idnits 2.17.1 draft-ietf-lpwan-overview-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 3, 2017) is 2369 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'FANTPS' is mentioned on line 952, but not defined -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 3315 (Obsoleted by RFC 8415) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6961 (Obsoleted by RFC 8446) == Outdated reference: A later version (-04) exists of draft-zuniga-lpwan-sigfox-system-description-03 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan S. Farrell, Ed. 3 Internet-Draft Trinity College Dublin 4 Intended status: Informational October 3, 2017 5 Expires: April 6, 2018 7 LPWAN Overview 8 draft-ietf-lpwan-overview-07 10 Abstract 12 Low Power Wide Area Networks (LPWAN) are wireless technologies with 13 characteristics such as large coverage areas, low bandwidth, possibly 14 very small packet and application layer data sizes and long battery 15 life operation. This memo is an informational overview of the set of 16 LPWAN technologies being considered in the IETF and of the gaps that 17 exist between the needs of those technologies and the goal of running 18 IP in LPWANs. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on April 6, 2018. 37 Copyright Notice 39 Copyright (c) 2017 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. LPWAN Technologies . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. LoRaWAN . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 2.1.1. Provenance and Documents . . . . . . . . . . . . . . 4 58 2.1.2. Characteristics . . . . . . . . . . . . . . . . . . . 4 59 2.2. Narrowband IoT (NB-IoT) . . . . . . . . . . . . . . . . . 10 60 2.2.1. Provenance and Documents . . . . . . . . . . . . . . 10 61 2.2.2. Characteristics . . . . . . . . . . . . . . . . . . . 11 62 2.3. SIGFOX . . . . . . . . . . . . . . . . . . . . . . . . . 15 63 2.3.1. Provenance and Documents . . . . . . . . . . . . . . 15 64 2.3.2. Characteristics . . . . . . . . . . . . . . . . . . . 15 65 2.4. Wi-SUN Alliance Field Area Network (FAN) . . . . . . . . 20 66 2.4.1. Provenance and Documents . . . . . . . . . . . . . . 20 67 2.4.2. Characteristics . . . . . . . . . . . . . . . . . . . 21 68 3. Generic Terminology . . . . . . . . . . . . . . . . . . . . . 24 69 4. Gap Analysis . . . . . . . . . . . . . . . . . . . . . . . . 25 70 4.1. Naive application of IPv6 . . . . . . . . . . . . . . . . 26 71 4.2. 6LoWPAN . . . . . . . . . . . . . . . . . . . . . . . . . 26 72 4.2.1. Header Compression . . . . . . . . . . . . . . . . . 27 73 4.2.2. Address Autoconfiguration . . . . . . . . . . . . . . 27 74 4.2.3. Fragmentation . . . . . . . . . . . . . . . . . . . . 27 75 4.2.4. Neighbor Discovery . . . . . . . . . . . . . . . . . 28 76 4.3. 6lo . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 77 4.4. 6tisch . . . . . . . . . . . . . . . . . . . . . . . . . 29 78 4.5. RoHC . . . . . . . . . . . . . . . . . . . . . . . . . . 29 79 4.6. ROLL . . . . . . . . . . . . . . . . . . . . . . . . . . 30 80 4.7. CoAP . . . . . . . . . . . . . . . . . . . . . . . . . . 30 81 4.8. Mobility . . . . . . . . . . . . . . . . . . . . . . . . 30 82 4.9. DNS and LPWAN . . . . . . . . . . . . . . . . . . . . . . 31 83 5. Security Considerations . . . . . . . . . . . . . . . . . . . 31 84 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 85 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 32 86 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 87 9. Informative References . . . . . . . . . . . . . . . . . . . 35 88 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 40 89 A.1. From -00 to -01 . . . . . . . . . . . . . . . . . . . . . 40 90 A.2. From -01 to -02 . . . . . . . . . . . . . . . . . . . . . 40 91 A.3. From -02 to -03 . . . . . . . . . . . . . . . . . . . . . 41 92 A.4. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 41 93 A.5. From -04 to -05 . . . . . . . . . . . . . . . . . . . . . 41 94 A.6. From -05 to -06 . . . . . . . . . . . . . . . . . . . . . 41 95 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 41 97 1. Introduction 99 This document provides background material and an overview of the 100 technologies being considered in the IETF's Low Power Wide-Area 101 Networking (LPWAN) working group. We also provide a gap analysis 102 between the needs of these technologies and currently available IETF 103 specifications. 105 Most technologies in this space aim for similar goals of supporting 106 large numbers of very low-cost, low-throughput devices with very-low 107 power consumption, so that even battery-powered devices can be 108 deployed for years. LPWAN devices also tend to be constrained in 109 their use of bandwidth, for example with limited frequencies being 110 allowed to be used within limited duty-cycles (usually expressed as a 111 percentage of time per-hour that the device is allowed to transmit.) 112 And as the name implies, coverage of large areas is also a common 113 goal. So, by and large, the different technologies aim for 114 deployment in very similar circumstances. 116 Existing pilot deployments have shown huge potential and created much 117 industrial interest in these technologies. As of today, essentially 118 no LPWAN devices have IP capabilities. Connecting LPWANs to the 119 Internet would provide significant benefits to these networks in 120 terms of interoperability, application deployment, and management, 121 among others. The goal of the IETF LPWAN working group is to, where 122 necessary, adapt IETF-defined protocols, addressing schemes and 123 naming to this particular constrained environment. 125 This document is largely the work of the people listed in Section 7. 127 2. LPWAN Technologies 129 This section provides an overview of the set of LPWAN technologies 130 that are being considered in the LPWAN working group. The text for 131 each was mainly contributed by proponents of each technology. 133 Note that this text is not intended to be normative in any sense, but 134 simply to help the reader in finding the relevant layer 2 135 specifications and in understanding how those integrate with IETF- 136 defined technologies. Similarly, there is no attempt here to set out 137 the pros and cons of the relevant technologies. 139 Note that some of the technology-specific drafts referenced below may 140 have been updated since publication of this document. 142 2.1. LoRaWAN 144 Text here is largely from [I-D.farrell-lpwan-lora-overview] 146 2.1.1. Provenance and Documents 148 LoRaWAN is an ISM-based wireless technology for long-range low-power 149 low-data-rate applications developed by the LoRa Alliance, a 150 membership consortium. This draft 151 is based on version 1.0.2 [LoRaSpec] of the LoRa specification. That 152 specification is publicly available and has already seen several 153 deployments across the globe. 155 2.1.2. Characteristics 157 LoRaWAN aims to support end-devices operating on a single battery for 158 an extended period of time (e.g., 10 years or more), extended 159 coverage through 155 dB maximum coupling loss, and reliable and 160 efficient file download (as needed for remote software/firmware 161 upgrade). 163 LoRaWAN networks are typically organized in a star-of-stars topology 164 in which gateways relay messages between end-devices and a central 165 "network server" in the backend. Gateways are connected to the 166 network server via IP links while end-devices use single-hop LoRaWAN 167 communication that can be received at one or more gateways. 168 Communication is generally bi-directional; uplink communication from 169 end-devices to the network server is favored in terms of overall 170 bandwidth availability. 172 Figure 1 shows the entities involved in a LoRaWAN network. 174 +----------+ 175 |End-device| * * * 176 +----------+ * +---------+ 177 * | Gateway +---+ 178 +----------+ * +---------+ | +---------+ 179 |End-device| * * * +---+ Network +--- Application 180 +----------+ * | | Server | 181 * +---------+ | +---------+ 182 +----------+ * | Gateway +---+ 183 |End-device| * * * * +---------+ 184 +----------+ 185 Key: * LoRaWAN Radio 186 +---+ IP connectivity 188 Figure 1: LoRaWAN architecture 190 o End-device: a LoRa client device, sometimes called a mote. 191 Communicates with gateways. 193 o Gateway: a radio on the infrastructure-side, sometimes called a 194 concentrator or base-station. Communicates with end-devices and, 195 via IP, with a network server. 197 o Network Server: The Network Server (NS) terminates the LoRaWAN MAC 198 layer for the end-devices connected to the network. It is the 199 center of the star topology. 201 o - Join Server: The Join Server (JS) is a server on the Internet 202 side of an NS that processes join requests from end-devices. 204 o Uplink message: refers to communications from end-device to 205 network server or application via one or more gateways. 207 o Downlink message: refers to communications from network server or 208 application via one gateway to a single end-device or a group of 209 end-devices (considering multicasting). 211 o Application: refers to application layer code both on the end- 212 device and running "behind" the network server. For LoRaWAN, 213 there will generally only be one application running on most end- 214 devices. Interfaces between the network server and application 215 are not further described here. 217 In LoRaWAN networks, end-device transmissions may be received at 218 multiple gateways, so during nominal operation a network server may 219 see multiple instances of the same uplink message from an end-device. 221 The LoRaWAN network infrastructure manages the data rate and RF 222 output power for each end-device individually by means of an adaptive 223 data rate (ADR) scheme. End-devices may transmit on any channel 224 allowed by local regulation at any time. 226 LoRaWAN radios make use of industrial, scientific and medical (ISM) 227 bands, for example, 433MHz and 868MHz within the European Union and 228 915MHz in the Americas. 230 The end-device changes channel in a pseudo-random fashion for every 231 transmission to help make the system more robust to interference and/ 232 or to conform to local regulations. 