Apricum Mectp-sec User guide

MECtp

SECURE

MECtp-Sec

KNX Secure Line/Area Coupler/Repeater

Technical & Application Description

MECtp

SECURE

- 2 -

This document is property of the company named at the last page.

Without written approval, it may not be reproduced or commercialized,

distributed or presented to other individuals for commercial purpose.

Details and information contained within may be subject to change

without notice. For the accuracy of the document no warranty is given.

MECtp

SECURE

- 3 -

Content

1Product Description 5

1.1 Front Panel 6

1.2 LED Indication 7

1.3 LED Indication of Special Functions 8

1.4 Commissioning 9

1.5 Secure Commissioning 10

1.6 Important Notes 11

1.6.1 Installation and Commissioning 11

1.6.2 Mounting and Safety 11

1.6.3 Maintenance 11

1.7 Safekeeping of Device Certificate 12

1.8 Feature Summary 13

2KNX Secure 14

3Operational Description 15

3.1 TP Secure Coupler Application 15

3.2 TP Secure Repeater Application 16

3.3 KNX Network Installation 17

3.3.1 Individual Address 17

3.3.2 KNX Topology 18

3.4 Adding Device Certificate 19

3.5 Programming 21

3.5.1 Programming of Individual Address (and Application) 21

3.6 Special Functions 22

3.6.1 Manual Function 22

3.6.2 Factory Reset 22

4ETS Database of TP Secure Coupler 23

4.1 General 23

4.2 Main Line 24

4.3 Subline 26

MECtp

SECURE

- 4 -

5ETS Database of TP Secure Repeater 28

5.1 General 28

5.2 Main Line 29

5.3 Subline 31

6Glossary 33

7Technical 36

7.1 State of Delivery 36

7.2 Datasheet 37

7.3 Drawings 38

8FAQ 39

Product Description

MECtp

SECURE

- 5 -

1Product Description

MECtp-Sec, the secured version of MECtp, is a KNX Secure line coupler that supports the

KNX Secure mechanism KNX Data Secure. It provides a bi-directional data connection

between two KNX TP lines. The Device Certificate utilization enables the usage of the

Security function “Secure Commissioning” that can be set to active.

MECtp-Sec can work as Line/Area Coupler to connect KNX TP Lines and KNX TP Areas. It

can also work as KNX Repeater to extend a KNX TP Line. For this purpose, different

applications are available. With using the TP Secure Coupler application, MECtp-Sec serves

as line coupler to connect a TP Line to a TP Area or Backbone (or as area coupler to

connect a TP Area to a TP Backbone). Usage of the TP Secure Repeater application

enables MECtp-Sec to extend a KNX TP Line by providing unfiltered data transfer between

the connected TP Segments. Up to four Segments (each requires a KNX power supply unit)

can form a single TP Line in this way.

MECtp-Sec is suitable for the Extended Frame format and has no KNX communication

objects for itself. Long telegrams are supported with up to 240 bytes APDU length. Filtering

of telegrams can be configured for both Physical Telegrams and Group Telegrams.

Operational modes, line states, telegram traffic, and filter states are shown at the duo-LED

display. Telegram repetition (on both TP sides) is also configurable. For bus traffic reduction,

special repetition/confirmation settings are provided.

It is possible to set programming of MECtp-Sec and main line devices via the subline to

inactive. To be more exact, the sub-to-main transmission of telegrams for configuring

purpose can be switched off. This function can avoid unwanted access to devices (and their

configurations) from a subline (that may be located outside of a building).

The configurable Manual Function for short-time filter switch-off can ease commissioning and

troubleshooting. For example, “transmit all group telegrams” can be activated by a single on-

device button press. After the pre-set time period, MECtp-Sec switches automatically back to

normal operation.

Product Description

MECtp

SECURE

- 6 -

1.1 Front Panel

Figure 1: Front View

Table 1: Front Panel Elements

LEDs

Buttons / Connectors

Bus State KNX TP (Main line)

Function Button

Bus State KNX TP (Subline)

Programming Button

Telegram Traffic KNX TP (Main line)

KNX TP Main Line Connector

Telegram Traffic KNX TP (Subline)

KNX TP Subline Connector

Group Address Routing*

Individual (Physical) Address Routing

Programming LED

*only group telegrams with main groups 0…13

Product Description

MECtp

SECURE

- 7 -

1.2 LED Indication

Following table gives a general description of the LED display indication intended for normal

operation. Constellations of LED lighting during active special functions are further described

in next chapter.

