idnits 2.17.00 (12 Aug 2021) /tmp/idnits25274/draft-ietf-6tisch-architecture-30.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 2562 has weird spacing: '...atteyne for h...' == Line 2566 has weird spacing: '...ajosana who l...' == Line 2570 has weird spacing: '... Pister for c...' == Line 2573 has weird spacing: '...Vucinic for t...' == Line 2576 has weird spacing: '...hardson for h...' == (6 more instances...) -- The document date (26 November 2020) is 534 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: draft-ietf-6tisch-minimal-security has been published as RFC 9031 == Outdated reference: draft-ietf-6lo-backbone-router has been published as RFC 8929 == Outdated reference: draft-ietf-6lo-fragment-recovery has been published as RFC 8931 == Outdated reference: draft-ietf-6lo-minimal-fragment has been published as RFC 8930 == Outdated reference: draft-ietf-6lo-ap-nd has been published as RFC 8928 == Outdated reference: draft-ietf-roll-useofrplinfo has been published as RFC 9008 == Outdated reference: draft-ietf-roll-unaware-leaves has been published as RFC 9010 == Outdated reference: draft-ietf-6tisch-enrollment-enhanced-beacon has been published as RFC 9032 == Outdated reference: draft-ietf-6tisch-msf has been published as RFC 9033 -- Obsolete informational reference (is this intentional?): RFC 6347 (Obsoleted by RFC 9147) == Outdated reference: draft-ietf-core-object-security has been published as RFC 8613 == Outdated reference: draft-ietf-detnet-ip has been published as RFC 8939 == Outdated reference: draft-ietf-anima-bootstrapping-keyinfra has been published as RFC 8995 == Outdated reference: A later version (-13) exists of draft-ietf-roll-aodv-rpl-08 == Outdated reference: A later version (-25) exists of draft-ietf-roll-dao-projection-14 == Outdated reference: draft-ietf-ace-coap-est has been published as RFC 9148 == Outdated reference: A later version (-17) exists of draft-ietf-anima-constrained-voucher-09 Summary: 0 errors (**), 0 flaws (~~), 23 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6TiSCH P. Thubert, Ed. 3 Internet-Draft Cisco Systems 4 Intended status: Informational 26 November 2020 5 Expires: 30 May 2021 7 An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4 8 draft-ietf-6tisch-architecture-30 10 Abstract 12 This document describes a network architecture that provides low- 13 latency, low-jitter and high-reliability packet delivery. It 14 combines a high-speed powered backbone and subnetworks using IEEE 15 802.15.4 time-slotted channel hopping (TSCH) to meet the requirements 16 of LowPower wireless deterministic applications. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on 30 May 2021. 35 Copyright Notice 37 Copyright (c) 2020 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 42 license-info) in effect on the date of publication of this document. 43 Please review these documents carefully, as they describe your rights 44 and restrictions with respect to this document. Code Components 45 extracted from this document must include Simplified BSD License text 46 as described in Section 4.e of the Trust Legal Provisions and are 47 provided without warranty as described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 52 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 53 2.1. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 5 54 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 10 55 2.3. Related Documents . . . . . . . . . . . . . . . . . . . . 11 56 3. High Level Architecture . . . . . . . . . . . . . . . . . . . 12 57 3.1. A Non-Broadcast Multi-Access Radio Mesh Network . . . . . 12 58 3.2. A Multi-Link Subnet Model . . . . . . . . . . . . . . . . 14 59 3.3. TSCH: A Deterministic MAC Layer . . . . . . . . . . . . . 16 60 3.4. Scheduling TSCH . . . . . . . . . . . . . . . . . . . . . 17 61 3.5. Distributed vs. Centralized Routing . . . . . . . . . . . 18 62 3.6. Forwarding Over TSCH . . . . . . . . . . . . . . . . . . 19 63 3.7. 6TiSCH Stack . . . . . . . . . . . . . . . . . . . . . . 20 64 3.8. Communication Paradigms and Interaction Models . . . . . 22 65 4. Architecture Components . . . . . . . . . . . . . . . . . . . 23 66 4.1. 6LoWPAN (and RPL) . . . . . . . . . . . . . . . . . . . . 23 67 4.1.1. RPL-Unaware Leaves and 6LoWPAN ND . . . . . . . . . . 23 68 4.1.2. 6LBR and RPL Root . . . . . . . . . . . . . . . . . . 24 69 4.2. Network Access and Addressing . . . . . . . . . . . . . . 24 70 4.2.1. Join Process . . . . . . . . . . . . . . . . . . . . 25 71 4.2.2. Registration . . . . . . . . . . . . . . . . . . . . 27 72 4.3. TSCH and 6top . . . . . . . . . . . . . . . . . . . . . . 28 73 4.3.1. 6top . . . . . . . . . . . . . . . . . . . . . . . . 28 74 4.3.2. Scheduling Functions and the 6top protocol . . . . . 30 75 4.3.3. 6top and RPL Objective Function operations . . . . . 31 76 4.3.4. Network Synchronization . . . . . . . . . . . . . . . 32 77 4.3.5. Slotframes and CDU matrix . . . . . . . . . . . . . . 33 78 4.3.6. Distributing the reservation of cells . . . . . . . . 34 79 4.4. Schedule Management Mechanisms . . . . . . . . . . . . . 35 80 4.4.1. Static Scheduling . . . . . . . . . . . . . . . . . . 35 81 4.4.2. Neighbor-to-neighbor Scheduling . . . . . . . . . . . 36 82 4.4.3. Remote Monitoring and Schedule Management . . . . . . 37 83 4.4.4. Hop-by-hop Scheduling . . . . . . . . . . . . . . . . 39 84 4.5. On Tracks . . . . . . . . . . . . . . . . . . . . . . . . 39 85 4.5.1. General Behavior of Tracks . . . . . . . . . . . . . 40 86 4.5.2. Serial Track . . . . . . . . . . . . . . . . . . . . 40 87 4.5.3. Complex Track with Replication and Elimination . . . 41 88 4.5.4. DetNet End-to-end Path . . . . . . . . . . . . . . . 41 89 4.5.5. Cell Reuse . . . . . . . . . . . . . . . . . . . . . 42 90 4.6. Forwarding Models . . . . . . . . . . . . . . . . . . . . 43 91 4.6.1. Track Forwarding . . . . . . . . . . . . . . . . . . 43 92 4.6.2. IPv6 Forwarding . . . . . . . . . . . . . . . . . . . 46 93 4.6.3. Fragment Forwarding . . . . . . . . . . . . . . . . . 47 94 4.7. Advanced 6TiSCH Routing . . . . . . . . . . . . . . . . . 48 95 4.7.1. Packet Marking and Handling . . . . . . . . . . . . . 48 96 4.7.2. Replication, Retries and Elimination . . . . . . . . 49 98 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 52 99 6. Security Considerations . . . . . . . . . . . . . . . . . . . 52 100 6.1. Availability of Remote Services . . . . . . . . . . . . . 52 101 6.2. Selective Jamming . . . . . . . . . . . . . . . . . . . . 52 102 6.3. MAC-Layer Security . . . . . . . . . . . . . . . . . . . 53 103 6.4. Time Synchronization . . . . . . . . . . . . . . . . . . 53 104 6.5. Validating ASN . . . . . . . . . . . . . . . . . . . . . 54 105 6.6. Network Keying and Rekeying . . . . . . . . . . . . . . . 55 106 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 56 107 7.1. Contributors . . . . . . . . . . . . . . . . . . . . . . 56 108 7.2. Special Thanks . . . . . . . . . . . . . . . . . . . . . 57 109 7.3. And Do not Forget . . . . . . . . . . . . . . . . . . . . 58 110 8. Normative References . . . . . . . . . . . . . . . . . . . . 58 111 9. Informative References . . . . . . . . . . . . . . . . . . . 62 112 Appendix A. Related Work In Progress . . . . . . . . . . . . . . 69 113 A.1. Unchartered IETF work items . . . . . . . . . . . . . . . 69 114 A.1.1. 6TiSCH Zerotouch security . . . . . . . . . . . . . . 69 115 A.1.2. 6TiSCH Track Setup . . . . . . . . . . . . . . . . . 69 116 A.1.3. Using BIER in a 6TiSCH Network . . . . . . . . . . . 70 117 A.2. External (non-IETF) work items . . . . . . . . . . . . . 70 118 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 71 120 1. Introduction 122 Wireless Networks enable a wide variety of devices of any size to get 123 interconnected, often at a very low marginal cost per device, at any 124 range, and in circumstances where wiring may be impractical, for 125 instance on fast-moving or rotating devices. 127 On the other hand, Deterministic Networking maximizes the packet 128 delivery ratio within a bounded latency so as to enable mission- 129 critical machine-to-machine (M2M) operations. Applications that need 130 such networks are presented in [RFC8578]. The considered 131 applications include Professional Media, Industrial Automation 132 Control Systems (IACS), building automation, in-vehicle command and 133 control, commercial automation and asset tracking with mobile 134 scenarios, as well as gaming, drones and edge robotic control, and 135 home automation applications. 137 The Timeslotted Channel Hopping (TSCH) [RFC7554] mode of the IEEE 138 Std. 802.15.4 [IEEE802154] Medium Access Control (MAC) was introduced 139 with the IEEE Std. 802.15.4e [IEEE802154e] amendment and is now 140 retrofitted in the main standard. For all practical purposes, this 141 document is expected to be insensitive to the revisions of that 142 standard, which is thus referenced without a date. TSCH is both a 143 Time-Division Multiplexing and a Frequency-Division Multiplexing 144 technique whereby a different channel can be used for each 145 transmission, and that allows to schedule transmissions for 146 deterministic operations, and applies to the slower and most energy 147 constrained wireless use cases. 149 The scheduled operation provides for a more reliable experience which 150 can be used to monitor and manage resources, e.g., energy and water, 151 in a more efficient fashion. 153 Proven Deterministic Networking standards for use in Process Control, 154 including ISA100.11a [ISA100.11a] and WirelessHART [WirelessHART], 155 have demonstrated the capabilities of the IEEE Std. 802.15.4 TSCH MAC 156 for high reliability against interference, low-power consumption on 157 well-known flows, and its applicability for Traffic Engineering (TE) 158 from a central controller. 160 To enable the convergence of Information Technology (IT) and 161 Operational Technology (OT) in Low-Power Lossy Networks (LLNs), the 162 6TiSCH Architecture supports an IETF suite of protocols over the IEEE 163 Std. 802.15.4 TSCH MAC to provide IP connectivity for energy and 164 otherwise constrained wireless devices. 166 The 6TiSCH Architecture relies on IPv6 [RFC8200] and the use of 167 routing to provide large scaling capabilities. The addition of a 168 high-speed federating backbone adds yet another degree of scalability 169 to the design. The backbone is typically a Layer-2 transit Link such 170 as an Ethernet bridged network, but it can also be a more complex 171 routed structure. 173 The 6TiSCH Architecture introduces an IPv6 Multi-Link subnet model 174 that is composed of a federating backbone and a number of IEEE Std. 175 802.15.4 TSCH low-power wireless networks federated and synchronized 176 by Backbone Routers. If the backbone is a Layer-2 transit Link then 177 the Backbone Routers can operate as an IPv6 Neighbor Discovery (IPv6 178 ND) [RFC4861] proxy. 180 The 6TiSCH Architecture leverages 6LoWPAN [RFC4944] to adapt IPv6 to 181 the constrained media and RPL [RFC6550] for the distributed routing 182 operations. 184 Centralized routing refers to a model where routes are computed and 185 resources are allocated from a central controller. This is 186 particularly helpful to schedule deterministic multihop 187 transmissions. In contrast, Distributed Routing refers to a model 188 that relies on concurrent peer to peer protocol exchanges for TSCH 189 resource allocation and routing operations. 191 The architecture defines mechanisms to establish and maintain routing 192 and scheduling in a centralized, distributed, or mixed fashion, for 193 use in multiple OT environments. It is applicable in particular to 194 highly scalable solutions such as used in Advanced Metering 195 Infrastructure [AMI] solutions that leverage distributed routing to 196 enable multipath forwarding over large LLN meshes. 198 2. Terminology 200 2.1. New Terms 202 The draft does not reuse terms from the IEEE Std. 802.15.4 203 [IEEE802154] standard such as "path" or "link" which bear a meaning 204 that is quite different from classical IETF parlance. 206 This document adds the following terms: 208 6TiSCH (IPv6 over the TSCH mode of IEEE 802.15.4): 6TiSCH defines an 209 adaptation sublayer for IPv6 over TSCH called 6top, a set of 210 protocols for setting up a TSCH schedule in distributed approach, 211 and a security solution. 6TiSCH may be extended in the future for 212 other MAC/PHY pairs providing a service similar to TSCH. 214 6top (6TiSCH Operation Sublayer): The next higher layer of the IEEE 215 Std. 802.15.4 TSCH MAC layer. 6top provides the abstraction of an 216 IP link over a TSCH MAC, schedules packets over TSCH cells, and 217 exposes a management interface to schedule TSCH cells. 219 6P (6top Protocol): The protocol defined in [RFC8480]. 6P enables 220 Layer-2 peers to allocate, move or deallocate cells in their 221 respective schedules to communicate. 6P operates at the 6top 222 layer. 224 6P Transaction: A 2-way or 3-way sequence of 6P messages used by 225 Layer-2 peers to modify their communication schedule. 227 ASN (Absolute Slot Number): Defined in [IEEE802154], the ASN is the 228 total number of timeslots that have elapsed since the Epoch Time 229 when the TSCH network started. Incremented by one at each 230 timeslot. It is wide enough to not roll over in practice. 232 bundle: A group of equivalent scheduled cells, i.e., cells 233 identified by different [slotOffset, channelOffset], which are 234 scheduled for a same purpose, with the same neighbor, with the 235 same flags, and the same slotframe. The size of the bundle refers 236 to the number of cells it contains. For a given slotframe length, 237 the size of the bundle translates directly into bandwidth. A 238 bundle is a local abstraction that represents a half-duplex link 239 for either sending or receiving, with bandwidth that amounts to 240 the sum of the cells in the bundle. 242 Layer-2 vs. Layer-3 bundle: Bundles are associated for either 243 Layer-2 (switching) or Layer-3 (routing) forwarding operations. A 244 pair of Layer-3 bundles (one for each direction) maps to an IP 245 Link with a neighbor, whereas a set of Layer-2 bundles (of an 246 "arbitrary" cardinality and direction) corresponds to the relation 247 of one or more incoming bundle(s) from the previous-hop 248 neighbor(s) with one or more outgoing bundle(s) to the next-hop 249 neighbor(s) along a Track as part of the switching role, which may 250 include replication and elimination. 252 CCA (Clear Channel Assessment): A mechanism defined in [IEEE802154] 253 whereby nodes listen to the channel before sending to detect 254 ongoing transmissions from other parties. Because the network is 255 synchronized, CCA cannot be used to detect colliding transmissions 256 within the same network, but it can be used to detect other radio 257 networks in vicinity. 259 cell: A unit of transmission resource in the CDU matrix, a cell is 260 identified by a slotOffset and a channelOffset. A cell can be 261 scheduled or unscheduled. 263 Channel Distribution/Usage (CDU) matrix: : A matrix of cells (i,j) 264 representing the spectrum (channel) distribution among the 265 different nodes in the 6TiSCH network. The CDU matrix has width 266 in timeslots, equal to the period of the network scheduling 267 operation, and height equal to the number of available channels. 268 Every cell (i,j) in the CDU, identified by (slotOffset, 269 channelOffset), belongs to a specific chunk. 271 channelOffset: Identifies a row in the TSCH schedule. The number of 272 channelOffset values is bounded by the number of available 273 frequencies. The channelOffset translates into a frequency with a 274 function that depends on the absolute time when the communication 275 takes place, resulting in a channel hopping operation. 277 chunk: A well-known list of cells, distributed in time and 278 frequency, within a CDU matrix. A chunk represents a portion of a 279 CDU matrix. The partition of the CDU matrix in chunks is globally 280 known by all the nodes in the network to support the appropriation 281 process, which is a negotiation between nodes within an 282 interference domain. A node that manages to appropriate a chunk 283 gets to decide which transmissions will occur over the cells in 284 the chunk within its interference domain, i.e., a parent node will 285 decide when the cells within the appropriated chunk are used and 286 by which node, among its children. 288 CoJP (Constrained Join Protocol): The Constrained Join Protocol 289 (CoJP) enables a pledge to securely join a 6TiSCH network and 290 obtain network parameters over a secure channel. Minimal Security 291 Framework for 6TiSCH [MIN-SECURITY] defines the minimal CoJP setup 292 with pre-shared keys defined. In that mode, CoJP can operate with 293 a single round trip exchange. 295 dedicated cell: A cell that is reserved for a given node to transmit 296 to a specific neighbor. 298 deterministic network: The generic concept of deterministic network 299 is defined in the "DetNet Architecture" [RFC8655] document. When 300 applied to 6TiSCH, it refers to the reservation of Tracks which 301 guarantees an end-to-end latency and optimizes the Packet Delivery 302 Ratio (PDR) for well-characterized flows. 304 distributed cell reservation: A reservation of a cell done by one or 305 more in-network entities. 307 distributed Track reservation: A reservation of a Track done by one 308 or more in-network entities. 310 EB (Enhanced Beacon): A special frame defined in [IEEE802154] used 311 by a node, including the JP, to announce the presence of the 312 network. It contains enough information for a pledge to 313 synchronize to the network. 315 hard cell: A scheduled cell which the 6top sublayer may not 316 relocate. 318 hopping sequence: Ordered sequence of frequencies, identified by a 319 Hopping_Sequence_ID, used for channel hopping when translating the 320 channelOffset value into a frequency. 322 IE (Information Element): Type-Length-Value containers placed at the 323 end of the MAC header, used to pass data between layers or 324 devices. Some IE identifiers are managed by the IEEE 325 [IEEE802154]. Some IE identifiers are managed by the IETF 326 [RFC8137], and [ENH-BEACON] uses one subtype to support the 327 selection of the Join Proxy. 329 join process: The overall process that includes the discovery of the 330 network by pledge(s) and the execution of the join protocol. 332 join protocol: The protocol that allows the pledge to join the 333 network. The join protocol encompasses authentication, 334 authorization and parameter distribution. The join protocol is 335 executed between the pledge and the JRC. 337 joined node: The new device, after having completed the join 338 process, often just called a node. 340 JP (Join Proxy): Node already part of the 6TiSCH network that serves 341 as a relay to provide connectivity between the pledge and the JRC. 342 The JP announces the presence of the network by regularly sending 343 EB frames. 345 JRC (Join Registrar/Coordinator): Central entity responsible for the 346 authentication, authorization and configuration of the pledge. 