manualshive.com logo in svg

Sunricher SR-SBP2801-BLE-E, Instructions Manual

The Sunricher SR-SBP2801-BLE-E user manual is available for free download from 88.208.23.73:8080. This manual provides detailed instructions on how to use and set up the product, ensuring a seamless experience for all users. Get your manual today and unlock the full potential of your Sunricher device.

Share
Download
background image

6.7.1 PIN code

Protected data access is only possible after unlocking the configuration memory with the correct 32 bit PIN 
code. By default, the protected area is locked and the default pin code for unlocking access is 0x0000E215.

The default pin code shall be changed to a user-defined value as part of the installation process. This can be 
done by unlocking the NFC interface with the old PIN code and then writing the new PIN code to page 0xE5 as 
described in chapter 6.3.1.

6.7.2 Configuration of product parameters

SR-SBP2801-BLE-E allows no direct modification of the following parameters:

1.Static Source Address

2.Product ID

3.Manufacturer ID

4.Security Key

In order to modify these parameters, the user has to write the new value into specific registers (Source Address 
Write, Product ID Write, Manufacturer ID Write and Security Key Write) in the protected data area and set the 
according Update flag in the Configuration register.

After that, the user has to push and release the button of the SR-SBP2801-BLE-E module.

6.7.3 Configuration register

The Configuration register is 1 byte wide and contains configuration flags. Figure 30 below shows the structure 
of the Configuration register.

CONFIGURATION

Bit 7

Bit 6

Bit 5

Bit 4

Bit 3

Bit 2

Bit 1

Bit 0

OPTIONAL D ATA S IZE

DISAB LE LR N

TELEGRAM

RPA ADDRESS

MODE

PRIVATE 

SECUR ITY KEY

UPD ATE

SECUR ITY KEY

UPD ATE

MAN ID

UPD ATE

SOURCE ID

Figure 30 – Configuration register structure

The Configuration register is used to select the length of optional data, to disable the transmission of 
commissioning telegrams, to select resolvable private address mode, to disable NFC read-out of the security 
key and to indicate an update of the security key, the manufacturer ID or the source ID.

6.7.4 Source Address Write register

The Source Address Write register is 4 byte wide and can be used to modify the lower 32 bit of the SR-
SBP2801-BLE-E Static Source Address. The upper 16 bit of the SR-SBP2801-BLE-E Static Source Address 
are always fixed to 0xE215 to identify the device type. In order to do change the lower 32 bit of the Static 
Source Address, follow these steps:

1.  Write new source address into the Source Address Write register

2.  Set the UPDATE SOURCE ID flag in the Configuration register to 0b1

3.  Actuate (press and release) the button of SR-SBP2801-BLE-E

SR-SBP2801-BLE-E will determine that it should modify the Static Source Address based on the set- ting of the 
Update Source ID flag and copy the value of the Source Address Write register
to the lower 32 bit of the Source Address register. After successful execution, SR-SBP2801-BLE-E will clear 
the UPDATE SOURCE ID flag to 0b0.

6.7.5 Security Key Write register

The Security Key Write register is 16 byte wide and contains the device-unique random security key. The 
factory programmed key can be replaced with a user defined key by fol- lowing these steps:

1.  Write new security key into the Security Key Write register
Note that for security reasons, setting the Security Key to the following values is not possible:

•0x00000000000000000000000000000000
•0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
If the Security Key Write register is set to one of these values then no update of the Security Key will occur.

2.  Set the UPDATE SECURITY KEY flag in the Configuration register to 0b1

3.  If the key should be write-only (not readable after the key update) then set the Private Security Key flag in 
the Configuration register to 0b1

4.  Actuate (press and release) the button of SR-SBP2801-BLE-E

SR-SBP2801-BLE-E will determine that it should modify the security key based on the setting of the Update 
Security Key flag and copy the value of the Security Key Write register to the Security Key register in private 
memory. After successful execution, SR-SBP2801-BLE-E will clear the UPDATE SECURITY KEY flag to 0b0. 
The protected memory is designed to support 1000 modifications of the security key.

Note that it is not possible to read the current security key via NFC if the Security Key Write register has been 
accidentally overwritten or cleared via NFC write. In this case it is necessary to write a new security key (as 
described above) or to reset the device to its de- fault security key by means of a factory reset.

