Communications
Suppose you’re considering purchasing a Smart Home product to add to your home. As a typical consumer, you may be wondering: “Is this a legitimate device or am I compromising my family’s digital (and maybe even physical) security by doing so?” Once you take it home, you try to add the device onto your current network based on, say, SmartThings. You fire up your SmartThings app and after a while realize that this particular device only works with some other platform. What to do? You cannot just switch to another platform such as Apple HomeKit, Amazon Alexa or Google Home. Even if you do, plenty of devices won’t work with that platform either. Minutes later you’re driving back to your favorite retailer to return the device.
This is the state of the Smart Home, but this is changing with Matter.
Wouldn’t it be much better if you already saw a logo on the product that answered most of your questions? This is the Matter logo. As recognizable as, say, a Wi-Fi logo, but it goes way beyond that. This Matter logo guarantees that the product has a legitimate origin, that it complies with stringent testing and practices, and hence, that it will be a secure addition to your home and that it will interoperate with whatever Smart Home platform you’re already running. You take this device home and soon afterwards it is smoothly integrated into your Smart Home installation regardless of the platform.
The IoT (Internet of Things) experience has long been typified by consumer confusion brought on by multiple different ecosystems and devices, none of which interoperated, thus resulting in a fractured experience. A group of the major companies in this space (including Samsung Electronics, Amazon, Apple, Google, and others) recognized that the need existed for one simple, interoperable, reliable, and secure standard to harmonize the industry, thus, in January 2020, Matter (formerly Project Connected Home Over IP) was born as a Working Group within the Connectivity Standards Alliance (CSA, formerly the Zigbee Alliance) [see https://csa-iot.org/all-solutions/matter/].
Figure 2. Matter Smart Home
Since its inception, the Matter Working Group has been developing a complete, multi-faceted program that is formally launched in October 2022, and announced during the media event at the CSA All Member Meeting in November 2022. The Matter program encompasses a full protocol specification, built on IPv6, which supports device discovery, provisioning, and control, all over secured interfaces. Additionally, there is an open-source SDK that supports all of the functions necessary to certify a Matter device (either controller, controlee, commissioner, or a combination thereof), and a certification program with an automated test harness and test cases.
The following sections highlight key aspects of the Matter program which then provides the capabilities needed to provide an interoperable user experience for the IoT.
Matter (from an operational perspective) runs entirely over IPv6. Currently supported from a connectivity perspective are Wi-Fi, Thread, and Ethernet. Matter further defines a messaging layer that abstracts the routing of requests and responses.
Additionally, Bluetooth (BLE) is a supported protocol over which devices may be discovered and provisioned, all based on a Bluetooth GATT (Generic Attribute) profile.
Figure 3. Matter stack and device types
The fundamental components defined by the Matter specification encompass:
- Discovery
• The ability for a device to advertise itself to enable a commissioner to discover and connect to it.
- Secure Channel
• All communication to the device is over a secure operational channel. All communication in Matter outside of initial discovery is secured.
- Commissioning and Device Attestation
• Determination that the device is a genuine, certified Matter device (Device Attestation), and the mechanism by which that device is then added to the residential network (Commissioning) which can follow a specified flow or support custom requirements for the device itself.
- Data Model
• How do I know what the device is, what is provisioned, what it can and cannot do, what controls I have, and what events I can receive? This is all defined by the data model, which ensures interoperability between different instances of the same device type from different vendors.
- Multi-Admin
• The ability for a device to be controlled by different ecosystems (e.g., SmartThings and HomeKit) at the same time.
Matter significantly raises the bar in terms of security and privacy by incorporating the following into the specification and SDK:
• Globally unique device identity (Device Attestation Certificate): The foundation for device security is a cryptographically verifiable device identity established at manufacturing. Attestation of this certificate is carried out by commissioners (e.g., the SmartThings App on your phone) during the commissioning process.