234 Figure 2 below shows that after a transmission slot a Class A device 235 turns on its receiver for two short receive windows that are offset 236 from the end of the transmission window. End-devices can only 237 transmit a subsequent uplink frame after the end of the associated 238 receive windows. When a device joins a LoRaWAN network, there are 239 similar timeouts on parts of that process. 241 |----------------------------| |--------| |--------| 242 | Tx | | Rx | | Rx | 243 |----------------------------| |--------| |--------| 244 |---------| 245 Rx delay 1 246 |------------------------| 247 Rx delay 2 249 Figure 2: LoRaWAN Class A transmission and reception window 251 Given the different regional requirements the detailed specification 252 for the LoRaWAN physical layer (taking up more than 30 pages of the 253 specification) is not reproduced here. Instead and mainly to 254 illustrate the kinds of issue encountered, in Table 1 we present some 255 of the default settings for one ISM band (without fully explaining 256 those here) and in Table 2 we describe maxima and minima for some 257 parameters of interest to those defining ways to use IETF protocols 258 over the LoRaWAN MAC layer. 260 +------------------------+------------------------------------------+ 261 | Parameters | Default Value | 262 +------------------------+------------------------------------------+ 263 | Rx delay 1 | 1 s | 264 | | | 265 | Rx delay 2 | 2 s (must be RECEIVE_DELAY1 + 1s) | 266 | | | 267 | join delay 1 | 5 s | 268 | | | 269 | join delay 2 | 6 s | 270 | | | 271 | 868MHz Default | 3 (868.1,868.2,868.3), data rate: 0.3-5 | 272 | channels | kbps | 273 +------------------------+------------------------------------------+ 275 Table 1: Default settings for EU868MHz band 277 +-----------------------------------------------+--------+----------+ 278 | Parameter/Notes | Min | Max | 279 +-----------------------------------------------+--------+----------+ 280 | Duty Cycle: some but not all ISM bands impose | 1% | no-limit | 281 | a limit in terms of how often an end-device | | | 282 | can transmit. In some cases LoRaWAN is more | | | 283 | restrictive in an attempt to avoid | | | 284 | congestion. | | | 285 | | | | 286 | EU 868MHz band data rate/frame-size | 250 | 50000 | 287 | | bits/s | bits/s : | 288 | | : 59 | 250 | 289 | | octets | octets | 290 | | | | 291 | US 915MHz band data rate/frame-size | 980 | 21900 | 292 | | bits/s | bits/s : | 293 | | : 19 | 250 | 294 | | octets | octets | 295 +-----------------------------------------------+--------+----------+ 297 Table 2: Minima and Maxima for various LoRaWAN Parameters 299 Note that in the case of the smallest frame size (19 octets), 8 300 octets are required for LoRa MAC layer headers leaving only 11 octets 301 for payload (including MAC layer options). However, those settings 302 do not apply for the join procedure - end-devices are required to use 303 a channel and data rate that can send the 23-byte Join-request 304 message for the join procedure. 306 Uplink and downlink higher layer data is carried in a MACPayload. 307 There is a concept of "ports" (an optional 8-bit value) to handle 308 different applications on an end-device. Port zero is reserved for 309 LoRaWAN specific messaging, such as the configuration of the end 310 device's network parameters (available channels, data rates, ADR 311 parameters, RX1/2 delay, etc.). 313 In addition to carrying higher layer PDUs there are Join-Request and 314 Join-Response (aka Join-Accept) messages for handling network access. 315 And so-called "MAC commands" (see below) up to 15 bytes long can be 316 piggybacked in an options field ("FOpts"). 318 There are a number of MAC commands for link and device status 319 checking, ADR and duty-cycle negotiation, managing the RX windows and 320 radio channel settings. For example, the link check response message 321 allows the network server (in response to a request from an end- 322 device) to inform an end-device about the signal attenuation seen 323 most recently at a gateway, and to also tell the end-device how many 324 gateways received the corresponding link request MAC command. 326 Some MAC commands are initiated by the network server. For example, 327 one command allows the network server to ask an end-device to reduce 328 its duty-cycle to only use a proportion of the maximum allowed in a 329 region. Another allows the network server to query the end-device's 330 power status with the response from the end-device specifying whether 331 it has an external power source or is battery powered (in which case 332 a relative battery level is also sent to the network server). 334 In order to operate nominally on a LoRaWAN network, a device needs a 335 32-bit device address, that is assigned when the device "joins" the 336 network (see below for the join procedure) or that is pre-provisioned 337 into the device. In case of roaming devices, the device address is 338 assigned based on the 24-bit network identifier (NetID) that is 339 allocated to the network by the LoRa Alliance. Non-roaming devices 340 can be assigned device addresses by the network without relying on a 341 LoRa Alliance-assigned NetID. 343 End-devices are assumed to work with one or a quite limited number of 344 applications, identified by a 64-bit AppEUI, which is assumed to be a 345 registered IEEE EUI64 value. In addition, a device needs to have two 346 symmetric session keys, one for protecting network artifacts 347 (port=0), the NwkSKey, and another for protecting application layer 348 traffic, the AppSKey. Both keys are used for 128-bit AES 349 cryptographic operations. So, one option is for an end-device to 350 have all of the above, plus channel information, somehow 351 (pre-)provisioned, in which case the end-device can simply start 352 transmitting. This is achievable in many cases via out-of-band means 353 given the nature of LoRaWAN networks. Table 3 summarizes these 354 values. 356 +---------+---------------------------------------------------------+ 357 | Value | Description | 358 +---------+---------------------------------------------------------+ 359 | DevAddr | DevAddr (32-bits) = device-specific network address | 360 | | generated from the NetID | 361 | | | 362 | AppEUI | IEEE EUI64 corresponding to the join server for an | 363 | | application | 364 | | | 365 | NwkSKey | 128-bit network session key used with AES-CMAC | 366 | | | 367 | AppSKey | 128-bit application session key used with AES-CTR | 368 | | | 369 | AppKey | 128-bit application session key used with AES-ECB | 370 +---------+---------------------------------------------------------+ 372 Table 3: Values required for nominal operation 374 As an alternative, end-devices can use the LoRaWAN join procedure 375 with a join server behind the NS in order to setup some of these 376 values and dynamically gain access to the network. To use the join 377 procedure, an end-device must still know the AppEUI, and in addition, 378 a different (long-term) symmetric key that is bound to the AppEUI - 379 this is the application key (AppKey), and is distinct from the 380 application session key (AppSKey). The AppKey is required to be 381 specific to the device, that is, each end-device should have a 382 different AppKey value. And finally, the end-device also needs a 383 long-term identifier for itself, syntactically also an EUI-64, and 384 known as the device EUI or DevEUI. Table 4 summarizes these values. 386 +---------+----------------------------------------------------+ 387 | Value | Description | 388 +---------+----------------------------------------------------+ 389 | DevEUI | IEEE EUI64 naming the device | 390 | | | 391 | AppEUI | IEEE EUI64 naming the application | 392 | | | 393 | AppKey | 128-bit long term application key for use with AES | 394 +---------+----------------------------------------------------+ 396 Table 4: Values required for join procedure 398 The join procedure involves a special exchange where the end-device 399 asserts the AppEUI and DevEUI (integrity protected with the long-term 400 AppKey, but not encrypted) in a Join-request uplink message. This is 401 then routed to the network server which interacts with an entity that 402 knows that AppKey to verify the Join-request. All going well, a 403 Join-accept downlink message is returned from the network server to 404 the end-device that specifies the 24-bit NetID, 32-bit DevAddr and 405 channel information and from which the AppSKey and NwkSKey can be 406 derived based on knowledge of the AppKey. This provides the end- 407 device with all the values listed in Table 3. 409 All payloads are encrypted and have data integrity. MAC commands, 410 when sent as a payload (port zero), are therefore protected. MAC 411 commands piggy-backed as frame options ("FOpts") are however sent in 412 clear. Any MAC commands sent as frame options and not only as 413 payload, are visible to a passive attacker but are not malleable for 414 an active attacker due to the use of the Message Integrity Check 415 (MIC) described below. 417 For LoRaWAN version 1.0.x, the NWkSkey session key is used to provide 418 data integrity between the end-device and the network server. The 419 AppSKey is used to provide data confidentiality between the end- 420 device and network server, or to the application "behind" the network 421 server, depending on the implementation of the network. 423 All MAC layer messages have an outer 32-bit MIC calculated using AES- 424 CMAC calculated over the ciphertext payload and other headers and 425 using the NwkSkey. Payloads are encrypted using AES-128, with a 426 counter-mode derived from IEEE 802.15.4 using the AppSKey. Gateways 427 are not expected to be provided with the AppSKey or NwkSKey, all of 428 the infrastructure-side cryptography happens in (or "behind") the 429 network server. When session keys are derived from the AppKey as a 430 result of the join procedure the Join-accept message payload is 431 specially handled. 433 The long-term AppKey is directly used to protect the Join-accept 434 message content, but the function used is not an AES-encrypt 435 operation, but rather an AES-decrypt operation. The justification is 436 that this means that the end-device only needs to implement the AES- 437 encrypt operation. (The counter mode variant used for payload 438 decryption means the end-device doesn't need an AES-decrypt 439 primitive.) 