points must be able to process 100 simultaneous connections.

(dahe)