6.7.6 Private Security Key mode

SR-SBP2801-BLE-E provides a private security key mode for applications requiring high security. In this mode, 
it is possible to write a security key which subsequently is inaccessible via NFC and will not show up in 
commissioning telegram. In both cases, the security key will be set to all zeros. The written security key thereby 
is completely inaccessible externally.

To use private security key mode, set the PRIVATE SECURITY KEY flag in the Configuration register is to 0b1, 
the Security Key Write register to the desired security key and the UP- DATE SECURITY KEY flag in the 
Configuration register is to 0b1 and pushing the button.

The Security Key Write register will be cleared to 0x00000000000000000000000000000000 after successful 
execution and the written security key will not be NFC readable (even for users having the correct PIN code). If 
commissioning telegrams are enabled then the secu- rity key will be set to 
0x00000000000000000000000000000000 there as well.

It is possible to return to Public (NFC-accessible) key mode by clearing the PRIVATE SECURI- TY KEY flag in 
the Configuration register, setting the Security Key Write register to the desired security key and the UPDATE 
SECURITY KEY flag in the Configuration register is to
0b1 and pushing the button.

The protected memory is designed to support 1000 modifications of the security key.

6.7.7 Product ID and Manufacturer ID Write register

The Product ID register is 8 byte wide and can be used to specify a publicly-accessible parameter (e.g. a user-
specific ID or name) that can be read by an NFC commissioning tool in order to determine the specific product 
type.

The Manufacturer ID is 2 byte wide and specifies the manufacturer of a BLE product and is transmitted as part 
of each BLE telegram. By default, the manufacturer ID is set to 0x0A78 (Sunricher) but it can be changed to a 
different OEM identifier.

Product ID and Manufacturer ID can be changed by following these steps:

1.  Write the desired Product ID (8 byte using HEX or ASCII encoding according to user choice) into the Product 
ID Write register. Setting the Product ID register to
0x0000000000000000 will cause SR-SBP2801-BLE-E not to update the Product ID.

2.  Write the desired Manufacturer ID (2 byte) into the Manufacturer ID Write register.
Setting the Manufacturer ID Write register to 0x0000 will cause SR-SBP2801-BLE-E not to update the 
Manufacturer ID.

3.  Set the UPDATE MAN ID flag in the Configuration register to 0b1

4.  Actuate (press and release) the button of SR-SBP2801-BLE-E

SR-SBP2801-BLE-E will determine that it should update the Product ID and Manufacturer ID based on the 
setting of the Update Product and Manufacturer ID flag and copy any non-zero value of the Product ID Write 
register to the Product ID register and any non-zero value of the Manufacturer ID Write Register to the 
Manufacturer ID register.

Summary of Contents for SR-SBP2801-BLE-E

Page 1: ...Wall Switches and US style rocker pads 1 2 Technical data Dimensions Weight Security Power Supply Button Inputs Communication Range guidance only Max transmit power measured Antenna Communication Sta...

Page 2: ...o channels Channel A and Channel B each containing two button contacts State O and State I The state of all four button contacts pressed or not pressed is transmitted together with a unique device ide...

Page 3: ...he two channel radio transmission sequence removes transmission on the third radio channel selected by TX_CHANNEL3 and instead repeats the transmission once more four times in total The SR SBP2801 BLE...

Page 4: ...key as identity resolution key This key can be modified if needed via the NFC configuration interface as described in chapter 6 7 5 For each data telegram transmitted by SR SBP2801 BLE E i e for every...

Page 5: ...lease Action then this is indicated by the according status bit set to 1 Note that all contacts that were pressed during Press Action will be released during Release Action The case of continuing to h...

Page 6: ...key as part of the NFC based commissioning process To do so follow the procedure outlined in chapter 6 7 5 For additional security NFC read out of the new security key can be disabled by setting the P...

Page 7: ...ssioning mode Button_X is pressed or released again 5 3 3 Exit from commissioning mode Pressing any key except the button used for entry into commissioning mode Button_X will cause SR SBP2801 BLE E to...

Page 8: ...e Any other data received by the NFC tag while in IDLE state is discarded and the NFC tag will remain in IDLE state 6 2 3 READY 1 state READY 1 is the first UID resolving state where the NFC tag resol...

Page 9: ...ID of such tag This should always be used as first operation ahead of any read write authenticate actions Example SearchTag 32 2 NTAG_PwdAuth 32 bit password as hex bytes 16 bit password_ack as hex b...

Page 10: ...FC Data SR SBP2801 BLE E reserves 64 byte for customer specific NFC data see chapter 6 7 11 specific security measures are used to restrict read access to this data The following items are located in...