348 link: A communication facility or medium over which nodes can 349 communicate at the Link-Layer, the layer immediately below IP. In 350 6TiSCH, the concept is implemented as a collection of Layer-3 351 bundles. Note: the IETF parlance for the term "Link" is adopted, 352 as opposed to the IEEE Std. 802.15.4 terminology. 354 Operational Technology: OT refers to technology used in automation, 355 for instance in industrial control networks. The convergence of 356 IT and OT is the main object of the Industrial Internet of Things 357 (IIOT). 359 pledge: A new device that attempts to join a 6TiSCH network. 361 (to) relocate a cell: The action operated by the 6top sublayer of 362 changing the slotOffset and/or channelOffset of a soft cell. 364 (to) schedule a cell: The action of turning an unscheduled cell into 365 a scheduled cell. 367 scheduled cell: A cell which is assigned a neighbor MAC address 368 (broadcast address is also possible), and one or more of the 369 following flags: TX, RX, Shared and Timekeeping. A scheduled cell 370 can be used by the IEEE Std. 802.15.4 TSCH implementation to 371 communicate. A scheduled cell can either be a hard or a soft 372 cell. 374 SF (6top Scheduling Function): The cell management entity that adds 375 or deletes cells dynamically based on application networking 376 requirements. The cell negotiation with a neighbor is done using 377 6P. 379 SFID (6top Scheduling Function Identifier): A 4-bit field 380 identifying an SF. 382 shared cell: A cell marked with both the "TX" and "shared" flags. 383 This cell can be used by more than one transmitter node. A back- 384 off algorithm is used to resolve contention. 386 slotframe: A collection of timeslots repeating in time, analogous to 387 a superframe in that it defines periods of communication 388 opportunities. It is characterized by a slotframe_ID, and a 389 slotframe_size. Multiple slotframes can coexist in a node's 390 schedule, i.e., a node can have multiple activities scheduled in 391 different slotframes, based on the priority of its packets/traffic 392 flows. The timeslots in the Slotframe are indexed by the 393 SlotOffset; the first timeslot is at SlotOffset 0. 395 slotOffset: A column in the TSCH schedule, i.e., the number of 396 timeslots since the beginning of the current iteration of the 397 slotframe. 399 soft cell: A scheduled cell which the 6top sublayer can relocate. 401 time source neighbor: A neighbor that a node uses as its time 402 reference, and to which it needs to keep its clock synchronized. 404 timeslot: A basic communication unit in TSCH which allows a 405 transmitter node to send a frame to a receiver neighbor, and that 406 receiver neighbor to optionally send back an acknowledgment. 408 Track: A Track is a Directed Acyclic Graph (DAG) that is used as a 409 complex multi-hop path to the destination(s) of the path. In the 410 case of unicast traffic, the Track is a Destination Oriented DAG 411 (DODAG) where the Root of the DODAG is the destination of the 412 unicast traffic. A Track enables replication, elimination and 413 reordering functions on the way (more on those functions in 414 [RFC8655]. A Track reservation locks physical resources such as 415 cells and buffers in every node along the DODAG. A Track is 416 associated with a owner that can be for instance the destination 417 of the Track. 419 TrackID: A TrackID is either globally unique, or locally unique to 420 the Track owner, in which case the identification of the owner 421 must be provided together with the TrackID to provide a full 422 reference to the Track. typically, the Track owner is the ingress 423 of the Track then the IPv6 source address of packets along the 424 Track can be used as identification of the owner and a local 425 InstanceID [RFC6550] in the namespace of that owner can be used as 426 TrackID. If the Track is reversible, then the owner is found in 427 the IPv6 destination address of a packet coming back along the 428 Track. In that case, a RPL Packet Information [RFC6550] in an 429 IPv6 packet can unambiguously identify the Track and can be 430 expressed in a compressed form using [RFC8138]. 432 TSCH: A medium access mode of the IEEE Std. 802.15.4 [IEEE802154] 433 standard which uses time synchronization to achieve ultra-low- 434 power operation, and channel hopping to enable high reliability. 436 TSCH Schedule: A matrix of cells, each cell indexed by a slotOffset 437 and a channelOffset. The TSCH schedule contains all the scheduled 438 cells from all slotframes and is sufficient to qualify the 439 communication in the TSCH network. The number of channelOffset 440 values (the "height" of the matrix) is equal to the number of 441 available frequencies. 443 Unscheduled Cell: A cell which is not used by the IEEE Std. 802.15.4 444 TSCH implementation. 446 2.2. Abbreviations 448 This document uses the following abbreviations: 450 6BBR: 6LoWPAN Backbone Router (router with a proxy ND function) 452 6LBR: 6LoWPAN Border Router (authoritative on DAD) 454 6LN: 6LoWPAN Node 456 6LR: 6LoWPAN Router (relay to the registration process) 457 6CIO: Capability Indication Option 459 (E)ARO: (Extended) Address Registration Option 461 (E)DAR: (Extended) Duplicate Address Request 463 (E)DAC: (Extended) Duplicate Address Confirmation 465 DAD: Duplicate Address Detection 467 DODAG: Destination-Oriented Directed Acyclic Graph 469 LLN: Low-Power and Lossy Network (a typical IoT network) 471 NA: Neighbor Advertisement 473 NCE: Neighbor Cache Entry 475 ND: Neighbor Discovery 477 NDP: Neighbor Discovery Protocol 479 PCE: Path Computation Element 481 NME: Network Management Entity 483 ROVR: Registration Ownership Verifier (pronounced rover) 485 RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) 487 RA: Router Advertisement 489 RS: Router Solicitation 491 TSCH: timeslotted Channel Hopping 493 TID: Transaction ID (a sequence counter in the EARO) 495 2.3. Related Documents 497 The draft also conforms to the terms and models described in 498 [RFC3444] and [RFC5889] and uses the vocabulary and the concepts 499 defined in [RFC4291] for the IPv6 Architecture and refers [RFC4080] 500 for reservation 502 The draft uses domain-specific terminology defined or referenced in: 504 6LoWPAN ND "Neighbor Discovery Optimization for Low-power and 505 Lossy Networks" [RFC6775] and "Registration Extensions for 6LoWPAN 506 Neighbor Discovery" [RFC8505], 508 "Terms Used in Routing for Low-Power and Lossy Networks (LLNs)" 509 [RFC7102], 511 and RPL "Objective Function Zero for the Routing Protocol for 512 Low-Power and Lossy Networks (RPL)" [RFC6552], and "RPL: IPv6 513 Routing Protocol for Low-Power and Lossy Networks" [RFC6550]. 515 Other terms in use in LLNs are found in "Terminology for 516 Constrained-Node Networks" [RFC7228]. 518 Readers are expected to be familiar with all the terms and concepts 519 that are discussed in 521 * "Neighbor Discovery for IP version 6" [RFC4861], and "IPv6 522 Stateless Address Autoconfiguration" [RFC4862]. 524 In addition, readers would benefit from reading: 526 * "Problem Statement and Requirements for IPv6 over Low-Power 527 Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], 529 * "Multi-Link Subnet Issues" [RFC4903], and 531 * "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 532 Overview, Assumptions, Problem Statement, and Goals" [RFC4919] 534 prior to this specification for a clear understanding of the art in 535 ND-proxying and binding. 537 3. High Level Architecture 539 3.1. A Non-Broadcast Multi-Access Radio Mesh Network 541 A 6TiSCH network is an IPv6 [RFC8200] subnet which, in its basic 542 configuration illustrated in Figure 1, is a single Low-Power Lossy 543 Network (LLN) operating over a synchronized TSCH-based mesh. 545 ---+-------- ............ ------------ 546 | External Network | 547 | +-----+ 548 +-----+ | NME | 549 | | LLN Border | PCE | 550 | | router (6LBR) +-----+ 551 +-----+ 552 o o o 553 o o o o o 554 o o 6LoWPAN + RPL o o 555 o o o o 557 Figure 1: Basic Configuration of a 6TiSCH Network 559 Inside a 6TiSCH LLN, nodes rely on 6LoWPAN Header Compression 560 (6LoWPAN HC) [RFC6282] to encode IPv6 packets. From the perspective 561 of the network layer, a single LLN interface (typically an IEEE Std. 562 802.15.4-compliant radio) may be seen as a collection of Links with 563 different capabilities for unicast or multicast services. 565 6TiSCH nodes join a mesh network by attaching to nodes that are 566 already members of the mesh (see Section 4.2.1). The security 567 aspects of the join process are further detailed in Section 6. In a 568 mesh network, 6TiSCH nodes are not necessarily reachable from one 569 another at Layer-2 and an LLN may span over multiple links. 571 This forms a homogeneous non-broadcast multi-access (NBMA) subnet, 572 which is beyond the scope of IPv6 Neighbor Discovery (IPv6 ND) 573 [RFC4861][RFC4862]. 6LoWPAN Neighbor Discovery (6LoWPAN ND) 574 [RFC6775][RFC8505] specifies extensions to IPv6 ND that enable ND 575 operations in this type of subnet that can be protected against 576 address theft and impersonation with [AP-ND]. 578 Once it has joined the 6TiSCH network, a node acquires IPv6 Addresses 579 and register them using 6LoWPAN ND. This guarantees that the 580 addresses are unique and protects the address ownership over the 581 subnet, more in Section 4.2.2. 583 Within the NBMA subnet, RPL [RFC6550] enables routing in the so- 584 called Route Over fashion, either in storing (stateful) or non- 585 storing (stateless, with routing headers) mode. From there, some 586 nodes can act as routers for 6LoWPAN ND and RPL operations, as 587 detailed in Section 4.1. 589 With TSCH, devices are time-synchronized at the MAC level. The use 590 of a particular RPL Instance for time synchronization is discussed in 591 Section 4.3.4. With this mechanism, the time synchronization starts 592 at the RPL Root and follows the RPL loopless routing topology. 594 RPL forms Destination Oriented Directed Acyclic Graphs (DODAGs) 595 within Instances of the protocol, each Instance being associated with 596 an Objective Function (OF) to form a routing topology. A particular 597 6TiSCH node, the LLN Border Router (6LBR), acts as RPL Root, 6LoWPAN 598 HC terminator, and Border Router for the LLN to the outside. The 599 6LBR is usually powered. More on RPL Instances can be found in 600 section 3.1 of RPL [RFC6550], in particular "3.1.2. RPL Identifiers" 601 and "3.1.3. Instances, DODAGs, and DODAG Versions". RPL adds 602 artifacts in the data packets that are compressed with a 6LoWPAN 603 addition 6LoRH [RFC8138]. 605 Additional routing and scheduling protocols may be deployed to 606 establish on-demand Peer-to-Peer routes with particular 607 characteristics inside the 6TiSCH network. This may be achieved in a 608 centralized fashion by a Path Computation Element (PCE) [PCE] that 609 programs both the routes and the schedules inside the 6TiSCH nodes, 610 or by in a distributed fashion using a reactive routing protocol and 611 a Hop-by-Hop scheduling protocol. 613 This architecture expects that a 6LoWPAN node can connect as a leaf 614 to a RPL network, where the leaf support is the minimal functionality 615 to connect as a host to a RPL network without the need to participate 616 to the full routing protocol. The architecture also expects that a 617 6LoWPAN node that is not aware at all of the RPL protocol may also 618 connect as described in [RUL-DRAFT]. 620 3.2. A Multi-Link Subnet Model 622 An extended configuration of the subnet comprises multiple LLNs as 623 illustrated in Figure 2. In the extended configuration, a Routing 624 Registrar [RFC8505] may be connected to the node that acts as RPL 625 Root and / or 6LoWPAN 6LBR and provides connectivity to the larger 626 campus / factory plant network over a high-speed backbone or a back- 627 haul link. The Routing registrar may perform IPv6 ND proxy 628 operations, or redistribute the registration in a routing protocol 629 such as OSPF [RFC5340] or BGP [RFC2545], or inject a route in a 630 mobility protocol such as MIPv6 [RFC6275], NEMO [RFC3963], or LISP 631 [RFC6830]. 633 Multiple LLNs can be interconnected and possibly synchronized over a 634 backbone, which can be wired or wireless. The backbone can operate 635 with IPv6 ND [RFC4861][RFC4862] procedures or an hybrid of IPv6 ND 636 and 6LoWPAN ND [RFC6775][RFC8505][AP-ND]. 638 | 639 +-----+ +-----+ +-----+ 640 (default) | | (Optional) | | | | IPv6 641 Router | | 6LBR | | | | Node 642 +-----+ +-----+ +-----+ 643 | Backbone side | | 644 --------+---+--------------------+-+---------------+------+--- 645 | | | 646 +-----------+ +-----------+ +-----------+ 647 | Routing | | Routing | | Routing | 648 | Registrar | | Registrar | | Registrar | 649 +-----------+ +-----------+ +-----------+ 650 o Wireless side o o o o 651 o o o o o o o o o o o o o o 652 o 6TiSCH o 6TiSCH o o o o 6TiSCH o 653 o o LLN o o o o LLN o o LLN o 654 o o o o o o o o o o o o o o 656 Figure 2: Extended Configuration of a 6TiSCH Network 658 A Routing Registrar that performs proxy IPv6 ND operations over the 659 backbone on behalf of the 6TiSCH nodes is called a Backbone Router 660 (6BBR) [6BBR-DRAFT]. The 6BBRs are placed along the wireless edge of 661 a Backbone, and federate multiple wireless links to form a single 662 MultiLink Subnet. The 6BBRs synchronize with one another over the 663 backbone, so as to ensure that the multiple LLNs that form the IPv6 664 subnet stay tightly synchronized. 666 The use of multicast can also be reduced on the backbone with a 667 registrar that would contribute to Duplicate Address Detection as 668 well as Address Lookup using only unicast request/response exchanges. 669 [I-D.thubert-6man-unicast-lookup] is a proposed method that presents 670 an example of how to this could be achieved with an extension of 671 [RFC8505], using an optional 6LBR as a SubNet-level registrar, as 672 illustrated in Figure 2. 674 As detailed in Section 4.1 the 6LBR that serves the LLN and the Root 675 of the RPL network need to share information about the devices that 676 are learned through either 6LoWPAN ND or RPL but not both. The 677 preferred way of achieving this is to collocate/combine them. The 678 combined RPL Root and 6LBR may be collocated with the 6BBR, or 679 directly attached to the 6BBR. In the latter case, it leverages the 680 extended registration process defined in [RFC8505] to proxy the 681 6LoWPAN ND registration to the 6BBR on behalf of the LLN nodes, so 682 that the 6BBR may in turn perform proxy classical ND operations over 683 the backbone. 685 The DetNet Architecture [RFC8655] studies Layer-3 aspects of 686 Deterministic Networks, and covers networks that span multiple 687 Layer-2 domains. If the Backbone is Deterministic (such as defined 688 by the Time Sensitive Networking WG at IEEE), then the Backbone 689 Router ensures that the end-to-end deterministic behavior is 690 maintained between the LLN and the backbone. 692 3.3. TSCH: A Deterministic MAC Layer 694 Though at a different time scale (several orders of magnitude), both 695 IEEE Std. 802.1TSN and IEEE Std. 802.15.4 TSCH standards provide 696 Deterministic capabilities to the point that a packet that pertains 697 to a certain flow may traverse a network from node to node following 698 a precise schedule, as a train that enters and then leaves 699 intermediate stations at precise times along its path. 701 With TSCH, time is formatted into timeslots, and individual 702 communication cells are allocated to unicast or broadcast 703 communication at the MAC level. The time-slotted operation reduces 704 collisions, saves energy, and enables to more closely engineer the 705 network for deterministic properties. The channel hopping aspect is 706 a simple and efficient technique to combat multipath fading and co- 707 channel interference. 709 6TiSCH builds on the IEEE Std. 802.15.4 TSCH MAC and inherits its 710 advanced capabilities to enable them in multiple environments where 711 they can be leveraged to improve automated operations. The 6TiSCH 712 Architecture also inherits the capability to perform a centralized 713 route computation to achieve deterministic properties, though it 714 relies on the IETF DetNet Architecture [RFC8655], and IETF components 715 such as the PCE [PCE], for the protocol aspects. 717 On top of this inheritance, 6TiSCH adds capabilities for distributed 718 routing and scheduling operations based on the RPL routing protocol 719 and capabilities to negotiate schedule adjustments between peers. 720 These distributed routing and scheduling operations simplify the 721 deployment of TSCH networks and enable wireless solutions in a larger 722 variety of use cases from operational technology in general. 723 Examples of such use-cases in industrial environments include plant 724 setup and decommissioning, as well as monitoring of lots of lesser 725 importance measurements such as corrosion and events and mobile 726 workers accessing local devices. 728 3.4. Scheduling TSCH 730 A scheduling operation attributes cells in a Time-Division- 731 Multiplexing (TDM) / Frequency-Division Multiplexing (FDM) matrix 732 called the Channel distribution/usage (CDU) to either individual 733 transmissions or as multi-access shared resources. The CDU matrix 734 can be formatted in chunks that can be allocated exclusively to 735 particular nodes to enable distributed scheduling without collision. 736 More in Section 4.3.5. 738 From the standpoint of a 6TiSCH node (at the MAC layer), its schedule 739 is the collection of the timeslots at which it must wake up for 740 transmission, and the channels to which it should either send or 741 listen at those times. The schedule is expressed as one or more 742 slotframes that repeat over and over. Slotframes may collide and 743 require a device to wake up at a same time, in which case the 744 slotframe with the highest priority is actionable. 746 The 6top sublayer (see Section 4.3 for more) hides the complexity of 747 the schedule from the upper layers. The Link abstraction that IP 748 traffic utilizes is composed of a pair of Layer-3 cell bundles, one 749 to receive and one to transmit. Some of the cells may be shared, in 750 which case the 6top sublayer must perform some arbitration. 752 Scheduling enables multiple communications at a same time in a same 753 interference domain using different channels; but a node equipped 754 with a single radio can only either transmit or receive on one 755 channel at any point of time. Scheduled cells that fulfil the same 756 role, e.g., receive IP packets from a peer, are grouped in bundles. 758 The 6TiSCH architecture identifies four ways a schedule can be 759 managed and CDU cells can be allocated: Static Scheduling, Neighbor- 760 to-Neighbor Scheduling, Centralized (or Remote) Monitoring and 761 Schedule Management, and Hop-by-hop Scheduling. 