More like this

Hardware

Apple's chip'n'firmware security demands behind HomeKit delays

iGiant expands control-freak tendencies into smarthomes, forcing hardware redesigns

Apple's security approach requires an overhaul for many, if not most, gadgets it hopes to connect

Wondering where all the Apple HomeKit products are? Well, here's an explanation: Apple is forcing internet-of-things companies to fit Apple-certified chips and firmware in their gadgets if they are to work with the HomeKit platform.

That means, in a lot of cases, engineers must effectively redesign their products to incorporate the mandatory HomeKit chips and firmware, and pass Apple's strict checklist of requirements, industry sources have told The Register. Such moves are expensive and time consuming, but ultimately benefit punters.

The Apple-approved coprocessors and firmware provide secure communications between apps running on iOS devices and the manufacturers' smarthome gizmos. A device and its app talk to each other via the HomeKit Accessory Protocol, with the Apple-certified system-on-chip in the device acting as a middleman handling the security, encryption and wireless comms.

Without a certified communications chip, and the HomeKit firmware, the device cannot work with the HomeKit system. This, The Register has learned, is the main reason behind HomeKit's delayed launch, the low numbers of compatible products, and increasing frustration in the industry with the tech giant.

Broadcom, Marvell and Texas Instruments supply HomeKit-approved chips – such as the Marvell EZ-Connect, which includes an 88MC200 microcontroller with an ARM Cortex-M3 core, and an 88W8801 Wi-Fi controller. This system-on-chip and the HomeKit firmware do all the HomeKit protocol communications, and glue the device to its iPhone or iPad app.

However, device manufacturers have to go through an entire Apple-controlled process certifying their hardware before they can use the HomeKit system, we're told. When they are approved, manufacturers receive Cupertino-stamped stickers that identify individual products with an eight-digit number that users have to type into their app to connect the product to their home system.

Data collected from HomeKit products can be fed securely into Apple's iCloud, although manufacturers can use their own online backends to process information. Cupertino has to sign off on the packaging used for the third-party products before they are given HomeKit certification.

Delays and NDAs

After Apple failed to launch HomeKit at its San Francisco developer conference in June, or add the expected "Home" app to its new iOS 9 operating system, we started taking a second look at the reports and rumors of delays and problems with the smarthome platform.

Apple has forced all third parties to sign non-disclosure agreements, but following a series of last-minute and seemingly capricious changes, a number of them talked off-the-record to El Reg to explain the delays.

Most significant in those changes was the decision by Apple that it would overhaul its approach to security, and insist that manufacturers install the HomeKit firmware and a certified chip inside their products. Previously, Apple planned to allow manufacturers to run their own security solutions inside people's homes, and only use its system when moving information outside those networks.

Using an Apple-approved chip may well require a redesign of the electronics, changes to components and new supplies ordered, and a software rewrite – although some lucky products already using chips that have been certified can skip the hardware redesign part, and install the required firmware over the air, if possible.

Bridge over troubled waters

Apple also decided that HomeKit devices cannot communicate directly with one another – only through an Apple system, such as an AppleTV or an app running on an iPad and iPhone. That means mesh or ad-hoc networking is out; everything connects to a central point that must be in range, which some gizmo makers were not expecting.

If you want to use Siri to command your stuff by voice, Apple will insist you need an AppleTV, thus adding a barrier to entry: people would not only have to buy the smarthome products themselves but also an AppleTV, sources have told us.

We're also told that, right now, third-party products have little choice at the moment but to use Wi-Fi to share data, which makes the products more energy intensive than expected, requiring them to be plugged into a power source.

That means that while things like smart-sockets or lightbulbs can work with HomeKit, other things like door locks or wireless sensors, or thermostats without a C-wire, are not feasible at the moment, as they would run out of juice (unless you don't mind repeatedly recharging or changing the batteries in your gadgets).

Broadcom has a system-on-chip that will enable data to be sent via other low-energy protocols such as Bluetooth LE, but that will take time to be incorporated into devices, which explains why there are so few HomeKit products announced and why Apple delayed its full launch.

So far, Apple has announced just four products approved to work with HomeKit – a pitiful number given its vision and powerful position.

Sponsored: The Nuts and Bolts of Ransomware in 2016

Next page: Unhappy customers