Securing a network

If anyone with the app installed can access configuration, what steps do I take to prevent some person off the street downloading the app and changing our config? Is there a way to password protect a network?

Hi Andrew,

that is not possible in PANS due to performance limitation when UWB runs with the SoftDevice stack from Nordic. What you can do is to disable BLE after the system is configured (if that would be possible for your application).

We are working on a more advanced system which provides security also for BLE. If you are interested in please subscribe to and we will let you know when it will be available.


Hey leapslabs,

Thanks for the reply, I’ll definitely make sure to follow your work.

Just a few quick questions that you may or may not know about Decawave’s system:

If bluetooth is disabled, does the overall system still work (ie sending positions through UWB to the gateway)?
Can the rasp pi/gateway’s dashboard still work and send/receive messages (to assign positions, etc) without Bluetooth?
I’d assume the steps for securing the network would be setting everything up via the app or dashboard, then using USB to connect each device to the PC terminal to send a command to disable Bluetooth?


Hi Andrew,

the UWB will still work independently on the Bluetooth. There are a few limitation in PANS when Bluetooth is used:

  1. Bluetooth security cannot be enabled.
  2. When encryption is enabled on UWB the Bluetooth cannot be enabled.

You can use any API interface to disable the Bluetooth:

  1. via Bluetooth itself - one way operation, see node configuration in the DRTLS Android Manager.
  2. via MQTT/Gateway.
  3. via UART.
  4. via SPI.
  5. via on-module Shell.
  6. via User Application which you can create using PANS library.

I think a solution for you would be to setup the network using one of the API above. Then using the DRTLS Android Manager or DRTLS Web Manager to disable the Bluetooth.
When you need Bluetooth on some node then enable it via the DRTLS Web Manager (this can be done only when encryption is not used on UWB).