763 Static Scheduling: This refers to the minimal 6TiSCH operation 764 whereby a static schedule is configured for the whole network for 765 use in a Slotted ALOHA [S-ALOHA] fashion. The static schedule is 766 distributed through the native methods in the TSCH MAC layer and 767 does not preclude other scheduling operations to co-exist on a 768 same 6TiSCH network. A static schedule is necessary for basic 769 operations such as the join process and for interoperability 770 during the network formation, which is specified as part of the 771 Minimal 6TiSCH Configuration [RFC8180]. 773 Neighbor-to-Neighbor Scheduling: This refers to the dynamic 774 adaptation of the bandwidth of the Links that are used for IPv6 775 traffic between adjacent peers. Scheduling Functions such as the 776 "6TiSCH Minimal Scheduling Function (MSF)" [MSF] influence the 777 operation of the MAC layer to add, update and remove cells in its 778 own, and its peer's schedules using 6P [RFC8480], for the 779 negotiation of the MAC resources. 781 Centralized (or Remote) Monitoring and Schedule Management: This 782 refers to the central computation of a schedule and the capability 783 to forward a frame based on the cell of arrival. In that case, 784 the related portion of the device schedule as well as other device 785 resources are managed by an abstract Network Management Entity 786 (NME), which may cooperate with the PCE to minimize the 787 interaction with and the load on the constrained device. This 788 model is the TSCH adaption of the DetNet Architecture [RFC8655], 789 and it enables Traffic Engineering with deterministic properties. 791 Hop-by-hop Scheduling: This refers to the possibility to reserves 792 cells along a path for a particular flow using a distributed 793 mechanism. 795 It is not expected that all use cases will require all those 796 mechanisms. Static Scheduling with minimal configuration one is the 797 only one that is expected in all implementations, since it provides a 798 simple and solid basis for convergecast routing and time 799 distribution. 801 A deeper dive in those mechanisms can be found in Section 4.4. 803 3.5. Distributed vs. Centralized Routing 805 6TiSCH enables a mixed model of centralized routes and distributed 806 routes. Centralized routes can for example be computed by an entity 807 such as a PCE. 6TiSCH leverages the RPL [RFC6550] routing protocol 808 for interoperable distributed routing operations. 810 Both methods may inject routes in the Routing Tables of the 6TiSCH 811 routers. In either case, each route is associated with a 6TiSCH 812 topology that can be a RPL Instance topology or a Track. The 6TiSCH 813 topology is indexed by a RPLInstanceID, in a format that reuses the 814 RPLInstanceID as defined in RPL. 816 RPL [RFC6550] is applicable to Static Scheduling and Neighbor-to- 817 Neighbor Scheduling. The architecture also supports a centralized 818 routing model for Remote Monitoring and Schedule Management. It is 819 expected that a routing protocol that is more optimized for point-to- 820 point routing than RPL [RFC6550], such as the Asymmetric AODV-P2P-RPL 821 in Low-Power and Lossy Networks" [I-D.ietf-roll-aodv-rpl] AODV-RPL), 822 which derives from the Ad Hoc On-demand Distance Vector Routing 823 (AODV) [I-D.ietf-manet-aodvv2] will be selected for Hop-by-hop 824 Scheduling. 826 Both RPL and PCE rely on shared sources such as policies to define 827 Global and Local RPLInstanceIDs that can be used by either method. 828 It is possible for centralized and distributed routing to share a 829 same topology. Generally they will operate in different slotframes, 830 and centralized routes will be used for scheduled traffic and will 831 have precedence over distributed routes in case of conflict between 832 the slotframes. 834 3.6. Forwarding Over TSCH 836 The 6TiSCH architecture supports three different forwarding models. 837 One is the classical IPv6 Forwarding, where the node selects a 838 feasible successor at Layer-3 on a per packet basis and based on its 839 routing table. The second derives from Generic MPLS (G-MPLS) for so- 840 called Track Forwarding, whereby a frame received at a particular 841 timeslot can be switched into another timeslot at Layer-2 without 842 regard to the upper layer protocol. The third model is the 6LoWPAN 843 Fragment Forwarding, which allows to forward individual 6loWPAN 844 fragments along a route that is setup by the first fragment. 846 In more details: 848 IPv6 Forwarding: This is the classical IP forwarding model, with a 849 Routing Information Based (RIB) that is installed by the RPL 850 routing protocol and used to select a feasible successor per 851 packet. The packet is placed on an outgoing Link, that the 6top 852 layer maps into a (Layer-3) bundle of cells, and scheduled for 853 transmission based on QoS parameters. Besides RPL, this model 854 also applies to any routing protocol which may be operated in the 855 6TiSCH network, and corresponds to all the distributed scheduling 856 models, Static, Neighbor-to-Neighbor and Hop-by-Hop Scheduling. 858 G-MPLS Track Forwarding: This model corresponds to the Remote 859 Monitoring and Schedule Management. In this model, a central 860 controller (hosting a PCE) computes and installs the schedules in 861 the devices per flow. The incoming (Layer-2) bundle of cells from 862 the previous node along the path determines the outgoing (Layer-2) 863 bundle towards the next hop for that flow as determined by the 864 PCE. The programmed sequence for bundles is called a Track and 865 can assume DAG shapes that are more complex than a simple direct 866 sequence of nodes. 868 6LoWPAN Fragment Forwarding: This is a hybrid model that derives 869 from IPv6 forwarding for the case where packets must be fragmented 870 at the 6LoWPAN sublayer. The first fragment is forwarded like any 871 IPv6 packet and leaves a state in the intermediate hops to enable 872 forwarding of the next fragments that do not have a IP header 873 without the need to recompose the packet at every hop. 875 A deeper dive on these operations can be found in Section 4.6. 877 The following table summarizes how the forwarding models apply to the 878 various routing and scheduling possibilities: 880 +-------------------+------------+----------------------------------+ 881 | Forwarding Model | Routing | Scheduling | 882 +===================+============+==================================+ 883 | | | Static (Minimal Configuration) | 884 + classical IPv6 + RPL +----------------------------------+ 885 | / | | Neighbor-to-Neighbor (SF+6P) | 886 + 6LoWPAN Fragment +------------+----------------------------------+ 887 | | Reactive | Hop-by-Hop (AODV-RPL) | 888 +-------------------+------------+----------------------------------+ 889 |G-MPLS Track Fwding| PCE |Remote Monitoring and Schedule Mgt| 890 +-------------------+------------+----------------------------------+ 892 Figure 3 894 3.7. 6TiSCH Stack 896 The IETF proposes multiple techniques for implementing functions 897 related to routing, transport or security. 899 The 6TiSCH architecture limits the possible variations of the stack 900 and recommends a number of base elements for LLN applications to 901 control the complexity of possible deployments and device 902 interactions, and to limit the size of the resulting object code. In 903 particular, UDP [RFC0768], IPv6 [RFC8200] and the Constrained 904 Application Protocol [RFC7252] (CoAP) are used as the transport / 905 binding of choice for applications and management as opposed to TCP 906 and HTTP. 908 The resulting protocol stack is represented in Figure 4: 910 +--------+--------+ 911 | Applis | CoJP | 912 +--------+--------+--------------+-----+ 913 | CoAP / OSCORE | 6LoWPAN ND | RPL | 914 +-----------------+--------------+-----+ 915 | UDP | ICMPv6 | 916 +-----------------+--------------------+ 917 | IPv6 | 918 +--------------------------------------+----------------------+ 919 | 6LoWPAN HC / 6LoRH HC | Scheduling Functions | 920 +--------------------------------------+----------------------+ 921 | 6top inc. 6top protocol | 922 +-------------------------------------------------------------+ 923 | IEEE Std. 802.15.4 TSCH | 924 +-------------------------------------------------------------+ 926 Figure 4: 6TiSCH Protocol Stack 928 RPL is the routing protocol of choice for LLNs. So far, there was no 929 identified need to define a 6TiSCH specific Objective Function. The 930 Minimal 6TiSCH Configuration [RFC8180] describes the operation of RPL 931 over a static schedule used in a Slotted ALOHA fashion [S-ALOHA], 932 whereby all active slots may be used for emission or reception of 933 both unicast and multicast frames. 935 The 6LoWPAN Header Compression [RFC6282] is used to compress the IPv6 936 and UDP headers, whereas the 6LoWPAN Routing Header (6LoRH) [RFC8138] 937 is used to compress the RPL artifacts in the IPv6 data packets, 938 including the RPL Packet Information (RPI), the IP-in-IP 939 encapsulation to/from the RPL Root, and the Source Route Header (SRH) 940 in non-storing mode. "When to use RFC 6553, 6554 and IPv6-in-IPv6" 941 [USEofRPLinfo] provides the details on when headers or encapsulation 942 are needed. 944 The Object Security for Constrained RESTful Environments (OSCORE) 945 [I-D.ietf-core-object-security], is leveraged by the Constrained Join 946 Protocol (CoJP) and is expected to be the primary protocol for the 947 protection of the application payload as well. The application 948 payload may also be protected by the Datagram Transport Layer 949 Security (DTLS) [RFC6347] sitting either under CoAP or over CoAP so 950 it can traverse proxies. 952 The 6TiSCH Operation sublayer (6top) is a sublayer of a Logical Link 953 Control (LLC) that provides the abstraction of an IP link over a TSCH 954 MAC and schedules packets over TSCH cells, as further discussed in 955 the next sections, providing in particular dynamic cell allocation 956 with the 6top Protocol (6P) [RFC8480]. 958 The reference stack presented in this document was implemented and 959 interop-tested by a conjunction of opensource, IETF and ETSI efforts. 960 One goal is to help other bodies to adopt the stack as a whole, 961 making the effort to move to an IPv6-based IoT stack easier. 963 For a particular environment, some of the choices that are made in 964 this architecture may not be relevant. For instance, RPL is not 965 required for star topologies and mesh-under Layer-2 routed networks, 966 and the 6LoWPAN compression may not be sufficient for ultra- 967 constrained cases such as some Low-Power Wide Area (LPWA) networks. 968 In such cases, it is perfectly doable to adopt a subset of the 969 selection that is presented hereafter and then select alternate 970 components to complete the solution wherever needed. 972 3.8. Communication Paradigms and Interaction Models 974 Section 2.1 provides the terms of Communication Paradigms and 975 Interaction Models, in relation with "On the Difference between 976 Information Models and Data Models" [RFC3444]. A Communication 977 Paradigm would be an abstract view of a protocol exchange, and would 978 come with an Information Model for the information that is being 979 exchanged. In contrast, an Interaction Model would be more refined 980 and could point to standard operation such as a Representational 981 state transfer (REST) "GET" operation and would match a Data Model 982 for the data that is provided over the protocol exchange. 984 Section 2.1.3 of [I-D.ietf-roll-rpl-industrial-applicability] and 985 next sections discuss application-layer paradigms, such as Source- 986 sink (SS) that is a Multipeer to Multipeer (MP2MP) model primarily 987 used for alarms and alerts, Publish-subscribe (PS, or pub/sub) that 988 is typically used for sensor data, as well as Peer-to-peer (P2P) and 989 Peer-to-multipeer (P2MP) communications. 991 Additional considerations on Duocast - one sender, two receivers for 992 redundancy - and its N-cast generalization are also provided. Those 993 paradigms are frequently used in industrial automation, which is a 994 major use case for IEEE Std. 802.15.4 TSCH wireless networks with 995 [ISA100.11a] and [WirelessHART], that provides a wireless access to 996 [HART] applications and devices. 998 This document focuses on Communication Paradigms and Interaction 999 Models for packet forwarding and TSCH resources (cells) management. 1000 Management mechanisms for the TSCH schedule at Link-Layer (one-hop), 1001 Network-layer (multihop along a Track), and Application-layer (remote 1002 control) are discussed in Section 4.4. Link-Layer frame forwarding 1003 interactions are discussed in Section 4.6, and Network-layer Packet 1004 routing is addressed in Section 4.7. 1006 4. Architecture Components 1008 4.1. 6LoWPAN (and RPL) 1010 A RPL DODAG is formed of a Root, a collection of routers, and leaves 1011 that are hosts. Hosts are nodes which do not forward packets that 1012 they did not generate. RPL-aware leaves will participate to RPL to 1013 advertise their own addresses, whereas RPL-unaware leaves depend on a 1014 connected RPL router to do so. RPL interacts with 6LoWPAN ND at 1015 multiple levels, in particular at the Root and in the RPL-unaware 1016 leaves. 1018 4.1.1. RPL-Unaware Leaves and 6LoWPAN ND 1020 RPL needs a set of information to advertise a leaf node through a 1021 Destination Advertisement Object (DAO) message and establish 1022 reachability. 1024 "Routing for RPL Leaves" [RUL-DRAFT] details the basic interaction of 1025 6LoWPAN ND and RPL and enables a plain 6LN that supports [RFC8505] to 1026 obtain return connectivity via the RPL network as an RPL-unaware 1027 leaf. The leaf indicates that it requires reachability services for 1028 the Registered Address from a Routing Registrar by setting a 'R' flag 1029 in the Extended Address Registration Option [RFC8505], and it 1030 provides a TID that maps to a sequence number in section 7 of RPL 1031 [RFC6550]. 1033 [RUL-DRAFT] also enables the leaf to signal the RPL InstanceID that 1034 it wants to participate to using the Opaque field of the EARO. On 1035 the backbone, the InstanceID is expected to be mapped to an overlay 1036 that matches the RPL Instance, e.g., a Virtual LAN (VLAN) or a 1037 virtual routing and forwarding (VRF) instance. 1039 Though at the time of this writing the above specification enables a 1040 model where the separation is possible, this architecture recommends 1041 to collocate the functions of 6LBR and RPL Root. 1043 4.1.2. 6LBR and RPL Root 1045 With the 6LowPAN ND [RFC6775], information on the 6LBR is 1046 disseminated via an Authoritative Border Router Option (ABRO) in RA 1047 messages. [RFC8505] extends [RFC6775] to enable a registration for 1048 routing and proxy ND. The capability to support [RFC8505] is 1049 indicated in the 6LoWPAN Capability Indication Option (6CIO). The 1050 discovery and liveliness of the RPL Root are obtained through RPL 1051 [RFC6550] itself. 1053 When 6LoWPAN ND is coupled with RPL, the 6LBR and RPL Root 1054 functionalities are co-located in order that the address of the 6LBR 1055 be indicated by RPL DIO messages and to associate the unique ID from 1056 the EDAR/EDAC [RFC8505] exchange with the state that is maintained by 1057 RPL. 1059 Section 7 of [RUL-DRAFT] specifies how the DAO messages are used to 1060 reconfirm the registration, thus eliminating a duplication of 1061 functionality between DAO and EDAR/EDAC messages, as illustrated in 1062 Figure 7. [RUL-DRAFT] also provides the protocol elements that are 1063 needed when the 6LBR and RPL Root functionalities are not co-located. 1065 Even though the Root of the RPL network is integrated with the 6LBR, 1066 it is logically separated from the Backbone Router (6BBR) that is 1067 used to connect the 6TiSCH LLN to the backbone. This way, the Root 1068 has all information from 6LoWPAN ND and RPL about the LLN devices 1069 attached to it. 1071 This architecture also expects that the Root of the RPL network 1072 (proxy-)registers the 6TiSCH nodes on their behalf to the 6BBR, for 1073 whatever operation the 6BBR performs on the backbone, such as ND 1074 proxy, or redistribution in a routing protocol. This relies on an 1075 extension of the 6LoWPAN ND registration described in [6BBR-DRAFT]. 1077 This model supports the movement of a 6TiSCH device across the Multi- 1078 Link Subnet, and allows the proxy registration of 6TiSCH nodes deep 1079 into the 6TiSCH LLN by the 6LBR / RPL Root. This is why in [RFC8505] 1080 the Registered Address is signaled in the Target Address field of the 1081 NS message as opposed to the IPv6 Source Address, which, in the case 1082 of a proxy registration, is that of the 6LBR / RPL Root itself. 1084 4.2. Network Access and Addressing 1085 4.2.1. Join Process 1087 A new device, called the pledge, undergoes the join protocol to 1088 become a node in a 6TiSCH network. This usually occurs only once 1089 when the device is first powered on. The pledge communicates with 1090 the Join Registrar/Coordinator (JRC) of the network through a Join 1091 Proxy (JP), a radio neighbor of the pledge. 1093 The JP is discovered though MAC layer beacons. When multiple JPs 1094 from possibly multiple networks are visible, trial and error till an 1095 acceptable position in the right network is obtained becomes 1096 ineffficient. [ENH-BEACON] adds a new subtype in the Information 1097 Element that was delegated to the IETF [RFC8137] and provides 1098 visibility on the network that can be joined and the willingness by 1099 the JP and the Root to be used by the pledge. 1101 The join protocol provides the following functionality: 1103 * Mutual authentication 1105 * Authorization 1107 * Parameter distribution to the pledge over a secure channel 1109 Minimal Security Framework for 6TiSCH [MIN-SECURITY] defines the 1110 minimal mechanisms required for this join process to occur in a 1111 secure manner. The specification defines the Constrained Join 1112 Protocol (CoJP) that is used to distribute the parameters to the 1113 pledge over a secure session established through OSCORE 1114 [I-D.ietf-core-object-security], and a secure configuration of the 1115 network stack. In the minimal setting with pre-shared keys (PSKs), 1116 CoJP allows the pledge to join after a single round-trip exchange 1117 with the JRC. The provisioning of the PSK to the pledge and the JRC 1118 needs to be done out of band, through a 'one-touch' bootstrapping 1119 process, which effectively enrolls the pledge into the domain managed 1120 by the JRC. 1122 In certain use cases, the 'one touch' bootstrapping is not feasible 1123 due to the operational constraints and the enrollment of the pledge 1124 into the domain needs to occur in-band. This is handled through a 1125 'zero-touch' extension of the Minimal Security Framework for 6TiSCH. 