Texas Instruments, Inc.

Z-Stack Core Release Notes

------------------------------------------------------------------------------------------------------------------------------------------------------------Version 2.6.0.3
August 18, 2013
Notices:
- Z-Stack 2.6.0.3 has passed certification testing for ZigBee-PRO compliance
and supports the ZigBee 2012 specification.
- Z-Stack 2.6.0.2 introduced support for Texas Instruments' new CC2538 device.
Please visit: http://www.ti.com/product/cc2538 for more information.
- Z-Stack for the CC2520 and CC2530 platforms has been built and tested with
IAR's CLIB library, which provides a light-weight C library which does not
support Embedded C++. Use of DLIB is not recommended for those platforms.
Z-Stack for the CC2538 platform has been tested with the DLIB library.
- Z-Stack projects specify compile options in two ways: (1) "-D" statements
in f8wConfig.cfg and other *.cfg files, (2) entries in the IDE Compiler
Preprocessor Defined Symbols. When using the EW8051 or EW430 compilers,
settings made in the IDE will override settings in the *.cfg files. When
using the EWARM compiler, settings in the *.cfg files will override any
made in the IDE.
- When programming devices for the first time with this release, select the
"Erase Flash" in the "Debugger->Texas Instruments->Download" tab in the
project options.
- The library files have been built and tested with the following versions
of IAR tools and may not work with different versions of the IAR tools:
- CC2538 + SRF06EB: EWARM 6.50.5 (6.50.5.4862)
- CC2530 + SRF05EB: EW8051 8.20.2 (8.20.2.41139)
- CC2520 + EXP5438: EW430 5.51.6 (5.51.6.50669)
- Foundation software library files for the CC2538 include the following:
- bsp.lib, version 1.3.1
- driverlib.lib, version 1.3.1
- usblib.lib, version 1.0.1
Changes:
- [4730] Modifed the router next hop lookup to use the neighbor table when it
contains the destination address, instead of using the next hop address in
the routing table.
- [4637] Modified "f8wZCL.cfg" to comment-out the -DZCL_KEY_ESTABLISH entry to
change the default setting to disabled. The option was added to preprocessor
symbol defines for projects using the zcl_key_establish feature, such as SE.
- [4621] Modified ZDSecMgrUpdateNwkKey() and ZDSecMgrSwitchNwkKey() functions
to only send unicast messages to one destination address.
- [4516] Added "zgApsAllowR19Sec" configuration variable and NV item, to
allow backward compatibility with 2.5.1 and older devices, when a ZR sends

Update Device message unencrypted in UNIQUE link key configuration.

- [4488] Added ZDO_NetworkStatusCB() to provide a ZDO callback when a Network
Status message is received. Also added processing of received Network Status
messages by End-Device.
- [4487] Improved error handling of network poll confirms to avoid triggering
rejoins on ZMAC_NO_RESOURCES and ZMacTransationOverflow status returns from
the MAC (indicating temporary heap unavailability, not RF problems).
- [4486] Improved APS Ack error reporting specific error codes ('ZMacNoAck',
'ZNwkNoRoute', etc) instead of just 'ZApsNoAck' to allow applications to
distinguish between internal and external problems.
- [4485] Improved status reporting of reflected messages by adding a new
application error message, 'AF_REFLECT_ERROR_CMD', which is processed in
the event loop, similar to 'AF_DATA_CONFIRM_CMD'. This allows applications
to implement a retransmission strategy for failed reflected messages.
- [4443] Added "zgNwkCommissionedNwkAddr" configuration variable and NV item,
to permit user commissioning of the device NWK address. Updated the startup
logic for MODE_REJOIN in ZDApp_ProcessOSALMsg() to use it. {R20 CCB 1312}
- [4405] Added the Child Aging and Recovery protocol as specified by ZigBee
Alliance document 12-0153, and is configured by 'zgChildAgingEnable', which
is defined in ZGlobals.c.
- [4384] Updated ZDSecMgrSwitchNwkKey() to permit the SwitchKey command to be
sent with or without APS security. {R20 CCB 1313}
- [4323] Modified ZCL to process messages from non-SE clusters that are APS
encrypted. Updated zcl_SendCommand() to determine whether the message is in
response to an APS encrypted message and send an APS encrypted response.
Updated zclProcessMessageMSG() to enforce security only in clusters defined
in the options table and accept messages from any other cluster to be APS
encrypted. {SE-1.1.1 CCB 1397}
- [4293] Updated ZDSecMgrAuthenticationCheck() to verify whether the device
has been authenticated. Fixes an interoperability issue where the incoming
Update Device message was only encrypted with TCLK when expecting that APS
security would be used. {13.55 Update Device test case}
- [4286] Updated ZDSecMgrDeviceRemove() to send the Remove Device message
according to the setting of "zgApsLinkKeyType". {R20 CCB 1313}
- [4285] Updated ZDSecMgrDeviceJoinFwd() to send the Update Device message
according to the setting of "zgApsLinkKeyType". {R20 CCB 1313}
- [4282] Added filtering for APS RemoveDevice/UpdateDevice commands depending
on the setting of "zgApsLinkKeyType": for 'ZG_GLOBAL_LINK_KEY' messages APS
encryption is optional; for 'ZG_UNIQUE_LINK_KEY' messages APS encryption is
required. {R20 CCB 1313}
- [4281] Added "zgApsLinkKeyType" configuration variable and NV item, to
determine the security policies associated with sending and receiving APS
messages. The default setting of this variable is 'ZG_GLOBAL_LINK_KEY'
(see ZGlobals.c). {R20 CCB 1313}
- [4278] Added "zgNwkLeaveRequestAllowed" configuration variable and NV item,
to control processing of NWK leave requests by router devices. The default

setting of this variable is 'TRUE' (see ZGlobals.c). {R20 CCB 1279}

- [4277] Updated ZDO_ProcessMatchDescReq() to process requests with wildcard
ProfileID (see ZDO_WILDCARD_PROFILE_ID). {R20 CCB 1224}
- [4272] Updated ZDSecMgrDeviceRemove() to allow an APS Remove Device request
to make a router remove itself from the network. {R20 CCB 1280}
- [3282] Added an APS duplicate message rejection table and handler,which is
configured by 'APS_DUP_REJ_ENTRIES' (defined in ZGlobals.h).
- [1367] Upgraded OSAL timers from 16-bit to 32-bit to support application and
sleep times greater than 65.535 seconds, defined by OSAL_TIMERS_MAX_TIMEOUT.
Refer to the "OSAL API" document for details on API changes to functions:
"osal_start_timerEx()", "osal_start_reload_timer()", "osal_get_timeoutEx()",
"osalTimerUpdate()", and "osal_next_timeout()". Also note that changes have
been made to "halSleep()" to support long sleep times.
Bug Fixes:
New in 2.6.0.3:
- [5265] Fixed SymLink functionality to reference the Routing Table instead of
the Neighbor Table according to a new configurable cost threshold parameter,
gGOOD_LINK_COST. Changed default setting of _NIB.SymLink to TRUE.
- [5254] Fixed a problem where the link cost improperly updated when SymLink
was set to FALSE.
- [5248] Fixed a problem in Frequency Agility where the number of TX messages
and TX failures was not counted accurately.
From 2.6.0.2:
- [5122] Fixed a problem where the TrustCenter did not send a Transport Key
Command with dummy key when a router tried to rejoin with the zgPreConfigKeys
variable set to TRUE.
- [5054] Fixed possible "use of uninitialized variable" in 'AssocRestoreFromNV(
)'
function, which could cause incorrect initialization of Associated Device Tab
le
entries from NV after a device reset.
- [5009] Changed the function that builds Link Status messages to not set the
incoming cost to zero for neighbors that have been aged out.
- [4840] Fixed a problem which could allow the AddrMgr table to fill up with
unused entries with user = ADDRMGR_USER_BINDING. Added 'bindAddressClear()'
function to clear address manager entry for specified index.
- [4778] Improved handling of Route Reply messages from a neighbor that had bee
n
marked as 'down' due to a number of consecutive TX failures caused by momenta
ry
RF interference - Route Reply messages were ignored until the TX cost would b
e
updated by the next Link Status (could take up to 15 seconds).
- [4776] Fixed a problem where link status for a weak RF connection could be
incorrectly updated when the linkQuality reported from the MAC was zero (to

indicate signal below threshold but not necessarily a dead link).

- [4410] Fixed an Address Conflict resolution problem between two end-devices
where a rejoning device was already in the Child Aging table.
From 2.6.0.1:
- [4924] Fixed an issue where the Trust Center would send a Transport Key
command to a device performing secure rejoin in a single-hop configuration.
- [4903] Fixed a problem relating to classical commissioning in a ZigBee Light
Link network where the router did not set the source address sub-field in
the Transport Key command payload to 0xFFFFFFFFFFFFFFFF.
- [4902] Fixed a problem where messages received with the Wildcard Profile ID
(0xFF) was being incorrectly fowarded to the ZDO endpoint.
- [4826] Fixed a problem in ZDP_SimpleDescMsg() in which Application Device
Version field in the simple descriptor was placed in bits 4-7 instead of
bits 0-3.
From 2.6.0:
- [4752] Updated 'zclCCLoadControlEvent_t' and 'zclCCCancelLoadControlEvent_t'
structure definitions in "zcl_se.h" to conform to SE spec D.2.2.3.1.1.
- [4705] Fixed a problem in "MT_SAPI.c" where zb_MTCallbackAllowBindConfirm()
would return a garbage 3rd byte in response to the host. See section 4.3.8
of the "ZNP Interface Specification" for details on ZB_ALLOW_BIND_CONFIRM.
- [4681] Fixed a potential memory leak that could occur during processing of
an APSME Transport Key Request under heavy traffic situations (very rare).
- [4680] Fixed a problem in "MT_ZDO.c" where the remove/rejoin request bits
for MT_ZDO_MGMT_LEAVE_REQ were not parsed properly. See section 3.1.12.20
of the "Z-Stack Monitor and Test API" document for details.
- [4630] Fixed problems which could result in circular routes in a many-to-one
Route Record: (1) detection of a device's own address already in the source
route list, (2) detection of a device's next-hop address already in the
source route list.
- [4619] Fixed a problem relating to Frequency Agility where the counter for
"Total Transmission" was not being incremented for all transmitted packets.
- [4584] Fixed a problem where a resolved PanID conflict between two routers
would cause a rejoin failure for those routers' children.
- [4520] Fixed a problem where no Update Device message was sent to the Trust
Center when an End-Device did a secure rejoin. ZDSecMgrNewDeviceEvent() was
updated to indicate the rejoin security status. ZDO_JoinIndicationCB() was
modified to handle 'NWK_ASSOC_REJOIN_SECURE'.
- [4475] Added protection from use of a NULL callback pointer in the function
"halUartPollTx()" as potentially registered via "MT_UartInit()".
- [4462] Added logic to ZDSecMgrUpdateNwkKey() properly broadcast the NWK
transport ket when security is ZG_SECURITY_SE_STANDARD.
- [4461] Added logic to ZDApp_LeaveUpdate() to send Update Device message to
Trust Center with status = APSME_UD_DEVICE_LEFT when a leave message from
a child is received by the parent. Updated ZDSecMgrUpdateDeviceInd() to