441 The Join-accept plaintext is always less than 16 bytes long, so 442 electronic code book (ECB) mode is used for protecting Join-accept 443 messages. The Join-accept contains an AppNonce (a 24 bit value) that 444 is recovered on the end-device along with the other Join-accept 445 content (e.g. DevAddr) using the AES-encrypt operation. Once the 446 Join-accept payload is available to the end-device the session keys 447 are derived from the AppKey, AppNonce and other values, again using 448 an ECB mode AES-encrypt operation, with the plaintext input being a 449 maximum of 16 octets. 451 2.2. Narrowband IoT (NB-IoT) 453 Text here is largely from [I-D.ratilainen-lpwan-nb-iot] 455 2.2.1. Provenance and Documents 457 Narrowband Internet of Things (NB-IoT) is developed and standardized 458 by 3GPP. The standardization of NB-IoT was finalized with 3GPP 459 Release 13 in June 2016, and further enhancements for NB-IoT are 460 specified in 3GPP Release 14 in 2017, for example in the form of 461 multicast support. Further features and improvements will be 462 developed in the following releases, but NB-IoT has been ready to be 463 deployed since 2016, and is rather simple to deploy especially in the 464 existing LTE networks with a software upgrade in the operator's base 465 stations. For more information of what has been specified for NB- 466 IoT, 3GPP specification 36.300 [TGPP36300] provides an overview and 467 overall description of the E-UTRAN radio interface protocol 468 architecture, while specifications 36.321 [TGPP36321], 36.322 469 [TGPP36322], 36.323 [TGPP36323] and 36.331 [TGPP36331] give more 470 detailed description of MAC, RLC, PDCP and RRC protocol layers, 471 respectively. Note that the description below assumes familiarity 472 with numerous 3GPP terms. 474 2.2.2. Characteristics 476 Specific targets for NB-IoT include: Less than US$5 module cost, 477 extended coverage of 164 dB maximum coupling loss, battery life of 478 over 10 years, ~55000 devices per cell and uplink reporting latency 479 of less than 10 seconds. 481 NB-IoT supports Half Duplex FDD operation mode with 60 kbps peak rate 482 in uplink and 30 kbps peak rate in downlink, and a maximum 483 transmission unit (MTU) size of 1600 bytes limited by PDCP layer (see 484 Figure 4 for the protocol structure), which is the highest layer in 485 the user plane, as explained later. Any packet size up to the said 486 MTU size can be passed to the NB-IoT stack from higher layers, 487 segmentation of the packet is performed in the RLC layer, which can 488 segment the data to transmission blocks with size as small as 16 489 bits. As the name suggests, NB-IoT uses narrowbands with bandwidth 490 of 180 kHz in both downlink and uplink. The multiple access scheme 491 used in the downlink is OFDMA with 15 kHz sub-carrier spacing. In 492 uplink, SC-FDMA single tone with either 15kHz or 3.75 kHz tone 493 spacing is used, or optionally multi-tone SC- FDMA can be used with 494 15 kHz tone spacing. 496 NB-IoT can be deployed in three ways. In-band deployment means that 497 the narrowband is deployed inside the LTE band and radio resources 498 are flexibly shared between NB-IoT and normal LTE carrier. In Guard- 499 band deployment the narrowband uses the unused resource blocks 500 between two adjacent LTE carriers. Standalone deployment is also 501 supported, where the narrowband can be located alone in dedicated 502 spectrum, which makes it possible for example to reframe a GSM 503 carrier at 850/900 MHz for NB-IoT. All three deployment modes are 504 used in licensed frequency bands. The maximum transmission power is 505 either 20 or 23 dBm for uplink transmissions, while for downlink 506 transmission the eNodeB may use higher transmission power, up to 46 507 dBm depending on the deployment. 509 A maximum coupling loss (MCL) target for NB-IoT coverage enhancements 510 defined by 3GPP is 164 dB. With this MCL, the performance of NB-IoT 511 in downlink varies between 200 bps and 2-3 kbps, depending on the 512 deployment mode. Stand-alone operation may achieve the highest data 513 rates, up to few kbps, while in-band and guard-band operations may 514 reach several hundreds of bps. NB-IoT may even operate with MCL 515 higher than 170 dB with very low bit rates. 517 For signaling optimization, two options are introduced in addition to 518 legacy LTE RRC connection setup; mandatory Data-over-NAS (Control 519 Plane optimization, solution 2 in [TGPP23720]) and optional RRC 520 Suspend/Resume (User Plane optimization, solution 18 in [TGPP23720]). 521 In the control plane optimization the data is sent over Non-Access 522 Stratum, directly to/from Mobility Management Entity (MME) (see 523 Figure 3 for the network architecture) in the core network to the 524 User Equipment (UE) without interaction from the base station. This 525 means there are no Access Stratum security or header compression 526 provided by the PDCP layer in the eNodeB, as the Access Stratum is 527 bypassed, and only limited RRC procedures. RoHC based header 528 compression may still optionally be provided and terminated in MME. 530 The RRC Suspend/Resume procedures reduce the signaling overhead 531 required for UE state transition from RRC Idle to RRC Connected mode 532 compared to legacy LTE operation in order to have quicker user plane 533 transaction with the network and return to RRC Idle mode faster. 535 In order to prolong device battery life, both power-saving mode (PSM) 536 and extended DRX (eDRX) are available to NB-IoT. With eDRX the RRC 537 Connected mode DRX cycle is up to 10.24 seconds and in RRC Idle the 538 eDRX cycle can be up to 3 hours. In PSM the device is in a deep 539 sleep state and only wakes up for uplink reporting, after which there 540 is a window, configured by the network, during which the device 541 receiver is open for downlink connectivity, of for periodical "keep- 542 alive" signaling (PSM uses periodic TAU signaling with additional 543 reception window for downlink reachability). 545 Since NB-IoT operates in licensed spectrum, it has no channel access 546 restrictions allowing up to a 100% duty-cycle. 548 3GPP access security is specified in [TGPP33203]. 550 +--+ 551 |UE| \ +------+ +------+ 552 +--+ \ | MME |------| HSS | 553 \ / +------+ +------+ 554 +--+ \+-----+ / | 555 |UE| ----| eNB |- | 556 +--+ /+-----+ \ | 557 / \ +--------+ 558 / \| | +------+ Service PDN 559 +--+ / | S-GW |----| P-GW |---- e.g. Internet 560 |UE| | | +------+ 561 +--+ +--------+ 563 Figure 3: 3GPP network architecture 565 Figure 3 shows the 3GPP network architecture, which applies to NB- 566 IoT. Mobility Management Entity (MME) is responsible for handling 567 the mobility of the UE. MME tasks include tracking and paging UEs, 568 session management, choosing the Serving gateway for the UE during 569 initial attachment and authenticating the user. At MME, the Non- 570 Access Stratum (NAS) signaling from the UE is terminated. 572 Serving Gateway (S-GW) routes and forwards the user data packets 573 through the access network and acts as a mobility anchor for UEs 574 during handover between base stations known as eNodeBs and also 575 during handovers between NB-IoT and other 3GPP technologies. 577 Packet Data Network Gateway (P-GW) works as an interface between 3GPP 578 network and external networks. 580 The Home Subscriber Server (HSS) contains user-related and 581 subscription- related information. It is a database, which performs 582 mobility management, session establishment support, user 583 authentication and access authorization. 585 E-UTRAN consists of components of a single type, eNodeB. eNodeB is a 586 base station, which controls the UEs in one or several cells. 588 The 3GPP radio protocol architecture is illustrated in Figure 4. 590 +---------+ +---------+ 591 | NAS |----|-----------------------------|----| NAS | 592 +---------+ | +---------+---------+ | +---------+ 593 | RRC |----|----| RRC | S1-AP |----|----| S1-AP | 594 +---------+ | +---------+---------+ | +---------+ 595 | PDCP |----|----| PDCP | SCTP |----|----| SCTP | 596 +---------+ | +---------+---------+ | +---------+ 597 | RLC |----|----| RLC | IP |----|----| IP | 598 +---------+ | +---------+---------+ | +---------+ 599 | MAC |----|----| MAC | L2 |----|----| L2 | 600 +---------+ | +---------+---------+ | +---------+ 601 | PHY |----|----| PHY | PHY |----|----| PHY | 602 +---------+ +---------+---------+ +---------+ 603 LTE-Uu S1-MME 604 UE eNodeB MME 606 Figure 4: 3GPP radio protocol architecture for control plane 608 Control plane protocol stack 610 The radio protocol architecture of NB-IoT (and LTE) is separated into 611 control plane and user plane. The control plane consists of 612 protocols which control the radio access bearers and the connection 613 between the UE and the network. The highest layer of control plane 614 is called Non-Access Stratum (NAS), which conveys the radio signaling 615 between the UE and the Evolved Packet Core (EPC), passing 616 transparently through the radio network. NAS responsible for 617 authentication, security control, mobility management and bearer 618 management. 620 Access Stratum (AS) is the functional layer below NAS, and in the 621 control plane it consists of Radio Resource Control protocol (RRC) 622 [TGPP36331], which handles connection establishment and release 623 functions, broadcast of system information, radio bearer 624 establishment, reconfiguration and release. RRC configures the user 625 and control planes according to the network status. There exists two 626 RRC states, RRC_Idle or RRC_Connected, and RRC entity controls the 627 switching between these states. In RRC_Idle, the network knows that 628 the UE is present in the network and the UE can be reached in case of 629 incoming call/downlink data. In this state, the UE monitors paging, 630 performs cell measurements and cell selection and acquires system 631 information. Also the UE can receive broadcast and multicast data, 632 but it is not expected to transmit or receive unicast data. In 633 RRC_Connected the UE has a connection to the eNodeB, the network 634 knows the UE location on the cell level and the UE may receive and 635 transmit unicast data. An RRC connection is established when the UE 636 is expected to be active in the network, to transmit or receive data. 637 The RRC connection is released, switching back to RRC_Idle, when 638 there is no more traffic in order to preserve UE battery life and 639 radio resources. However, a new feature was introduced for NB-IoT, 640 as mentioned earlier, which allows data to be transmitted from the 641 MME directly to the UE transparently to the eNodeB, thus bypassing AS 642 functions. 