1126 Zero touch [I-D.ietf-6tisch-dtsecurity-zerotouch-join] extension 1127 leverages the 'Bootstrapping Remote Secure Key Infrastructures 1128 (BRSKI)' [[I-D.ietf-anima-bootstrapping-keyinfra] work to establish a 1129 shared secret between a pledge and the JRC without necessarily having 1130 them belong to a common (security) domain at join time. This happens 1131 through inter-domain communication occurring between the JRC of the 1132 network and the domain of the pledge, represented by a fourth entity, 1133 Manufacturer Authorized Signing Authority (MASA). Once the zero- 1134 touch exchange completes, the CoJP exchange defined in [MIN-SECURITY] 1135 is carried over the secure session established between the pledge and 1136 the JRC. 1138 Figure 5 depicts the join process and where a Link-Local Address 1139 (LLA) is used, versus a Global Unicast Address (GUA). 1141 6LoWPAN Node 6LR 6LBR Join Registrar MASA 1142 (pledge) (Join Proxy) (Root) /Coordinator (JRC) 1143 | | | | | 1144 | 6LoWPAN ND |6LoWPAN ND+RPL | IPv6 network |IPv6 network | 1145 | LLN link |Route-Over mesh|(the Internet)|(the Internet)| 1146 | | | | | 1147 | Layer-2 | | | | 1148 |enhanced beacon| | | | 1149 |<--------------| | | | 1150 | | | | | 1151 | NS (EARO) | | | | 1152 | (for the LLA) | | | | 1153 |-------------->| | | | 1154 | NA (EARO) | | | | 1155 |<--------------| | | | 1156 | | | | | 1157 | (Zero-touch | | | | 1158 | handshake) | (Zero-touch handshake) | (Zero-touch | 1159 | using LLA | using GUA | handshake) | 1160 |<------------->|<---------------------------->|<------------>| 1161 | | | | | 1162 | CoJP Join Req | | | | \ 1163 | using LLA | | | | | 1164 |-------------->| | | | | 1165 | | CoJP Join Request | | | 1166 | | using GUA | | | 1167 | |----------------------------->| | | C 1168 | | | | | | o 1169 | | CoJP Join Response | | | J 1170 | | using GUA | | | P 1171 | |<-----------------------------| | | 1172 |CoJP Join Resp | | | | | 1173 | using LLA | | | | | 1174 |<--------------| | | | / 1175 | | | | | 1177 Figure 5: Join process in a Multi-Link Subnet. Parentheses () 1178 denote optional exchanges. 1180 4.2.2. Registration 1182 Once the pledge successfully completes the CoJP protocol and becomes 1183 a network node, it obtains the network prefix from neighboring 1184 routers and registers its IPv6 addresses. As detailed in 1185 Section 4.1, the combined 6LoWPAN ND 6LBR and Root of the RPL network 1186 learn information such as the device Unique ID (from 6LoWPAN ND) and 1187 the updated Sequence Number (from RPL), and perform 6LoWPAN ND proxy 1188 registration to the 6BBR of behalf of the LLN nodes. 1190 Figure 6 illustrates the initial IPv6 signaling that enables a 6LN to 1191 form a global address and register it to a 6LBR using 6LoWPAN ND 1192 [RFC8505], is then carried over RPL to the RPL Root, and then to the 1193 6BBR. This flow happens just once when the address is created and 1194 first registered. 1196 6LoWPAN Node 6LR 6LBR 6BBR 1197 (RPL leaf) (router) (Root) 1198 | | | | 1199 | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND 1200 | LLN link |Route-Over mesh|Ethernet/serial| Backbone 1201 | | | | 1202 | RS (mcast) | | | 1203 |-------------->| | | 1204 |-----------> | | | 1205 |------------------> | | 1206 | RA (unicast) | | | 1207 |<--------------| | | 1208 | | | | 1209 | NS(EARO) | | | 1210 |-------------->| | | 1211 | 6LoWPAN ND | Extended DAR | | 1212 | |-------------->| | 1213 | | | NS(EARO) | 1214 | | |-------------->| 1215 | | | | NS-DAD 1216 | | | |------> 1217 | | | | (EARO) 1218 | | | | 1219 | | | NA(EARO) | 1220 | | |<--------------| 1221 | | Extended DAC | | 1222 | |<--------------| | 1223 | NA(EARO) | | | 1224 |<--------------| | | 1225 | | | | 1227 Figure 6: Initial Registration Flow over Multi-Link Subnet 1229 Figure 7 illustrates the repeating IPv6 signaling that enables a 6LN 1230 to keep a global address alive and registered to its 6LBR using 1231 6LoWPAN ND to the 6LR, RPL to the RPL Root, and then 6LoWPAN ND again 1232 to the 6BBR, which avoids repeating the Extended DAR/DAC flow across 1233 the network when RPL can suffice as a keep-alive mechanism. 1235 6LoWPAN Node 6LR 6LBR 6BBR 1236 (RPL leaf) (router) (Root) 1237 | | | | 1238 | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND 1239 | LLN link |Route-Over mesh| ant IPv6 link | Backbone 1240 | | | 1241 | | | | 1242 | NS(EARO) | | | 1243 |-------------->| | | 1244 | NA(EARO) | | | 1245 |<--------------| | | 1246 | | DAO | | 1247 | |-------------->| | 1248 | | DAO-ACK | | 1249 | |<--------------| | 1250 | | | NS(EARO) | 1251 | | |-------------->| 1252 | | | NA(EARO) | 1253 | | |<--------------| 1254 | | | | 1255 | | | | 1257 Figure 7: Next Registration Flow over Multi-Link Subnet 1259 As the network builds up, a node should start as a leaf to join the 1260 RPL network, and may later turn into both a RPL-capable router and a 1261 6LR, so as to accept leaf nodes to recursively join the network. 1263 4.3. TSCH and 6top 1265 4.3.1. 6top 1267 6TiSCH expects a high degree of scalability together with a 1268 distributed routing functionality based on RPL. To achieve this 1269 goal, the spectrum must be allocated in a way that allows for spatial 1270 reuse between zones that will not interfere with one another. In a 1271 large and spatially distributed network, a 6TiSCH node is often in a 1272 good position to determine usage of the spectrum in its vicinity. 1274 With 6TiSCH, the abstraction of an IPv6 link is implemented as a pair 1275 of bundles of cells, one in each direction. IP Links are only 1276 enabled between RPL parents and children. The 6TiSCH operation is 1277 optimal when the size of a bundle is such that both the energy wasted 1278 in idle listening and the packet drops due to congestion loss are 1279 minimized, while packets are forwarded within an acceptable latency. 1281 Use cases for distributed routing are often associated with a 1282 statistical distribution of best-effort traffic with variable needs 1283 for bandwidth on each individual link. The 6TiSCH operation can 1284 remain optimal if RPL parents can adjust dynamically, and with enough 1285 reactivity to match the variations of best-effort traffic, the amount 1286 of bandwidth that is used to communicate between themselves and their 1287 children, in both directions. In turn, the agility to fulfill the 1288 needs for additional cells improves when the number of interactions 1289 with other devices and the protocol latencies are minimized. 1291 6top is a logical link control sitting between the IP layer and the 1292 TSCH MAC layer, which provides the link abstraction that is required 1293 for IP operations. The 6top protocol, 6P, which is specified in 1294 [RFC8480], is one of the services provided by 6top. In particular, 1295 the 6top services are available over a management API that enables an 1296 external management entity to schedule cells and slotframes, and 1297 allows the addition of complementary functionality, for instance a 1298 Scheduling Function that manages a dynamic schedule management based 1299 on observed resource usage as discussed in Section 4.4.2. For this 1300 purpose, the 6TiSCH architecture differentiates "soft" cells and 1301 "hard" cells. 1303 4.3.1.1. Hard Cells 1305 "Hard" cells are cells that are owned and managed by a separate 1306 scheduling entity (e.g., a PCE) that specifies the slotOffset/ 1307 channelOffset of the cells to be added/moved/deleted, in which case 1308 6top can only act as instructed, and may not move hard cells in the 1309 TSCH schedule on its own. 1311 4.3.1.2. Soft Cells 1313 In contrast, "soft" cells are cells that 6top can manage locally. 1314 6top contains a monitoring process which monitors the performance of 1315 cells, and can add, remove soft cells in the TSCH schedule to adapt 1316 to the traffic needs, or move one when it performs poorly. To 1317 reserve a soft cell, the higher layer does not indicate the exact 1318 slotOffset/channelOffset of the cell to add, but rather the resulting 1319 bandwidth and QoS requirements. When the monitoring process triggers 1320 a cell reallocation, the two neighbor devices communicating over this 1321 cell negotiate its new position in the TSCH schedule. 1323 4.3.2. Scheduling Functions and the 6top protocol 1325 In the case of soft cells, the cell management entity that controls 1326 the dynamic attribution of cells to adapt to the dynamics of variable 1327 rate flows is called a Scheduling Function (SF). 1329 There may be multiple SFs with more or less aggressive reaction to 1330 the dynamics of the network. 1332 An SF may be seen as divided between an upper bandwidth adaptation 1333 logic that is not aware of the particular technology that is used to 1334 obtain and release bandwidth, and an underlying service that maps 1335 those needs in the actual technology, which means mapping the 1336 bandwidth onto cells in the case of TSCH using the 6top protocol as 1337 illustrated in Figure 8. 1339 +------------------------+ +------------------------+ 1340 | Scheduling Function | | Scheduling Function | 1341 | Bandwidth adaptation | | Bandwidth adaptation | 1342 +------------------------+ +------------------------+ 1343 | Scheduling Function | | Scheduling Function | 1344 | TSCH mapping to cells | | TSCH mapping to cells | 1345 +------------------------+ +------------------------+ 1346 | 6top cells negotiation | <- 6P -> | 6top cells negotiation | 1347 +------------------------+ +------------------------+ 1348 Device A Device B 1350 Figure 8: SF/6P stack in 6top 1352 The SF relies on 6top services that implement the 6top Protocol (6P) 1353 [RFC8480] to negotiate the precise cells that will be allocated or 1354 freed based on the schedule of the peer. It may be for instance that 1355 a peer wants to use a particular time slot that is free in its 1356 schedule, but that timeslot is already in use by the other peer for a 1357 communication with a third party on a different cell. 6P enables the 1358 peers to find an agreement in a transactional manner that ensures the 1359 final consistency of the nodes state. 1361 [MSF] is one of the possible scheduling functions. MSF uses the 1362 rendez-vous slot from [RFC8180] for network discovery, neighbor 1363 discovery, and any other broadcast. 1365 For basic unicast communication with any neighbor, each node uses a 1366 receive cell at a well-known slotOffset/channelOffset, derived from a 1367 hash of their own MAC address. Nodes can reach any neighbor by 1368 installing a transmit (shared) cell with slotOffset/channelOffset 1369 derived from the neighbor's MAC address. 1371 For child-parent links, MSF continuously monitors the load to/from 1372 parents and children. It then uses 6P to install/remove unicast 1373 cells whenever the current schedule appears to be under-/over- 1374 provisioned. 1376 4.3.3. 6top and RPL Objective Function operations 1378 An implementation of a RPL [RFC6550] Objective Function (OF), such as 1379 the RPL Objective Function Zero (OF0) [RFC6552] that is used in the 1380 Minimal 6TiSCH Configuration [RFC8180] to support RPL over a static 1381 schedule, may leverage, for its internal computation, the information 1382 maintained by 6top. 1384 An OF may require metrics about reachability, such as the Expected 1385 Transmission Count (ETX) metric [RFC6551]. 6top creates and 1386 maintains an abstract neighbor table, and this state may be leveraged 1387 to feed an OF and/or store OF information as well. A neighbor table 1388 entry may contain a set of statistics with respect to that specific 1389 neighbor. 1391 The neighbor information may include the time when the last packet 1392 has been received from that neighbor, a set of cell quality metrics, 1393 e.g., received signal strength indication (RSSI) or link quality 1394 indicator (LQI), the number of packets sent to the neighbor or the 1395 number of packets received from it. This information can be made 1396 available through 6top management APIs and used for instance to 1397 compute a Rank Increment that will determine the selection of the 1398 preferred parent. 1400 6top provides statistics about the underlying layer so the OF can be 1401 tuned to the nature of the TSCH MAC layer. 6top also enables the RPL 1402 OF to influence the MAC behavior, for instance by configuring the 1403 periodicity of IEEE Std. 802.15.4 Extended Beacons (EBs). By 1404 augmenting the EB periodicity, it is possible to change the network 1405 dynamics so as to improve the support of devices that may change 1406 their point of attachment in the 6TiSCH network. 1408 Some RPL control messages, such as the DODAG Information Object (DIO) 1409 are ICMPv6 messages that are broadcast to all neighbor nodes. With 1410 6TiSCH, the broadcast channel requirement is addressed by 6top by 1411 configuring TSCH to provide a broadcast channel, as opposed to, for 1412 instance, piggybacking the DIO messages in Layer-2 Enhanced Beacons 1413 (EBs), which would produce undue timer coupling among layers, packet 1414 size issues and could conflict with the policy of production networks 1415 where EBs are mostly eliminated to conserve energy. 1417 4.3.4. Network Synchronization 1419 Nodes in a TSCH network must be time synchronized. A node keeps 1420 synchronized to its time source neighbor through a combination of 1421 frame-based and acknowledgment-based synchronization. To maximize 1422 battery life and network throughput, it is advisable that RPL ICMP 1423 discovery and maintenance traffic (governed by the trickle timer) be 1424 somehow coordinated with the transmission of time synchronization 1425 packets (especially with enhanced beacons). 1427 This could be achieved through an interaction of the 6top sublayer 1428 and the RPL objective Function, or could be controlled by a 1429 management entity. 1431 Time distribution requires a loop-free structure. Nodes taken in a 1432 synchronization loop will rapidly desynchronize from the network and 1433 become isolated. 6TiSCH uses a RPL DAG with a dedicated global 1434 Instance for the purpose of time synchronization. That Instance is 1435 referred to as the Time Synchronization Global Instance (TSGI). The 1436 TSGI can be operated in either of the 3 modes that are detailed in 1437 section 3.1.3 of RPL [RFC6550], "Instances, DODAGs, and DODAG 1438 Versions". Multiple uncoordinated DODAGs with independent Roots may 1439 be used if all the Roots share a common time source such as the 1440 Global Positioning System (GPS). 1442 In the absence of a common time source, the TSGI should form a single 1443 DODAG with a virtual Root. A backbone network is then used to 1444 synchronize and coordinate RPL operations between the backbone 1445 routers that act as sinks for the LLN. Optionally, RPL's periodic 1446 operations may be used to transport the network synchronization. 1447 This may mean that 6top would need to trigger (override) the trickle 1448 timer if no other traffic has occurred for such a time that nodes may 1449 get out of synchronization. 1451 A node that has not joined the TSGI advertises a MAC level Join 1452 Priority of 0xFF to notify its neighbors that is not capable of 1453 serving as time parent. A node that has joined the TSGI advertises a 1454 MAC level Join Priority set to its DAGRank() in that Instance, where 1455 DAGRank() is the operation specified in section 3.5.1 of [RFC6550], 1456 "Rank Comparison". 1458 The provisioning of a RPL Root is out of scope for both RPL and this 1459 Architecture, whereas RPL enables to propagate configuration 1460 information down the DODAG. This applies to the TSGI as well; a Root 1461 is configured or obtains by unspecified means the knowledge of the 1462 RPLInstanceID for the TSGI. The Root advertises its DagRank in the 1463 TSGI, that must be less than 0xFF, as its Join Priority in its IEEE 1464 Std. 802.15.4 Extended Beacons (EB). 1466 A node that reads a Join Priority of less than 0xFF should join the 1467 neighbor with the lesser Join Priority and use it as time parent. If 1468 the node is configured to serve as time parent, then the node should 1469 join the TSGI, obtain a Rank in that Instance and start advertising 1470 its own DagRank in the TSGI as its Join Priority in its EBs. 1472 4.3.5. Slotframes and CDU matrix 1474 6TiSCH enables IPv6 best effort (stochastic) transmissions over a MAC 1475 layer that is also capable of scheduled (deterministic) 1476 transmissions. A window of time is defined around the scheduled 1477 transmission where the medium must, as much as practically feasible, 1478 be free of contending energy to ensure that the medium is free of 1479 contending packets when time comes for a scheduled transmission. One 1480 simple way to obtain such a window is to format time and frequencies 1481 in cells of transmission of equal duration. This is the method that 1482 is adopted in IEEE Std. 802.15.4 TSCH as well as the Long Term 1483 Evolution (LTE) of cellular networks. 1485 The 6TiSCH architecture defines a global concept that is called a 1486 Channel Distribution and Usage (CDU) matrix to describe that 1487 formatting of time and frequencies, 1489 A CDU matrix is defined centrally as part of the network definition. 1490 It is a matrix of cells with a height equal to the number of 1491 available channels (indexed by ChannelOffsets) and a width (in 1492 timeslots) that is the period of the network scheduling operation 1493 (indexed by slotOffsets) for that CDU matrix. There are different 1494 models for scheduling the usage of the cells, which place the 1495 responsibility of avoiding collisions either on a central controller 1496 or on the devices themselves, at an extra cost in terms of energy to 1497 scan for free cells (more in Section 4.4). 1499 The size of a cell is a timeslot duration, and values of 10 to 15 1500 milliseconds are typical in 802.15.4 TSCH to accommodate for the 1501 transmission of a frame and an ack, including the security validation 1502 on the receive side which may take up to a few milliseconds on some 1503 device architecture. 1505 A CDU matrix iterates over and over with a well-known channel 1506 rotation called the hopping sequence. In a given network, there 1507 might be multiple CDU matrices that operate with different width, so 1508 they have different durations and represent different periodic 1509 operations. It is recommended that all CDU matrices in a 6TiSCH 1510 domain operate with the same cell duration and are aligned, so as to 1511 reduce the chances of interferences from the Slotted ALOHA 1512 operations. The knowledge of the CDU matrices is shared between all 1513 the nodes and used in particular to define slotframes. 1515 A slotframe is a MAC-level abstraction that is common to all nodes 1516 and contains a series of timeslots of equal length and precedence. 1517 It is characterized by a slotframe_ID, and a slotframe_size. A 1518 slotframe aligns to a CDU matrix for its parameters, such as number 1519 and duration of timeslots. 1521 Multiple slotframes can coexist in a node schedule, i.e., a node can 1522 have multiple activities scheduled in different slotframes. A 1523 slotframe is associated with a priority that may be related to the 1524 precedence of different 6TiSCH topologies. The slotframes may be 1525 aligned to different CDU matrices and thus have different width. 1526 There is typically one slotframe for scheduled traffic that has the 1527 highest precedence and one or more slotframe(s) for RPL traffic. The 1528 timeslots in the slotframe are indexed by the SlotOffset; the first 1529 cell is at SlotOffset 0. 