• Local identity (Operational Certificate): Upon successful attestation, the commissioning process leaves the device with cryptographic material to secure all of its subsequent interactions. This material is all under the operational Public Key Infrastructure (PKI) root which one can regard as being associated with the ecosystem of the commissioner (such as SmartThings). All subsequent communication to/from the device is secured using this security material.
The following figure shows the two types of device identities and their respective PKIs:
Figure 4. Matter commissioning process [Note: modified diagram from the CSA]
• Distributed Compliance Ledger (DCL): Several aspects of Matter require up-to-date information that can't be spoofed (e.g., the roots of the manufacturing PKI, information about a given product, like the link to the OTA repositories, etc.). Matter incorporates a blockchain-based DCL for this purpose.
• Secure Operations: After the Device Attestation and Commissioning process, operational communications follow security best practices:
• Encrypted end-to-end with mutual authentication, even for peer devices
• Secure group communications
• Flexible Access Control Lists (ACLs)
• Secured, standard OTA firmware and software updates
• Remote attestation of device software version
The security work will continue in the post Matter 1.0 releases. This continued work will include further engagement with third party security researchers and the broader security community, the development of open source and specifications to encourage analysis and improvement, and a rapid vulnerability response process.
Suppose you have a household where some residents use SmartThings, and some prefer to use HomeKit, with the result that today you can't control the same set of devices as they're in one or other of the ecosystems. Matter solves this with the concept of "multi-admin". Put succinctly, any device can be made available on multiple different ecosystems at the same time, thus enabling a user's experience of choice, and not having the devices in their homes be artificially part of different "walled-gardens".
Each ecosystem has separate security material, and clients from such ecosystems would make their own secure connections to the device.
Figure 5. Matter multi-admin overview
Critically, the consumer gets that choice on which ecosystems the device is added to, with support from the Matter specification for the necessary underlying procedures.
So you have your Matter device, you've unboxed it, and added it to your Smart Home experience. Now what? What does interacting with the device look like from a Matter perspective?
Matter specifies a rich and fully featured data model that allows for the consistent representation of devices and their capabilities. The Matter data model defines (by means of entities termed "clusters") a set of atomic building blocks (e.g., temperature measurement), each of which defines the attributes, commands, and events that are associated with that building block. A Matter device then supports a set of clusters appropriate to it, and your controller of choice (e.g., SmartThings) then interacts with the device via the clusters to retrieve information, set behaviours, be notified of events that have happened, and so forth.
For example, say you want to see what the temperature is, and set your thermostat based on that.
Figure 6. Matter example flow
Matter 1.0 enables basic interoperability for supported device types across existing IoT ecosystems.
Post Matter 1.0 is expected to provide enhancements to the initial feature set, improving the user's ownership experience (e.g., simpler/easier commissioning and scalable multi-admin), and broader support for value-added services such as energy management, secure video, and so forth.
Samsung Research is an active participant in the development of the Matter specifications in this exciting time for the IoT. The launch of Matter 1.0 will enable a truly interoperable user experience for the IoT "things", with the ability to access those "things" from their ecosystem(s) of choice including most importantly SmartThings controllers and commissioners from Samsung.
Going forwards, expect to see further enhancements from Matter in future releases with respect to:
✔ device types that are supported
✔ improvements to the onboarding and ownership experiences
✔ extensions into additional use cases to provide a more holistic experience
✔ Continuous enhancements to Matter design and implementation
Matter 1.0 Launch Press Release:
https://csa-iot.org/newsroom/matter-arrives/
Here are some further resources on Matter:
• Security and Privacy One Pager:
https://csa-iot.org/developer-resource/matter-security-and-privacy-one-pager/
• Distributed Compliance Ledger White Paper:
https://csa-iot.org/developer-resource/white-paper-distributed-compliance-ledger/
• Developer resources at the CSA:
https://csa-iot.org/resources/developer-resources/
• And of course, the Matter SDK:
https://github.com/project-chip/connectedhomeip