644 Packet Data Convergence Protocol's (PDCP) [TGPP36323] main services 645 in control plane are transfer of control plane data, ciphering and 646 integrity protection. 648 Radio Link Control protocol (RLC) [TGPP36322] performs transfer of 649 upper layer PDUs and optionally error correction with Automatic 650 Repeat reQuest (ARQ), concatenation, segmentation, and reassembly of 651 RLC SDUs, in-sequence delivery of upper layer PDUs, duplicate 652 detection, RLC SDU discard, RLC-re-establishment and protocol error 653 detection and recovery. 655 Medium Access Control protocol (MAC) [TGPP36321] provides mapping 656 between logical channels and transport channels, multiplexing of MAC 657 SDUs, scheduling information reporting, error correction with HARQ, 658 priority handling and transport format selection. 660 Physical layer [TGPP36201] provides data transport services to higher 661 layers. These include error detection and indication to higher 662 layers, FEC encoding, HARQ soft-combining, rate matching and mapping 663 of the transport channels onto physical channels, power weighting and 664 modulation of physical channels, frequency and time synchronization 665 and radio characteristics measurements. 667 User plane protocol stack 669 User plane is responsible for transferring the user data through the 670 Access Stratum. It interfaces with IP and the highest layer of user 671 plane is PDCP, which in user plane performs header compression using 672 Robust Header Compression (RoHC), transfer of user plane data between 673 eNodeB and UE, ciphering and integrity protection. Similar to 674 control plane, lower layers in user plane include RLC, MAC and 675 physical layer performing the same tasks as in control plane. 677 2.3. SIGFOX 679 Text here is largely from 680 [I-D.zuniga-lpwan-sigfox-system-description] which may have been 681 updated since this was published. 683 2.3.1. Provenance and Documents 685 The SIGFOX LPWAN is in line with the terminology and specifications 686 being defined by ETSI [etsi_unb]. As of today, SIGFOX's network has 687 been fully deployed in 12 countries, with ongoing deployments on 26 688 other countries, giving in total a geography of 2 million square 689 kilometers, containing 512 million people. 691 2.3.2. Characteristics 693 SIGFOX LPWAN autonomous battery-operated devices send only a few 694 bytes per day, week or month, in principle allowing them to remain on 695 a single battery for up to 10-15 years. Hence, the system is 696 designed as to allow devices to last several years, sometimes even 697 buried underground. 699 Since the radio protocol is connection-less and optimized for uplink 700 communications, the capacity of a SIGFOX base station depends on the 701 number of messages generated by devices, and not on the actual number 702 of devices. Likewise, the battery life of devices depends on the 703 number of messages generated by the device. Depending on the use 704 case, devices can vary from sending less than one message per device 705 per day, to dozens of messages per device per day. 707 The coverage of the cell depends on the link budget and on the type 708 of deployment (urban, rural, etc.). The radio interface is compliant 709 with the following regulations: 711 Spectrum allocation in the USA [fcc_ref] 713 Spectrum allocation in Europe [etsi_ref] 715 Spectrum allocation in Japan [arib_ref] 717 The SIGFOX radio interface is also compliant with the local 718 regulations of the following countries: Australia, Brazil, Canada, 719 Kenya, Lebanon, Mauritius, Mexico, New Zealand, Oman, Peru, 720 Singapore, South Africa, South Korea, and Thailand. 722 The radio interface is based on Ultra Narrow Band (UNB) 723 communications, which allow an increased transmission range by 724 spending a limited amount of energy at the device. Moreover, UNB 725 allows a large number of devices to coexist in a given cell without 726 significantly increasing the spectrum interference. 728 Both uplink and downlink are supported, although the system is 729 optimized for uplink communications. Due to spectrum optimizations, 730 different uplink and downlink frames and time synchronization methods 731 are needed. 733 The main radio characteristics of the UNB uplink transmission are: 735 o Channelization mask: 100 Hz / 600 Hz (depending on the region) 737 o Uplink baud rate: 100 baud / 600 baud (depending on the region) 739 o Modulation scheme: DBPSK 741 o Uplink transmission power: compliant with local regulation 743 o Link budget: 155 dB (or better) 745 o Central frequency accuracy: not relevant, provided there is no 746 significant frequency drift within an uplink packet transmission 748 For example, in Europe the UNB uplink frequency band is limited to 749 868.00 to 868.60 MHz, with a maximum output power of 25 mW and a duty 750 cycle of 1%. 752 The format of the uplink frame is the following: 754 +--------+--------+--------+------------------+-------------+-----+ 755 |Preamble| Frame | Dev ID | Payload |Msg Auth Code| FCS | 756 | | Sync | | | | | 757 +--------+--------+--------+------------------+-------------+-----+ 759 Figure 5: Uplink Frame Format 761 The uplink frame is composed of the following fields: 763 o Preamble: 19 bits 765 o Frame sync and header: 29 bits 767 o Device ID: 32 bits 769 o Payload: 0-96 bits 771 o Authentication: 16-40 bits 773 o Frame check sequence: 16 bits (CRC) 775 The main radio characteristics of the UNB downlink transmission are: 777 o Channelization mask: 1.5 kHz 779 o Downlink baud rate: 600 baud 781 o Modulation scheme: GFSK 783 o Downlink transmission power: 500 mW / 4W (depending on the region) 785 o Link budget: 153 dB (or better) 787 o Central frequency accuracy: the center frequency of downlink 788 transmission is set by the network according to the corresponding 789 uplink transmission 791 For example, in Europe the UNB downlink frequency band is limited to 792 869.40 to 869.65 MHz, with a maximum output power of 500 mW with 10% 793 duty cycle. 795 The format of the downlink frame is the following: 797 +------------+-----+---------+------------------+-------------+-----+ 798 | Preamble |Frame| ECC | Payload |Msg Auth Code| FCS | 799 | |Sync | | | | | 800 +------------+-----+---------+------------------+-------------+-----+ 802 Figure 6: Downlink Frame Format 804 The downlink frame is composed of the following fields: 806 o Preamble: 91 bits 808 o Frame sync and header: 13 bits 810 o Error Correcting Code (ECC): 32 bits 812 o Payload: 0-64 bits 814 o Authentication: 16 bits 816 o Frame check sequence: 8 bits (CRC) 818 The radio interface is optimized for uplink transmissions, which are 819 asynchronous. Downlink communications are achieved by devices 820 querying the network for available data. 822 A device willing to receive downlink messages opens a fixed window 823 for reception after sending an uplink transmission. The delay and 824 duration of this window have fixed values. The network transmits the 825 downlink message for a given device during the reception window, and 826 the network also selects the base station (BS) for transmitting the 827 corresponding downlink message. 829 Uplink and downlink transmissions are unbalanced due to the 830 regulatory constraints on ISM bands. Under the strictest 831 regulations, the system can allow a maximum of 140 uplink messages 832 and 4 downlink messages per device per day. These restrictions can 833 be slightly relaxed depending on system conditions and the specific 834 regulatory domain of operation. 836 +---+ 837 |DEV| * +------+ 838 +---+ * | RA | 839 * +------+ 840 +---+ * | 841 |DEV| * * * * | 842 +---+ * +----+ | 843 * | BS | \ +--------+ 844 +---+ * +----+ \ | | 845 DA -----|DEV| * * * | SC |----- NA 846 +---+ * / | | 847 * +----+ / +--------+ 848 +---+ * | BS |/ 849 |DEV| * * * * +----+ 850 +---+ * 851 * 852 +---+ * 853 |DEV| * * 854 +---+ 856 Figure 7: SIGFOX network architecture 858 Figure 7 depicts the different elements of the SIGFOX network 859 architecture. 861 SIGFOX has a "one-contract one-network" model allowing devices to 862 connect in any country, without any need or notion of either roaming 863 or handover. 865 The architecture consists of a single cloud-based core network, which 866 allows global connectivity with minimal impact on the end device and 867 radio access network. The core network elements are the Service 868 Center (SC) and the Registration Authority (RA). The SC is in charge 869 of the data connectivity between the Base Station (BS) and the 870 Internet, as well as the control and management of the BSs and End 871 Points. The RA is in charge of the End Point network access 872 authorization. 874 The radio access network is comprised of several BSs connected 875 directly to the SC. Each BS performs complex L1/L2 functions, 876 leaving some L2 and L3 functionalities to the SC. 878 The Devices (DEVs) or End Points (EPs) are the objects that 879 communicate application data between local device applications (DAs) 880 and network applications (NAs). 882 Devices (or EPs) can be static or nomadic, as they associate with the 883 SC and they do not attach to any specific BS. Hence, they can 884 communicate with the SC through one or multiple BSs. 886 Due to constraints in the complexity of the Device, it is assumed 887 that Devices host only one or very few device applications, which 888 most of the time communicate each to a single network application at 889 a time. 891 The radio protocol authenticates and ensures the integrity of each 892 message. This is achieved by using a unique device ID and an AES-128 893 based message authentication code, ensuring that the message has been 894 generated and sent by the device with the ID claimed in the message. 895 Application data can be encrypted at the application level or not, 896 depending on the criticality of the use case, to provide a balance 897 between cost and effort vs. risk. AES-128 in counter mode is used 898 for encryption. Cryptographic keys are independent for each device. 899 These keys are associated with the device ID and separate integrity 900 and confidentiality keys are pre-provisioned. A confidentiality key 901 is only provisioned if confidentiality is to be used. At the time of 902 writing the algorithms and keying details for this are not published. 904 2.4. Wi-SUN Alliance Field Area Network (FAN) 906 Text here is via personal communication from Bob Heile 907 (bheile@ieee.org) and was authored by Bob and Sum Chin Sean. Duffy 908 (paduffy@cisco.com) also provided additional comments/input on this 909 section. 911 2.4.1. Provenance and Documents 913 The Wi-SUN Alliance is an industry alliance 914 for smart city, smart grid, smart utility, and a broad set of general 915 IoT applications. The Wi-SUN Alliance Field Area Network (FAN) 916 profile is open standards based (primarily on IETF and IEEE802 917 standards) and was developed to address applications like smart 918 municipality/city infrastructure monitoring and management, electric 919 vehicle (EV) infrastructure, advanced metering infrastructure (AMI), 920 distribution automation (DA), supervisory control and data 921 acquisition (SCADA) protection/management, distributed generation 922 monitoring and management, and many more IoT applications. 923 Additionally, the Alliance has created a certification program to 924 promote global multi-vendor interoperability. 926 The FAN profile is specified within ANSI/TIA as an extension of work 927 previously done on Smart Utility Networks. [ANSI-4957-000]. Updates 928 to those specifications intended to be published in 2017 will contain 929 details of the FAN profile. A current snapshot of the work to 930 produce that profile is presented in [wisun-pressie1] 931 [wisun-pressie2] . 933 2.4.2. Characteristics 935 The FAN profile is an IPv6 wireless mesh network with support for 936 enterprise level security. The frequency hopping wireless mesh 937 topology aims to offer superior network robustness, reliability due 938 to high redundancy, good scalability due to the flexible mesh 939 configuration and good resilience to interference. Very low power 940 modes are in development permitting long term battery operation of 941 network nodes. 943 The following list contains some overall characteristics of Wi-SUN 944 that are relevant to LPWAN applications. 946 o Coverage The range of Wi-SUN FAN is typically 2 -- 3 km in line of 947 sight, matching the needs of neighborhood area networks, campus 948 area networks, or corporate area networks. The range can also be 949 extended via multi-hop networking. 951 o High bandwidth, low link latency: Wi-SUN supports relatively high 952 bandwidth, i.e. up to 300 kbps [FANTPS], enables remote update and 953 upgrade of devices so that they can handle new applications, 954 extending their working life. Wi-SUN supports LPWAN IoT 955 applications that require on-demand control by providing low link 956 latency (0.02s) and bi-directional communication. 958 o Low power consumption: FAN devices draw less than 2 uA when 959 resting and only 8 mA when listening. Such devices can maintain a 960 long lifetime even if they are frequently listening. For 961 instance, suppose the device transmits data for 10 ms once every 962 10 s; theoretically, a battery of 1000 mAh can last more than 10 963 years. 965 o Scalability: Tens of millions Wi-SUN FAN devices have been 966 deployed in urban, suburban and rural environments, including 967 deployments with more than 1 million devices. 969 A FAN contains one or more networks. Within a network, nodes assume 970 one of three operational roles. First, each network contains a 971 Border Router providing Wide Area Network (WAN) connectivity to the 972 network. The Border Router maintains source routing tables for all 973 nodes within its network, provides node authentication and key 974 management services, and disseminates network-wide information such 975 as broadcast schedules. Secondly, Router nodes, which provide upward 976 and downward packet forwarding (within a network). A Router also 977 provides services for relaying security and address management 978 protocols. Lastly, Leaf nodes provide minimum capabilities: 979 discovering and joining a network, send/receive IPv6 packets, etc. A 980 low power network may contain a mesh topology with Routers at the 981 edges that construct a star topology with Leaf nodes. 983 The FAN profile is based on various open standards developed by the 984 IETF (including [RFC0768], [RFC2460], [RFC4443] and [RFC6282]), 985 IEEE802 (including [IEEE-802-15-4] and [IEEE-802-15-9]) and ANSI/TIA 986 [ANSI-4957-210] for low power and lossy networks. 988 The FAN profile specification provides an application-independent 989 IPv6-based transport service. There are two possible methods for 990 establishing the IPv6 packet routing: Routing Protocol for Low-Power 991 and Lossy Networks (RPL) at the Network layer is mandatory, and 992 Multi-Hop Delivery Service (MHDS) is optional at the Data Link layer. 993 Table 5 provides an overview of the FAN network stack. 995 The Transport service is based on User Datagram Protocol (UDP) 996 defined in RFC768 or Transmission Control Protocol (TCP) defined in 997 RFC793. 999 The Network service is provided by IPv6 as defined in RFC2460 with 1000 6LoWPAN adaptation as defined in RFC4944 and RFC6282. ICMPv6, as 1001 defined in RFC4443, is used for the control plane during information 1002 exchange. 1004 The Data Link service provides both control/management of the 1005 Physical layer and data transfer/management services to the Network 1006 layer. These services are divided into Media Access Control (MAC) 1007 and Logical Link Control (LLC) sub-layers. The LLC sub-layer 1008 provides a protocol dispatch service which supports 6LoWPAN and an 1009 optional MAC sub-layer mesh service. The MAC sub-layer is 1010 constructed using data structures defined in IEEE802.15.4-2015. 1011 Multiple modes of frequency hopping are defined. The entire MAC 1012 payload is encapsulated in an IEEE802.15.9 Information Element to 1013 enable LLC protocol dispatch between upper layer 6LoWPAN processing, 1014 MAC sublayer mesh processing, etc. These areas will be expanded once 1015 IEEE802.15.12 is completed. 1017 The PHY service is derived from a sub-set of the SUN FSK 1018 specification in IEEE802.15.4-2015. The 2-FSK modulation schemes, 1019 with channel spacing range from 200 to 600 kHz, are defined to 1020 provide data rates from 50 to 300 kbps, with Forward Error Coding 1021 (FEC) as an optional feature. Towards enabling ultra-low-power 1022 applications, the PHY layer design is also extendable to low energy 1023 and critical infrastructure monitoring networks. 1025 +----------------------+--------------------------------------------+ 1026 | Layer | Description | 1027 +----------------------+--------------------------------------------+ 1028 | IPv6 protocol suite | TCP/UDP | 1029 | | | 1030 | | 6LoWPAN Adaptation + Header Compression | 1031 | | | 1032 | | DHCPv6 for IP address management. | 1033 | | | 1034 | | Routing using RPL. | 1035 | | | 1036 | | ICMPv6. | 1037 | | | 1038 | | Unicast and Multicast forwarding. | 1039 | | | 1040 | MAC based on IEEE | Frequency hopping | 1041 | 802.15.4e + IE | | 1042 | extensions | | 1043 | | | 1044 | | Discovery and Join | 1045 | | | 1046 | | Protocol Dispatch (IEEE 802.15.9) | 1047 | | | 1048 | | Several Frame Exchange patterns | 1049 | | | 1050 | | Optional Mesh Under routing (ANSI | 1051 | | 4957.210). | 1052 | | | 1053 | PHY based on | Various data rates and regions | 1054 | 802.15.4g | | 1055 | | | 1056 | Security | 802.1X/EAP-TLS/PKI Authentication. | 1057 | | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | 1058 | | required for EAP-TLS. | 1059 | | | 1060 | | 802.11i Group Key Management | 1061 | | | 1062 | | Frame security is implemented as AES-CCM* | 1063 | | as specified in IEEE 802.15.4 | 1064 | | | 1065 | | Optional ETSI-TS-102-887-2 Node 2 Node Key | 1066 | | Management | 1067 +----------------------+--------------------------------------------+ 1069 Table 5: Wi-SUN Stack Overview 1071 The FAN security supports Data Link layer network access control, 1072 mutual authentication, and establishment of a secure pairwise link 1073 between a FAN node and its Border Router, which is implemented with 1074 an adaptation of IEEE802.1X and EAP-TLS as described in [RFC5216] 1075 using secure device identity as described in IEEE802.1AR. 1076 Certificate formats are based upon [RFC5280]. A secure group link 1077 between a Border Router and a set of FAN nodes is established using 1078 an adaptation of the IEEE802.11 Four-Way Handshake. A set of 4 group 1079 keys are maintained within the network, one of which is the current 1080 transmit key. Secure node to node links are supported between one- 1081 hop FAN neighbors using an adaptation of ETSI-TS-102-887-2. FAN 1082 nodes implement Frame Security as specified in IEEE802.15.4-2015. 1084 3. Generic Terminology 1086 LPWAN technologies, such as those discussed above, have similar 1087 architectures but different terminology. We can identify different 1088 types of entities in a typical LPWAN network: 1090 o End-Devices are the devices or the "things" (e.g. sensors, 1091 actuators, etc.); they are named differently in each technology 1092 (End Device, User Equipment or End Point). There can be a high 1093 density of end devices per radio gateway. 1095 o The Radio Gateway, which is the end point of the constrained link. 1096 It is known as: Gateway, Evolved Node B or Base station. 1098 o The Network Gateway or Router is the interconnection node between 1099 the Radio Gateway and the Internet. It is known as: Network 1100 Server, Serving GW or Service Center. 1102 o LPWAN-AAA Server, which controls the user authentication, the 1103 applications. It is known as: Join-Server, Home Subscriber Server 1104 or Registration Authority. (We use the term LPWAN-AAA server 1105 because we're not assuming that this entity speaks RADIUS or 1106 Diameter as many/most AAA servers do, but equally we don't want to 1107 rule that out, as the functionality will be similar. 1109 o At last we have the Application Server, known also as Packet Data 1110 Node Gateway or Network Application. 1112 +---------------------------------------------------------------------+ 1113 | Function/ | | | | | | 1114 |Technology | LORAWAN | NB-IOT | SIGFOX | Wi-SUN | IETF | 1115 +-----------+-----------+-----------+------------+--------+-----------+ 1116 | Sensor, | | | | | | 1117 |Actuator, | End | User | End | Leaf | Device | 1118 |device, | Device | Equipment | Point | Node | (Dev) | 1119 | object | | | | | | 1120 +-----------+-----------+-----------+------------+--------+-----------+ 1121 |Transceiver| | Evolved | Base | Router | RADIO | 1122 | Antenna | Gateway | Node B | Station | Node | Gateway | 1123 +-----------+-----------+-----------+------------+--------+-----------+ 1124 | Server | Network | PDN GW/ | Service | Border | Network | 1125 | | Server | SCEF | Center | Router | Gateway | 1126 | | | | | | (NGW) | 1127 +-----------+-----------+-----------+------------+--------+-----------+ 1128 | Security | Join | Home |Registration|Authent.| LPWAN- | 1129 | Server | Server | Subscriber| Authority | Server | AAA | 1130 | | | Server | | | SERVER | 1131 +-----------+-----------+-----------+------------+--------+-----------+ 1132 |Application|Application|Application| Network |Appli- |Application| 1133 | | Server | Server | Application| cation | (App) | 1134 +---------------------------------------------------------------------+ 1136 Figure 8: LPWAN Architecture Terminology 1138 +------+ 1139 () () () | |LPWAN-| 1140 () () () () / \ +---------+ | AAA | 1141 () () () () () () / \========| /\ |====|Server| +-----------+ 1142 () () () | | <--|--> | +------+ |APPLICATION| 1143 () () () () / \============| v |==============| (App) | 1144 () () () / \ +---------+ +-----------+ 1145 Dev Radio Gateways NGW 1147 Figure 9: LPWAN Architecture 1149 In addition to the names of entities, LPWANs are also subject to 1150 possibly regional frequency band regulations. Those may include 1151 restrictions on the duty-cycle, for example requiring that hosts only 1152 transmit for a certain percentage of each hour. 1154 4. Gap Analysis 1155 4.1. Naive application of IPv6 1157 IPv6 [RFC2460] has been designed to allocate addresses to all the 1158 nodes connected to the Internet. Nevertheless, the header overhead 1159 of at least 40 bytes introduced by the protocol is incompatible with 1160 LPWAN constraints. If IPv6 with no further optimization were used, 1161 several LPWAN frames could be needed just to carry the IP header. 1162 Another problem arises from IPv6 MTU requirements, which require the 1163 layer below to support at least 1280 byte packets [RFC2460]. 1165 IPv6 has a configuration protocol - neighbor discovery protocol, 1166 (NDP) [RFC4861]). For a node to learn network parameters NDP 1167 generates regular traffic with a relatively large message size that 1168 does not fit LPWAN constraints. 1170 In some LPWAN technologies, layer two multicast is not supported. In 1171 that case, if the network topology is a star, the solution and 1172 considerations of section 3.2.5 of [RFC7668] may be applied. 1174 Other key protocols such as DHCPv6 [RFC3315], IPsec [RFC4301] and TLS 1175 [RFC5246] have similarly problematic properties in this context. 1176 Each of those require relatively frequent round-trips between the 1177 host and some other host on the network. In the case of 1178 cryptographic protocols such as IPsec and TLS, in addition to the 1179 round-trips required for secure session establishment, cryptographic 1180 operations can require padding and addition of authenticators that 1181 are problematic when considering LPWAN lower layers. Note that mains 1182 powered Wi-SUN mesh router nodes will typically be more resource 1183 capable than the other LPWAN techs discussed. This can enable use of 1184 more "chatty" protocols for some aspects of Wi-SUN. 1186 4.2. 6LoWPAN 1188 Several technologies that exhibit significant constraints in various 1189 dimensions have exploited the 6LoWPAN suite of specifications 1190 [RFC4944], [RFC6282], [RFC6775] to support IPv6 [I-D.hong-6lo-use- 1191 cases]. However, the constraints of LPWANs, often more extreme than 1192 those typical of technologies that have (re)used 6LoWPAN, constitute 1193 a challenge for the 6LoWPAN suite in order to enable IPv6 over LPWAN. 1194 LPWANs are characterized by device constraints (in terms of 1195 processing capacity, memory, and energy availability), and specially, 1196 link constraints, such as: 1198 o very low layer two payload size (from ~10 to ~100 bytes), 1200 o very low bit rate (from ~10 bit/s to ~100 kbit/s), and 1201 o in some specific technologies, further message rate constraints 1202 (e.g. between ~0.1 message/minute and ~1 message/minute) due to 1203 regional regulations that limit the duty cycle. 1205 4.2.1. Header Compression 1207 6LoWPAN header compression reduces IPv6 (and UDP) header overhead by 1208 eliding header fields when they can be derived from the link layer, 1209 and by assuming that some of the header fields will frequently carry 1210 expected values. 6LoWPAN provides both stateless and stateful header 1211 compression. In the latter, all nodes of a 6LoWPAN are assumed to 1212 share compression context. In the best case, the IPv6 header for 1213 link-local communication can be reduced to only 2 bytes. For global 1214 communication, the IPv6 header may be compressed down to 3 bytes in 1215 the most extreme case. However, in more practical situations, the 1216 smallest IPv6 header size may be 11 bytes (one address prefix 1217 compressed) or 19 bytes (both source and destination prefixes 1218 compressed). These headers are large considering the link layer 1219 payload size of LPWAN technologies, and in some cases are even bigger 1220 than the LPWAN PDUs. 6LoWPAN has been initially designed for IEEE 1221 802.15.4 networks with a frame size up to 127 bytes and a throughput 1222 of up to 250 kb/s, which may or may not be duty-cycled. 1224 4.2.2. Address Autoconfiguration 1226 Traditionally, Interface Identifiers (IIDs) have been derived from 1227 link layer identifiers [RFC4944] . This allows optimizations such as 1228 header compression. Nevertheless, recent guidance has given advice 1229 on the fact that, due to privacy concerns, 6LoWPAN devices should not 1230 be configured to embed their link layer addresses in the IID by 1231 default. 1233 4.2.3. Fragmentation 1235 As stated above, IPv6 requires the layer below to support an MTU of 1236 1280 bytes [RFC2460]. Therefore, given the low maximum payload size 1237 of LPWAN technologies, fragmentation is needed. 1239 If a layer of an LPWAN technology supports fragmentation, proper 1240 analysis has to be carried out to decide whether the fragmentation 1241 functionality provided by the lower layer or fragmentation at the 1242 adaptation layer should be used. Otherwise, fragmentation 1243 functionality shall be used at the adaptation layer. 1245 6LoWPAN defined a fragmentation mechanism and a fragmentation header 1246 to support the transmission of IPv6 packets over IEEE 802.15.4 1247 networks [RFC4944]. While the 6LoWPAN fragmentation header is 1248 appropriate for IEEE 802.15.4-2003 (which has a frame payload size of 1249 81-102 bytes), it is not suitable for several LPWAN technologies, 1250 many of which have a maximum payload size that is one order of 1251 magnitude below that of IEEE 802.15.4-2003. The overhead of the 1252 6LoWPAN fragmentation header is high, considering the reduced payload 1253 size of LPWAN technologies and the limited energy availability of the 1254 devices using such technologies. Furthermore, its datagram offset 1255 field is expressed in increments of eight octets. In some LPWAN 1256 technologies, the 6LoWPAN fragmentation header plus eight octets from 1257 the original datagram exceeds the available space in the layer two 1258 payload. In addition, the MTU in the LPWAN networks could be 1259 variable which implies a variable fragmentation solution. 1261 4.2.4. Neighbor Discovery 1263 6LoWPAN Neighbor Discovery [RFC6775] defined optimizations to IPv6 1264 Neighbor Discovery [RFC4861], in order to adapt functionality of the 1265 latter for networks of devices using IEEE 802.15.4 or similar 1266 technologies. The optimizations comprise host-initiated interactions 1267 to allow for sleeping hosts, replacement of multicast-based address 1268 resolution for hosts by an address registration mechanism, multihop 1269 extensions for prefix distribution and duplicate address detection 1270 (note that these are not needed in a star topology network), and 1271 support for 6LoWPAN header compression. 1273 6LoWPAN Neighbor Discovery may be used in not so severely constrained 1274 LPWAN networks. The relative overhead incurred will depend on the 1275 LPWAN technology used (and on its configuration, if appropriate). In 1276 certain LPWAN setups (with a maximum payload size above ~60 bytes, 1277 and duty-cycle-free or equivalent operation), an RS/RA/NS/NA exchange 1278 may be completed in a few seconds, without incurring packet 1279 fragmentation. 1281 In other LPWANs (with a maximum payload size of ~10 bytes, and a 1282 message rate of ~0.1 message/minute), the same exchange may take 1283 hours or even days, leading to severe fragmentation and consuming a 1284 significant amount of the available network resources. 6LoWPAN 1285 Neighbor Discovery behavior may be tuned through the use of 1286 appropriate values for the default Router Lifetime, the Valid 1287 Lifetime in the PIOs, and the Valid Lifetime in the 6LowPan Context 1288 Option (6CO), as well as the address Registration Lifetime. However, 1289 for the latter LPWANs mentioned above, 6LoWPAN Neighbor Discovery is 1290 not suitable. 1292 4.3. 6lo 1294 The 6lo WG has been reusing and adapting 6LoWPAN to enable IPv6 1295 support over link layer technologies such as Bluetooth Low Energy 1296 (BTLE), ITU-T G.9959, DECT-ULE, MS/TP-RS485, NFC IEEE 802.11ah. (See 1297 for details.) These technologies are 1298 similar in several aspects to IEEE 802.15.4, which was the original 1299 6LoWPAN target technology. 1301 6lo has mostly used the subset of 6LoWPAN techniques best suited for 1302 each lower layer technology, and has provided additional 1303 optimizations for technologies where the star topology is used, such 1304 as BTLE or DECT-ULE. 1306 The main constraint in these networks comes from the nature of the 1307 devices (constrained devices), whereas in LPWANs it is the network 1308 itself that imposes the most stringent constraints. 1310 4.4. 6tisch 1312 The 6tisch solution is dedicated to mesh networks that operate using 1313 802.15.4e MAC with a deterministic slotted channel. The time slot 1314 channel (TSCH) can help to reduce collisions and to enable a better 1315 balance over the channels. It improves the battery life by avoiding 1316 the idle listening time for the return channel. 1318 A key element of 6tisch is the use of synchronization to enable 1319 determinism. TSCH and 6TiSCH may provide a standard scheduling 1320 function. The LPWAN networks probably will not support 1321 synchronization like the one used in 6tisch. 1323 4.5. RoHC 1325 Robust header compression (RoHC) is a header compression mechanism 1326 [RFC3095] developed for multimedia flows in a point to point channel. 1327 RoHC uses 3 levels of compression, each level having its own header 1328 format. In the first level, RoHC sends 52 bytes of header, in the 1329 second level the header could be from 34 to 15 bytes and in the third 1330 level header size could be from 7 to 2 bytes. The level of 1331 compression is managed by a sequence number, which varies in size 1332 from 2 bytes to 4 bits in the minimal compression. SN compression is 1333 done with an algorithm called W-LSB (Window- Least Significant Bits). 1334 This window has a 4-bit size representing 15 packets, so every 15 1335 packets RoHC needs to slide the window in order to receive the 1336 correct sequence number, and sliding the window implies a reduction 1337 of the level of compression. When packets are lost or errored, the 1338 decompressor loses context and drops packets until a bigger header is 1339 sent with more complete information. To estimate the performance of 1340 RoHC, an average header size is used. This average depends on the 1341 transmission conditions, but most of the time is between 3 and 4 1342 bytes. 1344 RoHC has not been adapted specifically to the constrained hosts and 1345 networks of LPWANs: it does not take into account energy limitations 1346 nor the transmission rate, and RoHC context is synchronised during 1347 transmission, which does not allow better compression. 1349 4.6. ROLL 1351 Most technologies considered by the lpwan WG are based on a star 1352 topology, which eliminates the need for routing at that layer. 1353 Future work may address additional use-cases that may require 1354 adaptation of existing routing protocols or the definition of new 1355 ones. As of the time of writing, work similar to that done in the 1356 ROLL WG and other routing protocols are out of scope of the LPWAN WG. 1358 4.7. CoAP 1360 CoAP [RFC7252] provides a RESTful framework for applications intended 1361 to run on constrained IP networks. It may be necessary to adapt CoAP 1362 or related protocols to take into account for the extreme duty cycles 1363 and the potentially extremely limited throughput of LPWANs. 1365 For example, some of the timers in CoAP may need to be redefined. 1366 Taking into account CoAP acknowledgments may allow the reduction of 1367 L2 acknowledgments. On the other hand, the current work in progress 1368 in the CoRE WG where the COMI/CoOL network management interface 1369 which, uses Structured Identifiers (SID) to reduce payload size over 1370 CoAP may prove to be a good solution for the LPWAN technologies. The 1371 overhead is reduced by adding a dictionary which matches a URI to a 1372 small identifier and a compact mapping of the YANG model into the 1373 CBOR binary representation. 1375 4.8. Mobility 1377 LPWAN nodes can be mobile. However, LPWAN mobility is different from 1378 the one specified for Mobile IP. LPWAN implies sporadic traffic and 1379 will rarely be used for high-frequency, real-time communications. 1380 The applications do not generate a flow, they need to save energy and 1381 most of the time the node will be down. 1383 In addition, LPWAN mobility may mostly apply to groups of devices, 1384 that represent a network in which case mobility is more a concern for 1385 the gateway than the devices. NEMO [RFC3963] Mobility or other 1386 mobile gateway solutions (such as a gateway with an LTE uplink) may 1387 be used in the case where some end-devices belonging to the same 1388 network gateway move from one point to another such that they are not 1389 aware of being mobile. 1391 4.9. DNS and LPWAN 1393 The Domain Name System (DNS) DNS [RFC1035], enables applications to 1394 name things with a globally resolvable name. Many protocols use the 1395 DNS to identify hosts, for example applications using CoAP. 1397 The DNS query/answer protocol as a pre-cursor to other communication 1398 within the time-to-live (TTL) of a DNS answer is clearly problematic 1399 in an LPWAN, say where only one round-trip per hour can be used, and 1400 with a TTL that is less than 3600. It is currently unclear whether 1401 and how DNS-like functionality might be provided in LPWANs. 1403 5. Security Considerations 1405 Most LPWAN technologies integrate some authentication or encryption 1406 mechanisms that were defined outside the IETF. The working group may 1407 need to do work to integrate these mechanisms to unify management. A 1408 standardized Authentication, Accounting, and Authorization (AAA) 1409 infrastructure [RFC2904] may offer a scalable solution for some of 1410 the security and management issues for LPWANs. AAA offers 1411 centralized management that may be of use in LPWANs, for example 1412 [I-D.garcia-dime-diameter-lorawan] and 1413 [I-D.garcia-radext-radius-lorawan] suggest possible security 1414 processes for a LoRaWAN network. Similar mechanisms may be useful to 1415 explore for other LPWAN technologies. 1417 Some applications using LPWANs may raise few or no privacy 1418 considerations. For example, temperature sensors in a large office 1419 building may not raise privacy issues. However, the same sensors, if 1420 deployed in a home environment and especially if triggered due to 1421 human presence, can raise significant privacy issues - if an end- 1422 device emits (an encrypted) packet every time someone enters a room 1423 in a home, then that traffic is privacy sensitive. And the more that 1424 the existence of that traffic is visible to network entities, the 1425 more privacy sensitivities arise. At this point, it is not clear 1426 whether there are workable mitigations for problems like this - in a 1427 more typical network, one would consider defining padding mechanisms 1428 and allowing for cover traffic. In some LPWANs, those mechanisms may 1429 not be feasible. Nonetheless, the privacy challenges do exist and 1430 can be real and so some solutions will be needed. Note that many 1431 aspects of solutions in this space may not be visible in IETF 1432 specifications, but can be e.g. implementation or deployment 1433 specific. 1435 Another challenge for LPWANs will be how to handle key management and 1436 associated protocols. In a more traditional network (e.g. the web), 1437 servers can "staple" Online Certificate Status Protocol (OCSP) 1438 responses in order to allow browsers to check revocation status for 1439 presented certificates. [RFC6961] While the stapling approach is 1440 likely something that would help in an LPWAN, as it avoids an RTT, 1441 certificates and OCSP responses are bulky items and will prove 1442 challenging to handle in LPWANs with bounded bandwidth. 1444 6. IANA Considerations 1446 There are no IANA considerations related to this memo. 1448 7. Contributors 1450 As stated above this document is mainly a collection of content 1451 developed by the full set of contributors listed below. The main 1452 input documents and their authors were: 1454 o Text for Section 2.1 was provided by Alper Yegin and Stephen 1455 Farrell in [I-D.farrell-lpwan-lora-overview]. 1457 o Text for Section 2.2 was provided by Antti Ratilainen in 1458 [I-D.ratilainen-lpwan-nb-iot]. 1460 o Text for Section 2.3 was provided by Juan Carlos Zuniga and Benoit 1461 Ponsard in [I-D.zuniga-lpwan-sigfox-system-description]. 1463 o Text for Section 2.4 was provided via personal communication from 1464 Bob Heile (bheile@ieee.org) and was authored by Bob and Sum Chin 1465 Sean. There is no Internet draft for that at present. 1467 o Text for Section 4 was provided by Ana Minabiru, Carles Gomez, 1468 Laurent Toutain, Josep Paradells and Jon Crowcroft in 1469 [I-D.minaburo-lpwan-gap-analysis]. Additional text from that 1470 draft is also used elsewhere above. 1472 The full list of contributors are: 1474 Jon Crowcroft 1475 University of Cambridge 1476 JJ Thomson Avenue 1477 Cambridge, CB3 0FD 1478 United Kingdom 1480 Email: jon.crowcroft@cl.cam.ac.uk 1482 Carles Gomez 1483 UPC/i2CAT 1484 C/Esteve Terradas, 7 1485 Castelldefels 08860 1486 Spain 1488 Email: carlesgo@entel.upc.edu 1490 Bob Heile 1491 Wi-Sun Alliance 1492 11 Robert Toner Blvd, Suite 5-301 1493 North Attleboro, MA 02763 1494 USA 1496 Phone: +1-781-929-4832 1497 Email: bheile@ieee.org 1499 Ana Minaburo 1500 Acklio 1501 2bis rue de la Chataigneraie 1502 35510 Cesson-Sevigne Cedex 1503 France 1505 Email: ana@ackl.io 1507 Josep PAradells 1508 UPC/i2CAT 1509 C/Jordi Girona, 1-3 1510 Barcelona 08034 1511 Spain 1513 Email: josep.paradells@entel.upc.edu 1515 Benoit Ponsard 1516 SIGFOX 1517 425 rue Jean Rostand 1518 Labege 31670 1519 France 1521 Email: Benoit.Ponsard@sigfox.com 1522 URI: http://www.sigfox.com/ 1524 Antti Ratilainen 1525 Ericsson 1526 Hirsalantie 11 1527 Jorvas 02420 1528 Finland 1530 Email: antti.ratilainen@ericsson.com 1532 Chin-Sean SUM 1533 Wi-Sun Alliance 1534 20, Science Park Rd 1535 Singapore 117674 1537 Phone: +65 6771 1011 1538 Email: sum@wi-sun.org 1540 Laurent Toutain 1541 Institut MINES TELECOM ; TELECOM Bretagne 1542 2 rue de la Chataigneraie 1543 CS 17607 1544 35576 Cesson-Sevigne Cedex 1545 France 1547 Email: Laurent.Toutain@telecom-bretagne.eu 1549 Alper Yegin 1550 Actility 1551 Paris, Paris 1552 FR 1554 Email: alper.yegin@actility.com 1556 Juan Carlos Zuniga 1557 SIGFOX 1558 425 rue Jean Rostand 1559 Labege 31670 1560 France 1562 Email: JuanCarlos.Zuniga@sigfox.com 1563 URI: http://www.sigfox.com/ 1565 8. Acknowledgments 1567 Thanks to all those listed in Section 7 for the excellent text. 1568 Errors in the handling of that are solely the editor's fault. 1570 In addition to the contributors above, thanks are due to Arun 1571 (arun@acklio.com), Dan Garcia Carrillo, Paul Duffy, Russ Housley, 1572 Thad Guidry, Jiazi Yi, for comments. 1574 Alexander Pelov and Pascal Thubert were the LPWAN WG chairs while 1575 this document was developed. 1577 Stephen Farrell's work on this memo was supported by Pervasive 1578 Nation, the Science Foundation Ireland's CONNECT centre national IoT 1579 network. 1581 9. Informative References 1583 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 1584 DOI 10.17487/RFC0768, August 1980, . 1587 [RFC1035] Mockapetris, P., "Domain names - implementation and 1588 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 1589 November 1987, . 1591 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1592 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1593 December 1998, . 1595 [RFC2904] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., 1596 Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., and 1597 D. Spence, "AAA Authorization Framework", RFC 2904, 1598 DOI 10.17487/RFC2904, August 2000, . 1601 [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H., 1602 Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, 1603 K., Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., 1604 Wiebke, T., Yoshimura, T., and H. Zheng, "RObust Header 1605 Compression (ROHC): Framework and four profiles: RTP, UDP, 1606 ESP, and uncompressed", RFC 3095, DOI 10.17487/RFC3095, 1607 July 2001, . 1609 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1610 C., and M. Carney, "Dynamic Host Configuration Protocol 1611 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1612 2003, . 1614 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 1615 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 1616 RFC 3963, DOI 10.17487/RFC3963, January 2005, 1617 . 1619 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1620 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1621 December 2005, . 1623 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1624 Control Message Protocol (ICMPv6) for the Internet 1625 Protocol Version 6 (IPv6) Specification", STD 89, 1626 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1627 . 1629 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1630 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1631 DOI 10.17487/RFC4861, September 2007, . 1634 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1635 "Transmission of IPv6 Packets over IEEE 802.15.4 1636 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1637 . 1639 [RFC5216] Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS 1640 Authentication Protocol", RFC 5216, DOI 10.17487/RFC5216, 1641 March 2008, . 1643 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1644 (TLS) Protocol Version 1.2", RFC 5246, 1645 DOI 10.17487/RFC5246, August 2008, . 1648 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1649 Housley, R., and W. Polk, "Internet X.509 Public Key 1650 Infrastructure Certificate and Certificate Revocation List 1651 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 1652 . 1654 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1655 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1656 DOI 10.17487/RFC6282, September 2011, . 1659 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1660 Bormann, "Neighbor Discovery Optimization for IPv6 over 1661 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1662 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1663 . 1665 [RFC6961] Pettersen, Y., "The Transport Layer Security (TLS) 1666 Multiple Certificate Status Request Extension", RFC 6961, 1667 DOI 10.17487/RFC6961, June 2013, . 1670 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 1671 Application Protocol (CoAP)", RFC 7252, 1672 DOI 10.17487/RFC7252, June 2014, . 1675 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1676 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1677 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1678 . 1680 [I-D.farrell-lpwan-lora-overview] 1681 Farrell, S. and A. Yegin, "LoRaWAN Overview", draft- 1682 farrell-lpwan-lora-overview-01 (work in progress), October 1683 2016. 1685 [I-D.minaburo-lpwan-gap-analysis] 1686 Minaburo, A., Gomez, C., Toutain, L., Paradells, J., and 1687 J. Crowcroft, "LPWAN Survey and GAP Analysis", draft- 1688 minaburo-lpwan-gap-analysis-02 (work in progress), October 1689 2016. 1691 [I-D.zuniga-lpwan-sigfox-system-description] 1692 Zuniga, J. and B. PONSARD, "SIGFOX System Description", 1693 draft-zuniga-lpwan-sigfox-system-description-03 (work in 1694 progress), June 2017. 1696 [I-D.ratilainen-lpwan-nb-iot] 1697 Ratilainen, A., "NB-IoT characteristics", draft- 1698 ratilainen-lpwan-nb-iot-00 (work in progress), July 2016. 1700 [I-D.garcia-dime-diameter-lorawan] 1701 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1702 "LoRaWAN Authentication in Diameter", draft-garcia-dime- 1703 diameter-lorawan-00 (work in progress), May 2016. 1705 [I-D.garcia-radext-radius-lorawan] 1706 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1707 "LoRaWAN Authentication in RADIUS", draft-garcia-radext- 1708 radius-lorawan-03 (work in progress), May 2017. 1710 [TGPP36300] 1711 3GPP, "TS 36.300 v13.4.0 Evolved Universal Terrestrial 1712 Radio Access (E-UTRA) and Evolved Universal Terrestrial 1713 Radio Access Network (E-UTRAN); Overall description; Stage 1714 2", 2016, 1715 . 1717 [TGPP36321] 1718 3GPP, "TS 36.321 v13.2.0 Evolved Universal Terrestrial 1719 Radio Access (E-UTRA); Medium Access Control (MAC) 1720 protocol specification", 2016. 1722 [TGPP36322] 1723 3GPP, "TS 36.322 v13.2.0 Evolved Universal Terrestrial 1724 Radio Access (E-UTRA); Radio Link Control (RLC) protocol 1725 specification", 2016. 1727 [TGPP36323] 1728 3GPP, "TS 36.323 v13.2.0 Evolved Universal Terrestrial 1729 Radio Access (E-UTRA); Packet Data Convergence Protocol 1730 (PDCP) specification (Not yet available)", 2016. 1732 [TGPP36331] 1733 3GPP, "TS 36.331 v13.2.0 Evolved Universal Terrestrial 1734 Radio Access (E-UTRA); Radio Resource Control (RRC); 1735 Protocol specification", 2016. 1737 [TGPP36201] 1738 3GPP, "TS 36.201 v13.2.0 - Evolved Universal Terrestrial 1739 Radio Access (E-UTRA); LTE physical layer; General 1740 description", 2016. 1742 [TGPP23720] 1743 3GPP, "TR 23.720 v13.0.0 - Study on architecture 1744 enhancements for Cellular Internet of Things", 2016. 1746 [TGPP33203] 1747 3GPP, "TS 33.203 v13.1.0 - 3G security; Access security 1748 for IP-based services", 2016. 1750 [fcc_ref] "FCC CFR 47 Part 15.247 Telecommunication Radio Frequency 1751 Devices - Operation within the bands 902-928 MHz, 1752 2400-2483.5 MHz, and 5725-5850 MHz.", June 2016. 1754 [etsi_ref] 1755 "ETSI EN 300-220 (Parts 1 and 2): Electromagnetic 1756 compatibility and Radio spectrum Matters (ERM); Short 1757 Range Devices (SRD); Radio equipment to be used in the 25 1758 MHz to 1 000 MHz frequency range with power levels ranging 1759 up to 500 mW", May 2016. 1761 [arib_ref] 1762 "ARIB STD-T108 (Version 1.0): 920MHz-Band Telemeter, 1763 Telecontrol and data transmission radio equipment.", 1764 February 2012. 1766 [LoRaSpec] 1767 LoRa Alliance, "LoRaWAN Specification Version V1.0.2", 1768 July 2016, . 1772 [LoRaSpec1.0] 1773 LoRa Alliance, "LoRaWAN Specification Version V1.0", Jan 1774 2015, . 1777 [ANSI-4957-000] 1778 ANSI, TIA-4957.000, "Architecture Overview for the Smart 1779 Utility Network", May 2013, . 1782 [ANSI-4957-210] 1783 ANSI, TIA-4957.210, "Multi-Hop Delivery Specification of a 1784 Data Link Sub-Layer", May 2013, . 1787 [wisun-pressie1] 1788 Phil Beecher, Chair, Wi-SUN Alliance, "Wi-SUN Alliance 1789 Overview", March 2017, . 1793 [wisun-pressie2] 1794 Bob Heile, Director of Standards, Wi-SUN Alliance, "IETF97 1795 Wi-SUN Alliance Field Area Network (FAN) Overview", 1796 November 2016, 1797 . 1800 [IEEE-802-15-4] 1801 "IEEE Standard for Low-Rate Wireless Personal Area 1802 Networks (WPANs)", IEEE Standard 802.15.4, 2015, 1803 . 1806 [IEEE-802-15-9] 1807 "IEEE Recommended Practice for Transport of Key Management 1808 Protocol (KMP) Datagrams", IEEE Standard 802.15.9, 2016, 1809 . 1812 [etsi_unb] 1813 "ETSI TR 103 435 System Reference document (SRdoc); Short 1814 Range Devices (SRD); Technical characteristics for Ultra 1815 Narrow Band (UNB) SRDs operating in the UHF spectrum below 1816 1 GHz", February 2017. 1818 Appendix A. Changes 1820 A.1. From -00 to -01 1822 o WG have stated they want this to be an RFC. 1824 o WG clearly want to keep the RF details. 1826 o Various changes made to remove/resolve a number of editorial notes 1827 from -00 (in some cases as per suggestions from Ana Minaburo) 1829 o Merged PR's: #1... 1831 o Rejected PR's: #2 (change was made to .txt not .xml but was 1832 replicated manually by editor) 1834 o Github repo is at: https://github.com/sftcd/lpwan-ov 1836 A.2. From -01 to -02 1838 o WG seem to agree with editor suggestions in slides 13-24 of the 1839 presentation on this topic given at IETF98 (See: 1840 https://www.ietf.org/proceedings/98/slides/slides-98-lpwan- 1841 aggregated-slides-07.pdf) 1843 o Got new text wrt Wi-SUN via email from Paul Duffy and merged that 1844 in 1846 o Reflected list discussion wrt terminology and "end-device" 1847 o Merged PR's: #3... 1849 A.3. From -02 to -03 1851 o Editorial changes and typo fixes thanks to Fred Baker running 1852 something called Grammerly and sending me it's report. 1854 o Merged PR's: #4, #6, #7... 1856 o Editor did an editing pass on the lot. 1858 A.4. From -03 to -04 1860 o Picked up a PR that had been wrongly applied that expands UE 1862 o Editorial changes wrt LoRa suggested by Alper 1864 o Editorial changes wrt SIGFOX provided by Juan-Carlos 1866 A.5. From -04 to -05 1868 o Handled Russ Housley's WGLC review. 1870 o Handled Alper Yegin's WGLC review. 1872 A.6. From -05 to -06 1874 o More Alper comments:-) 1876 o Added some more detail about sigfox security. 1878 o Added Wi-SUN changes from Charlie Perkins 1880 Author's Address 1882 Stephen Farrell (editor) 1883 Trinity College Dublin 1884 Dublin 2 1885 Ireland 1887 Phone: +353-1-896-2354 1888 Email: stephen.farrell@cs.tcd.ie