Is Sigfox really (in)secured ?

A recent publication analyzed the Sigfox protocol security, This is the most advanced work I’ve seen on this so it is interesting to go to some details about it. The author is Loïc Ferreira working for Orange Labs, Applied Cryptography Group at Caen,France. This report has been shared with Sigfox by the Author on August 2020.

In this post, I’ll not challenge any of the outcomes from Loïc as it is a serious researcher. What I want to do is to highlight this with the ability for someone to use this to make a successful attack against a device and in what conditions.

I love to say, in the security domain, that sometime, IoT attacks are like explaining how to destroy earth and humanity by changing the course of the moon to make that one crashing on its target: Theoretically it is possible, technically we could find ways to make is possible for an extraordinary cost. Practically speaking, the one doing it will also kills itself, so there is no big gain to expect.

So, let’s take a look to the different breaches reported on the publication…

Continue reading

HTMicron iMPC the STM32-S2LP Sigfox SIP

HTMicron is a Brazilian company making System In Package (SIP) solution. During Sigfox Connect, they shown a STM32-SLP product and gave me an eval board for reviewing.

This type of solution is interesting as it is really compact and easy to add in your design: you get a powerful ARM chip from ST + all the electronic needed for a Sigfox global communication system. There is no need for an extra component around the chip, more than an antenna and a power supply.

The price for the SIP is going to be around $5.

Let see how to use that chip.

Continue reading

Make your own $1 Sigfox IoT device

Previously in my blog post “I held the first $1 Sigfox device“, I’ve explained how the Sigfox network will soon accept some really low cost Radio MCU chip on its network. One of them is the cmostek CMT2189C MCU. It has a cost around $0.25 and has it own integrated radio compatible to Sigfox. This device has initially been made to support garage door remote and it has a lot of limitation. However, you can imagine many application. This post details the first steps to get a development environment ready. And this should save some of your time by going directly to the right way.

Continue reading

UnaMKR, Ardunio Sigfox devkit

We previously discovered the UnaMKR devkit. This devkit has two boards. The module board with the radio module and the sensors. It is the one I talked about in my previous post. The Arduino board is the second one. By programming this Arduino MKR Zero you can create custom program to use sensors and radio module to experiment Sigfox. The big advantage is a single board where ever you are located as it supports all the Sigfox zones.

During this second step, we are going to see how we can use the devkit to make a simple sensor measuring and reporting.

Continue reading

UnaMKR, the Sigfox Monarch experience

Unabiz has recently released the first Sigfox Monarch certified devkit. It is based on a LiteOn WSG309S module. The LiteOn module contains a St-Microelectronics based solution including a BlueNRG / S2LP in it.

In addition, the module board also have different sensors: temperature, humidity, pressure, air quality, accelerometer, magnetometer, light sensor, magnetic switch (reed switch).

You are able to use the module board as a standalone circuit. You directly program the LiteOn module. Or you can use the standard AT interface of the module and connect an Arduino MKR Zero board to use it.

In this post, we are going to see how to use the kit to test Sigfox Monarch solution.

Continue reading

Sigfox monarch

Sigfox Monarch service is a free global service allowing to determine the zone where a device is located.

By zone location I mean RC (Radio Configuration zone). It basically defines the European Zone (RC1) or the North American Zone (RC2)…

Thank to this technology a world-wide device, having no GPS to get its location, is able to determine its radio configuration and the associated frequencies to use for transmissions.

This service is covering most of the airports and ports around the world to support the existing customer use-cases like Louis-Vuiton tracker and Safecube container tracking.

It would be great if this service could, in the future, be also used to broadcast/multicast information to devices. It could be used to get time from the network and later be also used to transport custom data to the group of devices. But currently it does not transport any data.

In this post I propose to detail the Monarch technology and then, in a second post to see how to use it with the first released devkit from Unabiz supporting Sigfox Monarch.

Continue reading

No ! Sigfox is not removing duplicates

From 9-12 months ago, all the backend Sigfox user have this notice printed in the callback page:

Since, I hear many people saying the duplicates and signal related metadata will be removed from Sigfox.

This a WRONG ! Let see exactly why and what is replacing this feature ; how it impacts the way you build you integration with Sigfox backend.

Continue reading