verify the status of the indication to set proper devStatus value to allow
the NWK key to be transported or not, and ensure no action is taken when
APSME_UD_DEVICE_LEFT received. Updated ZDSecMgrDeviceJoin() to send the NWK
key only when the device has joined/rejoined in unsecure mode.
- [4459] Updated the device capabilities to include definition of "Allocate
Address" bit by default. ZDConfig_UpdateNodeDescriptor() was updated to
initialize this bit in the Node Descriptor. ZDApp_ProcessOSALMsg() was
updated to clear this bit when the NWK address has been commissioned.
- [4450] Updated processing of Rejoin requests to return 'ZNwkInvalidRequest'
when the calculated destination address (proposed parent) has the same short
address as the device wanting to do the rejoin.
- [4449] Fixed two problems observed when a multicast group address is the
same value as a neighbor or sleeping end device: (1) when finding that a
route request is needed for a multicast, don't search the neighbor table
trying to match the multicast group address, (2) don't deliver a multicast
message to a sleeping end device when the multicast group address happens
to be the same value as the sleeping end-device.
- [4421] Fixed a problem in the OTA signature calculation where the ECDSA
Signature tag sub-element was not included in the image before calculating
the MMO hash, see zclOTA_ProcessImageData(). The OtaConverter tool is also
updated accordingly.
- [4410] Fixed an Address Conflict resolution problem between two end-devices
where only the original device would get a new address. Complete resolution
of this problem became possible by introduction of the new Child Aging and
Recovery protocol (see [4405] above).
- [4409] Changed the processing of received Leave messages to not require a
destination extended address. This is required for the new Child Aging and
Recovery protocol (see [4405] above).
- [4407] Improved router/coordinator reporting of errors on failed delivery
of unicast or multicast frames. Added 'AF_SUPPRESS_ROUTE_DISC_NETWORK' bit
to txOptions to permit application control of Route Discovery bits in the
Network Frame Control header. Changed routers to send Network Status message
for data messages that specify "suppress route discovery" and have no route
to the destination. Added processing of Network Status messages in parents
of sleeping end-devices (which could remove a routing entry).
- [4394] Fixed the XML scheme for Z-Tool to send the proper KEY EVENT values.
See section 3.10.1.8 of the "Z-Stack Monitor and Test API" for details.
- [4388] Fixed a problem in ZDSecMgrNewDeviceEvent() which could cause a Trust
Center device to not send Transport Key message in heavy traffic conditions.
- [4384] Updated the sending/receiving of Switch Key commands to work with
and without APS security. {R20 CCB 1313}
- [4377] Fixed a problem where an End-Device left the network in silent mode,
not sending a NWK:Leave message. Updated ZDO_LeaveInd() to send the leave
message before reset.
- [4294] Fixed a problem where APS messages encrypted with TCLK were not using
the correct "Key APS Identifier" [0x00] Data-Key.
- [4293] Fixed an interoperability problem where a TI Coordinator would drop

incoming Update Device messages encrypted with "Data Key" using the TC Link
Key - the TI device expected "Data Key" encryption to be using CBKE.
- [4182] Removed AF layer filtering of Profile ID for received packets. Added
"AF_WILDCARD_PROFILEID" to AF options and "ZDO_WILDCARD_PROFILE_ID".
Known Issues:
- To disable security at build time, use the "SECURE=0" compile option. Do
not attempt to disable security by setting the SECURITY_LEVEL to zero.
- The ZDO Complex Descriptor is not supported.
-------------------------------------------------------------------------------------------------------------------------------------------------------------