1531 When a packet is received from a higher layer for transmission, 6top 1532 inserts that packet in the outgoing queue which matches the packet 1533 best (Differentiated Services [RFC2474] can therefore be used). At 1534 each scheduled transmit slot, 6top looks for the frame in all the 1535 outgoing queues that best matches the cells. If a frame is found, it 1536 is given to the TSCH MAC for transmission. 1538 4.3.6. Distributing the reservation of cells 1540 The 6TiSCH architecture introduces the concept of chunks 1541 (Section 2.1) to distribute the allocation of the spectrum for a 1542 whole group of cells at a time. The CDU matrix is formatted into a 1543 set of chunks, possibly as illustrated in Figure 9, each of the 1544 chunks identified uniquely by a chunk-ID. The knowledge of this 1545 formatting is shared between all the nodes in a 6TiSCH network. It 1546 could be conveyed during the join process, or codified into a profile 1547 document, or obtained using some other mechanism. This is as opposed 1548 to static scheduling that refers to the pre-programmed mechanism that 1549 is specified in [RFC8180] and pre-exists to the distribution of the 1550 chunk formatting. 1552 +-----+-----+-----+-----+-----+-----+-----+ +-----+ 1553 chan.Off. 0 |chnkA|chnkP|chnk7|chnkO|chnk2|chnkK|chnk1| ... |chnkZ| 1554 +-----+-----+-----+-----+-----+-----+-----+ +-----+ 1555 chan.Off. 1 |chnkB|chnkQ|chnkA|chnkP|chnk3|chnkL|chnk2| ... |chnk1| 1556 +-----+-----+-----+-----+-----+-----+-----+ +-----+ 1557 ... 1558 +-----+-----+-----+-----+-----+-----+-----+ +-----+ 1559 chan.Off. 15 |chnkO|chnk6|chnkN|chnk1|chnkJ|chnkZ|chnkI| ... |chnkG| 1560 +-----+-----+-----+-----+-----+-----+-----+ +-----+ 1561 0 1 2 3 4 5 6 M 1563 Figure 9: CDU matrix Partitioning in Chunks 1565 The 6TiSCH Architecture envisions a protocol that enables chunk 1566 ownership appropriation whereby a RPL parent discovers a chunk that 1567 is not used in its interference domain, claims the chunk, and then 1568 defends it in case another RPL parent would attempt to appropriate it 1569 while it is in use. The chunk is the basic unit of ownership that is 1570 used in that process. 1572 As a result of the process of chunk ownership appropriation, the RPL 1573 parent has exclusive authority to decide which cell in the 1574 appropriated chunk can be used by which node in its interference 1575 domain. In other words, it is implicitly delegated the right to 1576 manage the portion of the CDU matrix that is represented by the 1577 chunk. 1579 Initially, those cells are added to the heap of free cells, then 1580 dynamically placed into existing bundles, in new bundles, or 1581 allocated opportunistically for one transmission. 1583 Note that a PCE is expected to have precedence in the allocation, so 1584 that a RPL parent would only be able to obtain portions that are not 1585 in-use by the PCE. 1587 4.4. Schedule Management Mechanisms 1589 6TiSCH uses 4 paradigms to manage the TSCH schedule of the LLN nodes: 1590 Static Scheduling, neighbor-to-neighbor Scheduling, remote monitoring 1591 and scheduling management, and Hop-by-hop scheduling. Multiple 1592 mechanisms are defined that implement the associated Interaction 1593 Models, and can be combined and used in the same LLN. Which 1594 mechanism(s) to use depends on application requirements. 1596 4.4.1. Static Scheduling 1598 In the simplest instantiation of a 6TiSCH network, a common fixed 1599 schedule may be shared by all nodes in the network. Cells are 1600 shared, and nodes contend for slot access in a slotted ALOHA manner. 1602 A static TSCH schedule can be used to bootstrap a network, as an 1603 initial phase during implementation, or as a fall-back mechanism in 1604 case of network malfunction. This schedule is pre-established, for 1605 instance decided by a network administrator based on operational 1606 needs. It can be pre-configured into the nodes, or, more commonly, 1607 learned by a node when joining the network using standard IEEE Std. 1608 802.15.4 Information Elements (IE). Regardless, the schedule remains 1609 unchanged after the node has joined a network. RPL is used on the 1610 resulting network. This "minimal" scheduling mechanism that 1611 implements this paradigm is detailed in [RFC8180]. 1613 4.4.2. Neighbor-to-neighbor Scheduling 1615 In the simplest instantiation of a 6TiSCH network described in 1616 Section 4.4.1, nodes may expect a packet at any cell in the schedule 1617 and will waste energy idle listening. In a more complex 1618 instantiation of a 6TiSCH network, a matching portion of the schedule 1619 is established between peers to reflect the observed amount of 1620 transmissions between those nodes. The aggregation of the cells 1621 between a node and a peer forms a bundle that the 6top layer uses to 1622 implement the abstraction of a link for IP. The bandwidth on that 1623 link is proportional to the number of cells in the bundle. 1625 If the size of a bundle is configured to fit an average amount of 1626 bandwidth, peak traffic is dropped. If the size is configured to 1627 allow for peak emissions, energy is be wasted idle listening. 1629 As discussed in more details in Section 4.3, the 6top Protocol 1630 [RFC8480] specifies the exchanges between neighbor nodes to reserve 1631 soft cells to transmit to one another, possibly under the control of 1632 a Scheduling Function (SF). Because this reservation is done without 1633 global knowledge of the schedule of other nodes in the LLN, 1634 scheduling collisions are possible. 1636 And as discussed in Section 4.3.2, an optional Scheduling Function 1637 (SF) is used to monitor bandwidth usage and perform requests for 1638 dynamic allocation by the 6top sublayer. The SF component is not 1639 part of the 6top sublayer. It may be collocated on the same device 1640 or may be partially or fully offloaded to an external system. The 1641 "6TiSCH Minimal Scheduling Function (MSF)" [MSF] provides a simple 1642 scheduling function that can be used by default by devices that 1643 support dynamic scheduling of soft cells. 1645 Monitoring and relocation is done in the 6top layer. For the upper 1646 layer, the connection between two neighbor nodes appears as a number 1647 of cells. Depending on traffic requirements, the upper layer can 1648 request 6top to add or delete a number of cells scheduled to a 1649 particular neighbor, without being responsible for choosing the exact 1650 slotOffset/channelOffset of those cells. 1652 4.4.3. Remote Monitoring and Schedule Management 1654 Remote monitoring and Schedule Management refers to a DetNet/SDN 1655 model whereby an NME and a scheduling entity, associated with a PCE, 1656 reside in a central controller and interact with the 6top layer to 1657 control IPv6 Links and Tracks (Section 4.5) in a 6TiSCH network. The 1658 composite centralized controller can assign physical resources (e.g., 1659 buffers and hard cells) to a particular Track to optimize the 1660 reliability within a bounded latency for a well-specified flow. 1662 The work at the 6TiSCH WG focused on non-deterministic traffic and 1663 did not provide the generic data model that is necessary for the 1664 controller to monitor and manage resources of the 6top sublayer. 1665 This is deferred to future work, see Appendix A.1.2. 1667 With respect to Centralized routing and scheduling, it is envisioned 1668 that the related component of the 6TiSCH Architecture would be an 1669 extension of the DetNet Architecture [RFC8655], which studies Layer-3 1670 aspects of Deterministic Networks, and covers networks that span 1671 multiple Layer-2 domains. 1673 The DetNet architecture is a form of Software Defined Networking 1674 (SDN) Architecture and is composed of three planes, a (User) 1675 Application Plane, a Controller Plane (where the PCE operates), and a 1676 Network Plane which can represent a 6TiSCH LLN. 1678 Software-Defined Networking (SDN): Layers and Architecture 1679 Terminology [RFC7426] proposes a generic representation of the SDN 1680 architecture that is reproduced in Figure 10. 1682 o--------------------------------o 1683 | | 1684 | +-------------+ +----------+ | 1685 | | Application | | Service | | 1686 | +-------------+ +----------+ | 1687 | Application Plane | 1688 o---------------Y----------------o 1689 | 1690 *-----------------------------Y---------------------------------* 1691 | Network Services Abstraction Layer (NSAL) | 1692 *------Y------------------------------------------------Y-------* 1693 | | 1694 | Service Interface | 1695 | | 1696 o------Y------------------o o---------------------Y------o 1697 | | Control Plane | | Management Plane | | 1698 | +----Y----+ +-----+ | | +-----+ +----Y----+ | 1699 | | Service | | App | | | | App | | Service | | 1700 | +----Y----+ +--Y--+ | | +--Y--+ +----Y----+ | 1701 | | | | | | | | 1702 | *----Y-----------Y----* | | *---Y---------------Y----* | 1703 | | Control Abstraction | | | | Management Abstraction | | 1704 | | Layer (CAL) | | | | Layer (MAL) | | 1705 | *----------Y----------* | | *----------Y-------------* | 1706 | | | | | | 1707 o------------|------------o o------------|---------------o 1708 | | 1709 | CP | MP 1710 | Southbound | Southbound 1711 | Interface | Interface 1712 | | 1713 *------------Y---------------------------------Y----------------* 1714 | Device and resource Abstraction Layer (DAL) | 1715 *------------Y---------------------------------Y----------------* 1716 | | | | 1717 | o-------Y----------o +-----+ o--------Y----------o | 1718 | | Forwarding Plane | | App | | Operational Plane | | 1719 | o------------------o +-----+ o-------------------o | 1720 | Network Device | 1721 +---------------------------------------------------------------+ 1723 Figure 10: SDN Layers and Architecture Terminology per RFC 7426 1725 The PCE establishes end-to-end Tracks of hard cells, which are 1726 described in more details in Section 4.6.1. 1728 The DetNet work is expected to enable end to end Deterministic Path 1729 across heterogeneous network. This can be for instance a 6TiSCH LLN 1730 and an Ethernet Backbone. 1732 This model fits the 6TiSCH extended configuration, whereby a 6BBR 1733 federates multiple 6TiSCH LLN in a single subnet over a backbone that 1734 can be, for instance, Ethernet or Wi-Fi. In that model, 6TiSCH 6BBRs 1735 synchronize with one another over the backbone, so as to ensure that 1736 the multiple LLNs that form the IPv6 subnet stay tightly 1737 synchronized. 1739 If the Backbone is Deterministic, then the Backbone Router ensures 1740 that the end-to-end deterministic behavior is maintained between the 1741 LLN and the backbone. It is the responsibility of the PCE to compute 1742 a deterministic path and to end across the TSCH network and an IEEE 1743 Std. 802.1 TSN Ethernet backbone, and that of DetNet to enable end- 1744 to-end deterministic forwarding. 1746 4.4.4. Hop-by-hop Scheduling 1748 A node can reserve a Track (Section 4.5) to one or more 1749 destination(s) that are multiple hops away by installing soft cells 1750 at each intermediate node. This forms a Track of soft cells. A 1751 Track Scheduling Function above the 6top sublayer of each node on the 1752 Track is needed to monitor these soft cells and trigger relocation 1753 when needed. 1755 This hop-by-hop reservation mechanism is expected to be similar in 1756 essence to [RFC3209] and/or [RFC4080]/[RFC5974]. The protocol for a 1757 node to trigger hop-by-hop scheduling is not yet defined. 1759 4.5. On Tracks 1761 The architecture introduces the concept of a Track, which is a 1762 directed path from a source 6TiSCH node to one or more destination 1763 6TiSCH node(s) across a 6TiSCH LLN. 1765 A Track is the 6TiSCH instantiation of the concept of a Deterministic 1766 Path as described in [RFC8655]. Constrained resources such as memory 1767 buffers are reserved for that Track in intermediate 6TiSCH nodes to 1768 avoid loss related to limited capacity. A 6TiSCH node along a Track 1769 not only knows which bundles of cells it should use to receive 1770 packets from a previous hop, but also knows which bundle(s) it should 1771 use to send packets to its next hop along the Track. 1773 4.5.1. General Behavior of Tracks 1775 A Track is associated with Layer-2 bundles of cells with related 1776 schedules and logical relationships and that ensure that a packet 1777 that is injected in a Track will progress in due time all the way to 1778 destination. 1780 Multiple cells may be scheduled in a Track for the transmission of a 1781 single packet, in which case the normal operation of IEEE Std. 1782 802.15.4 Automatic Repeat-reQuest (ARQ) can take place; the 1783 acknowledgment may be omitted in some cases, for instance if there is 1784 no scheduled cell for a possible retry. 1786 There are several benefits for using a Track to forward a packet from 1787 a source node to the destination node. 1789 1. Track forwarding, as further described in Section 4.6.1, is a 1790 Layer-2 forwarding scheme, which introduces less process delay 1791 and overhead than Layer-3 forwarding scheme. Therefore, LLN 1792 Devices can save more energy and resource, which is critical for 1793 resource constrained devices. 1795 2. Since channel resources, i.e., bundles of cells, have been 1796 reserved for communications between 6TiSCH nodes of each hop on 1797 the Track, the throughput and the maximum latency of the traffic 1798 along a Track are guaranteed and the jitter is maintained small. 1800 3. By knowing the scheduled time slots of incoming bundle(s) and 1801 outgoing bundle(s), 6TiSCH nodes on a Track could save more 1802 energy by staying in sleep state during in-active slots. 1804 4. Tracks are protected from interfering with one another if a cell 1805 is scheduled to belong to at most one Track, and congestion loss 1806 is avoided if at most one packet can be presented to the MAC to 1807 use that cell. Tracks enhance the reliability of transmissions 1808 and thus further improve the energy consumption in LLN Devices by 1809 reducing the chances of retransmission. 1811 4.5.2. Serial Track 1813 A Serial (or simple) Track is the 6TiSCH version of a circuit; a 1814 bundle of cells that are programmed to receive (RX-cells) is uniquely 1815 paired to a bundle of cells that are set to transmit (TX-cells), 1816 representing a Layer-2 forwarding state which can be used regardless 1817 of the network layer protocol. A Serial Track is thus formed end-to- 1818 end as a succession of paired bundles, a receive bundle from the 1819 previous hop and a transmit bundle to the next hop along the Track. 1821 For a given iteration of the device schedule, the effective channel 1822 of the cell is obtained by following in a loop a well-known hopping 1823 sequence that started at Epoch time at the channelOffset of the cell, 1824 which results in a rotation of the frequency that used for 1825 transmission. The bundles may be computed so as to accommodate both 1826 variable rates and retransmissions, so they might not be fully used 1827 in the iteration of the schedule. 1829 4.5.3. Complex Track with Replication and Elimination 1831 The art of Deterministic Networks already include Packet Replication 1832 and Elimination techniques. Example standards include the Parallel 1833 Redundancy Protocol (PRP) and the High-availability Seamless 1834 Redundancy (HSR) [IEC62439]. Similarly, and as opposed to a Serial 1835 Track that is a sequence of nodes and links, a Complex Track is 1836 shaped as a directed acyclic graph towards one or more destination(s) 1837 to support multi-path forwarding and route around failures. 1839 A Complex Track may branch off over non congruent branches for the 1840 purpose of multicasting, and/or redundancy, in which case it 1841 reconverges later down the path. This enables the Packet 1842 Replication, Elimination and Ordering Functions (PREOF) defined by 1843 Detnet. Packet ARQ, Replication, Elimination and Overhearing (PAREO) 1844 adds radio-specific capabilities of Layer-2 ARQ and promiscuous 1845 listening to redundant transmissions to compensate for the lossiness 1846 of the medium and meet industrial expectations of a Reliable and 1847 Available Wireless network. Combining PAREO and PREOF, a Track may 1848 extend beyond the 6TiSCH network in a larger DetNet network. 1850 In the art of TSCH, a path does not necessarily support PRE but it is 1851 almost systematically multi-path. This means that a Track is 1852 scheduled so as to ensure that each hop has at least two forwarding 1853 solutions, and the forwarding decision is to try the preferred one 1854 and use the other in case of Layer-2 transmission failure as detected 1855 by ARQ. Similarly, at each 6TiSCH hop along the Track, the PCE may 1856 schedule more than one timeslot for a packet, so as to support 1857 Layer-2 retries (ARQ). It is also possible that the field device 1858 only uses the second branch if sending over the first branch fails. 1860 4.5.4. DetNet End-to-end Path 1862 Ultimately, DetNet should enable to extend a Track beyond the 6TiSCH 1863 LLN as illustrated in Figure 11. In that example, a Track that is 1864 laid out from a field device in a 6TiSCH network to an IoT gateway 1865 that is located on an 802.1 Time-Sensitive Networking (TSN) backbone. 1866 A 6TiSCH-Aware DetNet Service Layer handles the Packet Replication, 1867 Elimination, and Ordering Functions over the DODAG that forms a 1868 Track. 1870 The Replication function in the 6TiSCH Node sends a copy of each 1871 packet over two different branches, and the PCE schedules each hop of 1872 both branches so that the two copies arrive in due time at the 1873 gateway. In case of a loss on one branch, hopefully the other copy 1874 of the packet still makes it in due time. If two copies make it to 1875 the IoT gateway, the Elimination function in the gateway ignores the 1876 extra packet and presents only one copy to upper layers. 1878 +-=-=-+ 1879 | IoT | 1880 | G/W | 1881 +-=-=-+ 1882 ^ <=== Elimination 1883 Track branch | | 1884 +-=-=-=-+ +-=-=-=-=+ Subnet Backbone 1885 | | 1886 +-=|-=+ +-=|-=+ 1887 | | | Backbone | | | Backbone 1888 o | | | router | | | router 1889 +-=/-=+ +-=|-=+ 1890 o / o o-=-o-=-=/ o 1891 o o-=-o-=/ o o o o o 1892 o \ / o o LLN o 1893 o v <=== Replication 1894 o 1896 Figure 11: Example End-to-End DetNet Track 1898 4.5.5. Cell Reuse 1900 The 6TiSCH architecture provides means to avoid waste of cells as 1901 well as overflows in the transmit bundle of a Track, as follows: 1903 A TX-cell that is not needed for the current iteration may be reused 1904 opportunistically on a per-hop basis for routed packets. When all of 1905 the frame that were received for a given Track are effectively 1906 transmitted, any available TX-cell for that Track can be reused for 1907 upper layer traffic for which the next-hop router matches the next 1908 hop along the Track. In that case, the cell that is being used is 1909 effectively a TX-cell from the Track, but the short address for the 1910 destination is that of the next-hop router. 