Hub Firmware Release Notes - 25.26

i’ve got about 80 devices, with ~50 being z-wave, and update went well. only had to air gap one wall switch and one motion detector completely disappeared off network (might have been removed when redoing my lowes plugs (zigbee with zwave repeaters as the repeaters were failing in zwave network repair).
can’t seem to pair things in sis.

Can you provide more details because I am not clear on what you are saying

my motion sensors and door contact sensors, when including, i can’t get them included in secure mode.
suc vs sic
Static Update Controller (SUC)
SUC Identity Server (SIS)

perhaps i don’t understand what i’m doing, but i would like the communication of these devices to be encrypted… :stuck_out_tongue:

my yale door locks and linear garage door say: network security level ZWAVE_S0_FAILED

That’s not what you said in the other thread. So I do think you may be confused.

In your other thread you said that when you had a device which can be paired either securely or insecurely, such as most of the Aeotec devices, that you are now unable to get them to successfully pair securely.

I mentioned to you in the other thread that for most of the aeotec devices there is a physical “Z wave button” on the device itself. And that at the time of pairing you can press that button once for an insecure pairing or twice if you want to use security. But I didn’t know if you needed the device to be within 1 hop of the hub in order to exchange security keys with the new S2 format.

SUC and SIS are roles that specific zwave controllers, typically the hub, are assigned for the entire network and have to do with how new network addresses are numbered when they are given out. But that’s not actually the same thing as the insecure versus secure messaging such as the aeotec devices can do.

I believe on the SmartThings platform the hub is always both SUC and SIS, that’s not unusual with hubs designed after 2013.

Vera sometimes assigns the SIS to a secondary hub in a multi hub network. So it’s part of the third-party Z wave specification, but it rarely comes up in a smartthings context.

You were just asking how you could get your Aeotec devices to use secure messaging, right? That’s an entirely different topic. :sunglasses:

What does “network security level ZWAVE_S0_FAILED” mean?

That’s been discussed a couple of times in the last few months and has to do with the changes that smartthings is making to the way it handles Zwave security as it gets ready for the rollout of S2 support.

It still doesn’t have anything to do with SUC and SIS, it has to do with secure messaging.

I’m not feeling very well today and this is a pretty complex area, and besides I honestly know very little about how the SmartThings zwave platform has implemented the manufacturer controlled aspects, So hopefully other people will be able to assist you further.

See the following thread for discussion of when people first started seeing this message:

@Kianoosh_Karami @Brad_ST

Thanks JD, i’ve read that thread before but it really never solved the discussion of what it means conclusively.

I don’t know much about this, but here’s what I got from various online sources:

S0 Z-Wave Security 0. Relatively secure, yet as easy as non-secure Z-Wave
S2 Z-Wave Security 2. Strong encryption and authentication

What is S0 and S2 security? :key:

First thing first, let us learn what these security levels called S0 and S2 are.

S0 and S2 are security layers within the Z-Wave Protocol that are used to encrypt the data that is sent between devices.The initiation of S0/S2 is done during device pairing. The older pairing process is called S0. The latest Z-Wave devices are implemented with a new, more secured, S2. Which is mandatory on devices from April 2nd 2017.

S2 includes ‘unauthenticated S2’ and ‘authenticated S2’, where the authenticated devices has a unique authentication code on them.

So, an S0 Network Security Failure would seem to mean that establishing secure communication with that device was unsuccessful - even while using the most basic Z-Wave security protocol. If the device joined the mesh at all, it’s probably using non-secure Z-Wave.

Again, this is based on my very limited knowledge. I’m sure others with more knowledge will correct me if needed and be happy to provide additional details.


If that is from a device that requires encrypted messages, such as a garage door or a lock, chances are that the device is not working. For any other device, you’re better off without encryption despite @lflorack panic. But that’s just my opinion :slight_smile: S2 capable controllers are rare.

I certainly agree with the first part of your response (i.e., if it needs encrypted messages, it’s probably broken).and I also agree that S2-capable devices are quite rare. But, in this case, the question was about an S0 failure. So, if it’s a secure-type device (I’m currently unsure) and even an S0 connection (not S2) isn’t working, that might be considered an issue.

Well, S0 failure to include an Aeotec multi sensor means that the sensor was paired non-secure. S2 devices are not that rare, as you highlighted, new devices are required to have it, however controllers are rare. So what good does it do to have an S2 device if your controller can only handle s0. Might as well not encrypt the device, because S0 is flawed anyway and creates more problems than it solves. Again, personal opinion of non expert, which I am sure @JDRoberts will debunk when he feels better. See, we need you @JDRoberts, get better soon :wink:

Absolutely! :+1:


Mandatory on new design Devices certified after April 2017. Not mandatory on devices with older certifications. And a lot of new devices, including the SmartThings 2018 V3 hub, got waivers to not implement S2 yet.

Smartthings is just now getting their platform ready to start supporting S2.

The particular message under discussion started occurring in January of this year because of some of those changes they were making. It means that the device attempted a secure pairing and that failed so it fell back to an insecure pairing.

You would think that would be true, but in fact, smartthings just recently, like in the last couple of weeks, made yet another platform change where they are now going to encapsulate everything. It’s requiring some changes to some DTHs, which may be part of what’s going on here.


what the heck. HUB is going ONLINE, OFFLINE, ONLINE, OFFLINE since the update…

How timely, mine just started doing this yesterday at 12:30pm EST. Every 2 hours on the button. It was fine until yesterday. I’ve submitted a ticket and PM’d a few folks too.

I did have this at 7:16am CDT today. But I’m not seeing them frequent so far.

Happening here too. I’ve gotten a notification a time or two, but the hub is usually only off for a few seconds. The longest I’ve seen was three minutes, so I’m not sure why I even got a notification at all. Seems to be at random intervals though, sometimes a couple of hours and others 12 hours or so.

Crap, right on the button. Just had another Disconnect/Active event with my hub. I wish I could see more logging detail besides these simple messages. Damn frustrating.

I’m seeing this too…
Some of the dropouts also triggers an offline notification on my phone, but not all of them…
Have never gotten an “Online again” notification though… :flushed: