idnits 2.17.1 draft-ietf-lpwan-overview-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 1, 2017) is 2489 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 3315 (Obsoleted by RFC 8415) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6961 (Obsoleted by RFC 8446) == Outdated reference: A later version (-04) exists of draft-zuniga-lpwan-sigfox-system-description-03 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan S. Farrell, Ed. 3 Internet-Draft Trinity College Dublin 4 Intended status: Informational July 1, 2017 5 Expires: January 2, 2018 7 LPWAN Overview 8 draft-ietf-lpwan-overview-05 10 Abstract 12 Low Power Wide Area Networks (LPWAN) are wireless technologies with 13 characteristics such as large coverage areas, low bandwidth, possibly 14 very small packet and application layer data sizes and long battery 15 life operation. This memo is an informational overview of the set of 16 LPWAN technologies being considered in the IETF and of the gaps that 17 exist between the needs of those technologies and the goal of running 18 IP in LPWANs. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on January 2, 2018. 37 Copyright Notice 39 Copyright (c) 2017 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. LPWAN Technologies . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. LoRaWAN . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 2.1.1. Provenance and Documents . . . . . . . . . . . . . . 4 58 2.1.2. Characteristics . . . . . . . . . . . . . . . . . . . 4 59 2.2. Narrowband IoT (NB-IoT) . . . . . . . . . . . . . . . . . 10 60 2.2.1. Provenance and Documents . . . . . . . . . . . . . . 10 61 2.2.2. Characteristics . . . . . . . . . . . . . . . . . . . 11 62 2.3. SIGFOX . . . . . . . . . . . . . . . . . . . . . . . . . 15 63 2.3.1. Provenance and Documents . . . . . . . . . . . . . . 15 64 2.3.2. Characteristics . . . . . . . . . . . . . . . . . . . 15 65 2.4. Wi-SUN Alliance Field Area Network (FAN) . . . . . . . . 20 66 2.4.1. Provenance and Documents . . . . . . . . . . . . . . 20 67 2.4.2. Characteristics . . . . . . . . . . . . . . . . . . . 21 68 3. Generic Terminology . . . . . . . . . . . . . . . . . . . . . 24 69 4. Gap Analysis . . . . . . . . . . . . . . . . . . . . . . . . 25 70 4.1. Naive application of IPv6 . . . . . . . . . . . . . . . . 25 71 4.2. 6LoWPAN . . . . . . . . . . . . . . . . . . . . . . . . . 26 72 4.2.1. Header Compression . . . . . . . . . . . . . . . . . 27 73 4.2.2. Address Autoconfiguration . . . . . . . . . . . . . . 27 74 4.2.3. Fragmentation . . . . . . . . . . . . . . . . . . . . 27 75 4.2.4. Neighbor Discovery . . . . . . . . . . . . . . . . . 28 76 4.3. 6lo . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 77 4.4. 6tisch . . . . . . . . . . . . . . . . . . . . . . . . . 29 78 4.5. RoHC . . . . . . . . . . . . . . . . . . . . . . . . . . 29 79 4.6. ROLL . . . . . . . . . . . . . . . . . . . . . . . . . . 30 80 4.7. CoAP . . . . . . . . . . . . . . . . . . . . . . . . . . 30 81 4.8. Mobility . . . . . . . . . . . . . . . . . . . . . . . . 30 82 4.9. DNS and LPWAN . . . . . . . . . . . . . . . . . . . . . . 30 83 5. Security Considerations . . . . . . . . . . . . . . . . . . . 31 84 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 85 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 32 86 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 87 9. Informative References . . . . . . . . . . . . . . . . . . . 35 88 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 40 89 A.1. From -00 to -01 . . . . . . . . . . . . . . . . . . . . . 40 90 A.2. From -01 to -02 . . . . . . . . . . . . . . . . . . . . . 40 91 A.3. From -02 to -03 . . . . . . . . . . . . . . . . . . . . . 40 92 A.4. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 41 93 A.5. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 41 94 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 41 96 1. Introduction 98 This document provides background material and an overview of the 99 technologies being considered in the IETF's Low Power Wide-Area 100 Networking (LPWAN) working group. We also provide a gap analysis 101 between the needs of these technologies and currently available IETF 102 specifications. 104 Most technologies in this space aim for similar goals of supporting 105 large numbers of very low-cost, low-throughput devices with very-low 106 power consumption, so that even battery-powered devices can be 107 deployed for years. LPWAN devices also tend to be constrained in 108 their use of bandwidth, for example with limited frequencies being 109 allowed to be used within limited duty-cycles (usually expressed as a 110 percentage of time per-hour that the device is allowed to transmit.) 111 And as the name implies, coverage of large areas is also a common 112 goal. So, by and large, the different technologies aim for 113 deployment in very similar circumstances. 115 Existing pilot deployments have shown huge potential and created much 116 industrial interest in these technologies. As of today, essentially 117 no LPWAN devices have IP capabilities. Connecting LPWANs to the 118 Internet would provide significant benefits to these networks in 119 terms of interoperability, application deployment, and management, 120 among others. The goal of the IETF LPWAN working group is to, where 121 necessary, adapt IETF-defined protocols, addressing schemes and 122 naming to this particular constrained environment. 124 This document is largely the work of the people listed in Section 7. 126 2. LPWAN Technologies 128 This section provides an overview of the set of LPWAN technologies 129 that are being considered in the LPWAN working group. The text for 130 each was mainly contributed by proponents of each technology. 132 Note that this text is not intended to be normative in any sense, but 133 simply to help the reader in finding the relevant layer 2 134 specifications and in understanding how those integrate with IETF- 135 defined technologies. Similarly, there is no attempt here to set out 136 the pros and cons of the relevant technologies. 138 Note that some of the technology-specific drafts referenced below may 139 have been updated since publication of this document. 141 2.1. LoRaWAN 143 Text here is largely from [I-D.farrell-lpwan-lora-overview] 145 2.1.1. Provenance and Documents 147 LoRaWAN is a wireless technology for long-range low-power low-data- 148 rate applications developed by the LoRa Alliance, a membership 149 consortium. This draft is based on 150 version 1.0.2 [LoRaSpec] of the LoRa specification. Version 1.0, 151 which has also seen some deployment, is available at [LoRaSpec1.0]. 153 2.1.2. Characteristics 155 LoRaWAN networks are typically organized in a star-of-stars topology 156 in which gateways relay messages between end-devices and a central 157 "network server" in the backend. Gateways are connected to the 158 network server via IP links while end-devices use single-hop LoRaWAN 159 communication that can be received at one or more gateways. All 160 communication is generally bi-directional, although uplink 161 communication from end-devices to the network server are favored in 162 terms of overall bandwidth availability. 164 Figure 1 shows the entities involved in a LoRaWAN network. 166 +----------+ 167 |End-device| * * * 168 +----------+ * +---------+ 169 * | Gateway +---+ 170 +----------+ * +---------+ | +---------+ 171 |End-device| * * * +---+ Network +--- Application 172 +----------+ * | | Server | 173 * +---------+ | +---------+ 174 +----------+ * | Gateway +---+ 175 |End-device| * * * * +---------+ 176 +----------+ 177 Key: * LoRaWAN Radio 178 +---+ IP connectivity 180 Figure 1: LoRaWAN architecture 182 o End-device: a LoRa client device, sometimes called a mote. 183 Communicates with gateways. 185 o Gateway: a radio on the infrastructure-side, sometimes called a 186 concentrator or base-station. Communicates with end-devices and, 187 via IP, with a network server. 189 o Network Server: The Network Server (NS) terminates the LoRaWAN MAC 190 layer for the end-devices connected to the network. It is the 191 center of the star topology. 193 o Uplink message: refers to communications from end-device to 194 network server or application via one or more gateways. 196 o Downlink message: refers to communications from network server or 197 application via one gateway to a single end-device or a group of 198 end-devices (considering multicasting). 200 o Application: refers to application layer code both on the end- 201 device and running "behind" the network server. For LoRaWAN, 202 there will generally only be one application running on most end- 203 devices. Interfaces between the network server and application 204 are not further described here. 206 In LoRaWAN networks, end-device transmissions may be received at 207 multiple gateways, so during nominal operation a network server may 208 see multiple instances of the same uplink message from an end-device. 210 The LoRaWAN network infrastructure manages the data rate and RF 211 output power for each end-device individually by means of an adaptive 212 data rate (ADR) scheme. End-devices may transmit on any channel 213 allowed by local regulation at any time. 215 LoRaWAN radios make use of industrial, scientific and medical (ISM) 216 bands, for example, 433MHz and 868MHz within the European Union and 217 915MHz in the Americas. 219 The end-device changes channel in a pseudo-random fashion for every 220 transmission to help make the system more robust to interference and/ 221 or to conform to local regulations. 223 Figure 2 below shows that after a transmission slot a Class A device 224 turns on its receiver for two short receive windows that are offset 225 from the end of the transmission window. End-devices can only 226 transmit a subsequent uplink frame after the end of the associated 227 receive windows. When a device joins a LoRaWAN network, there are 228 similar timeouts on parts of that process. 230 |----------------------------| |--------| |--------| 231 | Tx | | Rx | | Rx | 232 |----------------------------| |--------| |--------| 233 |---------| 234 Rx delay 1 235 |------------------------| 236 Rx delay 2 238 Figure 2: LoRaWAN Class A transmission and reception window 240 Given the different regional requirements the detailed specification 241 for the LoRaWAN physical layer (taking up more than 30 pages of the 242 specification) is not reproduced here. Instead and mainly to 243 illustrate the kinds of issue encountered, in Table 1 we present some 244 of the default settings for one ISM band (without fully explaining 245 those here) and in Table 2 we describe maxima and minima for some 246 parameters of interest to those defining ways to use IETF protocols 247 over the LoRaWAN MAC layer. 249 +------------------------+------------------------------------------+ 250 | Parameters | Default Value | 251 +------------------------+------------------------------------------+ 252 | Rx delay 1 | 1 s | 253 | | | 254 | Rx delay 2 | 2 s (must be RECEIVE_DELAY1 + 1s) | 255 | | | 256 | join delay 1 | 5 s | 257 | | | 258 | join delay 2 | 6 s | 259 | | | 260 | 868MHz Default | 3 (868.1,868.2,868.3), data rate: 0.3-5 | 261 | channels | kbps | 262 +------------------------+------------------------------------------+ 264 Table 1: Default settings for EU868MHz band 266 +-----------------------------------------------+--------+----------+ 267 | Parameter/Notes | Min | Max | 268 +-----------------------------------------------+--------+----------+ 269 | Duty Cycle: some but not all ISM bands impose | 1% | no-limit | 270 | a limit in terms of how often an end-device | | | 271 | can transmit. In some cases LoRaWAN is more | | | 272 | stringent in an attempt to avoid congestion. | | | 273 | | | | 274 | EU 868MHz band data rate/frame-size | 250 | 50000 | 275 | | bits/s | bits/s : | 276 | | : 59 | 250 | 277 | | octets | octets | 278 | | | | 279 | US 915MHz band data rate/frame-size | 980 | 21900 | 280 | | bits/s | bits/s : | 281 | | : 19 | 250 | 282 | | octets | octets | 283 +-----------------------------------------------+--------+----------+ 285 Table 2: Minima and Maxima for various LoRaWAN Parameters 287 Note that in the case of the smallest frame size (19 octets), 8 288 octets are required for LoRa MAC layer headers leaving only 11 octets 289 for payload (including MAC layer options). However, those settings 290 do not apply for the join procedure - end-devices are required to use 291 a channel and data rate that can send the 23-byte Join-request 292 message for the join procedure. 294 Uplink and downlink higher layer data is carried in a MACPayload. 295 There is a concept of "ports" (an optional 8-bit value) to handle 296 different applications on an end-device. Port zero is reserved for 297 LoRaWAN specific messaging, such as the configuration of the end 298 device's network parameters (available channels, data rates, ADR 299 parameters, RX1/2 delay, etc.). 301 In addition to carrying higher layer PDUs there are Join-Request and 302 Join-Response (aka Join-Accept) messages for handling network access. 303 And so-called "MAC commands" (see below) up to 15 bytes long can be 304 piggybacked in an options field ("FOpts"). 306 There are a number of MAC commands for link and device status 307 checking, ADR and duty-cycle negotiation, managing the RX windows and 308 radio channel settings. For example, the link check response message 309 allows the network server (in response to a request from an end- 310 device) to inform an end-device about the signal attenuation seen 311 most recently at a gateway, and to also tell the end-device how many 312 gateways received the corresponding link request MAC command. 314 Some MAC commands are initiated by the network server. For example, 315 one command allows the network server to ask an end-device to reduce 316 its duty-cycle to only use a proportion of the maximum allowed in a 317 region. Another allows the network server to query the end-device's 318 power status with the response from the end-device specifying whether 319 it has an external power source or is battery powered (in which case 320 a relative battery level is also sent to the network server). 322 In order to operate nominally on a LoRaWAN network, a device needs a 323 32-bit device address, that is assigned when the device "joins" the 324 network (see below for the join procedure) or that is pre-provisioned 325 into the device. In case of roaming devices, the device address is 326 assigned based on the 24-bit network identifier (NetID) that is 327 allocated to the network by the LoRa Alliance. Non-roaming devices 328 can be assigned device addresses by the network without relying on a 329 LoRa Alliance-assigned NetID. 331 End-devices are assumed to work with one or a quite limited number of 332 applications, identified by a 64-bit AppEUI, which is assumed to be a 333 registered IEEE EUI64 value. In addition, a device needs to have two 334 symmetric session keys, one for protecting network artifacts 335 (port=0), the NwkSKey, and another for protecting application layer 336 traffic, the AppSKey. Both keys are used for 128-bit AES 337 cryptographic operations. So, one option is for an end-device to 338 have all of the above, plus channel information, somehow 339 (pre-)provisioned, in which case the end-device can simply start 340 transmitting. This is achievable in many cases via out-of-band means 341 given the nature of LoRaWAN networks. Table 3 summarizes these 342 values. 344 +---------+---------------------------------------------------------+ 345 | Value | Description | 346 +---------+---------------------------------------------------------+ 347 | DevAddr | DevAddr (32-bits) = device-specific network address | 348 | | generated from the NwkID | 349 | | | 350 | AppEUI | IEEE EUI64 naming the application | 351 | | | 352 | NwkSKey | 128-bit network session key used with AES-CMAC | 353 | | | 354 | AppSKey | 128-bit application session key used with AES-CTR | 355 | | | 356 | AppKey | 128-bit application session key used with AES-ECB | 357 +---------+---------------------------------------------------------+ 359 Table 3: Values required for nominal operation 361 As an alternative, end-devices can use the LoRaWAN join procedure in 362 order to setup some of these values and dynamically gain access to 363 the network. To use the join procedure, an end-device must still 364 know the AppEUI, and in addition, a different (long-term) symmetric 365 key that is bound to the AppEUI - this is the application key 366 (AppKey), and is distinct from the application session key (AppSKey). 367 The AppKey is required to be specific to the device, that is, each 368 end-device should have a different AppKey value. And finally, the 369 end-device also needs a long-term identifier for itself, 370 syntactically also an EUI-64, and known as the device EUI or DevEUI. 371 Table 4 summarizes these values. 373 +---------+----------------------------------------------------+ 374 | Value | Description | 375 +---------+----------------------------------------------------+ 376 | DevEUI | IEEE EUI64 naming the device | 377 | | | 378 | AppEUI | IEEE EUI64 naming the application | 379 | | | 380 | AppKey | 128-bit long term application key for use with AES | 381 +---------+----------------------------------------------------+ 383 Table 4: Values required for join procedure 385 The join procedure involves a special exchange where the end-device 386 asserts the AppEUI and DevEUI (integrity protected with the long-term 387 AppKey, but not encrypted) in a Join-request uplink message. This is 388 then routed to the network server which interacts with an entity that 389 knows that AppKey to verify the Join-request. All going well, a 390 Join-accept downlink message is returned from the network server to 391 the end-device that specifies the 24-bit NetID, 32-bit DevAddr and 392 channel information and from which the AppSKey and NwkSKey can be 393 derived based on knowledge of the AppKey. This provides the end- 394 device with all the values listed in Table 3. 396 All payloads are encrypted and have data integrity. MAC commands, 397 when sent as a payload (port zero), are therefore protected. MAC 398 commands piggy-backed as frame options ("FOpts") are however sent in 399 clear. Any MAC commands sent as frame options and not only as 400 payload, are visible to a passive attacker but are not malleable for 401 an active attacker due to the use of the Message Integrity Check 402 (MIC) described below. 404 For LoRaWAN version 1.0.x, the NWkSkey session key is used to provide 405 data integrity between the end-device and the network server. The 406 AppSKey is used to provide data confidentiality between the end- 407 device and network server, or to the application "behind" the network 408 server, depending on the implementation of the network. 410 All MAC layer messages have an outer 32-bit MIC calculated using AES- 411 CMAC calculated over the ciphertext payload and other headers and 412 using the NwkSkey. Payloads are encrypted using AES-128, with a 413 counter-mode derived from IEEE 802.15.4 using the AppSKey. Gateways 414 are not expected to be provided with the AppSKey or NwkSKey, all of 415 the infrastructure-side cryptography happens in (or "behind") the 416 network server. When session keys are derived from the AppKey as a 417 result of the join procedure the Join-accept message payload is 418 specially handled. 420 The long-term AppKey is directly used to protect the Join-accept 421 message content, but the function used is not an AES-encrypt 422 operation, but rather an AES-decrypt operation. The justification is 423 that this means that the end-device only needs to implement the AES- 424 encrypt operation. (The counter mode variant used for payload 425 decryption means the end-device doesn't need an AES-decrypt 426 primitive.) 428 The Join-accept plaintext is always less than 16 bytes long, so 429 electronic code book (ECB) mode is used for protecting Join-accept 430 messages. The Join-accept contains an AppNonce (a 24 bit value) that 431 is recovered on the end-device along with the other Join-accept 432 content (e.g. DevAddr) using the AES-encrypt operation. Once the 433 Join-accept payload is available to the end-device the session keys 434 are derived from the AppKey, AppNonce and other values, again using 435 an ECB mode AES-encrypt operation, with the plaintext input being a 436 maximum of 16 octets. 438 2.2. Narrowband IoT (NB-IoT) 440 Text here is largely from [I-D.ratilainen-lpwan-nb-iot] 442 2.2.1. Provenance and Documents 444 Narrowband Internet of Things (NB-IoT) is developed and standardized 445 by 3GPP. The standardization of NB-IoT was finalized with 3GPP 446 Release 13 in June 2016, and further enhancements for NB-IoT are 447 specified in 3GPP Release 14 in 2017, for example in the form of 448 multicast support. Further features and improvements will be 449 developed in the following releases, but NB-IoT has been ready to be 450 deployed since 2016, and is rather simple to deploy especially in the 451 existing LTE networks with a software upgrade in the operator's base 452 stations. For more information of what has been specified for NB- 453 IoT, 3GPP specification 36.300 [TGPP36300] provides an overview and 454 overall description of the E-UTRAN radio interface protocol 455 architecture, while specifications 36.321 [TGPP36321], 36.322 456 [TGPP36322], 36.323 [TGPP36323] and 36.331 [TGPP36331] give more 457 detailed description of MAC, RLC, PDCP and RRC protocol layers, 458 respectively. Note that the description below assumes familiarity 459 with numerous 3GPP terms. 461 2.2.2. Characteristics 463 Specific targets for NB-IoT include: Less than US$5 module cost, 464 extended coverage of 164 dB maximum coupling loss, battery life of 465 over 10 years, ~55000 devices per cell and uplink reporting latency 466 of less than 10 seconds. 468 NB-IoT supports Half Duplex FDD operation mode with 60 kbps peak rate 469 in uplink and 30 kbps peak rate in downlink, and a maximum 470 transmission unit (MTU) size of 1600 bytes limited by PDCP layer (see 471 Figure 4 for the protocol structure), which is the highest layer in 472 the user plane, as explained later. Any packet size up to the said 473 MTU size can be passed to the NB-IoT stack from higher layers, 474 segmentation of the packet is performed in the RLC layer, which can 475 segment the data to transmission blocks with size as small as 16 476 bits. As the name suggests, NB-IoT uses narrowbands with the 477 bandwidth of 180 kHz in both downlink and uplink. The multiple 478 access scheme used in the downlink is OFDMA with 15 kHz sub-carrier 479 spacing. In uplink SC-FDMA single tone with either 15kHz or 3.75 kHz 480 tone spacing is used, or optionally multi-tone SC- FDMA can be used 481 with 15 kHz tone spacing. 483 NB-IoT can be deployed in three ways. In-band deployment means that 484 the narrowband is deployed inside the LTE band and radio resources 485 are flexibly shared between NB-IoT and normal LTE carrier. In Guard- 486 band deployment the narrowband uses the unused resource blocks 487 between two adjacent LTE carriers. Standalone deployment is also 488 supported, where the narrowband can be located alone in dedicated 489 spectrum, which makes it possible for example to reframe a GSM 490 carrier at 850/900 MHz for NB-IoT. All three deployment modes are 491 used in licensed frequency bands. The maximum transmission power is 492 either 20 or 23 dBm for uplink transmissions, while for downlink 493 transmission the eNodeB may use higher transmission power, up to 46 494 dBm depending on the deployment. 496 A maximum coupling loss (MCL) target for NB-IoT coverage enhancements 497 defined by 3GPP is 164 dB. With this MCL, the performance of NB-IoT 498 in downlink varies between 200 bps and 2-3 kbps, depending on the 499 deployment mode. Stand-alone operation may achieve the highest data 500 rates, up to few kbps, while in-band and guard-band operations may 501 reach several hundreds of bps. NB-IoT may even operate with MCL 502 higher than 170 dB with very low bit rates. 504 For signaling optimization, two options are introduced in addition to 505 legacy LTE RRC connection setup; mandatory Data-over-NAS (Control 506 Plane optimization, solution 2 in [TGPP23720]) and optional RRC 507 Suspend/Resume (User Plane optimization, solution 18 in [TGPP23720]). 508 In the control plane optimization the data is sent over Non-Access 509 Stratum, directly to/from Mobility Management Entity (MME) (see 510 Figure 3 for the network architecture) in the core network to the 511 User Equipment (UE) without interaction from the base station. This 512 means there are no Access Stratum security or header compression 513 provided by the PDCP layer in the eNodeB, as the Access Stratum is 514 bypassed, and only limited RRC procedures. RoHC based header 515 compression may still optionally be provided and terminated in MME. 517 The RRC Suspend/Resume procedures reduce the signaling overhead 518 required for UE state transition from RRC Idle to RRC Connected mode 519 compared to legacy LTE operation in order to have quicker user plane 520 transaction with the network and return to RRC Idle mode faster. 522 In order to prolong device battery life, both power-saving mode (PSM) 523 and extended DRX (eDRX) are available to NB-IoT. With eDRX the RRC 524 Connected mode DRX cycle is up to 10.24 seconds and in RRC Idle the 525 eDRX cycle can be up to 3 hours. In PSM the device is in a deep 526 sleep state and only wakes up for uplink reporting, after which there 527 is a window, configured by the network, during which the device 528 receiver is open for downlink connectivity, of for periodical "keep- 529 alive" signaling (PSM uses periodic TAU signaling with additional 530 reception window for downlink reachability). 532 Since NB-IoT operates in licensed spectrum, it has no channel access 533 restrictions allowing up to a 100% duty-cycle. 535 3GPP access security is specified in [TGPP33203]. 537 +--+ 538 |UE| \ +------+ +------+ 539 +--+ \ | MME |------| HSS | 540 \ / +------+ +------+ 541 +--+ \+-----+ / | 542 |UE| ----| eNB |- | 543 +--+ /+-----+ \ | 544 / \ +--------+ 545 / \| | +------+ Service PDN 546 +--+ / | S-GW |----| P-GW |---- e.g. Internet 547 |UE| | | +------+ 548 +--+ +--------+ 550 Figure 3: 3GPP network architecture 552 Figure 3 shows the 3GPP network architecture, which applies to NB- 553 IoT. Mobility Management Entity (MME) is responsible for handling 554 the mobility of the UE. MME tasks include tracking and paging UEs, 555 session management, choosing the Serving gateway for the UE during 556 initial attachment and authenticating the user. At MME, the Non- 557 Access Stratum (NAS) signaling from the UE is terminated. 559 Serving Gateway (S-GW) routes and forwards the user data packets 560 through the access network and acts as a mobility anchor for UEs 561 during handover between base stations known as eNodeBs and also 562 during handovers between NB-IoT and other 3GPP technologies. 564 Packet Data Node Gateway (P-GW) works as an interface between 3GPP 565 network and external networks. 567 The Home Subscriber Server (HSS) contains user-related and 568 subscription- related information. It is a database, which performs 569 mobility management, session establishment support, user 570 authentication and access authorization. 572 E-UTRAN consists of components of a single type, eNodeB. eNodeB is a 573 base station, which controls the UEs in one or several cells. 575 The illustration of 3GPP radio protocol architecture can be seen from 576 Figure 4. 578 +---------+ +---------+ 579 | NAS |----|-----------------------------|----| NAS | 580 +---------+ | +---------+---------+ | +---------+ 581 | RRC |----|----| RRC | S1-AP |----|----| S1-AP | 582 +---------+ | +---------+---------+ | +---------+ 583 | PDCP |----|----| PDCP | SCTP |----|----| SCTP | 584 +---------+ | +---------+---------+ | +---------+ 585 | RLC |----|----| RLC | IP |----|----| IP | 586 +---------+ | +---------+---------+ | +---------+ 587 | MAC |----|----| MAC | L2 |----|----| L2 | 588 +---------+ | +---------+---------+ | +---------+ 589 | PHY |----|----| PHY | PHY |----|----| PHY | 590 +---------+ +---------+---------+ +---------+ 591 LTE-Uu S1-MME 592 UE eNodeB MME 594 Figure 4: 3GPP radio protocol architecture for control plane 596 Control plane protocol stack 598 The radio protocol architecture of NB-IoT (and LTE) is separated into 599 control plane and user plane. The control plane consists of 600 protocols which control the radio access bearers and the connection 601 between the UE and the network. The highest layer of control plane 602 is called Non-Access Stratum (NAS), which conveys the radio signaling 603 between the UE and the EPC, passing transparently through the radio 604 network. It is responsible for authentication, security control, 605 mobility management and bearer management. 607 Access Stratum (AS) is the functional layer below NAS, and in control 608 plane it consists of Radio Resource Control protocol (RRC) 609 [TGPP36331], which handles connection establishment and release 610 functions, broadcast of system information, radio bearer 611 establishment, reconfiguration and release. RRC configures the user 612 and control planes according to the network status. There exists two 613 RRC states, RRC_Idle or RRC_Connected, and RRC entity controls the 614 switching between these states. In RRC_Idle, the network knows that 615 the UE is present in the network and the UE can be reached in case of 616 incoming call/downlink data. In this state, the UE monitors paging, 617 performs cell measurements and cell selection and acquires system 618 information. Also the UE can receive broadcast and multicast data, 619 but it is not expected to transmit or receive unicast data. In 620 RRC_Connected the UE has a connection to the eNodeB, the network 621 knows the UE location on the cell level and the UE may receive and 622 transmit unicast data. An RRC connection is established when the UE 623 is expected to be active in the network, to transmit or receive data. 624 The RRC connection is released, switching back to RRC_Idle, when 625 there is no more traffic in order to preserve UE battery life and 626 radio resources. However, a new feature was introduced for NB-IoT, 627 as mentioned earlier, which allows data to be transmitted from the 628 MME directly to the UE transparently to the eNodeB, thus bypassing AS 629 functions. 631 Packet Data Convergence Protocol's (PDCP) [TGPP36323] main services 632 in control plane are transfer of control plane data, ciphering and 633 integrity protection. 635 Radio Link Control protocol (RLC) [TGPP36322] performs transfer of 636 upper layer PDUs and optionally error correction with Automatic 637 Repeat reQuest (ARQ), concatenation, segmentation, and reassembly of 638 RLC SDUs, in-sequence delivery of upper layer PDUs, duplicate 639 detection, RLC SDU discard, RLC-re-establishment and protocol error 640 detection and recovery. 642 Medium Access Control protocol (MAC) [TGPP36321] provides mapping 643 between logical channels and transport channels, multiplexing of MAC 644 SDUs, scheduling information reporting, error correction with HARQ, 645 priority handling and transport format selection. 647 Physical layer [TGPP36201] provides data transport services to higher 648 layers. These include error detection and indication to higher 649 layers, FEC encoding, HARQ soft-combining. Rate matching and mapping 650 of the transport channels onto physical channels, power weighting and 651 modulation of physical channels, frequency and time synchronization 652 and radio characteristics measurements. 654 User plane protocol stack 656 User plane is responsible for transferring the user data through the 657 Access Stratum. It interfaces with IP and the highest layer of user 658 plane is PDCP, which in user plane performs header compression using 659 Robust Header Compression (RoHC), transfer of user plane data between 660 eNodeB and UE, ciphering and integrity protection. Similar to 661 control plane, lower layers in user plane include RLC, MAC and 662 physical layer performing the same tasks as in control plane. 664 2.3. SIGFOX 666 Text here is largely from 667 [I-D.zuniga-lpwan-sigfox-system-description] which may have been 668 updated since this was published. 670 2.3.1. Provenance and Documents 672 The SIGFOX LPWAN is in line with the terminology and specifications 673 being defined by ETSI [etsi_unb]. As of today, SIGFOX's network has 674 been fully deployed in 12 countries, with ongoing deployments on 26 675 other countries, giving in total a geography of 2 million square 676 kilometers, containing 512 million people. 678 2.3.2. Characteristics 680 SIGFOX LPWAN autonomous battery-operated devices send only a few 681 bytes per day, week or month, in principle allowing them to remain on 682 a single battery for up to 10-15 years. Hence, the system is 683 designed as to allow devices to last several years, sometimes even 684 buried underground. 686 Since the radio protocol is connection-less and optimized for uplink 687 communications, the capacity of a SIGFOX base station depends on the 688 number of messages generated by devices, and not on the actual number 689 of devices. Likewise, the battery life of devices depends on the 690 number of messages generated by the device. Depending on the use 691 case, devices can vary from sending less than one message per device 692 per day, to dozens of messages per device per day. 694 The coverage of the cell depends on the link budget and on the type 695 of deployment (urban, rural, etc.). The radio interface is compliant 696 with the following regulations: 698 Spectrum allocation in the USA [fcc_ref] 700 Spectrum allocation in Europe [etsi_ref] 702 Spectrum allocation in Japan [arib_ref] 704 The SIGFOX radio interface is also compliant with the local 705 regulations of the following countries: Australia, Brazil, Canada, 706 Kenya, Lebanon, Mauritius, Mexico, New Zealand, Oman, Peru, 707 Singapore, South Africa, South Korea, and Thailand. 709 The radio interface is based on Ultra Narrow Band (UNB) 710 communications, which allow an increased transmission range by 711 spending a limited amount of energy at the device. Moreover, UNB 712 allows a large number of devices to coexist in a given cell without 713 significantly increasing the spectrum interference. 715 Both uplink and downlink are supported, although the system is 716 optimized for uplink communications. Due to spectrum optimizations, 717 different uplink and downlink frames and time synchronization methods 718 are needed. 720 The main radio characteristics of the UNB uplink transmission are: 722 o Channelization mask: 100 Hz / 600 Hz (depending on the region) 724 o Uplink baud rate: 100 baud / 600 baud (depending on the region) 726 o Modulation scheme: DBPSK 728 o Uplink transmission power: compliant with local regulation 730 o Link budget: 155 dB (or better) 732 o Central frequency accuracy: not relevant, provided there is no 733 significant frequency drift within an uplink packet transmission 735 For example, in Europe the UNB uplink frequency band is limited to 736 868.00 to 868.60 MHz, with a maximum output power of 25 mW and a duty 737 cycle of 1%. 739 The format of the uplink frame is the following: 741 +--------+--------+--------+------------------+-------------+-----+ 742 |Preamble| Frame | Dev ID | Payload |Msg Auth Code| FCS | 743 | | Sync | | | | | 744 +--------+--------+--------+------------------+-------------+-----+ 746 Figure 5: Uplink Frame Format 748 The uplink frame is composed of the following fields: 750 o Preamble: 19 bits 752 o Frame sync and header: 29 bits 754 o Device ID: 32 bits 756 o Payload: 0-96 bits 758 o Authentication: 16-40 bits 760 o Frame check sequence: 16 bits (CRC) 762 The main radio characteristics of the UNB downlink transmission are: 764 o Channelization mask: 1.5 kHz 766 o Downlink baud rate: 600 baud 768 o Modulation scheme: GFSK 770 o Downlink transmission power: 500 mW / 4W (depending on the region) 772 o Link budget: 153 dB (or better) 774 o Central frequency accuracy: Centre frequency of downlink 775 transmission are set by the network according to the corresponding 776 uplink transmission 778 For example, in Europe the UNB downlink frequency band is limited to 779 869.40 to 869.65 MHz, with a maximum output power of 500 mW with 10% 780 duty cycle. 782 The format of the downlink frame is the following: 784 +------------+-----+---------+------------------+-------------+-----+ 785 | Preamble |Frame| ECC | Payload |Msg Auth Code| FCS | 786 | |Sync | | | | | 787 +------------+-----+---------+------------------+-------------+-----+ 789 Figure 6: Downlink Frame Format 791 The downlink frame is composed of the following fields: 793 o Preamble: 91 bits 795 o Frame sync and header: 13 bits 797 o Error Correcting Code (ECC): 32 bits 799 o Payload: 0-64 bits 801 o Authentication: 16 bits 803 o Frame check sequence: 8 bits (CRC) 805 The radio interface is optimized for uplink transmissions, which are 806 asynchronous. Downlink communications are achieved by devices 807 querying the network for available data. 809 A device willing to receive downlink messages opens a fixed window 810 for reception after sending an uplink transmission. The delay and 811 duration of this window have fixed values. The network transmits the 812 downlink message for a given device during the reception window, and 813 the network also selects the base station (BS) for transmitting the 814 corresponding downlink message. 816 Uplink and downlink transmissions are unbalanced due to the 817 regulatory constraints on ISM bands. Under the strictest 818 regulations, the system can allow a maximum of 140 uplink messages 819 and 4 downlink messages per device per day. These restrictions can 820 be slightly relaxed depending on system conditions and the specific 821 regulatory domain of operation. 823 +---+ 824 |DEV| * +------+ 825 +---+ * | RA | 826 * +------+ 827 +---+ * | 828 |DEV| * * * * | 829 +---+ * +----+ | 830 * | BS | \ +--------+ 831 +---+ * +----+ \ | | 832 DA -----|DEV| * * * | SC |----- NA 833 +---+ * / | | 834 * +----+ / +--------+ 835 +---+ * | BS |/ 836 |DEV| * * * * +----+ 837 +---+ * 838 * 839 +---+ * 840 |DEV| * * 841 +---+ 843 Figure 7: SIGFOX network architecture 845 Figure 7 depicts the different elements of the SIGFOX network 846 architecture. 848 SIGFOX has a "one-contract one-network" model allowing devices to 849 connect in any country, without any need or notion of either roaming 850 or handover. 852 The architecture consists of a single cloud-based core network, which 853 allows global connectivity with minimal impact on the end device and 854 radio access network. The core network elements are the Service 855 Center (SC) and the Registration Authority (RA). The SC is in charge 856 of the data connectivity between the Base Station (BS) and the 857 Internet, as well as the control and management of the BSs and End 858 Points. The RA is in charge of the End Point network access 859 authorization. 861 The radio access network is comprised of several BSs connected 862 directly to the SC. Each BS performs complex L1/L2 functions, 863 leaving some L2 and L3 functionalities to the SC. 865 The Devices (DEVs) or End Points (EPs) are the objects that 866 communicate application data between local device applications (DAs) 867 and network applications (NAs). 869 Devices (or EPs) can be static or nomadic, as they associate with the 870 SC and they do not attach to any specific BS. Hence, they can 871 communicate with the SC through one or multiple BSs. 873 Due to constraints in the complexity of the Device, it is assumed 874 that Devices host only one or very few device applications, which 875 most of the time communicate each to a single network application at 876 a time. 878 The radio protocol provides mechanisms to authenticate and ensure 879 integrity of the message. This is achieved by using a unique device 880 ID and a message authentication code, which allow ensuring that the 881 message has been generated and sent by the device with the ID claimed 882 in the message. At the time of writing the algorithms and keying 883 details for this are not published. 885 Security keys are independent for each device. These keys are 886 associated with the device ID and they are pre-provisioned. 887 Application data can be encrypted at the application level or not, 888 depending on the criticality of the use case, allowing hence to 889 balance cost and effort vs. risk. The sigfox network itself provides 890 no support for application layer confidentiality mechanisms. 892 2.4. Wi-SUN Alliance Field Area Network (FAN) 894 Text here is via personal communication from Bob Heile 895 (bheile@ieee.org) and was authored by Bob and Sum Chin Sean. Duffy 896 (paduffy@cisco.com) also provided additional comments/input on this 897 section. 899 2.4.1. Provenance and Documents 901 The Wi-SUN Alliance is an industry alliance 902 for smart city, smart grid, smart utility, and a broad set of general 903 IoT applications. The Wi-SUN Alliance Field Area Network (FAN) 904 profile is open standards based (primarily on IETF and IEEE802 905 standards) and was developed to address applications like smart 906 municipality/city infrastructure monitoring and management, electric 907 vehicle (EV) infrastructure, advanced metering infrastructure (AMI), 908 distribution automation (DA), supervisory control and data 909 acquisition (SCADA) protection/management, distributed generation 910 monitoring and management, and many more IoT applications. 911 Additionally, the Alliance has created a certification program to 912 promote global multi-vendor interoperability. 914 The FAN profile is currently being specified within ANSI/TIA as an 915 extension of work previously done on Smart Utility Networks. 916 [ANSI-4957-000]. Updates to those specifications intended to be 917 published in 2017 will contain details of the FAN profile. A current 918 snapshot of the work to produce that profile is presented in 919 [wisun-pressie1] [wisun-pressie2] . 921 2.4.2. Characteristics 923 The FAN profile is an IPv6 frequency hopping wireless mesh network 924 with support for enterprise level security. The frequency hopping 925 wireless mesh topology aims to offer superior network robustness, 926 reliability due to high redundancy, good scalability due to the 927 flexible mesh configuration and good resilience to interference. 928 Very low power modes are in development permitting long term battery 929 operation of network nodes. 931 The core architecture of Wi-SUN FAN is a mesh network. A FAN 932 contains one or more networks. Within a network, nodes assume one of 933 three operational roles. First, each network contains a Border 934 Router providing Wide Area Network (WAN) connectivity to the network. 935 The Border Router maintains source routing tables for all nodes 936 within its network, provides node authentication and key management 937 services, and disseminates network-wide information such as broadcast 938 schedules. Secondly, Router nodes, which provide upward and downward 939 packet forwarding (within a network). A Router also provides 940 services for relaying security and address management protocols. 941 Lastly, Leaf nodes provide minimum capabilities: discovering and 942 joining a network, send/receive IPv6 packets, etc. A low power 943 network may contain a mesh topology with Routers at the edges that 944 construct a star topology with Leaf nodes. 946 The FAN profile is based on various open standards developed by the 947 IETF (including [RFC0768], [RFC2460], [RFC4443] and [RFC6282]), 948 IEEE802 (including [IEEE-802-15-4] and [IEEE-802-15-9]) and ANSI/TIA 949 [ANSI-4957-210] for low power and lossy networks. 951 The FAN profile specification provides an application-independent 952 IPv6-based transport service for both connectionless (i.e. UDP) and 953 connection-oriented (i.e. TCP) services. There are two possible 954 methods for establishing the IPv6 packet routing: mandatory Routing 955 Protocol for Low-Power and Lossy Networks (RPL) at the Network layer 956 or optional Multi-Hop Delivery Service (MHDS) at the Data Link layer. 957 Table 5 provides an overview of the FAN network stack. 959 The Transport service is based on User Datagram Protocol (UDP) 960 defined in RFC768 or Transmission Control Protocol (TCP) defined in 961 RFC793. 963 The Network service is provided by IPv6 defined in RFC2460 with 964 6LoWPAN adaptation as defined in RC4944 and RFC6282. Additionally, 965 ICMPv6, as defined in RFC4443, is used for control plane in 966 information exchange. 968 The Data Link service provides both control/management of the 969 Physical layer and data transfer/management services to the Network 970 layer. These services are divided into Media Access Control (MAC) 971 and Logical Link Control (LLC) sub-layers. The LLC sub-layer 972 provides a protocol dispatch service which supports 6LoWPAN and an 973 optional MAC sub-layer mesh service. The MAC sub-layer is 974 constructed using data structures defined in IEEE802.15.4-2015. 975 Multiple modes of frequency hopping are defined. The entire MAC 976 payload is encapsulated in an IEEE802.15.9 Information Element to 977 enable LLC protocol dispatch between upper layer 6LoWPAN processing, 978 MAC sublayer mesh processing, etc. These areas will be expanded once 979 IEEE802.15.12 is completed 981 The PHY service is derived from a sub-set of the SUN FSK 982 specification in IEEE802.15.4-2015. The 2-FSK modulation schemes, 983 with channel spacing range from 200 to 600 kHz, are defined to 984 provide data rates from 50 to 300 kbps, with Forward Error Coding 985 (FEC) as an optional feature. Towards enabling ultra-low-power 986 applications, the PHY layer design is also extendable to low energy 987 and critical infrastructure monitoring networks. 989 +----------------------+--------------------------------------------+ 990 | Layer | Description | 991 +----------------------+--------------------------------------------+ 992 | IPv6 protocol suite | TCP/UDP | 993 | | | 994 | | 6LoWPAN Adaptation + Header Compression | 995 | | | 996 | | DHCPv6 for IP address management. | 997 | | | 998 | | Routing using RPL. | 999 | | | 1000 | | ICMPv6. | 1001 | | | 1002 | | Unicast and Multicast forwarding. | 1003 | | | 1004 | MAC based on IEEE | Frequency hopping | 1005 | 802.15.4e + IE | | 1006 | extensions | | 1007 | | | 1008 | | Discovery and Join | 1009 | | | 1010 | | Protocol Dispatch (IEEE 802.15.9) | 1011 | | | 1012 | | Several Frame Exchange patterns | 1013 | | | 1014 | | Optional Mesh Under routing (ANSI | 1015 | | 4957.210). | 1016 | | | 1017 | PHY based on | Various data rates and regions | 1018 | 802.15.4g | | 1019 | | | 1020 | Security | 802.1X/EAP-TLS/PKI Authentication. | 1021 | | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | 1022 | | required for EAP-TLS. | 1023 | | | 1024 | | 802.11i Group Key Management | 1025 | | | 1026 | | Frame security is implemented as AES-CCM* | 1027 | | as specified in IEEE 802.15.4 | 1028 | | | 1029 | | Optional ETSI-TS-102-887-2 Node 2 Node Key | 1030 | | Management | 1031 +----------------------+--------------------------------------------+ 1033 Table 5: Wi-SUN Stack Overview 1035 The FAN security supports Data Link layer network access control, 1036 mutual authentication, and establishment of a secure pairwise link 1037 between a FAN node and its Border Router, which is implemented with 1038 an adaptation of IEEE802.1X and EAP-TLS as described in [RFC5216] 1039 using secure device identity as described in IEEE802.1AR. 1040 Certificate formats are based upon [RFC5280]. A secure group link 1041 between a Border Router and a set of FAN nodes is established using 1042 an adaptation of the IEEE802.11 Four-Way Handshake. A set of 4 group 1043 keys are maintained within the network, one of which is the current 1044 transmit key. Secure node to node links are supported between one- 1045 hop FAN neighbors using an adaptation of ETSI-TS-102-887-2. FAN 1046 nodes implement Frame Security as specified in IEEE802.15.4-2015. 1048 3. Generic Terminology 1050 LPWAN technologies, such as those discussed above, have similar 1051 architectures but different terminology. We can identify different 1052 types of entities in a typical LPWAN network: 1054 o End-Devices are the devices or the "things" (e.g. sensors, 1055 actuators, etc.), they are named differently in each technology 1056 (End Device, User Equipment or End Point). There can be a high 1057 density of end devices per radio gateway. 1059 o The Radio Gateway, which is the end point of the constrained link. 1060 It is known as: Gateway, Evolved Node B or Base station. 1062 o The Network Gateway or Router is the interconnection node between 1063 the Radio Gateway and the Internet. It is known as: Network 1064 Server, Serving GW or Service Center. 1066 o LPWAN-AAA Server, which controls the user authentication, the 1067 applications. It is known as: Join-Server, Home Subscriber Server 1068 or Registration Authority. (We use the term LPWAN-AAA server 1069 because we're not assuming that this entity speaks RADIUS or 1070 Diameter as many/most AAA servers do, but equally we don't want to 1071 rule that out, as the functionality will be similar. 1073 o At last we have the Application Server, known also as Packet Data 1074 Node Gateway or Network Application. 1076 +---------------------------------------------------------------------+ 1077 | Function/ | | | | | 1078 | Technology | LORAWAN | NB-IOT | SIGFOX | IETF | 1079 +--------------+-----------+------------+-------------+---------------+ 1080 | Sensor, | | | | | 1081 | Actuator, | End | User | End | Device | 1082 |device, object| Device | Equipment | Point | (Dev) | 1083 +--------------+-----------+------------+-------------+---------------+ 1084 | Transceiver | | Evolved | Base | RADIO | 1085 | Antenna | Gateway | Node B | Station | GATEWAY | 1086 +--------------+-----------+------------+-------------+---------------+ 1087 | Server | Network | PDN GW/ | Service |Network Gateway| 1088 | | Server | SCEF | Center | (NGW) | 1089 +--------------+-----------+------------+-------------+---------------+ 1090 | Security | Join | Home |Registration | LPWAN- | 1091 | Server | Server | Subscriber | Authority | AAA | 1092 | | | Server | | SERVER | 1093 +--------------+-----------+------------+-------------+---------------+ 1094 | Application |Application| Application| Network | APPLICATION | 1095 | | Server | Server | Application | (App) | 1096 +---------------------------------------------------------------------+ 1098 Figure 8: LPWAN Architecture Terminology 1100 +------+ 1101 () () () | |LPWAN-| 1102 () () () () / \ +---------+ | AAA | 1103 () () () () () () / \========| /\ |====|Server| +-----------+ 1104 () () () | | <--|--> | +------+ |APPLICATION| 1105 () () () () / \============| v |==============| (App) | 1106 () () () / \ +---------+ +-----------+ 1107 Dev Radio Gateways NGW 1109 Figure 9: LPWAN Architecture 1111 In addition to the names of entities, LPWANs are also subject to 1112 possibly regional frequency band regulations. Those may include 1113 restrictions on the duty-cycle, for example requiring that hosts only 1114 transmit for a certain percentage of each hour. 1116 4. Gap Analysis 1118 4.1. Naive application of IPv6 1120 IPv6 [RFC2460] has been designed to allocate addresses to all the 1121 nodes connected to the Internet. Nevertheless, the header overhead 1122 of at least 40 bytes introduced by the protocol is incompatible with 1123 LPWAN constraints. If IPv6 with no further optimization were used, 1124 several LPWAN frames could be needed just to carry the IP header. 1125 Another problem arises from IPv6 MTU requirements, which require the 1126 layer below to support at least 1280 byte packets [RFC2460]. 1128 IPv6 has a configuration protocol - neighbor discovery protocol, 1129 (NDP) [RFC4861]). For a node to learn network parameters NDP 1130 generates regular traffic with a relatively large message size that 1131 does not fit LPWAN constraints. 1133 In some LPWAN technologies, layer two multicast is not supported. In 1134 that case, if the network topology is a star, the solution and 1135 considerations of section 3.2.5 of [RFC7668] may be applied. 1137 Other key protocols such as DHCPv6 [RFC3315], IPsec [RFC4301] and TLS 1138 [RFC5246] have similarly problematic properties in this context. 1139 Each of those require relatively frequent round-trips between the 1140 host and some other host on the network. In the case of 1141 cryptographic protocols such as IPsec and TLS, in addition to the 1142 round-trips required for secure session establishment, cryptographic 1143 operations can require padding and addition of authenticators that 1144 are problematic when considering LPWAN lower layers. Note that mains 1145 powered Wi-SUN mesh router nodes will typically be more resource 1146 capable than the other LPWAN techs discussed. This can enable use of 1147 more "chatty" protocols for some aspects of Wi-SUN. 1149 4.2. 6LoWPAN 1151 Several technologies that exhibit significant constraints in various 1152 dimensions have exploited the 6LoWPAN suite of specifications 1153 [RFC4944], [RFC6282], [RFC6775] to support IPv6 [I-D.hong-6lo-use- 1154 cases]. However, the constraints of LPWANs, often more extreme than 1155 those typical of technologies that have (re)used 6LoWPAN, constitute 1156 a challenge for the 6LoWPAN suite in order to enable IPv6 over LPWAN. 1157 LPWANs are characterized by device constraints (in terms of 1158 processing capacity, memory, and energy availability), and specially, 1159 link constraints, such as: 1161 o very low layer two payload size (from ~10 to ~100 bytes), 1163 o very low bit rate (from ~10 bit/s to ~100 kbit/s), and 1165 o in some specific technologies, further message rate constraints 1166 (e.g. between ~0.1 message/minute and ~1 message/minute) due to 1167 regional regulations that limit the duty cycle. 1169 4.2.1. Header Compression 1171 6LoWPAN header compression reduces IPv6 (and UDP) header overhead by 1172 eliding header fields when they can be derived from the link layer, 1173 and by assuming that some of the header fields will frequently carry 1174 expected values. 6LoWPAN provides both stateless and stateful header 1175 compression. In the latter, all nodes of a 6LoWPAN are assumed to 1176 share compression context. In the best case, the IPv6 header for 1177 link-local communication can be reduced to only 2 bytes. For global 1178 communication, the IPv6 header may be compressed down to 3 bytes in 1179 the most extreme case. However, in more practical situations, the 1180 smallest IPv6 header size may be 11 bytes (one address prefix 1181 compressed) or 19 bytes (both source and destination prefixes 1182 compressed). These headers are large considering the link layer 1183 payload size of LPWAN technologies, and in some cases are even bigger 1184 than the LPWAN PDUs. 6LoWPAN has been initially designed for IEEE 1185 802.15.4 networks with a frame size up to 127 bytes and a throughput 1186 of up to 250 kb/s, which may or may not be duty-cycled. 1188 4.2.2. Address Autoconfiguration 1190 Traditionally, Interface Identifiers (IIDs) have been derived from 1191 link layer identifiers [RFC4944] . This allows optimizations such as 1192 header compression. Nevertheless, recent guidance has given advice 1193 on the fact that, due to privacy concerns, 6LoWPAN devices should not 1194 be configured to embed their link layer addresses in the IID by 1195 default. 1197 4.2.3. Fragmentation 1199 As stated above, IPv6 requires the layer below to support an MTU of 1200 1280 bytes [RFC2460]. Therefore, given the low maximum payload size 1201 of LPWAN technologies, fragmentation is needed. 1203 If a layer of an LPWAN technology supports fragmentation, proper 1204 analysis has to be carried out to decide whether the fragmentation 1205 functionality provided by the lower layer or fragmentation at the 1206 adaptation layer should be used. Otherwise, fragmentation 1207 functionality shall be used at the adaptation layer. 1209 6LoWPAN defined a fragmentation mechanism and a fragmentation header 1210 to support the transmission of IPv6 packets over IEEE 802.15.4 1211 networks [RFC4944]. While the 6LoWPAN fragmentation header is 1212 appropriate for IEEE 802.15.4-2003 (which has a frame payload size of 1213 81-102 bytes), it is not suitable for several LPWAN technologies, 1214 many of which have a maximum payload size that is one order of 1215 magnitude below that of IEEE 802.15.4-2003. The overhead of the 1216 6LoWPAN fragmentation header is high, considering the reduced payload 1217 size of LPWAN technologies and the limited energy availability of the 1218 devices using such technologies. Furthermore, its datagram offset 1219 field is expressed in increments of eight octets. In some LPWAN 1220 technologies, the 6LoWPAN fragmentation header plus eight octets from 1221 the original datagram exceeds the available space in the layer two 1222 payload. In addition, the MTU in the LPWAN networks could be 1223 variable which implies a variable fragmentation solution. 1225 4.2.4. Neighbor Discovery 1227 6LoWPAN Neighbor Discovery [RFC6775] defined optimizations to IPv6 1228 Neighbor Discovery [RFC4861], in order to adapt functionality of the 1229 latter for networks of devices using IEEE 802.15.4 or similar 1230 technologies. The optimizations comprise host-initiated interactions 1231 to allow for sleeping hosts, replacement of multicast-based address 1232 resolution for hosts by an address registration mechanism, multihop 1233 extensions for prefix distribution and duplicate address detection 1234 (note that these are not needed in a star topology network), and 1235 support for 6LoWPAN header compression. 1237 6LoWPAN Neighbor Discovery may be used in not so severely constrained 1238 LPWAN networks. The relative overhead incurred will depend on the 1239 LPWAN technology used (and on its configuration, if appropriate). In 1240 certain LPWAN setups (with a maximum payload size above ~60 bytes, 1241 and duty-cycle-free or equivalent operation), an RS/RA/NS/NA exchange 1242 may be completed in a few seconds, without incurring packet 1243 fragmentation. 1245 In other LPWANs (with a maximum payload size of ~10 bytes, and a 1246 message rate of ~0.1 message/minute), the same exchange may take 1247 hours or even days, leading to severe fragmentation and consuming a 1248 significant amount of the available network resources. 6LoWPAN 1249 Neighbor Discovery behavior may be tuned through the use of 1250 appropriate values for the default Router Lifetime, the Valid 1251 Lifetime in the PIOs, and the Valid Lifetime in the 6CO, as well as 1252 the address Registration Lifetime. However, for the latter LPWANs 1253 mentioned above, 6LoWPAN Neighbor Discovery is not suitable. 1255 4.3. 6lo 1257 The 6lo WG has been reusing and adapting 6LoWPAN to enable IPv6 1258 support over link layer technologies such as Bluetooth Low Energy 1259 (BTLE), ITU-T G.9959, DECT-ULE, MS/TP-RS485, NFC IEEE 802.11ah. (See 1260 for details.) These technologies are 1261 similar in several aspects to IEEE 802.15.4, which was the original 1262 6LoWPAN target technology. 1264 6lo has mostly used the subset of 6LoWPAN techniques best suited for 1265 each lower layer technology, and has provided additional 1266 optimizations for technologies where the star topology is used, such 1267 as BTLE or DECT-ULE. 1269 The main constraint in these networks comes from the nature of the 1270 devices (constrained devices), whereas in LPWANs it is the network 1271 itself that imposes the most stringent constraints. 1273 4.4. 6tisch 1275 The 6tisch solution is dedicated to mesh networks that operate using 1276 802.15.4e MAC with a deterministic slotted channel. The time slot 1277 channel (TSCH) can help to reduce collisions and to enable a better 1278 balance over the channels. It improves the battery life by avoiding 1279 the idle listening time for the return channel. 1281 A key element of 6tisch is the use of synchronization to enable 1282 determinism. TSCH and 6TiSCH may provide a standard scheduling 1283 function. The LPWAN networks probably will not support 1284 synchronization like the one used in 6tisch. 1286 4.5. RoHC 1288 Robust header compression (RoHC) is a header compression mechanism 1289 [RFC3095] developed for multimedia flows in a point to point channel. 1290 RoHC uses 3 levels of compression, each level having its own header 1291 format. In the first level, RoHC sends 52 bytes of header, in the 1292 second level the header could be from 34 to 15 bytes and in the third 1293 level header size could be from 7 to 2 bytes. The level of 1294 compression is managed by a sequence number, which varies in size 1295 from 2 bytes to 4 bits in the minimal compression. SN compression is 1296 done with an algorithm called W-LSB (Window- Least Significant Bits). 1297 This window has a 4-bit size representing 15 packets, so every 15 1298 packets RoHC needs to slide the window in order to receive the 1299 correct sequence number, and sliding the window implies a reduction 1300 of the level of compression. When packets are lost or errored, the 1301 decompressor loses context and drops packets until a bigger header is 1302 sent with more complete information. To estimate the performance of 1303 RoHC, an average header size is used. This average depends on the 1304 transmission conditions, but most of the time is between 3 and 4 1305 bytes. 1307 RoHC has not been adapted specifically to the constrained hosts and 1308 networks of LPWANs: it does not take into account energy limitations 1309 nor the transmission rate, and RoHC context is synchronised during 1310 transmission, which does not allow better compression. 1312 4.6. ROLL 1314 Most technologies considered by the lpwan WG are based on a star 1315 topology, which eliminates the need for routing at that layer. 1316 Future work may address additional use-cases that may require 1317 adaptation of existing routing protocols or the definition of new 1318 ones. As of the time of writing, work similar to that done in the 1319 ROLL WG and other routing protocols are out of scope of the LPWAN WG. 1321 4.7. CoAP 1323 CoAP [RFC7252] provides a RESTful framework for applications intended 1324 to run on constrained IP networks. It may be necessary to adapt CoAP 1325 or related protocols to take into account for the extreme duty cycles 1326 and the potentially extremely limited throughput of LPWANs. 1328 For example, some of the timers in CoAP may need to be redefined. 1329 Taking into account CoAP acknowledgments may allow the reduction of 1330 L2 acknowledgments. On the other hand, the current work in progress 1331 in the CoRE WG where the COMI/CoOL network management interface 1332 which, uses Structured Identifiers (SID) to reduce payload size over 1333 CoAP may prove to be a good solution for the LPWAN technologies. The 1334 overhead is reduced by adding a dictionary which matches a URI to a 1335 small identifier and a compact mapping of the YANG model into the 1336 CBOR binary representation. 1338 4.8. Mobility 1340 LPWANs nodes can be mobile. However, LPWAN mobility is different 1341 from the one specified for Mobile IP. LPWAN implies sporadic traffic 1342 and will rarely be used for high-frequency, real-time communications. 1343 The applications do not generate a flow, they need to save energy and 1344 most of the time the node will be down. 1346 In addition, LPWAN mobility may mostly apply to groups of devices, 1347 that represent a network in which case mobility is more a concern for 1348 the gateway than the devices. NEMO [RFC3963] Mobility solutions may 1349 be used in the case where some end-devices belonging to the same 1350 network gateway move from one point to another such that they are not 1351 aware of being mobile. 1353 4.9. DNS and LPWAN 1355 The Domain Name System (DNS) DNS [RFC1035], enables applications to 1356 name things with a globally resolvable name. Many protocols use the 1357 DNS to identify hosts, for example applications using CoAP. 1359 The DNS query/answer protocol as a pre-cursor to other communication 1360 within the time-to-live (TTL) of a DNS answer is clearly problematic 1361 in an LPWAN, say where only one round-trip per hour can be used, and 1362 with a TTL that is less than 3600. It is currently unclear whether 1363 and how DNS-like functionality might be provided in LPWANs. 1365 5. Security Considerations 1367 Most LPWAN technologies integrate some authentication or encryption 1368 mechanisms that were defined outside the IETF. The working group may 1369 need to do work to integrate these mechanisms to unify management. A 1370 standardized Authentication, Accounting, and Authorization (AAA) 1371 infrastructure [RFC2904] may offer a scalable solution for some of 1372 the security and management issues for LPWANs. AAA offers 1373 centralized management that may be of use in LPWANs, for example 1374 [I-D.garcia-dime-diameter-lorawan] and 1375 [I-D.garcia-radext-radius-lorawan] suggest possible security 1376 processes for a LoRaWAN network. Similar mechanisms may be useful to 1377 explore for other LPWAN technologies. 1379 Some applications using LPWANs may raise few or no privacy 1380 considerations. For example, temperature sensors in a large office 1381 building may not raise privacy issues. However, the same sensors, if 1382 deployed in a home environment and especially if triggered due to 1383 human presence, can raise significant privacy issues - if an end- 1384 device emits (an encrypted) packet every time someone enters a room 1385 in a home, then that traffic is privacy sensitive. And the more that 1386 the existence of that traffic is visible to network entities, the 1387 more privacy sensitivities arise. At this point, it is not clear 1388 whether there are workable mitigations for problems like this - in a 1389 more typical network, one would consider defining padding mechanisms 1390 and allowing for cover traffic. In some LPWANs, those mechanisms may 1391 not be feasible. Nonetheless, the privacy challenges do exist and 1392 can be real and so some solutions will be needed. Note that many 1393 aspects of solutions in this space may not be visible in IETF 1394 specifications, but can be e.g. implementation or deployment 1395 specific. 1397 Another challenge for LPWANs will be how to handle key management and 1398 associated protocols. In a more traditional network (e.g. the web), 1399 servers can "staple" OCSP responses in order to allow browsers to 1400 check revocation status for presented certificates. [RFC6961] While 1401 the stapling approach is likely something that would help in an 1402 LPWAN, as it avoids an RTT, certificates and OCSP responses are bulky 1403 items and will prove challenging to handle in LPWANs with bounded 1404 bandwidth. 1406 6. IANA Considerations 1408 There are no IANA considerations related to this memo. 1410 7. Contributors 1412 As stated above this document is mainly a collection of content 1413 developed by the full set of contributors listed below. The main 1414 input documents and their authors were: 1416 o Text for Section 2.1 was provided by Alper Yegin and Stephen 1417 Farrell in [I-D.farrell-lpwan-lora-overview]. 1419 o Text for Section 2.2 was provided by Antti Ratilainen in 1420 [I-D.ratilainen-lpwan-nb-iot]. 1422 o Text for Section 2.3 was provided by Juan Carlos Zuniga and Benoit 1423 Ponsard in [I-D.zuniga-lpwan-sigfox-system-description]. 1425 o Text for Section 2.4 was provided via personal communication from 1426 Bob Heile (bheile@ieee.org) and was authored by Bob and Sum Chin 1427 Sean. There is no Internet draft for that at present. 1429 o Text for Section 4 was provided by Ana Minabiru, Carles Gomez, 1430 Laurent Toutain, Josep Paradells and Jon Crowcroft in 1431 [I-D.minaburo-lpwan-gap-analysis]. Additional text from that 1432 draft is also used elsewhere above. 1434 The full list of contributors are: 1436 Jon Crowcroft 1437 University of Cambridge 1438 JJ Thomson Avenue 1439 Cambridge, CB3 0FD 1440 United Kingdom 1442 Email: jon.crowcroft@cl.cam.ac.uk 1444 Carles Gomez 1445 UPC/i2CAT 1446 C/Esteve Terradas, 7 1447 Castelldefels 08860 1448 Spain 1450 Email: carlesgo@entel.upc.edu 1451 Bob Heile 1452 Wi-Sun Alliance 1453 11 Robert Toner Blvd, Suite 5-301 1454 North Attleboro, MA 02763 1455 USA 1457 Phone: +1-781-929-4832 1458 Email: bheile@ieee.org 1460 Ana Minaburo 1461 Acklio 1462 2bis rue de la Chataigneraie 1463 35510 Cesson-Sevigne Cedex 1464 France 1466 Email: ana@ackl.io 1468 Josep PAradells 1469 UPC/i2CAT 1470 C/Jordi Girona, 1-3 1471 Barcelona 08034 1472 Spain 1474 Email: josep.paradells@entel.upc.edu 1476 Benoit Ponsard 1477 SIGFOX 1478 425 rue Jean Rostand 1479 Labege 31670 1480 France 1482 Email: Benoit.Ponsard@sigfox.com 1483 URI: http://www.sigfox.com/ 1485 Antti Ratilainen 1486 Ericsson 1487 Hirsalantie 11 1488 Jorvas 02420 1489 Finland 1491 Email: antti.ratilainen@ericsson.com 1493 Chin-Sean SUM 1494 Wi-Sun Alliance 1495 20, Science Park Rd 1496 Singapore 117674 1498 Phone: +65 6771 1011 1499 Email: sum@wi-sun.org 1501 Laurent Toutain 1502 Institut MINES TELECOM ; TELECOM Bretagne 1503 2 rue de la Chataigneraie 1504 CS 17607 1505 35576 Cesson-Sevigne Cedex 1506 France 1508 Email: Laurent.Toutain@telecom-bretagne.eu 1510 Alper Yegin 1511 Actility 1512 Paris, Paris 1513 FR 1515 Email: alper.yegin@actility.com 1517 Juan Carlos Zuniga 1518 SIGFOX 1519 425 rue Jean Rostand 1520 Labege 31670 1521 France 1523 Email: JuanCarlos.Zuniga@sigfox.com 1524 URI: http://www.sigfox.com/ 1526 8. Acknowledgments 1528 Thanks to all those listed in Section 7 for the excellent text. 1529 Errors in the handling of that are solely the editor's fault. 1531 In addition to the contributors above, thanks are due to Arun 1532 (arun@acklio.com), Dan Garcia Carrillo, Paul Duffy, Russ Housley, 1533 Thad Guidry, Jiazi Yi, for comments. 1535 Alexander Pelov and Pascal Thubert were the LPWAN WG chairs while 1536 this document was developed. 1538 Stephen Farrell's work on this memo was supported by the Science 1539 Foundation Ireland funded CONNECT centre . 1541 9. Informative References 1543 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 1544 DOI 10.17487/RFC0768, August 1980, 1545 . 1547 [RFC1035] Mockapetris, P., "Domain names - implementation and 1548 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 1549 November 1987, . 1551 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1552 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1553 December 1998, . 1555 [RFC2904] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., 1556 Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., and 1557 D. Spence, "AAA Authorization Framework", RFC 2904, 1558 DOI 10.17487/RFC2904, August 2000, 1559 . 1561 [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H., 1562 Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, 1563 K., Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., 1564 Wiebke, T., Yoshimura, T., and H. Zheng, "RObust Header 1565 Compression (ROHC): Framework and four profiles: RTP, UDP, 1566 ESP, and uncompressed", RFC 3095, DOI 10.17487/RFC3095, 1567 July 2001, . 1569 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1570 C., and M. Carney, "Dynamic Host Configuration Protocol 1571 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1572 2003, . 1574 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 1575 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 1576 RFC 3963, DOI 10.17487/RFC3963, January 2005, 1577 . 1579 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1580 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1581 December 2005, . 1583 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1584 Control Message Protocol (ICMPv6) for the Internet 1585 Protocol Version 6 (IPv6) Specification", RFC 4443, 1586 DOI 10.17487/RFC4443, March 2006, 1587 . 1589 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1590 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1591 DOI 10.17487/RFC4861, September 2007, 1592 . 1594 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1595 "Transmission of IPv6 Packets over IEEE 802.15.4 1596 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1597 . 1599 [RFC5216] Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS 1600 Authentication Protocol", RFC 5216, DOI 10.17487/RFC5216, 1601 March 2008, . 1603 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1604 (TLS) Protocol Version 1.2", RFC 5246, 1605 DOI 10.17487/RFC5246, August 2008, 1606 . 1608 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1609 Housley, R., and W. Polk, "Internet X.509 Public Key 1610 Infrastructure Certificate and Certificate Revocation List 1611 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 1612 . 1614 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1615 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1616 DOI 10.17487/RFC6282, September 2011, 1617 . 1619 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1620 Bormann, "Neighbor Discovery Optimization for IPv6 over 1621 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1622 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1623 . 1625 [RFC6961] Pettersen, Y., "The Transport Layer Security (TLS) 1626 Multiple Certificate Status Request Extension", RFC 6961, 1627 DOI 10.17487/RFC6961, June 2013, 1628 . 1630 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 1631 Application Protocol (CoAP)", RFC 7252, 1632 DOI 10.17487/RFC7252, June 2014, 1633 . 1635 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1636 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1637 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1638 . 1640 [I-D.farrell-lpwan-lora-overview] 1641 Farrell, S. and A. Yegin, "LoRaWAN Overview", draft- 1642 farrell-lpwan-lora-overview-01 (work in progress), October 1643 2016. 1645 [I-D.minaburo-lpwan-gap-analysis] 1646 Minaburo, A., Gomez, C., Toutain, L., Paradells, J., and 1647 J. Crowcroft, "LPWAN Survey and GAP Analysis", draft- 1648 minaburo-lpwan-gap-analysis-02 (work in progress), October 1649 2016. 1651 [I-D.zuniga-lpwan-sigfox-system-description] 1652 Zuniga, J. and B. PONSARD, "SIGFOX System Description", 1653 draft-zuniga-lpwan-sigfox-system-description-03 (work in 1654 progress), June 2017. 1656 [I-D.ratilainen-lpwan-nb-iot] 1657 Ratilainen, A., "NB-IoT characteristics", draft- 1658 ratilainen-lpwan-nb-iot-00 (work in progress), July 2016. 1660 [I-D.garcia-dime-diameter-lorawan] 1661 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1662 "LoRaWAN Authentication in Diameter", draft-garcia-dime- 1663 diameter-lorawan-00 (work in progress), May 2016. 1665 [I-D.garcia-radext-radius-lorawan] 1666 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1667 "LoRaWAN Authentication in RADIUS", draft-garcia-radext- 1668 radius-lorawan-03 (work in progress), May 2017. 1670 [TGPP36300] 1671 3GPP, "TS 36.300 v13.4.0 Evolved Universal Terrestrial 1672 Radio Access (E-UTRA) and Evolved Universal Terrestrial 1673 Radio Access Network (E-UTRAN); Overall description; Stage 1674 2", 2016, 1675 . 1677 [TGPP36321] 1678 3GPP, "TS 36.321 v13.2.0 Evolved Universal Terrestrial 1679 Radio Access (E-UTRA); Medium Access Control (MAC) 1680 protocol specification", 2016. 1682 [TGPP36322] 1683 3GPP, "TS 36.322 v13.2.0 Evolved Universal Terrestrial 1684 Radio Access (E-UTRA); Radio Link Control (RLC) protocol 1685 specification", 2016. 1687 [TGPP36323] 1688 3GPP, "TS 36.323 v13.2.0 Evolved Universal Terrestrial 1689 Radio Access (E-UTRA); Packet Data Convergence Protocol 1690 (PDCP) specification (Not yet available)", 2016. 1692 [TGPP36331] 1693 3GPP, "TS 36.331 v13.2.0 Evolved Universal Terrestrial 1694 Radio Access (E-UTRA); Radio Resource Control (RRC); 1695 Protocol specification", 2016. 1697 [TGPP36201] 1698 3GPP, "TS 36.201 v13.2.0 - Evolved Universal Terrestrial 1699 Radio Access (E-UTRA); LTE physical layer; General 1700 description", 2016. 1702 [TGPP23720] 1703 3GPP, "TR 23.720 v13.0.0 - Study on architecture 1704 enhancements for Cellular Internet of Things", 2016. 1706 [TGPP33203] 1707 3GPP, "TS 33.203 v13.1.0 - 3G security; Access security 1708 for IP-based services", 2016. 1710 [fcc_ref] "FCC CFR 47 Part 15.247 Telecommunication Radio Frequency 1711 Devices - Operation within the bands 902-928 MHz, 1712 2400-2483.5 MHz, and 5725-5850 MHz.", June 2016. 1714 [etsi_ref] 1715 "ETSI EN 300-220 (Parts 1 and 2): Electromagnetic 1716 compatibility and Radio spectrum Matters (ERM); Short 1717 Range Devices (SRD); Radio equipment to be used in the 25 1718 MHz to 1 000 MHz frequency range with power levels ranging 1719 up to 500 mW", May 2016. 1721 [arib_ref] 1722 "ARIB STD-T108 (Version 1.0): 920MHz-Band Telemeter, 1723 Telecontrol and data transmission radio equipment.", 1724 February 2012. 1726 [LoRaSpec] 1727 LoRa Alliance, "LoRaWAN Specification Version V1.0.2", 1728 July 2016, . 1732 [LoRaSpec1.0] 1733 LoRa Alliance, "LoRaWAN Specification Version V1.0", Jan 1734 2015, . 1737 [ANSI-4957-000] 1738 ANSI, TIA-4957.000, "Architecture Overview for the Smart 1739 Utility Network", May 2013, . 1742 [ANSI-4957-210] 1743 ANSI, TIA-4957.210, "Multi-Hop Delivery Specification of a 1744 Data Link Sub-Layer", May 2013, . 1747 [wisun-pressie1] 1748 Phil Beecher, Chair, Wi-SUN Alliance, "Wi-SUN Alliance 1749 Overview", March 2017, . 1753 [wisun-pressie2] 1754 Bob Heile, Director of Standards, Wi-SUN Alliance, "IETF97 1755 Wi-SUN Alliance Field Area Network (FAN) Overview", 1756 November 2016, 1757 . 1760 [IEEE-802-15-4] 1761 "IEEE Standard for Low-Rate Wireless Personal Area 1762 Networks (WPANs)", IEEE Standard 802.15.4, 2015, 1763 . 1766 [IEEE-802-15-9] 1767 "IEEE Recommended Practice for Transport of Key Management 1768 Protocol (KMP) Datagrams", IEEE Standard 802.15.9, 2016, 1769 . 1772 [etsi_unb] 1773 "ETSI TR 103 435 System Reference document (SRdoc); Short 1774 Range Devices (SRD); Technical characteristics for Ultra 1775 Narrow Band (UNB) SRDs operating in the UHF spectrum below 1776 1 GHz", February 2017. 1778 Appendix A. Changes 1780 A.1. From -00 to -01 1782 o WG have stated they want this to be an RFC. 1784 o WG clearly want to keep the RF details. 1786 o Various changes made to remove/resolve a number of editorial notes 1787 from -00 (in some cases as per suggestions from Ana Minaburo) 1789 o Merged PR's: #1... 1791 o Rejected PR's: #2 (change was made to .txt not .xml but was 1792 replicated manually by editor) 1794 o Github repo is at: https://github.com/sftcd/lpwan-ov 1796 A.2. From -01 to -02 1798 o WG seem to agree with editor suggestions in slides 13-24 of the 1799 presentation on this topic given at IETF98 (See: 1800 https://www.ietf.org/proceedings/98/slides/slides-98-lpwan- 1801 aggregated-slides-07.pdf) 1803 o Got new text wrt Wi-SUN via email from Paul Duffy and merged that 1804 in 1806 o Reflected list discussion wrt terminology and "end-device" 1808 o Merged PR's: #3... 1810 A.3. From -02 to -03 1812 o Editorial changes and typo fixes thanks to Fred Baker running 1813 something called Grammerly and sending me it's report. 1815 o Merged PR's: #4, #6, #7... 1817 o Editor did an editing pass on the lot. 1819 A.4. From -03 to -04 1821 o Picked up a PR that had been wrongly applied that expands UE 1823 o Editorial changes wrt LoRa suggested by Alper 1825 o Editorial changes wrt SIGFOX provided by Juan-Carlos 1827 A.5. From -03 to -04 1829 o Handled Russ Housley's WGLC review. 1831 o Handled Alper Yegin's WGLC review. 1833 Author's Address 1835 Stephen Farrell (editor) 1836 Trinity College Dublin 1837 Dublin 2 1838 Ireland 1840 Phone: +353-1-896-2354 1841 Email: stephen.farrell@cs.tcd.ie