Page 11: ...and release the button of SR SBP2801 BLE E SR SBP2801 BLE E will determine that it should modify the security key based on the setting of the Update Security Key flag and copy the value of the Securit...

Page 12: ...ngs 6 7 9 2 Interval selection Starting with version DC 06 it is possible to reduce the transmission interval from the default setting of 20 ms to 10 ms by setting bit 3 of the Variant register Settin...

Page 13: ...product label encodes key product parameter according to the ANSI MH10 8 2 2013 industry standard The QR code shown in Figure 32 above encodes the following string 30SE280101500100 Z0123456789ABCDEF0...

Page 14: ...estricting transmission range include Switch mounting on metal surfaces up to 30 loss of transmission range Hollow lightweight walls filled with insulating wool on metal foil False ceilings with panel...

Page 15: ...advertising intervals then the scan interval has to be less than the time between the end of the first advertising event and the begin of the third advertising event 2 10 ms 20 ms minus 0 5 ms telegra...

Page 16: ...ules Operation is subject to the following two conditions 1 this device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause...

Page 17: ...essage shown above can be parsed into the following components keep in mind the little endian byte order BLE Access Address 4 byte 0x8E89BED6 BLE Frame Control 2 byte 0x2442 Size of source address pay...

Page 18: ...rameter Comment Description Example Length Field Size Size in bytes of the field used to encode the input length 2 always minimum permissible size Desired size in byte of the signa ture generated by t...

Page 19: ...for a description of the commission telegram structure The location of the security key is for reference highlighted above This means that the security key of this red device is 3DDA31AD44767AE3CE56D...

Page 20: ...table XOR calculator could be found here http xor pw The execution sequence would then be as follows X_1 AES128 B0 Key X_1 AES128 49B819000015E25D0400000000000000 3DDA31AD44767AE3CE56DCE2B3CE2ABB X_1...

Page 21: ...15E2630400000000000000 3DDA31AD44767AE3CE56DCE2B3CE2ABB X_1 ab5ec24beabc9ddeeb73751c7734cc64 X_1A XOR X_1 B_1 X_1A XOR ab5ec24beabc9ddeeb73751c7734cc64 000B0EFFDA0363040000111234000000 X_1A ab55ccb430...

Reviews:

No comments

Related manuals for SR-SBP2801-BLE-E

Tanco A Series Operator'S Handbook Manual preview
A Series
Brand: Tanco Pages: 72
HABYS Aero Instruction Manual & Warranty preview
Aero
Brand: HABYS Pages: 16
Acterna A Series Operating Manual preview
A Series
Brand: Acterna Pages: 72
AAON RQ SERIES Manual preview
RQ SERIES
Brand: AAON Pages: 36
Hantek DPO6000 Series Product Manual preview
DPO6000 Series
Brand: Hantek Pages: 124
Hameg HO720 Installation Manuallines preview
HO720
Brand: Hameg Pages: 10
Rath 2100-VOIP2CS Installation & Operation Manual preview
2100-VOIP2CS
Brand: Rath Pages: 5
Raymarine ST70 Instrument Quick Reference Manual preview
ST70 Instrument
Brand: Raymarine Pages: 12
Raven SmarTrax Operation Manual preview
SmarTrax
Brand: Raven Pages: 73
Tascam DA-40 Tehnical Documentation preview
DA-40
Brand: Tascam Pages: 3
Safavieh Lighting Aurelia Quick Start Manual preview
Aurelia
Brand: Safavieh Lighting Pages: 2
RAB Lighting SR2 Installation Instructions preview
SR2
Brand: RAB Lighting Pages: 4
campgo Raiju User Manual preview
Raiju
Brand: campgo Pages: 33
XanLite LR126 User Manual preview
LR126
Brand: XanLite Pages: 2
X-Rite i1Display Setup Manual preview
i1Display
Brand: X-Rite Pages: 6
Garmin FUSION APOLLO MS-WB675 Installation Instructions Manual preview
FUSION APOLLO MS-WB675
Brand: Garmin Pages: 18
Rapid Shape RS wash Quick Start Manual preview
RS wash
Brand: Rapid Shape Pages: 12
Hanskamp MultiFill 003-561-005 Installation And Operating Instructions Manual preview
MultiFill 003-561-005
Brand: Hanskamp Pages: 20

Brands by name

Popular brands

Load more brands