1912 It results in a frame that is received in a RX-cell of a Track with a 1913 destination MAC address set to this node as opposed to the broadcast 1914 MAC address must be extracted from the Track and delivered to the 1915 upper layer. Note that a frame with an unrecognized destination MAC 1916 address is dropped at the lower MAC layer and thus is not received at 1917 the 6top sublayer. 1919 On the other hand, it might happen that there are not enough TX-cells 1920 in the transmit bundle to accommodate the Track traffic, for instance 1921 if more retransmissions are needed than provisioned. In that case, 1922 and if the frame transports an IPv6 packet, then it can be placed for 1923 transmission in the bundle that is used for Layer-3 traffic towards 1924 the next hop along the Track. The MAC address should be set to the 1925 next-hop MAC address to avoid confusion. 1927 It results in a frame that is received over a Layer-3 bundle may be 1928 in fact associated to a Track. In a classical IP link such as an 1929 Ethernet, off-Track traffic is typically in excess over reservation 1930 to be routed along the non-reserved path based on its QoS setting. 1931 But with 6TiSCH, since the use of the Layer-3 bundle may be due to 1932 transmission failures, it makes sense for the receiver to recognize a 1933 frame that should be re-Tracked, and to place it back on the 1934 appropriate bundle if possible. . A frame is re-Tracked by 1935 scheduling it for transmission over the transmit bundle associated to 1936 the Track, with the destination MAC address set to broadcast. 1938 4.6. Forwarding Models 1940 By forwarding, this document means the per-packet operation that 1941 allows to deliver a packet to a next hop or an upper layer in this 1942 node. Forwarding is based on pre-existing state that was installed 1943 as a result of a routing computation Section 4.7. 6TiSCH supports 1944 three different forwarding model:(G-MPLS) Track Forwarding, 1945 (classical) IPv6 Forwarding and (6LoWPAN) Fragment Forwarding. 1947 4.6.1. Track Forwarding 1949 Forwarding along a Track can be seen as a Generalized Multi-protocol 1950 Label Switching (G-MPLS) operation in that the information used to 1951 switch a frame is not an explicit label, but rather related to other 1952 properties of the way the packet was received, a particular cell in 1953 the case of 6TiSCH. As a result, as long as the TSCH MAC (and 1954 Layer-2 security) accepts a frame, that frame can be switched 1955 regardless of the protocol, whether this is an IPv6 packet, a 6LoWPAN 1956 fragment, or a frame from an alternate protocol such as WirelessHART 1957 or ISA100.11a. 1959 A data frame that is forwarded along a Track normally has a 1960 destination MAC address that is set to broadcast - or a multicast 1961 address depending on MAC support. This way, the MAC layer in the 1962 intermediate nodes accepts the incoming frame and 6top switches it 1963 without incurring a change in the MAC header. In the case of IEEE 1964 Std. 802.15.4, this means effectively broadcast, so that along the 1965 Track the short address for the destination of the frame is set to 1966 0xFFFF. 1968 There are 2 modes for a Track, an IPv6 native mode and a protocol- 1969 independant tunnel mode. 1971 4.6.1.1. Native Mode 1973 In native mode, the Protocol Data Unit (PDU) is associated with flow- 1974 dependent meta-data that refers uniquely to the Track, so the 6top 1975 sublayer can place the frame in the appropriate cell without 1976 ambiguity. In the case of IPv6 traffic, this flow identification may 1977 be done using a 6-tuple as discussed in [I-D.ietf-detnet-ip]. In 1978 particular, implementations of this document should support 1979 identification of DetNet flows based on the IPv6 Flow Label field. 1981 The flow follows a Track which identification is done using a RPL 1982 Instance (see section 3.1.3 of [RFC6550]), signaled in a RPL Packet 1983 Information (more in section 11.2.2.1 of [RFC6550]) and the 1984 destination address in the case of a local instance. One or more 1985 flows may be placed in a same Track and the Track identification 1986 (TrackID + owner) may be placed in an IP-in-IP encapsulation. The 1987 forwarding operation is based on the Track and does not depend on the 1988 flow therein. 1990 The Track identification is validated at egress before restoring the 1991 destination MAC address (DMAC) and punting to the upper layer. 1993 Figure 12 illustrates the Track Forwarding operation which happens at 1994 the 6top sublayer, below IP. 1996 | Packet flowing across the network ^ 1997 +--------------+ | | 1998 | IPv6 | | | 1999 +--------------+ | | 2000 | 6LoWPAN HC | | | 2001 +--------------+ ingress egress 2002 | 6top | sets +----+ +----+ restores 2003 +--------------+ DMAC to | | | | DMAC to 2004 | TSCH MAC | brdcst | | | | dest 2005 +--------------+ | | | | | | 2006 | LLN PHY | +-------+ +--...-----+ +-------+ 2007 +--------------+ 2008 Ingress Relay Relay Egress 2009 Stack Layer Node Node Node Node 2011 Figure 12: Track Forwarding, Native Mode 2013 4.6.1.2. Tunnel Mode 2015 In tunnel mode, the frames originate from an arbitrary protocol over 2016 a compatible MAC that may or may not be synchronized with the 6TiSCH 2017 network. An example of this would be a router with a dual radio that 2018 is capable of receiving and sending WirelessHART or ISA100.11a frames 2019 with the second radio, by presenting itself as an access Point or a 2020 Backbone Router, respectively. In that mode, some entity (e.g., PCE) 2021 can coordinate with a WirelessHART Network Manager or an ISA100.11a 2022 System Manager to specify the flows that are transported. 2024 +--------------+ 2025 | IPv6 | 2026 +--------------+ 2027 | 6LoWPAN HC | 2028 +--------------+ set restore 2029 | 6top | +DMAC+ +DMAC+ 2030 +--------------+ to|brdcst to|nexthop 2031 | TSCH MAC | | | | | 2032 +--------------+ | | | | 2033 | LLN PHY | +-------+ +--...-----+ +-------+ 2034 +--------------+ | ingress egress | 2035 | | 2036 +--------------+ | | 2037 | LLN PHY | | | 2038 +--------------+ | Packet flowing across the network | 2039 | TSCH MAC | | | 2040 +--------------+ | DMAC = | DMAC = 2041 |ISA100/WiHART | | nexthop v nexthop 2042 +--------------+ 2043 Source Ingress Egress Destination 2044 Stack Layer Node Node Node Node 2046 Figure 13: Track Forwarding, Tunnel Mode 2048 In that case, the TrackID that identifies the Track at the ingress 2049 6TiSCH router is derived from the RX-cell. The DMAC is set to this 2050 node but the TrackID indicates that the frame must be tunneled over a 2051 particular Track so the frame is not passed to the upper layer. 2052 Instead, the DMAC is forced to broadcast and the frame is passed to 2053 the 6top sublayer for switching. 2055 At the egress 6TiSCH router, the reverse operation occurs. Based on 2056 tunneling information of the Track, which may for instance indicate 2057 that the tunneled datagram is an IP packet, the datagram is passed to 2058 the appropriate Link-Layer with the destination MAC restored. 2060 4.6.1.3. Tunneling Information 2062 Tunneling information coming with the Track configuration provides 2063 the destination MAC address of the egress endpoint as well as the 2064 tunnel mode and specific data depending on the mode, for instance a 2065 service access point for frame delivery at egress. 2067 If the tunnel egress point does not have a MAC address that matches 2068 the configuration, the Track installation fails. 2070 If the Layer-3 destination address belongs to the tunnel termination, 2071 then it is possible that the IPv6 address of the destination is 2072 compressed at the 6LoWPAN sublayer based on the MAC address. 2073 Restoring the wrong MAC address at the egress would then also result 2074 in the wrong IP address in the packet after decompression. For that 2075 reason, a packet can be injected in a Track only if the destination 2076 MAC address is effectively that of the tunnel egress point. It is 2077 thus mandatory for the ingress router to validate that the MAC 2078 address that was used at the 6LoWPAN sublayer for compression matches 2079 that of the tunnel egress point before it overwrites it to broadcast. 2080 The 6top sublayer at the tunnel egress point reverts that operation 2081 to the MAC address obtained from the tunnel information. 2083 4.6.2. IPv6 Forwarding 2085 As the packets are routed at Layer-3, traditional QoS and Active 2086 Queue Management (AQM) operations are expected to prioritize flows. 2088 | Packet flowing across the network ^ 2089 +--------------+ | | 2090 | IPv6 | | +-QoS+ +-QoS+ | 2091 +--------------+ | | | | | | 2092 | 6LoWPAN HC | | | | | | | 2093 +--------------+ | | | | | | 2094 | 6top | | | | | | | 2095 +--------------+ | | | | | | 2096 | TSCH MAC | | | | | | | 2097 +--------------+ | | | | | | 2098 | LLN PHY | +-------+ +--...-----+ +-------+ 2099 +--------------+ 2100 Source Ingress Egress Destination 2101 Stack Layer Node Router Router Node 2103 Figure 14: IP Forwarding 2105 4.6.3. Fragment Forwarding 2107 Considering that per section 4 of [RFC4944] 6LoWPAN packets can be as 2108 large as 1280 bytes (the IPv6 minimum MTU), and that the non-storing 2109 mode of RPL implies Source Routing that requires space for routing 2110 headers, and that a IEEE Std. 802.15.4 frame with security may carry 2111 in the order of 80 bytes of effective payload, an IPv6 packet might 2112 be fragmented into more than 16 fragments at the 6LoWPAN sublayer. 2114 This level of fragmentation is much higher than that traditionally 2115 experienced over the Internet with IPv4 fragments, where 2116 fragmentation is already known as harmful. 2118 In the case to a multihop route within a 6TiSCH network, Hop-by-Hop 2119 recomposition occurs at each hop to reform the packet and route it. 2120 This creates additional latency and forces intermediate nodes to 2121 store a portion of a packet for an undetermined time, thus impacting 2122 critical resources such as memory and battery. 2124 [MIN-FRAG] describes a framework for forwarding fragments end-to-end 2125 across a 6TiSCH route-over mesh. Within that framework, 2126 [I-D.ietf-lwig-6lowpan-virtual-reassembly] details a virtual 2127 reassembly buffer mechanism whereby the datagram tag in the 6LoWPAN 2128 Fragment is used as a label for switching at the 6LoWPAN sublayer. 2130 Building on this technique, [RECOV-FRAG] introduces a new format for 2131 6LoWPAN fragments that enables the selective recovery of individual 2132 fragments, and allows for a degree of flow control based on an 2133 Explicit Congestion Notification. 2135 | Packet flowing across the network ^ 2136 +--------------+ | | 2137 | IPv6 | | +----+ +----+ | 2138 +--------------+ | | | | | | 2139 | 6LoWPAN HC | | learn learn | 2140 +--------------+ | | | | | | 2141 | 6top | | | | | | | 2142 +--------------+ | | | | | | 2143 | TSCH MAC | | | | | | | 2144 +--------------+ | | | | | | 2145 | LLN PHY | +-------+ +--...-----+ +-------+ 2146 +--------------+ 2147 Source Ingress Egress Destination 2148 Stack Layer Node Router Router Node 2150 Figure 15: Forwarding First Fragment 2152 In that model, the first fragment is routed based on the IPv6 header 2153 that is present in that fragment. The 6LoWPAN sublayer learns the 2154 next hop selection, generates a new datagram tag for transmission to 2155 the next hop, and stores that information indexed by the incoming MAC 2156 address and datagram tag. The next fragments are then switched based 2157 on that stored state. 2159 | Packet flowing across the network ^ 2160 +--------------+ | | 2161 | IPv6 | | | 2162 +--------------+ | | 2163 | 6LoWPAN HC | | replay replay | 2164 +--------------+ | | | | | | 2165 | 6top | | | | | | | 2166 +--------------+ | | | | | | 2167 | TSCH MAC | | | | | | | 2168 +--------------+ | | | | | | 2169 | LLN PHY | +-------+ +--...-----+ +-------+ 2170 +--------------+ 2171 Source Ingress Egress Destination 2172 Stack Layer Node Router Router Node 2174 Figure 16: Forwarding Next Fragment 2176 A bitmap and an ECN echo in the end-to-end acknowledgment enable the 2177 source to resend the missing fragments selectively. The first 2178 fragment may be resent to carve a new path in case of a path failure. 2179 The ECN echo set indicates that the number of outstanding fragments 2180 should be reduced. 2182 4.7. Advanced 6TiSCH Routing 2184 4.7.1. Packet Marking and Handling 2186 All packets inside a 6TiSCH domain must carry the RPLInstanceID that 2187 identifies the 6TiSCH topology (e.g., a Track) that is to be used for 2188 routing and forwarding that packet. The location of that information 2189 must be the same for all packets forwarded inside the domain. 2191 For packets that are routed by a PCE along a Track, the tuple formed 2192 by 1) (typically) the IPv6 source or (possibly) destination address 2193 in the IPv6 Header and 2) a local RPLInstanceID in the RPI that 2194 serves as TrackID, identify uniquely the Track and associated 2195 transmit bundle. 2197 For packets that are routed by RPL, that information is the 2198 RPLInstanceID which is carried in the RPL Packet Information (RPI), 2199 as discussed in section 11.2 of [RFC6550], "Loop Avoidance and 2200 Detection". The RPI is transported by a RPL option in the IPv6 Hop- 2201 By-Hop Header [RFC6553]. 2203 A compression mechanism for the RPL packet artifacts that integrates 2204 the compression of IP-in-IP encapsulation and the Routing Header type 2205 3 [RFC6554] with that of the RPI in a 6LoWPAN dispatch/header type is 2206 specified in [RFC8025] and [RFC8138]. 2208 Either way, the method and format used for encoding the RPLInstanceID 2209 is generalized to all 6TiSCH topological Instances, which include 2210 both RPL Instances and Tracks. 2212 4.7.2. Replication, Retries and Elimination 2214 6TiSCH supports the PREOF operations of elimination and reordering of 2215 packets along a complex Track, but has no requirement about whether a 2216 sequence number is tagged in the packet for that purpose. With 2217 6TiSCH, the schedule can tell when multiple receive timeslots 2218 correspond to copies of a same packet, in which case the receiver may 2219 avoid listening to the extra copies once it had received one instance 2220 of the packet. 2222 The semantics of the configuration will enable correlated timeslots 2223 to be grouped for transmit (and respectively receive) with a 'OR' 2224 relations, and then a 'AND' relation would be configurable between 2225 groups. The semantics is that if the transmit (and respectively 2226 receive) operation succeeded in one timeslot in a 'OR' group, then 2227 all the other timeslots in the group are ignored. Now, if there are 2228 at least two groups, the 'AND' relation between the groups indicates 2229 that one operation must succeed in each of the groups. 2231 On the transmit side, timeslots provisioned for retries along a same 2232 branch of a Track are placed a same 'OR' group. The 'OR' relation 2233 indicates that if a transmission is acknowledged, then 2234 retransmissions of that packet should not be attempted for remaining 2235 timeslots in that group. There are as many 'OR' groups as there are 2236 branches of the Track departing from this node. Different 'OR' 2237 groups are programmed for the purpose of replication, each group 2238 corresponding to one branch of the Track. The 'AND' relation between 2239 the groups indicates that transmission over any of branches must be 2240 attempted regardless of whether a transmission succeeded in another 2241 branch. It is also possible to place cells to different next-hop 2242 routers in a same 'OR' group. This allows to route along multi-path 2243 Tracks, trying one next-hop and then another only if sending to the 2244 first fails. 2246 On the receive side, all timeslots are programmed in a same 'OR' 2247 group. Retries of a same copy as well as converging branches for 2248 elimination are converged, meaning that the first successful 2249 reception is enough and that all the other timeslots can be ignored. 2250 A 'AND' group denotes different packets that must all be received and 2251 transmitted over the associated transmit groups within their 2252 respected 'AND' or 'OR' rules. 2254 As an example say that we have a simple network as represented in 2255 Figure 17, and we want to enable PREOF between an ingress node I and 2256 an egress node E. 2258 +-+ +-+ 2259 -- |A| ------ |C| -- 2260 / +-+ +-+ \ 2261 / \ 2262 +-+ +-+ 2263 |I| |E| 2264 +-+ +-+ 2265 \ / 2266 \ +-+ +-+ / 2267 -- |B| ------- |D| -- 2268 +-+ +-+ 2270 Figure 17: Scheduling PREOF on a Simple Network 2272 The assumption for this particular problem is that a 6TiSCH node has 2273 a single radio, so it cannot perform 2 receive and/or transmit 2274 operations at the same time, even on 2 different channels. 2276 Say we have 6 possible channels, and at least 10 timeslots per 2277 slotframe. Figure 18 shows a possible schedule whereby each 2278 transmission is retried 2 or 3 times, and redundant copies are 2279 forwarded in parallel via A and C on the one hand, and B and D on the 2280 other, providing time diversity, spatial diversity though different 2281 physical paths, and frequency diversity. 2283 slotOffset 0 1 2 3 4 5 6 7 9 2284 +----+----+----+----+----+----+----+----+----+ 2285 channelOffset 0 | | | | | | |B->D| | | ... 2286 +----+----+----+----+----+----+----+----+----+ 2287 channelOffset 1 | |I->A| |A->C|B->D| | | | | ... 2288 +----+----+----+----+----+----+----+----+----+ 2289 channelOffset 2 |I->A| | |I->B| |C->E| |D->E| | ... 2290 +----+----+----+----+----+----+----+----+----+ 2291 channelOffset 3 | | | | |A->C| | | | | ... 2292 +----+----+----+----+----+----+----+----+----+ 2293 channelOffset 4 | | |I->B| | |B->D| | |D->E| ... 2294 +----+----+----+----+----+----+----+----+----+ 2295 channelOffset 5 | | |A->C| | | |C->E| | | ... 2296 +----+----+----+----+----+----+----+----+----+ 2298 Figure 18: Example Global Schedule 2300 This translates in a different slotframe for every node that provides 2301 the waking and sleeping times, and the channelOffset to be used when 2302 awake. Figure 19 shows the corresponding slotframe for node A. 2304 slotOffset 0 1 2 3 4 5 6 7 9 2305 +----+----+----+----+----+----+----+----+----+ 2306 operation |rcv |rcv |xmit|xmit|xmit|none|none|none|none| ... 2307 +----+----+----+----+----+----+----+----+----+ 2308 channelOffset | 2 | 1 | 5 | 1 | 3 |N/A |N/A |N/A |N/A | ... 2309 +----+----+----+----+----+----+----+----+----+ 2311 Figure 19: Example Slotframe for Node A 2313 The logical relationship between the timeslots is given by the 2314 following table: 2316 +------+---------------------+------------------------+ 2317 | Node | rcv slotOffset | xmit slotOffset | 2318 +------+---------------------+------------------------+ 2319 | I | N/A | (0 OR 1) AND (2 OR 3) | 2320 | A | (0 OR 1) | (2 OR 3 OR 4) | 2321 | B | (2 OR 3) | (4 OR 5 OR 6) | 2322 | C | (2 OR 3 OR 4) | (5 OR 6) | 2323 | D | (4 OR 5 OR 6) | (7 OR 8) | 2324 | E | (5 OR 6 OR 7 OR 8) | N/A | 2325 +------+---------------------+------------------------+ 2326 Figure 20 2328 5. IANA Considerations 2330 This document does not require IANA action. 2332 6. Security Considerations 2334 The "Minimal Security Framework for 6TiSCH" [MIN-SECURITY] was 2335 optimized for Low-Power and TSCH operations. The reader is 2336 encouraged to review the Security Considerations section of that 2337 document, which discusses 6TiSCH security issues in more details. 2339 6.1. Availability of Remote Services 2341 The operation of 6TiSCH Tracks inherits its high level operation from 2342 DetNet and is subject to the observations in section 5 of [RFC8655]. 2343 The installation and the maintenance of the 6TiSCH Tracks depends on 2344 the availability of a controller with a PCE to compute and push them 2345 in the network. When that connectivity is lost, existing Tracks may 2346 continue to operate until the end of their lifetime, but cannot be 2347 removed or updated, and new Tracks cannot be installed. 2349 In a LLN, the communication with a remote PCE may be slow and 2350 unreactive to rapid changes in the condition of the wireless 2351 communication. An attacker may introduce extra delay by selectively 2352 jamming some packets or some flows. The expectation is that the 2353 6TiSCH Tracks enable enough redundancy to maintain the critical 2354 traffic in operation while new routes are calculated and programmed 2355 into the network. 2357 As with DetNet in general, the communication with the PCE must be 2358 secured and should be protected against DoS attacks, including delay 2359 injection and blackholing attacks, and secured as discussed in the 2360 security considerations defined for Abstraction and Control of 2361 Traffic Engineered Networks (ACTN) in Section 9 of [RFC8453], which 2362 applies equally to DetNet and 6TiSCH. In a similar manner, the 2363 communication with the JRC must be secured and should be protected 2364 against DoS attacks when possible. 2366 6.2. Selective Jamming 2368 The Hopping Sequence of a TSCH network is well-known, meaning that if 2369 a rogue manages to identify a cell of a particular flow, then it may 2370 to selectively jam that cell, without impacting any other traffic. 2371 This attack can be performed at the PHY layer without any knowledge 2372 of the Layer-2 keys, and is very hard to detect and diagnose because 2373 only one flow is impacted. 2375 [I-D.tiloca-6tisch-robust-scheduling] proposes a method to obfuscate 2376 the hopping sequence and make it harder to perpetrate that particular 2377 attack. 2379 6.3. MAC-Layer Security 2381 This architecture operates on IEEE Std. 802.15.4 and expects the 2382 Link-Layer security to be enabled at all times between connected 2383 devices, except for the very first step of the device join process, 2384 where a joining device may need some initial, unsecured exchanges so 2385 as to obtain its initial key material. In a typical deployment, all 2386 joined nodes use the same keys and rekeying needs to be global. 2388 The 6TISCH Architecture relies on the join process to deny 2389 authorization of invalid nodes and preserve the integrity of the 2390 network keys. A rogue that managed to access the network can perform 2391 a large variety of attacks from DoS to injecting forged packets and 2392 routing information. "Zero-trust" properties would be highly 2393 desirable but are mostly not available at the time of this writing. 2394 [AP-ND] is a notable exception that protects the ownership of IPv6 2395 addresses and prevents a rogue node with L2 access from stealing and 2396 injecting traffic on behalf of a legitimate node. 2398 6.4. Time Synchronization 2400 Time Synchronization in TSCH induces another event horizon whereby a 2401 node will only communicate with another node if they are synchronized 2402 within a guard time. The pledge discovers the synchronization of the 2403 network based on the time of reception of the beacon. If an attacker 2404 synchronizes a pledge outside of the guard time of the legitimate 2405 nodes then the pledge will never see a legitimate beacon and may not 2406 discover the attack. 2408 As discussed in [RFC8655], measures must be taken to protect the time 2409 synchronization, and for 6TiSCH this includes ensuring that the 2410 Absolute Slot Number (ASN), which is the node's sense of time, is not 2411 compromised. Once installed and as long as the node is synchronized 2412 to the network, ASN is implicit in the transmissions. 2414 IEEE Std. 802.15.4 [IEEE802154] specifies that in a TSCH network, the 2415 nonce that is used for the computation of the Message Integrity Code 2416 (MIC) to secure Link-Layer frames is composed of the address of the 2417 source of the frame and of the ASN. The standard assumes that the 2418 ASN is distributed securely by other means. The ASN is not passed 2419 explicitly in the data frames and does not constitute a complete 2420 anti-replay protection. It results that upper layer protocols must 2421 provide a way to detect duplicates and cope with them. 2423 If the receiver and the sender have a different sense of ASN, the MIC 2424 will not validate and the frame will be dropped. In that sense, TSCH 2425 induces an event horizon whereby only nodes that have a common sense 2426 of ASN can talk to one another in an authenticated manner. With 2427 6TiSCH, the pledge discovers a tentative ASN in beacons from nodes 2428 that have already joined the network. But even if the beacon can be 2429 authenticated, the ASN cannot be trusted as it could be a replay by 2430 an attacker and thus could announce an ASN that represents a time in 2431 the past. If the pledge uses an ASN that is learned from a replayed 2432 beacon for an encrypted transmission, a nonce-reuse attack becomes 2433 possible and the network keys may be compromised. 2435 6.5. Validating ASN 2437 After obtaining the tentative ASN, a pledge that wishes to join the 2438 6TiSCH network must use a join protocol to obtain its security keys. 2439 The join protocol used in 6TiSCH is the Constrained Join Protocol 2440 (CoJP). In the minimal setting defined in [MIN-SECURITY], the 2441 authentication requires a pre-shared key, based on which a secure 2442 session is derived. The CoJP exchange may also be preceded with a 2443 zero-touch handshake [I-D.ietf-6tisch-dtsecurity-zerotouch-join] in 2444 order to enable pledge joining based on certificates and/or inter- 2445 domain communication. 2447 As detailed in Section 4.2.1, a Join Proxy (JP) helps the pledge for 2448 the join procedure by relaying the link-scope Join Request over the 2449 IP network to a Join Registrar/Coordinator (JRC) that can 2450 authenticate the pledge and validate that it is attached to the 2451 appropriate network. As a result of the CoJP exchange, the pledge is 2452 in possession of a Link-Layer material including keys and a short 2453 address, and if the ASN is known to be correct, all traffic can now 2454 be secured using CCM* [CCMstar] at the Link-Layer. 2456 The authentication steps must be such that they cannot be replayed by 2457 an attacker, and they must not depend on the tentative ASN being 2458 valid. During the authentication, the keying material that the 2459 pledge obtains from the JRC does not provide protection against 2460 spoofed ASN. Once the pledge has obtained the keys to use in the 2461 network, it may still need to verify the ASN. If the nonce used in 2462 the Layer-2 security derives from the extended (MAC-64) address, then 2463 replaying the ASN alone cannot enable a nonce-reuse attack unless the 2464 same node is lost its state with a previous ASN. But if the nonce 2465 derives from the short address (e.g., assigned by the JRC) then the 2466 JRC must ensure that it never assigns short addresses that were 2467 already given to this or other nodes with the same keys. In other 2468 words, the network must be rekeyed before the JRC runs out of short 2469 addresses. 2471 6.6. Network Keying and Rekeying 2473 Section 4.2.1 provides an overview of the CoJP process described in 2474 [MIN-SECURITY] by which an LLN can be assembled in the field, having 2475 been provisioned in a lab. 2476 [I-D.ietf-6tisch-dtsecurity-zerotouch-join] is future work that 2477 preceeds and then leverages the CoJP protocol using the 2478 [I-D.ietf-anima-constrained-voucher] constrained profile of 2479 [I-D.ietf-anima-bootstrapping-keyinfra] (BRSKI). This later work 2480 requires a yet-to-be standardized Lighweight Authenticated Key 2481 Exchange protocol. 2483 The CoJP protocol results in distribution of a network-wide key that 2484 is to be used with [IEEE802154] security. The details of use are 2485 described in [MIN-SECURITY] sections 9.2 and 9.3.2. 2487 The BRSKI mechanism may lead to the use of the CoJP protocol, in 2488 which case it also results in distribution of a network-wide key. 2489 Alternatively the BRSKI mechanism may be followed by use of 2490 [I-D.ietf-ace-coap-est] to enroll certificates for each device. In 2491 that case, the certificates may be used with an [IEEE802154] key 2492 agreement protocol. The description of this mechanism, while 2493 conceptually straight forward still has significant standardization 2494 hurdles to pass. 2496 [MIN-SECURITY] section 9.2 describes a mechanism to change (rekey) 2497 the network. There are a number of reasons to initiate a network 2498 rekey: to remove unwanted (corrupt/malicious) nodes, to recover 2499 unused 2-byte short addresses, or due to limits in encryption 2500 algorithms. For all of the mechanisms that distribute a network-wide 2501 key, rekeying is also needed on a periodic basis. In more details: 2503 * The mechanism described in [MIN-SECURITY] section 9.2 requires 2504 advance communication between the JRC and every one of the nodes 2505 before the key change. Given that many nodes may be sleepy, this 2506 operation may take a significant amount of time, and may consume a 2507 significant portion of the available bandwidth. As such, network- 2508 wide rekeys in order to exclude nodes that have become malicious 2509 will not be particularly quick. If a rekey is already in 2510 progress, but the unwanted node has not yet been updated, then it 2511 is possible to to just continue the operation. If the unwanted 2512 node has already received the update, then the rekey operation 2513 will need to be restarted. 2515 * The cryptographic mechanisms used by IEEE Std. 802.15.4 include 2516 the 2-byte short address in the calculation of the context. A 2517 nonce-reuse attack may become feasible if a short address is 2518 reassigned to another node while the same network-wide keys are in 2519 operation. A network that gains and loses nodes on a regular 2520 basis is likely to reach the 65536 limit of the 2-byte (16-bit) 2521 short addresses, even if the network has only a few thousand 2522 nodes. Network planners should consider the need to rekey the 2523 network on a periodic basis in order to recover 2-byte addresses. 2524 The rekey can update the short addresses for active nodes if 2525 desired, but there is actually no need to do this as long as the 2526 key has been changed. 2528 * With TSCH as it stands at the time of this writing, the ASN will 2529 wrap after 2^40 timeslot durations, which means with the default 2530 values around 350 years. Wrapping ASN is not expected to happen 2531 within the lifetime of most LLNs. Yet, should the ASN wrap, the 2532 network must be rekeyed to avoid a nonce-reuse attack. 2534 * Many cipher algorithms have some suggested limits on how many 2535 bytes should be encrypted with that algorithm before a new key is 2536 used. These numbers are typically in the many to hundreds of 2537 gigabytes of data. On very fast backbone networks this becomes an 2538 important concern. On LLNs with typical data rates in the 2539 kilobits/second, this concern is significantly less. With IEEE 2540 Std. 802.15.4 as it stands at the time of this writing, the ASN 2541 will wrap before the limits of the current L2 crypto (AES-CCM-128) 2542 are reached, so the problem should never occur. 2544 * In any fashion, if the LLN is expected to operate continuously for 2545 decades then the operators are advised to plan for the need to 2546 rekey. 2548 Except for urgent rekeys caused by malicious nodes, the rekey 2549 operation described in [MIN-SECURITY] can be done as a background 2550 task and can be done incrementally. It is a make-before-break 2551 mechanism. The switch over to the new key is not signaled by time, 2552 but rather by observation that the new key is in use. As such, the 2553 update can take as long as needed, or occur in as short a time as 2554 practical. 2556 7. Acknowledgments 2558 7.1. Contributors 2560 The co-authors of this document are listed below: 2562 Thomas Watteyne for his contribution to the whole design, in 2563 particular on TSCH and security, and to the open source community 2564 with openWSN that he created. 2566 Xavier Vilajosana who lead the design of the minimal support with 2567 RPL and contributed deeply to the 6top design and the G-MPLS 2568 operation of Track switching; 2570 Kris Pister for creating TSCH and his continuing guidance through 2571 the elaboration of this design; 2573 Malisa Vucinic for the work on the one-touch join process and his 2574 contribution to the Security Design Team; 2576 Michael Richardson for his leadership role in the Security Design 2577 Team and his contribution throughout this document; 2579 Tero Kivinen for his contribution to the security work in general 2580 and the security section in particular. 2582 Maria Rita Palattella for managing the Terminology document merged 2583 into this through the work of 6TiSCH; 2585 Simon Duquennoy for his contribution to the open source community 2586 with the 6TiSCH implementaton of contiki, and for his contribution 2587 to MSF and autonomous unicast cells. 2589 Qin Wang who lead the design of the 6top sublayer and contributed 2590 related text that was moved and/or adapted in this document; 2592 Rene Struik for the security section and his contribution to the 2593 Security Design Team; 2595 Robert Assimiti for his breakthrough work on RPL over TSCH and 2596 initial text and guidance; 2598 7.2. Special Thanks 2600 Special thanks to Jonathan Simon, Giuseppe Piro, Subir Das and 2601 Yoshihiro Ohba for their deep contribution to the initial security 2602 work, to Yasuyuki Tanaka for his work on implementation and 2603 simulation that tremendously helped build a robust system, to Diego 2604 Dujovne for starting and leading the SF0 effort and to Tengfei Chang 2605 for evolving it in the MSF. 2607 Special thanks also to Pat Kinney, Charlie Perkins and Bob Heile for 2608 their support in maintaining the connection active and the design in 2609 line with work happening at IEEE 802.15. 2611 Special thanks to Ted Lemon who was the INT Area A-D while this 2612 document was initiated for his great support and help throughout, and 2613 to Suresh Krishnan who took over with that kind efficiency of his 2614 till publication. 2616 Also special thanks to Ralph Droms who performed the first INT Area 2617 Directorate review, that was very deep and thorough and radically 2618 changed the orientations of this document, and then to Eliot Lear and 2619 Carlos Pignataro who help finalize this document in preparation to 2620 the IESG reviews, and to Gorry Fairhurst, David Mandelberg, Qin Wu, 2621 Francis Dupont, Eric Vyncke, Mirja Kuhlewind, Roman Danyliw, Benjamin 2622 Kaduk and Andrew Malis, who contributed to the final shaping of this 2623 document through the IESG review procedure. 2625 7.3. And Do not Forget 2627 This document is the result of multiple interactions, in particular 2628 during the 6TiSCH (bi)Weekly Interim call, relayed through the 6TiSCH 2629 mailing list at the IETF, over the course of more than 5 years. 2631 The authors wish to thank in arbitrary order: Alaeddine Weslati, 2632 Chonggang Wang, Georgios Exarchakos, Zhuo Chen, Georgios 2633 Papadopoulos, Eric Levy-Abegnoli, Alfredo Grieco, Bert Greevenbosch, 2634 Cedric Adjih, Deji Chen, Martin Turon, Dominique Barthel, Elvis 2635 Vogli, Geraldine Texier, Guillaume Gaillard, Herman Storey, Kazushi 2636 Muraoka, Ken Bannister, Kuor Hsin Chang, Laurent Toutain, Maik 2637 Seewald, Michael Behringer, Nancy Cam Winget, Nicola Accettura, 2638 Nicolas Montavont, Oleg Hahm, Patrick Wetterwald, Paul Duffy, Peter 2639 van der Stock, Rahul Sen, Pieter de Mil, Pouria Zand, Rouhollah 2640 Nabati, Rafa Marin-Lopez, Raghuram Sudhaakar, Sedat Gormus, Shitanshu 2641 Shah, Steve Simlo, Tina Tsou, Tom Phinney, Xavier Lagrange, Ines 2642 Robles and Samita Chakrabarti for their participation and various 2643 contributions. 2645 8. Normative References 2647 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 2648 DOI 10.17487/RFC0768, August 1980, 2649 . 2651 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 2652 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 2653 DOI 10.17487/RFC4861, September 2007, 2654 . 2656 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 2657 Address Autoconfiguration", RFC 4862, 2658 DOI 10.17487/RFC4862, September 2007, 2659 . 2661 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 2662 "Transmission of IPv6 Packets over IEEE 802.15.4 2663 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 2664 . 2666 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 2667 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 2668 DOI 10.17487/RFC6282, September 2011, 2669 . 2671 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 2672 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 2673 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 2674 Low-Power and Lossy Networks", RFC 6550, 2675 DOI 10.17487/RFC6550, March 2012, 2676 . 2678 [RFC6551] Vasseur, JP., Ed., Kim, M., Ed., Pister, K., Dejean, N., 2679 and D. Barthel, "Routing Metrics Used for Path Calculation 2680 in Low-Power and Lossy Networks", RFC 6551, 2681 DOI 10.17487/RFC6551, March 2012, 2682 . 2684 [RFC6552] Thubert, P., Ed., "Objective Function Zero for the Routing 2685 Protocol for Low-Power and Lossy Networks (RPL)", 2686 RFC 6552, DOI 10.17487/RFC6552, March 2012, 2687 . 2689 [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low- 2690 Power and Lossy Networks (RPL) Option for Carrying RPL 2691 Information in Data-Plane Datagrams", RFC 6553, 2692 DOI 10.17487/RFC6553, March 2012, 2693 . 2695 [RFC6554] Hui, J., Vasseur, JP., Culler, D., and V. Manral, "An IPv6 2696 Routing Header for Source Routes with the Routing Protocol 2697 for Low-Power and Lossy Networks (RPL)", RFC 6554, 2698 DOI 10.17487/RFC6554, March 2012, 2699 . 2701 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 2702 Bormann, "Neighbor Discovery Optimization for IPv6 over 2703 Low-Power Wireless Personal Area Networks (6LoWPANs)", 2704 RFC 6775, DOI 10.17487/RFC6775, November 2012, 2705 . 2707 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 2708 Application Protocol (CoAP)", RFC 7252, 2709 DOI 10.17487/RFC7252, June 2014, 2710 . 2712 [RFC8025] Thubert, P., Ed. and R. Cragie, "IPv6 over Low-Power 2713 Wireless Personal Area Network (6LoWPAN) Paging Dispatch", 2714 RFC 8025, DOI 10.17487/RFC8025, November 2016, 2715 . 2717 [RFC8137] Kivinen, T. and P. Kinney, "IEEE 802.15.4 Information 2718 Element for the IETF", RFC 8137, DOI 10.17487/RFC8137, May 2719 2017, . 2721 [RFC8138] Thubert, P., Ed., Bormann, C., Toutain, L., and R. Cragie, 2722 "IPv6 over Low-Power Wireless Personal Area Network 2723 (6LoWPAN) Routing Header", RFC 8138, DOI 10.17487/RFC8138, 2724 April 2017, . 2726 [RFC8180] Vilajosana, X., Ed., Pister, K., and T. Watteyne, "Minimal 2727 IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) 2728 Configuration", BCP 210, RFC 8180, DOI 10.17487/RFC8180, 2729 May 2017, . 2731 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 2732 (IPv6) Specification", STD 86, RFC 8200, 2733 DOI 10.17487/RFC8200, July 2017, 2734 . 2736 [RFC8480] Wang, Q., Ed., Vilajosana, X., and T. Watteyne, "6TiSCH 2737 Operation Sublayer (6top) Protocol (6P)", RFC 8480, 2738 DOI 10.17487/RFC8480, November 2018, 2739 . 2741 [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for 2742 Abstraction and Control of TE Networks (ACTN)", RFC 8453, 2743 DOI 10.17487/RFC8453, August 2018, 2744 . 2746 [RFC8505] Thubert, P., Ed., Nordmark, E., Chakrabarti, S., and C. 2747 Perkins, "Registration Extensions for IPv6 over Low-Power 2748 Wireless Personal Area Network (6LoWPAN) Neighbor 2749 Discovery", RFC 8505, DOI 10.17487/RFC8505, November 2018, 2750 . 2752 [RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and 2753 Lossy Networks", RFC 7102, DOI 10.17487/RFC7102, January 2754 2014, . 2756 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using 2757 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the 2758 Internet of Things (IoT): Problem Statement", RFC 7554, 2759 DOI 10.17487/RFC7554, May 2015, 2760 . 2762 [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for 2763 Constrained-Node Networks", RFC 7228, 2764 DOI 10.17487/RFC7228, May 2014, 2765 . 2767 [RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing 2768 Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889, 2769 September 2010, . 2771 [RFC8655] Finn, N., Thubert, P., Varga, B., and J. Farkas, 2772 "Deterministic Networking Architecture", RFC 8655, 2773 DOI 10.17487/RFC8655, October 2019, 2774 . 2776 [MIN-SECURITY] 2777 Vucinic, M., Simon, J., Pister, K., and M. Richardson, 2778 "Constrained Join Protocol (CoJP) for 6TiSCH", Work in 2779 Progress, Internet-Draft, draft-ietf-6tisch-minimal- 2780 security-15, 10 December 2019, 2781 . 2784 [6BBR-DRAFT] 2785 Thubert, P., Perkins, C., and E. Levy-Abegnoli, "IPv6 2786 Backbone Router", Work in Progress, Internet-Draft, draft- 2787 ietf-6lo-backbone-router-20, 23 March 2020, 2788 . 2791 [RECOV-FRAG] 2792 Thubert, P., "6LoWPAN Selective Fragment Recovery", Work 2793 in Progress, Internet-Draft, draft-ietf-6lo-fragment- 2794 recovery-21, 23 March 2020, . 2797 [MIN-FRAG] Watteyne, T., Thubert, P., and C. Bormann, "On Forwarding 2798 6LoWPAN Fragments over a Multihop IPv6 Network", Work in 2799 Progress, Internet-Draft, draft-ietf-6lo-minimal-fragment- 2800 15, 23 March 2020, . 2803 [AP-ND] Thubert, P., Sarikaya, B., Sethi, M., and R. Struik, 2804 "Address Protected Neighbor Discovery for Low-power and 2805 Lossy Networks", Work in Progress, Internet-Draft, draft- 2806 ietf-6lo-ap-nd-23, 30 April 2020, 2807 . 2809 [USEofRPLinfo] 2810 Robles, I., Richardson, M., and P. Thubert, "Using RPI 2811 Option Type, Routing Header for Source Routes and IPv6-in- 2812 IPv6 encapsulation in the RPL Data Plane", Work in 2813 Progress, Internet-Draft, draft-ietf-roll-useofrplinfo-42, 2814 12 November 2020, . 2817 [RUL-DRAFT] 2818 Thubert, P. and M. Richardson, "Routing for RPL Leaves", 2819 Work in Progress, Internet-Draft, draft-ietf-roll-unaware- 2820 leaves-23, 10 November 2020, . 2823 [ENH-BEACON] 2824 Dujovne, D. and M. Richardson, "IEEE 802.15.4 Information 2825 Element encapsulation of 6TiSCH Join and Enrollment 2826 Information", Work in Progress, Internet-Draft, draft- 2827 ietf-6tisch-enrollment-enhanced-beacon-14, 21 February 2828 2020, . 2831 [MSF] Chang, T., Vucinic, M., Vilajosana, X., Duquennoy, S., and 2832 D. Dujovne, "6TiSCH Minimal Scheduling Function (MSF)", 2833 Work in Progress, Internet-Draft, draft-ietf-6tisch-msf- 2834 18, 12 September 2020, 2835 . 2837 9. Informative References 2839 [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF 2840 for IPv6", RFC 5340, DOI 10.17487/RFC5340, July 2008, 2841 . 2843 [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility 2844 Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July 2845 2011, . 2847 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 2848 "Definition of the Differentiated Services Field (DS 2849 Field) in the IPv4 and IPv6 Headers", RFC 2474, 2850 DOI 10.17487/RFC2474, December 1998, 2851 . 2853 [RFC2545] Marques, P. and F. Dupont, "Use of BGP-4 Multiprotocol 2854 Extensions for IPv6 Inter-Domain Routing", RFC 2545, 2855 DOI 10.17487/RFC2545, March 1999, 2856 . 2858 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 2859 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 2860 RFC 3963, DOI 10.17487/RFC3963, January 2005, 2861 . 2863 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., 2864 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP 2865 Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001, 2866 . 2868 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 2869 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 2870 2006, . 2872 [RFC3444] Pras, A. and J. Schoenwaelder, "On the Difference between 2873 Information Models and Data Models", RFC 3444, 2874 DOI 10.17487/RFC3444, January 2003, 2875 . 2877 [RFC4080] Hancock, R., Karagiannis, G., Loughney, J., and S. Van den 2878 Bosch, "Next Steps in Signaling (NSIS): Framework", 2879 RFC 4080, DOI 10.17487/RFC4080, June 2005, 2880 . 2882 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 2883 over Low-Power Wireless Personal Area Networks (6LoWPANs): 2884 Overview, Assumptions, Problem Statement, and Goals", 2885 RFC 4919, DOI 10.17487/RFC4919, August 2007, 2886 . 2888 [RFC4903] Thaler, D., "Multi-Link Subnet Issues", RFC 4903, 2889 DOI 10.17487/RFC4903, June 2007, 2890 . 2892 [RFC5974] Manner, J., Karagiannis, G., and A. McDonald, "NSIS 2893 Signaling Layer Protocol (NSLP) for Quality-of-Service 2894 Signaling", RFC 5974, DOI 10.17487/RFC5974, October 2010, 2895 . 2897 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 2898 Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, 2899 January 2012, . 2901 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 2902 Locator/ID Separation Protocol (LISP)", RFC 6830, 2903 DOI 10.17487/RFC6830, January 2013, 2904 . 2906 [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S., 2907 Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software- 2908 Defined Networking (SDN): Layers and Architecture 2909 Terminology", RFC 7426, DOI 10.17487/RFC7426, January 2910 2015, . 2912 [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem 2913 Statement and Requirements for IPv6 over Low-Power 2914 Wireless Personal Area Network (6LoWPAN) Routing", 2915 RFC 6606, DOI 10.17487/RFC6606, May 2012, 2916 . 2918 [I-D.ietf-roll-rpl-industrial-applicability] 2919 Phinney, T., Thubert, P., and R. Assimiti, "RPL 2920 applicability in industrial networks", Work in Progress, 2921 Internet-Draft, draft-ietf-roll-rpl-industrial- 2922 applicability-02, 21 October 2013, 2923 . 2926 [I-D.ietf-6tisch-dtsecurity-zerotouch-join] 2927 Richardson, M., "6tisch Zero-Touch Secure Join protocol", 2928 Work in Progress, Internet-Draft, draft-ietf-6tisch- 2929 dtsecurity-zerotouch-join-04, 8 July 2019, 2930 . 2933 [I-D.ietf-core-object-security] 2934 Selander, G., Mattsson, J., Palombini, F., and L. Seitz, 2935 "Object Security for Constrained RESTful Environments 2936 (OSCORE)", Work in Progress, Internet-Draft, draft-ietf- 2937 core-object-security-16, 6 March 2019, 2938 . 2941 [I-D.ietf-manet-aodvv2] 2942 Perkins, C., Ratliff, S., Dowdell, J., Steenbrink, L., and 2943 V. Mercieca, "Ad Hoc On-demand Distance Vector Version 2 2944 (AODVv2) Routing", Work in Progress, Internet-Draft, 2945 draft-ietf-manet-aodvv2-16, 4 May 2016, 2946 . 2948 [RFC8578] Grossman, E., Ed., "Deterministic Networking Use Cases", 2949 RFC 8578, DOI 10.17487/RFC8578, May 2019, 2950 . 2952 [I-D.ietf-detnet-ip] 2953 Varga, B., Farkas, J., Berger, L., Fedyk, D., and S. 2954 Bryant, "DetNet Data Plane: IP", Work in Progress, 2955 Internet-Draft, draft-ietf-detnet-ip-07, 3 July 2020, 2956 . 2958 [I-D.ietf-anima-bootstrapping-keyinfra] 2959 Pritikin, M., Richardson, M., Eckert, T., Behringer, M., 2960 and K. Watsen, "Bootstrapping Remote Secure Key 2961 Infrastructures (BRSKI)", Work in Progress, Internet- 2962 Draft, draft-ietf-anima-bootstrapping-keyinfra-45, 11 2963 November 2020, . 2966 [I-D.ietf-roll-aodv-rpl] 2967 Anamalamudi, S., Zhang, M., Perkins, C., Anand, S., and B. 2968 Liu, "AODV based RPL Extensions for Supporting Asymmetric 2969 P2P Links in Low-Power and Lossy Networks", Work in 2970 Progress, Internet-Draft, draft-ietf-roll-aodv-rpl-08, 7 2971 May 2020, 2972 . 2974 [I-D.ietf-lwig-6lowpan-virtual-reassembly] 2975 Bormann, C. and T. Watteyne, "Virtual reassembly buffers 2976 in 6LoWPAN", Work in Progress, Internet-Draft, draft-ietf- 2977 lwig-6lowpan-virtual-reassembly-02, 9 March 2020, 2978 . 2981 [I-D.ietf-roll-dao-projection] 2982 Thubert, P., Jadhav, R., and M. Gillmore, "Root initiated 2983 routing state in RPL", Work in Progress, Internet-Draft, 2984 draft-ietf-roll-dao-projection-14, 2 October 2020, 2985 . 2988 [I-D.rahul-roll-mop-ext] 2989 Jadhav, R. and P. Thubert, "RPL Mode of Operation 2990 extension", Work in Progress, Internet-Draft, draft-rahul- 2991 roll-mop-ext-01, 9 June 2019, 2992 . 2994 [I-D.selander-ace-cose-ecdhe] 2995 Selander, G., Mattsson, J., and F. Palombini, "Ephemeral 2996 Diffie-Hellman Over COSE (EDHOC)", Work in Progress, 2997 Internet-Draft, draft-selander-ace-cose-ecdhe-14, 11 2998 September 2019, . 3001 [I-D.thubert-roll-bier] 3002 Thubert, P., "RPL-BIER", Work in Progress, Internet-Draft, 3003 draft-thubert-roll-bier-02, 24 July 2018, 3004 . 3006 [I-D.thubert-bier-replication-elimination] 3007 Thubert, P., Eckert, T., Brodard, Z., and H. Jiang, "BIER- 3008 TE extensions for Packet Replication and Elimination 3009 Function (PREF) and OAM", Work in Progress, Internet- 3010 Draft, draft-thubert-bier-replication-elimination-03, 3 3011 March 2018, . 3014 [I-D.thubert-6lo-bier-dispatch] 3015 Thubert, P., Brodard, Z., Jiang, H., and G. Texier, "A 3016 6loRH for BitStrings", Work in Progress, Internet-Draft, 3017 draft-thubert-6lo-bier-dispatch-06, 28 January 2019, 3018 . 3021 [I-D.thubert-6man-unicast-lookup] 3022 Thubert, P. and E. Levy-Abegnoli, "IPv6 Neighbor Discovery 3023 Unicast Lookup", Work in Progress, Internet-Draft, draft- 3024 thubert-6man-unicast-lookup-00, 29 July 2019, 3025 . 3028 [I-D.pthubert-raw-problem-statement] 3029 Thubert, P. and G. Papadopoulos, "Reliable and Available 3030 Wireless Problem Statement", Work in Progress, Internet- 3031 Draft, draft-pthubert-raw-problem-statement-04, 23 October 3032 2019, . 3035 [I-D.tiloca-6tisch-robust-scheduling] 3036 Tiloca, M., Duquennoy, S., and G. Dini, "Robust Scheduling 3037 against Selective Jamming in 6TiSCH Networks", Work in 3038 Progress, Internet-Draft, draft-tiloca-6tisch-robust- 3039 scheduling-02, 10 June 2019, . 3042 [I-D.ietf-ace-coap-est] 3043 Stok, P., Kampanakis, P., Richardson, M., and S. Raza, 3044 "EST over secure CoAP (EST-coaps)", Work in Progress, 3045 Internet-Draft, draft-ietf-ace-coap-est-18, 6 January 3046 2020, 3047 . 3049 [I-D.ietf-anima-constrained-voucher] 3050 Richardson, M., Stok, P., and P. Kampanakis, "Constrained 3051 Voucher Artifacts for Bootstrapping Protocols", Work in 3052 Progress, Internet-Draft, draft-ietf-anima-constrained- 3053 voucher-09, 2 November 2020, . 3056 [IEEE802154] 3057 IEEE standard for Information Technology, "IEEE Std. 3058 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) 3059 and Physical Layer (PHY) Specifications for Low-Rate 3060 Wireless Personal Area Networks". 3062 [CCMstar] Struik, R., "Formal Specification of the CCM* Mode of 3063 Operation", September 2004, . 3067 [IEEE802154e] 3068 IEEE standard for Information Technology, "IEEE standard 3069 for Information Technology, IEEE Std. 802.15.4, Part. 3070 15.4: Wireless Medium Access Control (MAC) and Physical 3071 Layer (PHY) Specifications for Low-Rate Wireless Personal 3072 Area Networks, June 2011 as amended by IEEE Std. 3073 802.15.4e, Part. 15.4: Low-Rate Wireless Personal Area 3074 Networks (LR-WPANs) Amendment 1: MAC sublayer", April 3075 2012. 3077 [WirelessHART] 3078 www.hartcomm.org, "Industrial Communication Networks - 3079 Wireless Communication Network and Communication Profiles 3080 - WirelessHART - IEC 62591", 2010. 3082 [HART] www.hartcomm.org, "Highway Addressable remote Transducer, 3083 a group of specifications for industrial process and 3084 control devices administered by the HART Foundation". 3086 [ISA100.11a] 3087 ISA/ANSI, "Wireless Systems for Industrial Automation: 3088 Process Control and Related Applications - ISA100.11a-2011 3089 - IEC 62734", 2011, . 3092 [ISA100] ISA/ANSI, "ISA100, Wireless Systems for Automation", 3093 . 3095 [TEAS] IETF, "Traffic Engineering Architecture and Signaling", 3096 . 3098 [ANIMA] IETF, "Autonomic Networking Integrated Model and 3099 Approach", 3100 . 3102 [PCE] IETF, "Path Computation Element", 3103 . 3105 [CCAMP] IETF, "Common Control and Measurement Plane", 3106 . 3108 [AMI] US Department of Energy, "Advanced Metering Infrastructure 3109 and Customer Systems", 2006, 3110 . 3113 [S-ALOHA] Roberts, L. G., "ALOHA Packet System With and Without 3114 Slots and Capture", doi 10.1145/1024916.1024920, April 3115 1975, . 3117 [IEC62439] IEC, "Industrial communication networks - High 3118 availability automation networks - Part 3: Parallel 3119 Redundancy Protocol (PRP) and High-availability Seamless 3120 Redundancy (HSR) - IEC62439-3", 2012, 3121 . 3123 Appendix A. Related Work In Progress 3125 This document has been incremented as the work progressed following 3126 the evolution of the WG charter and the availability of dependent 3127 work. The intent was to publish when the WG concludes on the covered 3128 items. At the time of publishing the following specification are 3129 still in progress and may affect the evolution of the stack in a 3130 6TiSCH-aware node. 3132 A.1. Unchartered IETF work items 3134 A.1.1. 6TiSCH Zerotouch security 3136 The security model and in particular the zerotouch join process 3137 [I-D.ietf-6tisch-dtsecurity-zerotouch-join] depends on the ANIMA 3138 [ANIMA] Bootstrapping Remote Secure Key Infrastructures (BRSKI) 3139 [I-D.ietf-anima-bootstrapping-keyinfra] to enable zero-touch security 3140 provisionning; for highly constrained nodes, a minimal model based on 3141 pre-shared keys (PSK) is also available. As written to this day, it 3142 also depends on a number of documents in progress as CORE, and on 3143 "Ephemeral Diffie-Hellman Over COSE (EDHOC)" 3144 [I-D.selander-ace-cose-ecdhe], which is being considered for adoption 3145 at the LAKE WG. 3147 A.1.2. 6TiSCH Track Setup 3149 ROLL is now standardizing a reactive routing protocol based on RPL 3150 [I-D.ietf-roll-aodv-rpl] The need of a reactive routing protocol to 3151 establish on-demand constraint-optimized routes and a reservation 3152 protocol to establish Layer-3 Tracks is being discussed at 6TiSCH but 3153 not chartered for. 3155 At the time of this writing, there is new work planned in the IETF to 3156 provide limited deterministic networking capabilities for wireless 3157 networks with a focus on forwarding behaviors to react quickly and 3158 locally to the changes as described in 3159 [I-D.pthubert-raw-problem-statement]. 3161 ROLL is also standardizing an extension to RPL to setup centrally- 3162 computed routes [I-D.ietf-roll-dao-projection] 3164 The 6TiSCH Architecture should thus inherit from the DetNet [RFC8655] 3165 architecture and thus depends on it. The Path Computation Element 3166 (PCE) should be a core component of that architecture. An extension 3167 to RPL or to TEAS [TEAS] will be required to expose the 6TiSCH node 3168 capabilities and the network peers to the PCE, possibly in 3169 combination with [I-D.rahul-roll-mop-ext]. A protocol such as a 3170 lightweight PCEP or an adaptation of CCAMP [CCAMP] G-MPLS formats and 3171 procedures could be used in combination to 3172 [I-D.ietf-roll-dao-projection] to install the Tracks, as computed by 3173 the PCE, to the 6TiSCH nodes. 3175 A.1.3. Using BIER in a 6TiSCH Network 3177 ROLL is actively working on Bit Index Explicit Replication (BIER) as 3178 a method to compress both the dataplane packets and the routing 3179 tables in storing mode [I-D.thubert-roll-bier]. 3181 BIER could also be used in the context of the DetNet service layer. 3182 BIER-TE-based OAM, Replication and Elimination 3183 [I-D.thubert-bier-replication-elimination] leverages BIER Traffic 3184 Engineering (TE) to control in the data plane the DetNet Replication 3185 and Elimination activities, and to provide traceability on links 3186 where replication and loss happen, in a manner that is abstract to 3187 the forwarding information. 3189 a 6loRH for BitStrings [I-D.thubert-6lo-bier-dispatch] proposes a 3190 6LoWPAN compression for the BIER Bitstring based on 6LoWPAN Routing 3191 Header [RFC8138]. 3193 A.2. External (non-IETF) work items 3195 The current charter positions 6TiSCH on IEEE Std. 802.15.4 only. 3196 Though most of the design should be portable on other link types, 3197 6TiSCH has a strong dependency on IEEE Std. 802.15.4 and its 3198 evolution. The impact of changes to TSCH on this Architecture should 3199 be minimal to non-existent, but deeper work such as 6top and security 3200 may be impacted. A 6TiSCH Interest Group at the IEEE maintains the 3201 synchronization and helps foster work at the IEEE should 6TiSCH 3202 demand it. 3204 Work is being proposed at IEEE (802.15.12 PAR) for an LLC that would 3205 logically include the 6top sublayer. The interaction with the 6top 3206 sublayer and the Scheduling Functions described in this document are 3207 yet to be defined. 3209 ISA100 [ISA100] Common Network Management (CNM) is another external 3210 work of interest for 6TiSCH. The group, referred to as ISA100.20, 3211 defines a Common Network Management framework that should enable the 3212 management of resources that are controlled by heterogeneous 3213 protocols such as ISA100.11a [ISA100.11a], WirelessHART 3214 [WirelessHART], and 6TiSCH. Interestingly, the establishment of 3215 6TiSCH Deterministic paths, called Tracks, are also in scope, and 3216 ISA100.20 is working on requirements for DetNet. 3218 Author's Address 3220 Pascal Thubert (editor) 3221 Cisco Systems, Inc 3222 Building D 3223 45 Allee des Ormes - BP1200 3224 06254 Mougins - Sophia Antipolis 3225 France 3227 Phone: +33 497 23 26 34 3228 Email: pthubert@cisco.com