idnits 2.17.1 draft-ietf-lpwan-overview-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 7, 2018) is 2269 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'FANTPS' is mentioned on line 956, but not defined -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 3315 (Obsoleted by RFC 8415) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6961 (Obsoleted by RFC 8446) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan S. Farrell, Ed. 3 Internet-Draft Trinity College Dublin 4 Intended status: Informational February 7, 2018 5 Expires: August 11, 2018 7 LPWAN Overview 8 draft-ietf-lpwan-overview-10 10 Abstract 12 Low Power Wide Area Networks (LPWAN) are wireless technologies with 13 characteristics such as large coverage areas, low bandwidth, possibly 14 very small packet and application layer data sizes and long battery 15 life operation. This memo is an informational overview of the set of 16 LPWAN technologies being considered in the IETF and of the gaps that 17 exist between the needs of those technologies and the goal of running 18 IP in LPWANs. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on August 11, 2018. 37 Copyright Notice 39 Copyright (c) 2018 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. LPWAN Technologies . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. LoRaWAN . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 2.1.1. Provenance and Documents . . . . . . . . . . . . . . 4 58 2.1.2. Characteristics . . . . . . . . . . . . . . . . . . . 4 59 2.2. Narrowband IoT (NB-IoT) . . . . . . . . . . . . . . . . . 11 60 2.2.1. Provenance and Documents . . . . . . . . . . . . . . 11 61 2.2.2. Characteristics . . . . . . . . . . . . . . . . . . . 11 62 2.3. SIGFOX . . . . . . . . . . . . . . . . . . . . . . . . . 15 63 2.3.1. Provenance and Documents . . . . . . . . . . . . . . 15 64 2.3.2. Characteristics . . . . . . . . . . . . . . . . . . . 16 65 2.4. Wi-SUN Alliance Field Area Network (FAN) . . . . . . . . 20 66 2.4.1. Provenance and Documents . . . . . . . . . . . . . . 20 67 2.4.2. Characteristics . . . . . . . . . . . . . . . . . . . 21 68 3. Generic Terminology . . . . . . . . . . . . . . . . . . . . . 24 69 4. Gap Analysis . . . . . . . . . . . . . . . . . . . . . . . . 25 70 4.1. Naive application of IPv6 . . . . . . . . . . . . . . . . 26 71 4.2. 6LoWPAN . . . . . . . . . . . . . . . . . . . . . . . . . 26 72 4.2.1. Header Compression . . . . . . . . . . . . . . . . . 27 73 4.2.2. Address Autoconfiguration . . . . . . . . . . . . . . 27 74 4.2.3. Fragmentation . . . . . . . . . . . . . . . . . . . . 27 75 4.2.4. Neighbor Discovery . . . . . . . . . . . . . . . . . 28 76 4.3. 6lo . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 77 4.4. 6tisch . . . . . . . . . . . . . . . . . . . . . . . . . 29 78 4.5. RoHC . . . . . . . . . . . . . . . . . . . . . . . . . . 29 79 4.6. ROLL . . . . . . . . . . . . . . . . . . . . . . . . . . 30 80 4.7. CoAP . . . . . . . . . . . . . . . . . . . . . . . . . . 30 81 4.8. Mobility . . . . . . . . . . . . . . . . . . . . . . . . 30 82 4.9. DNS and LPWAN . . . . . . . . . . . . . . . . . . . . . . 31 83 5. Security Considerations . . . . . . . . . . . . . . . . . . . 31 84 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 85 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 32 86 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 35 87 9. Informative References . . . . . . . . . . . . . . . . . . . 35 88 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 41 89 A.1. From -00 to -01 . . . . . . . . . . . . . . . . . . . . . 41 90 A.2. From -01 to -02 . . . . . . . . . . . . . . . . . . . . . 41 91 A.3. From -02 to -03 . . . . . . . . . . . . . . . . . . . . . 41 92 A.4. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 42 93 A.5. From -04 to -05 . . . . . . . . . . . . . . . . . . . . . 42 94 A.6. From -05 to -06 . . . . . . . . . . . . . . . . . . . . . 42 95 A.7. From -06 to -07 . . . . . . . . . . . . . . . . . . . . . 42 96 A.8. From -07 to -08 . . . . . . . . . . . . . . . . . . . . . 42 97 A.9. From -08 to -09 . . . . . . . . . . . . . . . . . . . . . 43 98 A.10. From -09 to -10 . . . . . . . . . . . . . . . . . . . . . 43 99 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 43 101 1. Introduction 103 This document provides background material and an overview of the 104 technologies being considered in the IETF's Low Power Wide-Area 105 Networking (LPWAN) working group. We also provide a gap analysis 106 between the needs of these technologies and currently available IETF 107 specifications. 109 Most technologies in this space aim for similar goals of supporting 110 large numbers of very low-cost, low-throughput devices with very-low 111 power consumption, so that even battery-powered devices can be 112 deployed for years. LPWAN devices also tend to be constrained in 113 their use of bandwidth, for example with limited frequencies being 114 allowed to be used within limited duty-cycles (usually expressed as a 115 percentage of time per-hour that the device is allowed to transmit.) 116 And as the name implies, coverage of large areas is also a common 117 goal. So, by and large, the different technologies aim for 118 deployment in very similar circumstances. 120 What mainly distinguishes LPWANs from other constrained networks is 121 that in LPWANs the balancing act related to power consumption/battery 122 life, cost and bandwidth tends to prioritise doing better with 123 respect to power and cost and we are more willing to live with 124 extremely low bandwidth and constrained duty-cycles when making the 125 various trade-offs required, in order to get the multiple-kilometre 126 radio links implied by the "wide area" aspect of the LPWAN term. 128 Existing pilot deployments have shown huge potential and created much 129 industrial interest in these technologies. As of today, essentially 130 no LPWAN end-devices (other than for Wi-SUN) have IP capabilities. 131 Connecting LPWANs to the Internet would provide significant benefits 132 to these networks in terms of interoperability, application 133 deployment, and management, among others. The goal of the IETF LPWAN 134 working group is to, where necessary, adapt IETF-defined protocols, 135 addressing schemes and naming to this particular constrained 136 environment. 138 This document is largely the work of the people listed in Section 7. 140 2. LPWAN Technologies 142 This section provides an overview of the set of LPWAN technologies 143 that are being considered in the LPWAN working group. The text for 144 each was mainly contributed by proponents of each technology. 146 Note that this text is not intended to be normative in any sense, but 147 simply to help the reader in finding the relevant layer 2 148 specifications and in understanding how those integrate with IETF- 149 defined technologies. Similarly, there is no attempt here to set out 150 the pros and cons of the relevant technologies. 152 Note that some of the technology-specific drafts referenced below may 153 have been updated since publication of this document. 155 2.1. LoRaWAN 157 2.1.1. Provenance and Documents 159 LoRaWAN is an ISM-based wireless technology for long-range low-power 160 low-data-rate applications developed by the LoRa Alliance, a 161 membership consortium. This draft 162 is based on version 1.0.2 [LoRaSpec] of the LoRa specification. That 163 specification is publicly available and has already seen several 164 deployments across the globe. 166 2.1.2. Characteristics 168 LoRaWAN aims to support end-devices operating on a single battery for 169 an extended period of time (e.g., 10 years or more), extended 170 coverage through 155 dB maximum coupling loss, and reliable and 171 efficient file download (as needed for remote software/firmware 172 upgrade). 174 LoRaWAN networks are typically organized in a star-of-stars topology 175 in which gateways relay messages between end-devices and a central 176 "network server" in the backend. Gateways are connected to the 177 network server via IP links while end-devices use single-hop LoRaWAN 178 communication that can be received at one or more gateways. 179 Communication is generally bi-directional; uplink communication from 180 end-devices to the network server is favored in terms of overall 181 bandwidth availability. 183 Figure 1 shows the entities involved in a LoRaWAN network. 185 +----------+ 186 |End-device| * * * 187 +----------+ * +---------+ 188 * | Gateway +---+ 189 +----------+ * +---------+ | +---------+ 190 |End-device| * * * +---+ Network +--- Application 191 +----------+ * | | Server | 192 * +---------+ | +---------+ 193 +----------+ * | Gateway +---+ 194 |End-device| * * * * +---------+ 195 +----------+ 196 Key: * LoRaWAN Radio 197 +---+ IP connectivity 199 Figure 1: LoRaWAN architecture 201 o End-device: a LoRa client device, sometimes called a mote. 202 Communicates with gateways. 204 o Gateway: a radio on the infrastructure-side, sometimes called a 205 concentrator or base-station. Communicates with end-devices and, 206 via IP, with a network server. 208 o Network Server: The Network Server (NS) terminates the LoRaWAN MAC 209 layer for the end-devices connected to the network. It is the 210 center of the star topology. 212 o Join Server: The Join Server (JS) is a server on the Internet side 213 of an NS that processes join requests from an end-devices. 215 o Uplink message: refers to communications from an end-device to a 216 network server or application via one or more gateways. 218 o Downlink message: refers to communications from a network server 219 or application via one gateway to a single end-device or a group 220 of end-devices (considering multicasting). 222 o Application: refers to application layer code both on the end- 223 device and running "behind" the network server. For LoRaWAN, 224 there will generally only be one application running on most end- 225 devices. Interfaces between the network server and application 226 are not further described here. 228 In LoRaWAN networks, end-device transmissions may be received at 229 multiple gateways, so during nominal operation a network server may 230 see multiple instances of the same uplink message from an end-device. 232 The LoRaWAN network infrastructure manages the data rate and RF 233 output power for each end-device individually by means of an adaptive 234 data rate (ADR) scheme. End-devices may transmit on any channel 235 allowed by local regulation at any time. 237 LoRaWAN radios make use of industrial, scientific and medical (ISM) 238 bands, for example, 433MHz and 868MHz within the European Union and 239 915MHz in the Americas. 241 The end-device changes channel in a pseudo-random fashion for every 242 transmission to help make the system more robust to interference and/ 243 or to conform to local regulations. 245 Figure 2 below shows that after a transmission slot a Class A device 246 turns on its receiver for two short receive windows that are offset 247 from the end of the transmission window. End-devices can only 248 transmit a subsequent uplink frame after the end of the associated 249 receive windows. When a device joins a LoRaWAN network, there are 250 similar timeouts on parts of that process. 252 |----------------------------| |--------| |--------| 253 | Tx | | Rx | | Rx | 254 |----------------------------| |--------| |--------| 255 |---------| 256 Rx delay 1 257 |------------------------| 258 Rx delay 2 260 Figure 2: LoRaWAN Class A transmission and reception window 262 Given the different regional requirements the detailed specification 263 for the LoRaWAN physical layer (taking up more than 30 pages of the 264 specification) is not reproduced here. Instead and mainly to 265 illustrate the kinds of issue encountered, in Table 1 we present some 266 of the default settings for one ISM band (without fully explaining 267 those here) and in Table 2 we describe maxima and minima for some 268 parameters of interest to those defining ways to use IETF protocols 269 over the LoRaWAN MAC layer. 271 +------------------------+------------------------------------------+ 272 | Parameters | Default Value | 273 +------------------------+------------------------------------------+ 274 | Rx delay 1 | 1 s | 275 | | | 276 | Rx delay 2 | 2 s (must be RECEIVE_DELAY1 + 1s) | 277 | | | 278 | join delay 1 | 5 s | 279 | | | 280 | join delay 2 | 6 s | 281 | | | 282 | 868MHz Default | 3 (868.1,868.2,868.3), data rate: | 283 | channels | 0.3-50kbps | 284 +------------------------+------------------------------------------+ 286 Table 1: Default settings for EU 868MHz band 288 +-----------------------------------------------+--------+----------+ 289 | Parameter/Notes | Min | Max | 290 +-----------------------------------------------+--------+----------+ 291 | Duty Cycle: some but not all ISM bands impose | 1% | no-limit | 292 | a limit in terms of how often an end-device | | | 293 | can transmit. In some cases LoRaWAN is more | | | 294 | restrictive in an attempt to avoid | | | 295 | congestion. | | | 296 | | | | 297 | EU 868MHz band data rate/frame-size | 250 | 50000 | 298 | | bits/s | bits/s : | 299 | | : 59 | 250 | 300 | | octets | octets | 301 | | | | 302 | US 915MHz band data rate/frame-size | 980 | 21900 | 303 | | bits/s | bits/s : | 304 | | : 19 | 250 | 305 | | octets | octets | 306 +-----------------------------------------------+--------+----------+ 308 Table 2: Minima and Maxima for various LoRaWAN Parameters 310 Note that in the case of the smallest frame size (19 octets), 8 311 octets are required for LoRa MAC layer headers leaving only 11 octets 312 for payload (including MAC layer options). However, those settings 313 do not apply for the join procedure - end-devices are required to use 314 a channel and data rate that can send the 23-byte Join-request 315 message for the join procedure. 317 Uplink and downlink higher layer data is carried in a MACPayload. 318 There is a concept of "ports" (an optional 8-bit value) to handle 319 different applications on an end-device. Port zero is reserved for 320 LoRaWAN specific messaging, such as the configuration of the end 321 device's network parameters (available channels, data rates, ADR 322 parameters, RX1/2 delay, etc.). 324 In addition to carrying higher layer PDUs there are Join-Request and 325 Join-Response (aka Join-Accept) messages for handling network access. 326 And so-called "MAC commands" (see below) up to 15 bytes long can be 327 piggybacked in an options field ("FOpts"). 329 There are a number of MAC commands for link and device status 330 checking, ADR and duty-cycle negotiation, managing the RX windows and 331 radio channel settings. For example, the link check response message 332 allows the network server (in response to a request from an end- 333 device) to inform an end-device about the signal attenuation seen 334 most recently at a gateway, and to also tell the end-device how many 335 gateways received the corresponding link request MAC command. 337 Some MAC commands are initiated by the network server. For example, 338 one command allows the network server to ask an end-device to reduce 339 its duty-cycle to only use a proportion of the maximum allowed in a 340 region. Another allows the network server to query the end-device's 341 power status with the response from the end-device specifying whether 342 it has an external power source or is battery powered (in which case 343 a relative battery level is also sent to the network server). 345 In order to operate nominally on a LoRaWAN network, a device needs a 346 32-bit device address, that is assigned when the device "joins" the 347 network (see below for the join procedure) or that is pre-provisioned 348 into the device. In case of roaming devices, the device address is 349 assigned based on the 24-bit network identifier (NetID) that is 350 allocated to the network by the LoRa Alliance. Non-roaming devices 351 can be assigned device addresses by the network without relying on a 352 LoRa Alliance-assigned NetID. 354 End-devices are assumed to work with one or a quite limited number of 355 applications, identified by a 64-bit AppEUI, which is assumed to be a 356 registered IEEE EUI64 value. In addition, a device needs to have two 357 symmetric session keys, one for protecting network artifacts 358 (port=0), the NwkSKey, and another for protecting application layer 359 traffic, the AppSKey. Both keys are used for 128-bit AES 360 cryptographic operations. So, one option is for an end-device to 361 have all of the above, plus channel information, somehow 362 (pre-)provisioned, in which case the end-device can simply start 363 transmitting. This is achievable in many cases via out-of-band means 364 given the nature of LoRaWAN networks. Table 3 summarizes these 365 values. 367 +---------+---------------------------------------------------------+ 368 | Value | Description | 369 +---------+---------------------------------------------------------+ 370 | DevAddr | DevAddr (32-bits) = device-specific network address | 371 | | generated from the NetID | 372 | | | 373 | AppEUI | IEEE EUI64 corresponding to the join server for an | 374 | | application | 375 | | | 376 | NwkSKey | 128-bit network session key used with AES-CMAC | 377 | | | 378 | AppSKey | 128-bit application session key used with AES-CTR | 379 | | | 380 | AppKey | 128-bit application session key used with AES-ECB | 381 +---------+---------------------------------------------------------+ 383 Table 3: Values required for nominal operation 385 As an alternative, end-devices can use the LoRaWAN join procedure 386 with a join server behind the NS in order to setup some of these 387 values and dynamically gain access to the network. To use the join 388 procedure, an end-device must still know the AppEUI, and in addition, 389 a different (long-term) symmetric key that is bound to the AppEUI - 390 this is the application key (AppKey), and is distinct from the 391 application session key (AppSKey). The AppKey is required to be 392 specific to the device, that is, each end-device should have a 393 different AppKey value. And finally, the end-device also needs a 394 long-term identifier for itself, syntactically also an EUI-64, and 395 known as the device EUI or DevEUI. Table 4 summarizes these values. 397 +---------+----------------------------------------------------+ 398 | Value | Description | 399 +---------+----------------------------------------------------+ 400 | DevEUI | IEEE EUI64 naming the device | 401 | | | 402 | AppEUI | IEEE EUI64 naming the application | 403 | | | 404 | AppKey | 128-bit long term application key for use with AES | 405 +---------+----------------------------------------------------+ 407 Table 4: Values required for join procedure 409 The join procedure involves a special exchange where the end-device 410 asserts the AppEUI and DevEUI (integrity protected with the long-term 411 AppKey, but not encrypted) in a Join-request uplink message. This is 412 then routed to the network server which interacts with an entity that 413 knows that AppKey to verify the Join-request. All going well, a 414 Join-accept downlink message is returned from the network server to 415 the end-device that specifies the 24-bit NetID, 32-bit DevAddr and 416 channel information and from which the AppSKey and NwkSKey can be 417 derived based on knowledge of the AppKey. This provides the end- 418 device with all the values listed in Table 3. 420 All payloads are encrypted and have data integrity. MAC commands, 421 when sent as a payload (port zero), are therefore protected. MAC 422 commands piggy-backed as frame options ("FOpts") are however sent in 423 clear. Any MAC commands sent as frame options and not only as 424 payload, are visible to a passive attacker but are not malleable for 425 an active attacker due to the use of the Message Integrity Check 426 (MIC) described below. 428 For LoRaWAN version 1.0.x, the NWkSkey session key is used to provide 429 data integrity between the end-device and the network server. The 430 AppSKey is used to provide data confidentiality between the end- 431 device and network server, or to the application "behind" the network 432 server, depending on the implementation of the network. 434 All MAC layer messages have an outer 32-bit MIC calculated using AES- 435 CMAC calculated over the ciphertext payload and other headers and 436 using the NwkSkey. Payloads are encrypted using AES-128, with a 437 counter-mode derived from IEEE 802.15.4 using the AppSKey. Gateways 438 are not expected to be provided with the AppSKey or NwkSKey, all of 439 the infrastructure-side cryptography happens in (or "behind") the 440 network server. When session keys are derived from the AppKey as a 441 result of the join procedure the Join-accept message payload is 442 specially handled. 444 The long-term AppKey is directly used to protect the Join-accept 445 message content, but the function used is not an AES-encrypt 446 operation, but rather an AES-decrypt operation. The justification is 447 that this means that the end-device only needs to implement the AES- 448 encrypt operation. (The counter mode variant used for payload 449 decryption means the end-device doesn't need an AES-decrypt 450 primitive.) 452 The Join-accept plaintext is always less than 16 bytes long, so 453 electronic code book (ECB) mode is used for protecting Join-accept 454 messages. The Join-accept contains an AppNonce (a 24 bit value) that 455 is recovered on the end-device along with the other Join-accept 456 content (e.g. DevAddr) using the AES-encrypt operation. Once the 457 Join-accept payload is available to the end-device the session keys 458 are derived from the AppKey, AppNonce and other values, again using 459 an ECB mode AES-encrypt operation, with the plaintext input being a 460 maximum of 16 octets. 462 2.2. Narrowband IoT (NB-IoT) 464 2.2.1. Provenance and Documents 466 Narrowband Internet of Things (NB-IoT) is developed and standardized 467 by 3GPP. The standardization of NB-IoT was finalized with 3GPP 468 Release 13 in June 2016, and further enhancements for NB-IoT are 469 specified in 3GPP Release 14 in 2017, for example in the form of 470 multicast support. Further features and improvements will be 471 developed in the following releases, but NB-IoT has been ready to be 472 deployed since 2016, and is rather simple to deploy especially in the 473 existing LTE networks with a software upgrade in the operator's base 474 stations. For more information of what has been specified for NB- 475 IoT, 3GPP specification 36.300 [TGPP36300] provides an overview and 476 overall description of the E-UTRAN radio interface protocol 477 architecture, while specifications 36.321 [TGPP36321], 36.322 478 [TGPP36322], 36.323 [TGPP36323] and 36.331 [TGPP36331] give more 479 detailed description of MAC, Radio Link Control (RLC), Packet Data 480 Convergence Protocol (PDCP) and Radio Resource Control (RRC) protocol 481 layers, respectively. Note that the description below assumes 482 familiarity with numerous 3GPP terms. 484 For a general overview of NB-IoT, see [nbiot-ov]. 486 2.2.2. Characteristics 488 Specific targets for NB-IoT include: Less than US$5 module cost, 489 extended coverage of 164 dB maximum coupling loss, battery life of 490 over 10 years, ~55000 devices per cell and uplink reporting latency 491 of less than 10 seconds. 493 NB-IoT supports Half Duplex FDD operation mode with 60 kbps peak rate 494 in uplink and 30 kbps peak rate in downlink, and a maximum 495 transmission unit (MTU) size of 1600 bytes limited by PDCP layer (see 496 Figure 4 for the protocol structure), which is the highest layer in 497 the user plane, as explained later. Any packet size up to the said 498 MTU size can be passed to the NB-IoT stack from higher layers, 499 segmentation of the packet is performed in the RLC layer, which can 500 segment the data to transmission blocks with size as small as 16 501 bits. As the name suggests, NB-IoT uses narrowbands with bandwidth 502 of 180 kHz in both downlink and uplink. The multiple access scheme 503 used in the downlink is OFDMA with 15 kHz sub-carrier spacing. In 504 uplink, SC-FDMA single tone with either 15kHz or 3.75 kHz tone 505 spacing is used, or optionally multi-tone SC- FDMA can be used with 506 15 kHz tone spacing. 508 NB-IoT can be deployed in three ways. In-band deployment means that 509 the narrowband is deployed inside the LTE band and radio resources 510 are flexibly shared between NB-IoT and normal LTE carrier. In Guard- 511 band deployment the narrowband uses the unused resource blocks 512 between two adjacent LTE carriers. Standalone deployment is also 513 supported, where the narrowband can be located alone in dedicated 514 spectrum, which makes it possible for example to reframe a GSM 515 carrier at 850/900 MHz for NB-IoT. All three deployment modes are 516 used in licensed frequency bands. The maximum transmission power is 517 either 20 or 23 dBm for uplink transmissions, while for downlink 518 transmission the eNodeB may use higher transmission power, up to 46 519 dBm depending on the deployment. 521 A maximum coupling loss (MCL) target for NB-IoT coverage enhancements 522 defined by 3GPP is 164 dB. With this MCL, the performance of NB-IoT 523 in downlink varies between 200 bps and 2-3 kbps, depending on the 524 deployment mode. Stand-alone operation may achieve the highest data 525 rates, up to few kbps, while in-band and guard-band operations may 526 reach several hundreds of bps. NB-IoT may even operate with MCL 527 higher than 170 dB with very low bit rates. 529 For signaling optimization, two options are introduced in addition to 530 legacy LTE RRC connection setup; mandatory Data-over-NAS (Control 531 Plane optimization, solution 2 in [TGPP23720]) and optional RRC 532 Suspend/Resume (User Plane optimization, solution 18 in [TGPP23720]). 533 In the control plane optimization the data is sent over Non-Access 534 Stratum, directly to/from Mobility Management Entity (MME) (see 535 Figure 3 for the network architecture) in the core network to the 536 User Equipment (UE) without interaction from the base station. This 537 means there are no Access Stratum security or header compression 538 provided by the PDCP layer in the eNodeB, as the Access Stratum is 539 bypassed, and only limited RRC procedures. RoHC based header 540 compression may still optionally be provided and terminated in MME. 542 The RRC Suspend/Resume procedures reduce the signaling overhead 543 required for UE state transition from RRC Idle to RRC Connected mode 544 compared to legacy LTE operation in order to have quicker user plane 545 transaction with the network and return to RRC Idle mode faster. 547 In order to prolong device battery life, both power-saving mode (PSM) 548 and extended DRX (eDRX) are available to NB-IoT. With eDRX the RRC 549 Connected mode DRX cycle is up to 10.24 seconds and in RRC Idle the 550 eDRX cycle can be up to 3 hours. In PSM the device is in a deep 551 sleep state and only wakes up for uplink reporting, after which there 552 is a window, configured by the network, during which the device 553 receiver is open for downlink connectivity, of for periodical "keep- 554 alive" signaling (PSM uses periodic TAU signaling with additional 555 reception window for downlink reachability). 557 Since NB-IoT operates in licensed spectrum, it has no channel access 558 restrictions allowing up to a 100% duty-cycle. 560 3GPP access security is specified in [TGPP33203]. 562 +--+ 563 |UE| \ +------+ +------+ 564 +--+ \ | MME |------| HSS | 565 \ / +------+ +------+ 566 +--+ \+--------+ / | 567 |UE| ----| eNodeB |- | 568 +--+ /+--------+ \ | 569 / \ +--------+ 570 / \| | +------+ Service PDN 571 +--+ / | S-GW |----| P-GW |---- e.g. Internet 572 |UE| | | +------+ 573 +--+ +--------+ 575 Figure 3: 3GPP network architecture 577 Figure 3 shows the 3GPP network architecture, which applies to NB- 578 IoT. Mobility Management Entity (MME) is responsible for handling 579 the mobility of the UE. MME tasks include tracking and paging UEs, 580 session management, choosing the Serving gateway for the UE during 581 initial attachment and authenticating the user. At MME, the Non- 582 Access Stratum (NAS) signaling from the UE is terminated. 584 Serving Gateway (S-GW) routes and forwards the user data packets 585 through the access network and acts as a mobility anchor for UEs 586 during handover between base stations known as eNodeBs and also 587 during handovers between NB-IoT and other 3GPP technologies. 589 Packet Data Network Gateway (P-GW) works as an interface between 3GPP 590 network and external networks. 592 The Home Subscriber Server (HSS) contains user-related and 593 subscription- related information. It is a database, which performs 594 mobility management, session establishment support, user 595 authentication and access authorization. 597 E-UTRAN consists of components of a single type, eNodeB. eNodeB is a 598 base station, which controls the UEs in one or several cells. 600 The 3GPP radio protocol architecture is illustrated in Figure 4. 602 +---------+ +---------+ 603 | NAS |----|-----------------------------|----| NAS | 604 +---------+ | +---------+---------+ | +---------+ 605 | RRC |----|----| RRC | S1-AP |----|----| S1-AP | 606 +---------+ | +---------+---------+ | +---------+ 607 | PDCP |----|----| PDCP | SCTP |----|----| SCTP | 608 +---------+ | +---------+---------+ | +---------+ 609 | RLC |----|----| RLC | IP |----|----| IP | 610 +---------+ | +---------+---------+ | +---------+ 611 | MAC |----|----| MAC | L2 |----|----| L2 | 612 +---------+ | +---------+---------+ | +---------+ 613 | PHY |----|----| PHY | PHY |----|----| PHY | 614 +---------+ +---------+---------+ +---------+ 615 LTE-Uu S1-MME 616 UE eNodeB MME 618 Figure 4: 3GPP radio protocol architecture for control plane 620 Control plane protocol stack 622 The radio protocol architecture of NB-IoT (and LTE) is separated into 623 control plane and user plane. The control plane consists of 624 protocols which control the radio access bearers and the connection 625 between the UE and the network. The highest layer of control plane 626 is called Non-Access Stratum (NAS), which conveys the radio signaling 627 between the UE and the Evolved Packet Core (EPC), passing 628 transparently through the radio network. NAS responsible for 629 authentication, security control, mobility management and bearer 630 management. 632 Access Stratum (AS) is the functional layer below NAS, and in the 633 control plane it consists of Radio Resource Control protocol (RRC) 634 [TGPP36331], which handles connection establishment and release 635 functions, broadcast of system information, radio bearer 636 establishment, reconfiguration and release. RRC configures the user 637 and control planes according to the network status. There exists two 638 RRC states, RRC_Idle or RRC_Connected, and RRC entity controls the 639 switching between these states. In RRC_Idle, the network knows that 640 the UE is present in the network and the UE can be reached in case of 641 incoming call/downlink data. In this state, the UE monitors paging, 642 performs cell measurements and cell selection and acquires system 643 information. Also the UE can receive broadcast and multicast data, 644 but it is not expected to transmit or receive unicast data. In 645 RRC_Connected the UE has a connection to the eNodeB, the network 646 knows the UE location on the cell level and the UE may receive and 647 transmit unicast data. An RRC connection is established when the UE 648 is expected to be active in the network, to transmit or receive data. 649 The RRC connection is released, switching back to RRC_Idle, when 650 there is no more traffic in order to preserve UE battery life and 651 radio resources. However, a new feature was introduced for NB-IoT, 652 as mentioned earlier, which allows data to be transmitted from the 653 MME directly to the UE transparently to the eNodeB, thus bypassing AS 654 functions. 656 Packet Data Convergence Protocol's (PDCP) [TGPP36323] main services 657 in control plane are transfer of control plane data, ciphering and 658 integrity protection. 660 Radio Link Control protocol (RLC) [TGPP36322] performs transfer of 661 upper layer PDUs and optionally error correction with Automatic 662 Repeat reQuest (ARQ), concatenation, segmentation, and reassembly of 663 RLC SDUs, in-sequence delivery of upper layer PDUs, duplicate 664 detection, RLC SDU discard, RLC-re-establishment and protocol error 665 detection and recovery. 667 Medium Access Control protocol (MAC) [TGPP36321] provides mapping 668 between logical channels and transport channels, multiplexing of MAC 669 SDUs, scheduling information reporting, error correction with HARQ, 670 priority handling and transport format selection. 672 Physical layer [TGPP36201] provides data transport services to higher 673 layers. These include error detection and indication to higher 674 layers, FEC encoding, HARQ soft-combining, rate matching and mapping 675 of the transport channels onto physical channels, power weighting and 676 modulation of physical channels, frequency and time synchronization 677 and radio characteristics measurements. 679 User plane is responsible for transferring the user data through the 680 Access Stratum. It interfaces with IP and the highest layer of user 681 plane is PDCP, which in user plane performs header compression using 682 Robust Header Compression (RoHC), transfer of user plane data between 683 eNodeB and UE, ciphering and integrity protection. Similar to 684 control plane, lower layers in user plane include RLC, MAC and 685 physical layer performing the same tasks as in control plane. 687 2.3. SIGFOX 689 2.3.1. Provenance and Documents 691 The SIGFOX LPWAN is in line with the terminology and specifications 692 being defined by ETSI [etsi_unb]. As of today, SIGFOX's network has 693 been fully deployed in 12 countries, with ongoing deployments on 26 694 other countries, giving in total a geography of 2 million square 695 kilometers, containing 512 million people. 697 2.3.2. Characteristics 699 SIGFOX LPWAN autonomous battery-operated devices send only a few 700 bytes per day, week or month, in principle allowing them to remain on 701 a single battery for up to 10-15 years. Hence, the system is 702 designed as to allow devices to last several years, sometimes even 703 buried underground. 705 Since the radio protocol is connection-less and optimized for uplink 706 communications, the capacity of a SIGFOX base station depends on the 707 number of messages generated by devices, and not on the actual number 708 of devices. Likewise, the battery life of devices depends on the 709 number of messages generated by the device. Depending on the use 710 case, devices can vary from sending less than one message per device 711 per day, to dozens of messages per device per day. 713 The coverage of the cell depends on the link budget and on the type 714 of deployment (urban, rural, etc.). The radio interface is compliant 715 with the following regulations: 717 Spectrum allocation in the USA [fcc_ref] 719 Spectrum allocation in Europe [etsi_ref] 721 Spectrum allocation in Japan [arib_ref] 723 The SIGFOX radio interface is also compliant with the local 724 regulations of the following countries: Australia, Brazil, Canada, 725 Kenya, Lebanon, Mauritius, Mexico, New Zealand, Oman, Peru, 726 Singapore, South Africa, South Korea, and Thailand. 728 The radio interface is based on Ultra Narrow Band (UNB) 729 communications, which allow an increased transmission range by 730 spending a limited amount of energy at the device. Moreover, UNB 731 allows a large number of devices to coexist in a given cell without 732 significantly increasing the spectrum interference. 734 Both uplink and downlink are supported, although the system is 735 optimized for uplink communications. Due to spectrum optimizations, 736 different uplink and downlink frames and time synchronization methods 737 are needed. 739 The main radio characteristics of the UNB uplink transmission are: 741 o Channelization mask: 100 Hz / 600 Hz (depending on the region) 743 o Uplink baud rate: 100 baud / 600 baud (depending on the region) 744 o Modulation scheme: DBPSK 746 o Uplink transmission power: compliant with local regulation 748 o Link budget: 155 dB (or better) 750 o Central frequency accuracy: not relevant, provided there is no 751 significant frequency drift within an uplink packet transmission 753 For example, in Europe the UNB uplink frequency band is limited to 754 868.00 to 868.60 MHz, with a maximum output power of 25 mW and a duty 755 cycle of 1%. 757 The format of the uplink frame is the following: 759 +--------+--------+--------+------------------+-------------+-----+ 760 |Preamble| Frame | Dev ID | Payload |Msg Auth Code| FCS | 761 | | Sync | | | | | 762 +--------+--------+--------+------------------+-------------+-----+ 764 Figure 5: Uplink Frame Format 766 The uplink frame is composed of the following fields: 768 o Preamble: 19 bits 770 o Frame sync and header: 29 bits 772 o Device ID: 32 bits 774 o Payload: 0-96 bits 776 o Authentication: 16-40 bits 778 o Frame check sequence: 16 bits (CRC) 780 The main radio characteristics of the UNB downlink transmission are: 782 o Channelization mask: 1.5 kHz 784 o Downlink baud rate: 600 baud 786 o Modulation scheme: GFSK 788 o Downlink transmission power: 500 mW / 4W (depending on the region) 790 o Link budget: 153 dB (or better) 791 o Central frequency accuracy: the center frequency of downlink 792 transmission is set by the network according to the corresponding 793 uplink transmission 795 For example, in Europe the UNB downlink frequency band is limited to 796 869.40 to 869.65 MHz, with a maximum output power of 500 mW with 10% 797 duty cycle. 799 The format of the downlink frame is the following: 801 +------------+-----+---------+------------------+-------------+-----+ 802 | Preamble |Frame| ECC | Payload |Msg Auth Code| FCS | 803 | |Sync | | | | | 804 +------------+-----+---------+------------------+-------------+-----+ 806 Figure 6: Downlink Frame Format 808 The downlink frame is composed of the following fields: 810 o Preamble: 91 bits 812 o Frame sync and header: 13 bits 814 o Error Correcting Code (ECC): 32 bits 816 o Payload: 0-64 bits 818 o Authentication: 16 bits 820 o Frame check sequence: 8 bits (CRC) 822 The radio interface is optimized for uplink transmissions, which are 823 asynchronous. Downlink communications are achieved by devices 824 querying the network for available data. 826 A device willing to receive downlink messages opens a fixed window 827 for reception after sending an uplink transmission. The delay and 828 duration of this window have fixed values. The network transmits the 829 downlink message for a given device during the reception window, and 830 the network also selects the base station (BS) for transmitting the 831 corresponding downlink message. 833 Uplink and downlink transmissions are unbalanced due to the 834 regulatory constraints on ISM bands. Under the strictest 835 regulations, the system can allow a maximum of 140 uplink messages 836 and 4 downlink messages per device per day. These restrictions can 837 be slightly relaxed depending on system conditions and the specific 838 regulatory domain of operation. 840 +---+ 841 |DEV| * +------+ 842 +---+ * | RA | 843 * +------+ 844 +---+ * | 845 |DEV| * * * * | 846 +---+ * +----+ | 847 * | BS | \ +--------+ 848 +---+ * +----+ \ | | 849 DA -----|DEV| * * * | SC |----- NA 850 +---+ * / | | 851 * +----+ / +--------+ 852 +---+ * | BS |/ 853 |DEV| * * * * +----+ 854 +---+ * 855 * 856 +---+ * 857 |DEV| * * 858 +---+ 860 Figure 7: SIGFOX network architecture 862 Figure 7 depicts the different elements of the SIGFOX network 863 architecture. 865 SIGFOX has a "one-contract one-network" model allowing devices to 866 connect in any country, without any need or notion of either roaming 867 or handover. 869 The architecture consists of a single cloud-based core network, which 870 allows global connectivity with minimal impact on the end device and 871 radio access network. The core network elements are the Service 872 Center (SC) and the Registration Authority (RA). The SC is in charge 873 of the data connectivity between the Base Station (BS) and the 874 Internet, as well as the control and management of the BSs and End 875 Points. The RA is in charge of the End Point network access 876 authorization. 878 The radio access network is comprised of several BSs connected 879 directly to the SC. Each BS performs complex L1/L2 functions, 880 leaving some L2 and L3 functionalities to the SC. 882 The Devices (DEVs) or End Points (EPs) are the objects that 883 communicate application data between local device applications (DAs) 884 and network applications (NAs). 886 Devices (or EPs) can be static or nomadic, as they associate with the 887 SC and they do not attach to any specific BS. Hence, they can 888 communicate with the SC through one or multiple BSs. 890 Due to constraints in the complexity of the Device, it is assumed 891 that Devices host only one or very few device applications, which 892 most of the time communicate each to a single network application at 893 a time. 895 The radio protocol authenticates and ensures the integrity of each 896 message. This is achieved by using a unique device ID and an AES-128 897 based message authentication code, ensuring that the message has been 898 generated and sent by the device with the ID claimed in the message. 899 Application data can be encrypted at the application level or not, 900 depending on the criticality of the use case, to provide a balance 901 between cost and effort vs. risk. AES-128 in counter mode is used 902 for encryption. Cryptographic keys are independent for each device. 903 These keys are associated with the device ID and separate integrity 904 and confidentiality keys are pre-provisioned. A confidentiality key 905 is only provisioned if confidentiality is to be used. At the time of 906 writing the algorithms and keying details for this are not published. 908 2.4. Wi-SUN Alliance Field Area Network (FAN) 910 Text here is via personal communication from Bob Heile 911 (bheile@ieee.org) and was authored by Bob and Sum Chin Sean. Duffy 912 (paduffy@cisco.com) also provided additional comments/input on this 913 section. 915 2.4.1. Provenance and Documents 917 The Wi-SUN Alliance is an industry alliance 918 for smart city, smart grid, smart utility, and a broad set of general 919 IoT applications. The Wi-SUN Alliance Field Area Network (FAN) 920 profile is open standards based (primarily on IETF and IEEE802 921 standards) and was developed to address applications like smart 922 municipality/city infrastructure monitoring and management, electric 923 vehicle (EV) infrastructure, advanced metering infrastructure (AMI), 924 distribution automation (DA), supervisory control and data 925 acquisition (SCADA) protection/management, distributed generation 926 monitoring and management, and many more IoT applications. 927 Additionally, the Alliance has created a certification program to 928 promote global multi-vendor interoperability. 930 The FAN profile is specified within ANSI/TIA as an extension of work 931 previously done on Smart Utility Networks. [ANSI-4957-000]. Updates 932 to those specifications intended to be published in 2017 will contain 933 details of the FAN profile. A current snapshot of the work to 934 produce that profile is presented in [wisun-pressie1] 935 [wisun-pressie2] . 937 2.4.2. Characteristics 939 The FAN profile is an IPv6 wireless mesh network with support for 940 enterprise level security. The frequency hopping wireless mesh 941 topology aims to offer superior network robustness, reliability due 942 to high redundancy, good scalability due to the flexible mesh 943 configuration and good resilience to interference. Very low power 944 modes are in development permitting long term battery operation of 945 network nodes. 947 The following list contains some overall characteristics of Wi-SUN 948 that are relevant to LPWAN applications. 950 o Coverage: The range of Wi-SUN FAN is typically 2 -- 3 km in line 951 of sight, matching the needs of neighborhood area networks, campus 952 area networks, or corporate area networks. The range can also be 953 extended via multi-hop networking. 955 o High bandwidth, low link latency: Wi-SUN supports relatively high 956 bandwidth, i.e. up to 300 kbps [FANTPS], enables remote update and 957 upgrade of devices so that they can handle new applications, 958 extending their working life. Wi-SUN supports LPWAN IoT 959 applications that require on-demand control by providing low link 960 latency (0.02s) and bi-directional communication. 962 o Low power consumption: FAN devices draw less than 2 uA when 963 resting and only 8 mA when listening. Such devices can maintain a 964 long lifetime even if they are frequently listening. For 965 instance, suppose the device transmits data for 10 ms once every 966 10 s; theoretically, a battery of 1000 mAh can last more than 10 967 years. 969 o Scalability: Tens of millions Wi-SUN FAN devices have been 970 deployed in urban, suburban and rural environments, including 971 deployments with more than 1 million devices. 973 A FAN contains one or more networks. Within a network, nodes assume 974 one of three operational roles. First, each network contains a 975 Border Router providing Wide Area Network (WAN) connectivity to the 976 network. The Border Router maintains source routing tables for all 977 nodes within its network, provides node authentication and key 978 management services, and disseminates network-wide information such 979 as broadcast schedules. Secondly, Router nodes, which provide upward 980 and downward packet forwarding (within a network). A Router also 981 provides services for relaying security and address management 982 protocols. Lastly, Leaf nodes provide minimum capabilities: 983 discovering and joining a network, send/receive IPv6 packets, etc. A 984 low power network may contain a mesh topology with Routers at the 985 edges that construct a star topology with Leaf nodes. 987 The FAN profile is based on various open standards developed by the 988 IETF (including [RFC0768], [RFC2460], [RFC4443] and [RFC6282]), 989 IEEE802 (including [IEEE-802-15-4] and [IEEE-802-15-9]) and ANSI/TIA 990 [ANSI-4957-210] for low power and lossy networks. 992 The FAN profile specification provides an application-independent 993 IPv6-based transport service. There are two possible methods for 994 establishing the IPv6 packet routing: Routing Protocol for Low-Power 995 and Lossy Networks (RPL) at the Network layer is mandatory, and 996 Multi-Hop Delivery Service (MHDS) is optional at the Data Link layer. 997 Table 5 provides an overview of the FAN network stack. 999 The Transport service is based on User Datagram Protocol (UDP) 1000 defined in RFC768 or Transmission Control Protocol (TCP) defined in 1001 RFC793. 1003 The Network service is provided by IPv6 as defined in RFC2460 with 1004 6LoWPAN adaptation as defined in RFC4944 and RFC6282. ICMPv6, as 1005 defined in RFC4443, is used for the control plane during information 1006 exchange. 1008 The Data Link service provides both control/management of the 1009 Physical layer and data transfer/management services to the Network 1010 layer. These services are divided into Media Access Control (MAC) 1011 and Logical Link Control (LLC) sub-layers. The LLC sub-layer 1012 provides a protocol dispatch service which supports 6LoWPAN and an 1013 optional MAC sub-layer mesh service. The MAC sub-layer is 1014 constructed using data structures defined in IEEE802.15.4-2015. 1015 Multiple modes of frequency hopping are defined. The entire MAC 1016 payload is encapsulated in an IEEE802.15.9 Information Element to 1017 enable LLC protocol dispatch between upper layer 6LoWPAN processing, 1018 MAC sublayer mesh processing, etc. These areas will be expanded once 1019 IEEE802.15.12 is completed. 1021 The PHY service is derived from a sub-set of the SUN FSK 1022 specification in IEEE802.15.4-2015. The 2-FSK modulation schemes, 1023 with channel spacing range from 200 to 600 kHz, are defined to 1024 provide data rates from 50 to 300 kbps, with Forward Error Coding 1025 (FEC) as an optional feature. Towards enabling ultra-low-power 1026 applications, the PHY layer design is also extendable to low energy 1027 and critical infrastructure monitoring networks. 1029 +----------------------+--------------------------------------------+ 1030 | Layer | Description | 1031 +----------------------+--------------------------------------------+ 1032 | IPv6 protocol suite | TCP/UDP | 1033 | | | 1034 | | 6LoWPAN Adaptation + Header Compression | 1035 | | | 1036 | | DHCPv6 for IP address management. | 1037 | | | 1038 | | Routing using RPL. | 1039 | | | 1040 | | ICMPv6. | 1041 | | | 1042 | | Unicast and Multicast forwarding. | 1043 | | | 1044 | MAC based on IEEE | Frequency hopping | 1045 | 802.15.4e + IE | | 1046 | extensions | | 1047 | | | 1048 | | Discovery and Join | 1049 | | | 1050 | | Protocol Dispatch (IEEE 802.15.9) | 1051 | | | 1052 | | Several Frame Exchange patterns | 1053 | | | 1054 | | Optional Mesh Under routing (ANSI | 1055 | | 4957.210). | 1056 | | | 1057 | PHY based on | Various data rates and regions | 1058 | 802.15.4g | | 1059 | | | 1060 | Security | 802.1X/EAP-TLS/PKI Authentication. | 1061 | | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | 1062 | | required for EAP-TLS. | 1063 | | | 1064 | | 802.11i Group Key Management | 1065 | | | 1066 | | Frame security is implemented as AES-CCM* | 1067 | | as specified in IEEE 802.15.4 | 1068 | | | 1069 | | Optional ETSI-TS-102-887-2 Node 2 Node Key | 1070 | | Management | 1071 +----------------------+--------------------------------------------+ 1073 Table 5: Wi-SUN Stack Overview 1075 The FAN security supports Data Link layer network access control, 1076 mutual authentication, and establishment of a secure pairwise link 1077 between a FAN node and its Border Router, which is implemented with 1078 an adaptation of IEEE802.1X and EAP-TLS as described in [RFC5216] 1079 using secure device identity as described in IEEE802.1AR. 1080 Certificate formats are based upon [RFC5280]. A secure group link 1081 between a Border Router and a set of FAN nodes is established using 1082 an adaptation of the IEEE802.11 Four-Way Handshake. A set of 4 group 1083 keys are maintained within the network, one of which is the current 1084 transmit key. Secure node to node links are supported between one- 1085 hop FAN neighbors using an adaptation of ETSI-TS-102-887-2. FAN 1086 nodes implement Frame Security as specified in IEEE802.15.4-2015. 1088 3. Generic Terminology 1090 LPWAN technologies, such as those discussed above, have similar 1091 architectures but different terminology. We can identify different 1092 types of entities in a typical LPWAN network: 1094 o End-Devices are the devices or the "things" (e.g. sensors, 1095 actuators, etc.); they are named differently in each technology 1096 (End Device, User Equipment or End Point). There can be a high 1097 density of end devices per radio gateway. 1099 o The Radio Gateway, which is the end point of the constrained link. 1100 It is known as: Gateway, Evolved Node B or Base station. 1102 o The Network Gateway or Router is the interconnection node between 1103 the Radio Gateway and the Internet. It is known as: Network 1104 Server, Serving GW or Service Center. 1106 o LPWAN-AAA Server, which controls the user authentication, the 1107 applications. It is known as: Join-Server, Home Subscriber Server 1108 or Registration Authority. (We use the term LPWAN-AAA server 1109 because we're not assuming that this entity speaks RADIUS or 1110 Diameter as many/most AAA servers do, but equally we don't want to 1111 rule that out, as the functionality will be similar. 1113 o At last we have the Application Server, known also as Packet Data 1114 Node Gateway or Network Application. 1116 +---------------------------------------------------------------------+ 1117 | Function/ | | | | | | 1118 |Technology | LORAWAN | NB-IOT | SIGFOX | Wi-SUN | IETF | 1119 +-----------+-----------+-----------+------------+--------+-----------+ 1120 | Sensor, | | | | | | 1121 |Actuator, | End | User | End | Leaf | Device | 1122 |device, | Device | Equipment | Point | Node | (Dev) | 1123 | object | | | | | | 1124 +-----------+-----------+-----------+------------+--------+-----------+ 1125 |Transceiver| | Evolved | Base | Router | RADIO | 1126 | Antenna | Gateway | Node B | Station | Node | Gateway | 1127 +-----------+-----------+-----------+------------+--------+-----------+ 1128 | Server | Network | PDN GW/ | Service | Border | Network | 1129 | | Server | SCEF | Center | Router | Gateway | 1130 | | | | | | (NGW) | 1131 +-----------+-----------+-----------+------------+--------+-----------+ 1132 | Security | Join | Home |Registration|Authent.| LPWAN- | 1133 | Server | Server | Subscriber| Authority | Server | AAA | 1134 | | | Server | | | SERVER | 1135 +-----------+-----------+-----------+------------+--------+-----------+ 1136 |Application|Application|Application| Network |Appli- |Application| 1137 | | Server | Server | Application| cation | (App) | 1138 +---------------------------------------------------------------------+ 1140 Figure 8: LPWAN Architecture Terminology 1142 +------+ 1143 () () () | |LPWAN-| 1144 () () () () / \ +---------+ | AAA | 1145 () () () () () () / \========| /\ |====|Server| +-----------+ 1146 () () () | | <--|--> | +------+ |APPLICATION| 1147 () () () () / \============| v |==============| (App) | 1148 () () () / \ +---------+ +-----------+ 1149 Dev Radio Gateways NGW 1151 Figure 9: LPWAN Architecture 1153 In addition to the names of entities, LPWANs are also subject to 1154 possibly regional frequency band regulations. Those may include 1155 restrictions on the duty-cycle, for example requiring that hosts only 1156 transmit for a certain percentage of each hour. 1158 4. Gap Analysis 1160 This section considers some of the gaps between current LPWAN 1161 technologies and the goals of the LPWAN working group. Many of the 1162 generic considerations described in [RFC7452] will also apply in 1163 LPWANs, as end-devices can also be considered as a subclass of (so- 1164 called) "smart objects." In addition, LPWAN device implementers will 1165 also need to consider the issues relating to firmware updates 1166 described in [RFC8240]. 1168 4.1. Naive application of IPv6 1170 IPv6 [RFC8200] has been designed to allocate addresses to all the 1171 nodes connected to the Internet. Nevertheless, the header overhead 1172 of at least 40 bytes introduced by the protocol is incompatible with 1173 LPWAN constraints. If IPv6 with no further optimization were used, 1174 several LPWAN frames could be needed just to carry the IP header. 1175 Another problem arises from IPv6 MTU requirements, which require the 1176 layer below to support at least 1280 byte packets [RFC2460]. 1178 IPv6 has a configuration protocol - neighbor discovery protocol, 1179 (NDP) [RFC4861]). For a node to learn network parameters NDP 1180 generates regular traffic with a relatively large message size that 1181 does not fit LPWAN constraints. 1183 In some LPWAN technologies, layer two multicast is not supported. In 1184 that case, if the network topology is a star, the solution and 1185 considerations of section 3.2.5 of [RFC7668] may be applied. 1187 Other key protocols such as DHCPv6 [RFC3315], IPsec [RFC4301] and TLS 1188 [RFC5246] have similarly problematic properties in this context. 1189 Each of those require relatively frequent round-trips between the 1190 host and some other host on the network. In the case of 1191 cryptographic protocols such as IPsec and TLS, in addition to the 1192 round-trips required for secure session establishment, cryptographic 1193 operations can require padding and addition of authenticators that 1194 are problematic when considering LPWAN lower layers. Note that mains 1195 powered Wi-SUN mesh router nodes will typically be more resource 1196 capable than the other LPWAN techs discussed. This can enable use of 1197 more "chatty" protocols for some aspects of Wi-SUN. 1199 4.2. 6LoWPAN 1201 Several technologies that exhibit significant constraints in various 1202 dimensions have exploited the 6LoWPAN suite of specifications 1203 [RFC4944], [RFC6282], [RFC6775] to support IPv6 1204 [I-D.hong-6lo-use-cases]. However, the constraints of LPWANs, often 1205 more extreme than those typical of technologies that have (re)used 1206 6LoWPAN, constitute a challenge for the 6LoWPAN suite in order to 1207 enable IPv6 over LPWAN. LPWANs are characterized by device 1208 constraints (in terms of processing capacity, memory, and energy 1209 availability), and specially, link constraints, such as: 1211 o tiny layer two payload size (from ~10 to ~100 bytes), 1212 o very low bit rate (from ~10 bit/s to ~100 kbit/s), and 1214 o in some specific technologies, further message rate constraints 1215 (e.g. between ~0.1 message/minute and ~1 message/minute) due to 1216 regional regulations that limit the duty cycle. 1218 4.2.1. Header Compression 1220 6LoWPAN header compression reduces IPv6 (and UDP) header overhead by 1221 eliding header fields when they can be derived from the link layer, 1222 and by assuming that some of the header fields will frequently carry 1223 expected values. 6LoWPAN provides both stateless and stateful header 1224 compression. In the latter, all nodes of a 6LoWPAN are assumed to 1225 share compression context. In the best case, the IPv6 header for 1226 link-local communication can be reduced to only 2 bytes. For global 1227 communication, the IPv6 header may be compressed down to 3 bytes in 1228 the most extreme case. However, in more practical situations, the 1229 smallest IPv6 header size may be 11 bytes (one address prefix 1230 compressed) or 19 bytes (both source and destination prefixes 1231 compressed). These headers are large considering the link layer 1232 payload size of LPWAN technologies, and in some cases are even bigger 1233 than the LPWAN PDUs. 6LoWPAN has been initially designed for IEEE 1234 802.15.4 networks with a frame size up to 127 bytes and a throughput 1235 of up to 250 kb/s, which may or may not be duty-cycled. 1237 4.2.2. Address Autoconfiguration 1239 Traditionally, Interface Identifiers (IIDs) have been derived from 1240 link layer identifiers [RFC4944] . This allows optimizations such as 1241 header compression. Nevertheless, recent guidance has given advice 1242 on the fact that, due to privacy concerns, 6LoWPAN devices should not 1243 be configured to embed their link layer addresses in the IID by 1244 default. [RFC8065] provides guidance on better methods for 1245 generating IIDs. 1247 4.2.3. Fragmentation 1249 As stated above, IPv6 requires the layer below to support an MTU of 1250 1280 bytes [RFC2460]. Therefore, given the low maximum payload size 1251 of LPWAN technologies, fragmentation is needed. 1253 If a layer of an LPWAN technology supports fragmentation, proper 1254 analysis has to be carried out to decide whether the fragmentation 1255 functionality provided by the lower layer or fragmentation at the 1256 adaptation layer should be used. Otherwise, fragmentation 1257 functionality shall be used at the adaptation layer. 1259 6LoWPAN defined a fragmentation mechanism and a fragmentation header 1260 to support the transmission of IPv6 packets over IEEE 802.15.4 1261 networks [RFC4944]. While the 6LoWPAN fragmentation header is 1262 appropriate for IEEE 802.15.4-2003 (which has a frame payload size of 1263 81-102 bytes), it is not suitable for several LPWAN technologies, 1264 many of which have a maximum payload size that is one order of 1265 magnitude below that of IEEE 802.15.4-2003. The overhead of the 1266 6LoWPAN fragmentation header is high, considering the reduced payload 1267 size of LPWAN technologies and the limited energy availability of the 1268 devices using such technologies. Furthermore, its datagram offset 1269 field is expressed in increments of eight octets. In some LPWAN 1270 technologies, the 6LoWPAN fragmentation header plus eight octets from 1271 the original datagram exceeds the available space in the layer two 1272 payload. In addition, the MTU in the LPWAN networks could be 1273 variable which implies a variable fragmentation solution. 1275 4.2.4. Neighbor Discovery 1277 6LoWPAN Neighbor Discovery [RFC6775] defined optimizations to IPv6 1278 Neighbor Discovery [RFC4861], in order to adapt functionality of the 1279 latter for networks of devices using IEEE 802.15.4 or similar 1280 technologies. The optimizations comprise host-initiated interactions 1281 to allow for sleeping hosts, replacement of multicast-based address 1282 resolution for hosts by an address registration mechanism, multihop 1283 extensions for prefix distribution and duplicate address detection 1284 (note that these are not needed in a star topology network), and 1285 support for 6LoWPAN header compression. 1287 6LoWPAN Neighbor Discovery may be used in not so severely constrained 1288 LPWAN networks. The relative overhead incurred will depend on the 1289 LPWAN technology used (and on its configuration, if appropriate). In 1290 certain LPWAN setups (with a maximum payload size above ~60 bytes, 1291 and duty-cycle-free or equivalent operation), an RS/RA/NS/NA exchange 1292 may be completed in a few seconds, without incurring packet 1293 fragmentation. 1295 In other LPWANs (with a maximum payload size of ~10 bytes, and a 1296 message rate of ~0.1 message/minute), the same exchange may take 1297 hours or even days, leading to severe fragmentation and consuming a 1298 significant amount of the available network resources. 6LoWPAN 1299 Neighbor Discovery behavior may be tuned through the use of 1300 appropriate values for the default Router Lifetime, the Valid 1301 Lifetime in the PIOs, and the Valid Lifetime in the 6LoWPAN Context 1302 Option (6CO), as well as the address Registration Lifetime. However, 1303 for the latter LPWANs mentioned above, 6LoWPAN Neighbor Discovery is 1304 not suitable. 1306 4.3. 6lo 1308 The 6lo WG has been reusing and adapting 6LoWPAN to enable IPv6 1309 support over link layer technologies such as Bluetooth Low Energy 1310 (BTLE), ITU-T G.9959, DECT-ULE, MS/TP-RS485, NFC IEEE 802.11ah. (See 1311 for details.) These technologies are 1312 similar in several aspects to IEEE 802.15.4, which was the original 1313 6LoWPAN target technology. 1315 6lo has mostly used the subset of 6LoWPAN techniques best suited for 1316 each lower layer technology, and has provided additional 1317 optimizations for technologies where the star topology is used, such 1318 as BTLE or DECT-ULE. 1320 The main constraint in these networks comes from the nature of the 1321 devices (constrained devices), whereas in LPWANs it is the network 1322 itself that imposes the most stringent constraints. 1324 4.4. 6tisch 1326 The 6tisch solution is dedicated to mesh networks that operate using 1327 802.15.4e MAC with a deterministic slotted channel. The time slot 1328 channel (TSCH) can help to reduce collisions and to enable a better 1329 balance over the channels. It improves the battery life by avoiding 1330 the idle listening time for the return channel. 1332 A key element of 6tisch is the use of synchronization to enable 1333 determinism. TSCH and 6TiSCH may provide a standard scheduling 1334 function. The LPWAN networks probably will not support 1335 synchronization like the one used in 6tisch. 1337 4.5. RoHC 1339 Robust header compression (RoHC) is a header compression mechanism 1340 [RFC3095] developed for multimedia flows in a point to point channel. 1341 RoHC uses 3 levels of compression, each level having its own header 1342 format. In the first level, RoHC sends 52 bytes of header, in the 1343 second level the header could be from 34 to 15 bytes and in the third 1344 level header size could be from 7 to 2 bytes. The level of 1345 compression is managed by a sequence number, which varies in size 1346 from 2 bytes to 4 bits in the minimal compression. SN compression is 1347 done with an algorithm called W-LSB (Window- Least Significant Bits). 1348 This window has a 4-bit size representing 15 packets, so every 15 1349 packets RoHC needs to slide the window in order to receive the 1350 correct sequence number, and sliding the window implies a reduction 1351 of the level of compression. When packets are lost or errored, the 1352 decompressor loses context and drops packets until a bigger header is 1353 sent with more complete information. To estimate the performance of 1354 RoHC, an average header size is used. This average depends on the 1355 transmission conditions, but most of the time is between 3 and 4 1356 bytes. 1358 RoHC has not been adapted specifically to the constrained hosts and 1359 networks of LPWANs: it does not take into account energy limitations 1360 nor the transmission rate, and RoHC context is synchronised during 1361 transmission, which does not allow better compression. 1363 4.6. ROLL 1365 Most technologies considered by the lpwan WG are based on a star 1366 topology, which eliminates the need for routing at that layer. 1367 Future work may address additional use-cases that may require 1368 adaptation of existing routing protocols or the definition of new 1369 ones. As of the time of writing, work similar to that done in the 1370 ROLL WG and other routing protocols are out of scope of the LPWAN WG. 1372 4.7. CoAP 1374 CoAP [RFC7252] provides a RESTful framework for applications intended 1375 to run on constrained IP networks. It may be necessary to adapt CoAP 1376 or related protocols to take into account for the extreme duty cycles 1377 and the potentially extremely limited throughput of LPWANs. 1379 For example, some of the timers in CoAP may need to be redefined. 1380 Taking into account CoAP acknowledgments may allow the reduction of 1381 L2 acknowledgments. On the other hand, the current work in progress 1382 in the CoRE WG where the COMI/CoOL network management interface 1383 which, uses Structured Identifiers (SID) to reduce payload size over 1384 CoAP may prove to be a good solution for the LPWAN technologies. The 1385 overhead is reduced by adding a dictionary which matches a URI to a 1386 small identifier and a compact mapping of the YANG model into the 1387 CBOR binary representation. 1389 4.8. Mobility 1391 LPWAN nodes can be mobile. However, LPWAN mobility is different from 1392 the one specified for Mobile IP. LPWAN implies sporadic traffic and 1393 will rarely be used for high-frequency, real-time communications. 1394 The applications do not generate a flow, they need to save energy and 1395 most of the time the node will be down. 1397 In addition, LPWAN mobility may mostly apply to groups of devices, 1398 that represent a network in which case mobility is more a concern for 1399 the gateway than the devices. NEMO [RFC3963] Mobility or other 1400 mobile gateway solutions (such as a gateway with an LTE uplink) may 1401 be used in the case where some end-devices belonging to the same 1402 network gateway move from one point to another such that they are not 1403 aware of being mobile. 1405 4.9. DNS and LPWAN 1407 The Domain Name System (DNS) DNS [RFC1035], enables applications to 1408 name things with a globally resolvable name. Many protocols use the 1409 DNS to identify hosts, for example applications using CoAP. 1411 The DNS query/answer protocol as a pre-cursor to other communication 1412 within the time-to-live (TTL) of a DNS answer is clearly problematic 1413 in an LPWAN, say where only one round-trip per hour can be used, and 1414 with a TTL that is less than 3600. It is currently unclear whether 1415 and how DNS-like functionality might be provided in LPWANs. 1417 5. Security Considerations 1419 Most LPWAN technologies integrate some authentication or encryption 1420 mechanisms that were defined outside the IETF. The working group may 1421 need to do work to integrate these mechanisms to unify management. A 1422 standardized Authentication, Accounting, and Authorization (AAA) 1423 infrastructure [RFC2904] may offer a scalable solution for some of 1424 the security and management issues for LPWANs. AAA offers 1425 centralized management that may be of use in LPWANs, for example 1426 [I-D.garcia-dime-diameter-lorawan] and 1427 [I-D.garcia-radext-radius-lorawan] suggest possible security 1428 processes for a LoRaWAN network. Similar mechanisms may be useful to 1429 explore for other LPWAN technologies. 1431 Some applications using LPWANs may raise few or no privacy 1432 considerations. For example, temperature sensors in a large office 1433 building may not raise privacy issues. However, the same sensors, if 1434 deployed in a home environment and especially if triggered due to 1435 human presence, can raise significant privacy issues - if an end- 1436 device emits (an encrypted) packet every time someone enters a room 1437 in a home, then that traffic is privacy sensitive. And the more that 1438 the existence of that traffic is visible to network entities, the 1439 more privacy sensitivities arise. At this point, it is not clear 1440 whether there are workable mitigations for problems like this - in a 1441 more typical network, one would consider defining padding mechanisms 1442 and allowing for cover traffic. In some LPWANs, those mechanisms may 1443 not be feasible. Nonetheless, the privacy challenges do exist and 1444 can be real and so some solutions will be needed. Note that many 1445 aspects of solutions in this space may not be visible in IETF 1446 specifications, but can be e.g. implementation or deployment 1447 specific. 1449 Another challenge for LPWANs will be how to handle key management and 1450 associated protocols. In a more traditional network (e.g. the web), 1451 servers can "staple" Online Certificate Status Protocol (OCSP) 1452 responses in order to allow browsers to check revocation status for 1453 presented certificates. [RFC6961] While the stapling approach is 1454 likely something that would help in an LPWAN, as it avoids an RTT, 1455 certificates and OCSP responses are bulky items and will prove 1456 challenging to handle in LPWANs with bounded bandwidth. 1458 6. IANA Considerations 1460 There are no IANA considerations related to this memo. 1462 7. Contributors 1464 [[RFC editor: Please fix names below for I18N.]] 1466 As stated above this document is mainly a collection of content 1467 developed by the full set of contributors listed below. The main 1468 input documents and their authors were: 1470 o Text for Section 2.1 was provided by Alper Yegin and Stephen 1471 Farrell in [I-D.farrell-lpwan-lora-overview]. 1473 o Text for Section 2.2 was provided by Antti Ratilainen in 1474 [I-D.ratilainen-lpwan-nb-iot]. 1476 o Text for Section 2.3 was provided by Juan Carlos Zuniga and Benoit 1477 Ponsard in [I-D.zuniga-lpwan-sigfox-system-description]. 1479 o Text for Section 2.4 was provided via personal communication from 1480 Bob Heile (bheile@ieee.org) and was authored by Bob and Sum Chin 1481 Sean. There is no Internet draft for that at present. 1483 o Text for Section 4 was provided by Ana Minabiru, Carles Gomez, 1484 Laurent Toutain, Josep Paradells and Jon Crowcroft in 1485 [I-D.minaburo-lpwan-gap-analysis]. Additional text from that 1486 draft is also used elsewhere above. 1488 The full list of contributors are: 1490 Jon Crowcroft 1491 University of Cambridge 1492 JJ Thomson Avenue 1493 Cambridge, CB3 0FD 1494 United Kingdom 1495 Email: jon.crowcroft@cl.cam.ac.uk 1497 Carles Gomez 1498 UPC/i2CAT 1499 C/Esteve Terradas, 7 1500 Castelldefels 08860 1501 Spain 1503 Email: carlesgo@entel.upc.edu 1505 Bob Heile 1506 Wi-Sun Alliance 1507 11 Robert Toner Blvd, Suite 5-301 1508 North Attleboro, MA 02763 1509 USA 1511 Phone: +1-781-929-4832 1512 Email: bheile@ieee.org 1514 Ana Minaburo 1515 Acklio 1516 2bis rue de la Chataigneraie 1517 35510 Cesson-Sevigne Cedex 1518 France 1520 Email: ana@ackl.io 1522 Josep PAradells 1523 UPC/i2CAT 1524 C/Jordi Girona, 1-3 1525 Barcelona 08034 1526 Spain 1528 Email: josep.paradells@entel.upc.edu 1530 Charles E. Perkins 1531 Futurewei 1532 2330 Central Expressway 1533 Santa Clara 95050 1534 Unites States 1536 Email: charliep@computer.org 1537 Benoit Ponsard 1538 SIGFOX 1539 425 rue Jean Rostand 1540 Labege 31670 1541 France 1543 Email: Benoit.Ponsard@sigfox.com 1544 URI: http://www.sigfox.com/ 1546 Antti Ratilainen 1547 Ericsson 1548 Hirsalantie 11 1549 Jorvas 02420 1550 Finland 1552 Email: antti.ratilainen@ericsson.com 1554 Chin-Sean SUM 1555 Wi-Sun Alliance 1556 20, Science Park Rd 1557 Singapore 117674 1559 Phone: +65 6771 1011 1560 Email: sum@wi-sun.org 1562 Laurent Toutain 1563 Institut MINES TELECOM ; TELECOM Bretagne 1564 2 rue de la Chataigneraie 1565 CS 17607 1566 35576 Cesson-Sevigne Cedex 1567 France 1569 Email: Laurent.Toutain@telecom-bretagne.eu 1571 Alper Yegin 1572 Actility 1573 Paris, Paris 1574 FR 1576 Email: alper.yegin@actility.com 1578 Juan Carlos Zuniga 1579 SIGFOX 1580 425 rue Jean Rostand 1581 Labege 31670 1582 France 1584 Email: JuanCarlos.Zuniga@sigfox.com 1585 URI: http://www.sigfox.com/ 1587 8. Acknowledgments 1589 Thanks to all those listed in Section 7 for the excellent text. 1590 Errors in the handling of that are solely the editor's fault. 1592 [[RFC editor: Please fix names below for I18N, at least Mirja's does 1593 need fixing.]] 1595 In addition to the contributors above, thanks are due to (in 1596 alphabetical order): Abdussalam Baryun, Andy Malis, Arun 1597 (arun@acklio.com), Behcet SariKaya, Dan Garcia Carrillo, Jiazi Yi, 1598 Mirja Kuehlewind, Paul Duffy, Russ Housley, Samita Chakrabarti, Thad 1599 Guidry, Warren Kumari, for comments. 1601 Alexander Pelov and Pascal Thubert were the LPWAN WG chairs while 1602 this document was developed. 1604 Stephen Farrell's work on this memo was supported by Pervasive 1605 Nation, the Science Foundation Ireland's CONNECT centre national IoT 1606 network. 1608 9. Informative References 1610 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 1611 DOI 10.17487/RFC0768, August 1980, . 1614 [RFC1035] Mockapetris, P., "Domain names - implementation and 1615 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 1616 November 1987, . 1618 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1619 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1620 December 1998, . 1622 [RFC2904] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., 1623 Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., and 1624 D. Spence, "AAA Authorization Framework", RFC 2904, 1625 DOI 10.17487/RFC2904, August 2000, . 1628 [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H., 1629 Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, 1630 K., Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., 1631 Wiebke, T., Yoshimura, T., and H. Zheng, "RObust Header 1632 Compression (ROHC): Framework and four profiles: RTP, UDP, 1633 ESP, and uncompressed", RFC 3095, DOI 10.17487/RFC3095, 1634 July 2001, . 1636 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1637 C., and M. Carney, "Dynamic Host Configuration Protocol 1638 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1639 2003, . 1641 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 1642 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 1643 RFC 3963, DOI 10.17487/RFC3963, January 2005, 1644 . 1646 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1647 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1648 December 2005, . 1650 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1651 Control Message Protocol (ICMPv6) for the Internet 1652 Protocol Version 6 (IPv6) Specification", STD 89, 1653 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1654 . 1656 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1657 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1658 DOI 10.17487/RFC4861, September 2007, . 1661 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1662 "Transmission of IPv6 Packets over IEEE 802.15.4 1663 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1664 . 1666 [RFC5216] Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS 1667 Authentication Protocol", RFC 5216, DOI 10.17487/RFC5216, 1668 March 2008, . 1670 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1671 (TLS) Protocol Version 1.2", RFC 5246, 1672 DOI 10.17487/RFC5246, August 2008, . 1675 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1676 Housley, R., and W. Polk, "Internet X.509 Public Key 1677 Infrastructure Certificate and Certificate Revocation List 1678 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 1679 . 1681 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1682 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1683 DOI 10.17487/RFC6282, September 2011, . 1686 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1687 Bormann, "Neighbor Discovery Optimization for IPv6 over 1688 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1689 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1690 . 1692 [RFC6961] Pettersen, Y., "The Transport Layer Security (TLS) 1693 Multiple Certificate Status Request Extension", RFC 6961, 1694 DOI 10.17487/RFC6961, June 2013, . 1697 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 1698 Application Protocol (CoAP)", RFC 7252, 1699 DOI 10.17487/RFC7252, June 2014, . 1702 [RFC7452] Tschofenig, H., Arkko, J., Thaler, D., and D. McPherson, 1703 "Architectural Considerations in Smart Object Networking", 1704 RFC 7452, DOI 10.17487/RFC7452, March 2015, 1705 . 1707 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1708 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1709 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1710 . 1712 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 1713 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 1714 February 2017, . 1716 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1717 (IPv6) Specification", STD 86, RFC 8200, 1718 DOI 10.17487/RFC8200, July 2017, . 1721 [RFC8240] Tschofenig, H. and S. Farrell, "Report from the Internet 1722 of Things Software Update (IoTSU) Workshop 2016", 1723 RFC 8240, DOI 10.17487/RFC8240, September 2017, 1724 . 1726 [I-D.farrell-lpwan-lora-overview] 1727 Farrell, S. and A. Yegin, "LoRaWAN Overview", draft- 1728 farrell-lpwan-lora-overview-01 (work in progress), October 1729 2016. 1731 [I-D.minaburo-lpwan-gap-analysis] 1732 Minaburo, A., Gomez, C., Toutain, L., Paradells, J., and 1733 J. Crowcroft, "LPWAN Survey and GAP Analysis", draft- 1734 minaburo-lpwan-gap-analysis-02 (work in progress), October 1735 2016. 1737 [I-D.zuniga-lpwan-sigfox-system-description] 1738 Zuniga, J. and B. PONSARD, "SIGFOX System Description", 1739 draft-zuniga-lpwan-sigfox-system-description-04 (work in 1740 progress), December 2017. 1742 [I-D.ratilainen-lpwan-nb-iot] 1743 Ratilainen, A., "NB-IoT characteristics", draft- 1744 ratilainen-lpwan-nb-iot-00 (work in progress), July 2016. 1746 [I-D.garcia-dime-diameter-lorawan] 1747 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1748 "LoRaWAN Authentication in Diameter", draft-garcia-dime- 1749 diameter-lorawan-00 (work in progress), May 2016. 1751 [I-D.garcia-radext-radius-lorawan] 1752 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1753 "LoRaWAN Authentication in RADIUS", draft-garcia-radext- 1754 radius-lorawan-03 (work in progress), May 2017. 1756 [I-D.hong-6lo-use-cases] 1757 Hong, Y. and C. Gomez, "IPv6 over Constrained Node 1758 Networks(6lo) Applicability & Use cases", draft-hong-6lo- 1759 use-cases-03 (work in progress), October 2016. 1761 [TGPP36300] 1762 3GPP, "TS 36.300 v13.4.0 Evolved Universal Terrestrial 1763 Radio Access (E-UTRA) and Evolved Universal Terrestrial 1764 Radio Access Network (E-UTRAN); Overall description; Stage 1765 2", 2016, 1766 . 1768 [TGPP36321] 1769 3GPP, "TS 36.321 v13.2.0 Evolved Universal Terrestrial 1770 Radio Access (E-UTRA); Medium Access Control (MAC) 1771 protocol specification", 2016. 1773 [TGPP36322] 1774 3GPP, "TS 36.322 v13.2.0 Evolved Universal Terrestrial 1775 Radio Access (E-UTRA); Radio Link Control (RLC) protocol 1776 specification", 2016. 1778 [TGPP36323] 1779 3GPP, "TS 36.323 v13.2.0 Evolved Universal Terrestrial 1780 Radio Access (E-UTRA); Packet Data Convergence Protocol 1781 (PDCP) specification (Not yet available)", 2016. 1783 [TGPP36331] 1784 3GPP, "TS 36.331 v13.2.0 Evolved Universal Terrestrial 1785 Radio Access (E-UTRA); Radio Resource Control (RRC); 1786 Protocol specification", 2016. 1788 [TGPP36201] 1789 3GPP, "TS 36.201 v13.2.0 - Evolved Universal Terrestrial 1790 Radio Access (E-UTRA); LTE physical layer; General 1791 description", 2016. 1793 [TGPP23720] 1794 3GPP, "TR 23.720 v13.0.0 - Study on architecture 1795 enhancements for Cellular Internet of Things", 2016. 1797 [TGPP33203] 1798 3GPP, "TS 33.203 v13.1.0 - 3G security; Access security 1799 for IP-based services", 2016. 1801 [fcc_ref] "FCC CFR 47 Part 15.247 Telecommunication Radio Frequency 1802 Devices - Operation within the bands 902-928 MHz, 1803 2400-2483.5 MHz, and 5725-5850 MHz.", June 2016. 1805 [etsi_ref] 1806 "ETSI EN 300-220 (Parts 1 and 2): Electromagnetic 1807 compatibility and Radio spectrum Matters (ERM); Short 1808 Range Devices (SRD); Radio equipment to be used in the 25 1809 MHz to 1 000 MHz frequency range with power levels ranging 1810 up to 500 mW", May 2016. 1812 [arib_ref] 1813 "ARIB STD-T108 (Version 1.0): 920MHz-Band Telemeter, 1814 Telecontrol and data transmission radio equipment.", 1815 February 2012. 1817 [LoRaSpec] 1818 LoRa Alliance, "LoRaWAN Specification Version V1.0.2", 1819 July 2016, . 1823 [ANSI-4957-000] 1824 ANSI, TIA-4957.000, "Architecture Overview for the Smart 1825 Utility Network", May 2013, . 1828 [ANSI-4957-210] 1829 ANSI, TIA-4957.210, "Multi-Hop Delivery Specification of a 1830 Data Link Sub-Layer", May 2013, . 1833 [wisun-pressie1] 1834 Phil Beecher, Chair, Wi-SUN Alliance, "Wi-SUN Alliance 1835 Overview", March 2017, . 1839 [wisun-pressie2] 1840 Bob Heile, Director of Standards, Wi-SUN Alliance, "IETF97 1841 Wi-SUN Alliance Field Area Network (FAN) Overview", 1842 November 2016, 1843 . 1846 [IEEE-802-15-4] 1847 "IEEE Standard for Low-Rate Wireless Personal Area 1848 Networks (WPANs)", IEEE Standard 802.15.4, 2015, 1849 . 1852 [IEEE-802-15-9] 1853 "IEEE Recommended Practice for Transport of Key Management 1854 Protocol (KMP) Datagrams", IEEE Standard 802.15.9, 2016, 1855 . 1858 [etsi_unb] 1859 "ETSI TR 103 435 System Reference document (SRdoc); Short 1860 Range Devices (SRD); Technical characteristics for Ultra 1861 Narrow Band (UNB) SRDs operating in the UHF spectrum below 1862 1 GHz", February 2017. 1864 [nbiot-ov] 1865 Beyene, Yihenew Dagne, et al., "NB-IoT technology overview 1866 and experience from cloud-RAN implementation", IEEE 1867 Wireless Communications 24,3 (2017): 26-32, June 2017. 1869 Appendix A. Changes 1871 [[RFC editor: Please remove this before publication]] 1873 A.1. From -00 to -01 1875 o WG have stated they want this to be an RFC. 1877 o WG clearly want to keep the RF details. 1879 o Various changes made to remove/resolve a number of editorial notes 1880 from -00 (in some cases as per suggestions from Ana Minaburo) 1882 o Merged PR's: #1... 1884 o Rejected PR's: #2 (change was made to .txt not .xml but was 1885 replicated manually by editor) 1887 o Github repo is at: https://github.com/sftcd/lpwan-ov 1889 A.2. From -01 to -02 1891 o WG seem to agree with editor suggestions in slides 13-24 of the 1892 presentation on this topic given at IETF98 (See: 1893 https://www.ietf.org/proceedings/98/slides/slides-98-lpwan- 1894 aggregated-slides-07.pdf) 1896 o Got new text wrt Wi-SUN via email from Paul Duffy and merged that 1897 in 1899 o Reflected list discussion wrt terminology and "end-device" 1901 o Merged PR's: #3... 1903 A.3. From -02 to -03 1905 o Editorial changes and typo fixes thanks to Fred Baker running 1906 something called Grammerly and sending me it's report. 1908 o Merged PR's: #4, #6, #7... 1910 o Editor did an editing pass on the lot. 1912 A.4. From -03 to -04 1914 o Picked up a PR that had been wrongly applied that expands UE 1916 o Editorial changes wrt LoRa suggested by Alper 1918 o Editorial changes wrt SIGFOX provided by Juan-Carlos 1920 A.5. From -04 to -05 1922 o Handled Russ Housley's WGLC review. 1924 o Handled Alper Yegin's WGLC review. 1926 A.6. From -05 to -06 1928 o More Alper comments:-) 1930 o Added some more detail about sigfox security. 1932 o Added Wi-SUN changes from Charlie Perkins 1934 A.7. From -06 to -07 1936 Yet more Alper comments:-) 1938 Comments from Behcet Sarikaya 1940 A.8. From -07 to -08 1942 various typos 1944 Last call and directorate comments from Abdussalam Baryun (AB) and 1945 Andy Malis 1947 20180118 IESG ballot comments from Warren: nits handled, two 1948 possible bits of text still needed. 1950 Some more AB comments handled. Still need to check over 7452 and 1951 8240 to see if issues from those need to be discussed here. 1953 Corrected "no IP capabilities - Wi-SUN devices do v6 (thanks Paul 1954 Duffy:-) 1956 Mirja's AD ballot comments handled. 1958 Added a sentence in intro trying to say what's "special" about 1959 LPWAN compared to other constrained networks. (As suggested by 1960 Warren.) 1962 Added text @ start of gap analysis referring to RFCs 7252 and 1963 8240, as suggested by a few folks (AB, Warren, Mirja) 1965 Added nbiot-ov reference for those who'd like a more polished 1966 presentation of NB-IoT 1968 A.9. From -08 to -09 1970 Changes due to IoT-DIR review from Samita Chakrabarti: fixed error 1971 on max rate between tables 1 and 2; s/eNb/eNodeB/; fixed 1972 references to hong-6lo-use-cases; added RFC8065 reference 1974 A.10. From -09 to -10 1976 Added Charlie Perkins as contributor - was supposed to have been 1977 done ages ago - editor forgot;-) 1979 Author's Address 1981 Stephen Farrell (editor) 1982 Trinity College Dublin 1983 Dublin 2 1984 Ireland 1986 Phone: +353-1-896-2354 1987 Email: stephen.farrell@cs.tcd.ie