Table 2: Normal LED Display

Number

LED

Color

Explanation / Range

Bus State KNX TP

(Main line)

green

Main Line OK

orange

Manual Function active

Bus State KNX TP

(Subline)

green

Subline OK

< off >

Subline not connected

Telegram Traffic

KNX TP (Main line)

blinking green

Telegram traffic extent indicated by blinking

blinking red

Transmission error (BUSY, NACK, missing

IACK)

< off >

No telegram traffic

Telegram Traffic

KNX TP (Subline)

blinking green

Telegram traffic extent indicated by blinking

blinking red

Transmission error (BUSY, NACK, missing

IACK)

< off >

No telegram traffic

Group Address

Routing

green

Filter table active

orange

Route all

red

Block all

< off >

Routing of Group Telegrams is different

on main line and subline

Individual

(Physical) Address

Routing

green

Filtering active

orange

Route all

red

Block all

< off >

Routing of Physical telegrams is different

on main line and subline

Programming LED

red

Programming Mode active

< off >

Programming Mode not active

Product Description

MECtp

SECURE

- 8 -

1.3 LED Indication of Special Functions

During an active special function, only LEDs described here are lighting. Other LEDs are off.

Table 3: LED Status Display for Manual Function

Number

LED

Color

Comment

Bus State KNX TP

(Main line)

orange

Bus State KNX TP

(Subline)

green

is <off> if not

connected

Group Address

Routing

green:

orange:

red:

filter

route all

block all

Individual Address

Routing

Table 4: LED Status Display for Factory Reset after first Function Button Press

Number

LED

Color

Comment

Bus State KNX TP

(Main line)

orange

Bus State KNX TP

(Subline)

orange

lights red if not

connected

Group Address

Routing

green:

orange:

red:

filter

route all

block all

Individual Address

Routing

Product Description

MECtp

SECURE

- 9 -

1.4 Commissioning

Please note for commissioning with default settings:

•All telegrams are blocked because the filter table is not defined

•The Manual Function switch-off time is 120 min

•Individual Address is 15.15.0

•Activation of Secure Commissioning requires the Device Certificate

•Activation of Secure Commissioning requires a minimum ETS version

(see also Security functions)

Figure 2: Connection Scheme

To start a secured configuration download, Secure Commissioning must be activated in

the ETS project before. Without activation, MECtp-Sec is working as plain device and

will behave like MECtp (without supporting KNX Secure).

Please also read chapter 1.6 Important Notes before putting the device into operation.

Product Description

MECtp

SECURE

- 10 -

1.5 Secure Commissioning

Before the secured download of a configuration setting and/or the Individual Address can

start, the individual Device Certificate of MECtp-Sec must have been added to the ETS

project. To be able to add it, the ETS project must be password-protected.

A secured download is only possible after activation of Secure Commissioning.

Activation of Secure Commissioning demands the individual Device Certificate.

Device Certificates can only be added to a password-protected ETS project.

When no project password is set, Secure Commissioning cannot be activated. ETS projects

with having Secure Commissioning set to active always require pre-setting a project

password. Having no project password set on activation, the ETS then asks to type it in.

Figure 3: Set Project Password

The individual Device Certificate always is enclosed with a KNX Secure product. To

keep the product fully configurable by the user, it is important to make sure the Device

Certificate cannot be lost (please note chapter 1.7 Safekeeping of Device Certificate).

Table of contents

Popular Network Hardware manuals by other brands

socomec

socomec SNMP Card II quick start guide

NVR SYSTEMS

NVR SYSTEMS 4-CH user manual

Draytek

Draytek VigorSwitch G1240 quick start guide

Westermo

Westermo TD-34 LV installation manual

LaCie

LaCie Network Space MAX Quick install guide

ZoneVu

ZoneVu ZSI-450-IP Installation guide & user manual

QNAP

QNAP Turbo NAS Application notes

OpenEye

OpenEye MV Series quick start guide

Huawei

Huawei SmartAX MT880a quick start guide

Proxim

Proxim Tsunami QuickBridge 2454-R installation guide

Bay Networks

Bay Networks CLAM quick start guide

Innodisk

Innodisk SATADOM-SH 3SE Series manual

Cisco

Cisco CGR 1000 Series Getting connected guide

Matrix Switch Corporation

Matrix Switch Corporation MSC-HD161DEL product manual

National Instruments

National Instruments NI 653x user manual

B&B Electronics

B&B Electronics ZXT9-IO-222R2 product manual

Yudor

Yudor YDS-16 user manual

D-Link

D-Link ShareCenter DNS-320L datasheet

Apricum MECtp-Sec User guide

Popular Network Hardware manuals by other brands