idnits 2.17.00 (12 Aug 2021) /tmp/idnits60537/draft-ietf-lpwan-overview-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 21, 2017) is 1765 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'FANTPS' is mentioned on line 942, but not defined -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 3315 (Obsoleted by RFC 8415) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6961 (Obsoleted by RFC 8446) == Outdated reference: A later version (-04) exists of draft-zuniga-lpwan-sigfox-system-description-03 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan S. Farrell, Ed. 3 Internet-Draft Trinity College Dublin 4 Intended status: Informational July 21, 2017 5 Expires: January 22, 2018 7 LPWAN Overview 8 draft-ietf-lpwan-overview-06 10 Abstract 12 Low Power Wide Area Networks (LPWAN) are wireless technologies with 13 characteristics such as large coverage areas, low bandwidth, possibly 14 very small packet and application layer data sizes and long battery 15 life operation. This memo is an informational overview of the set of 16 LPWAN technologies being considered in the IETF and of the gaps that 17 exist between the needs of those technologies and the goal of running 18 IP in LPWANs. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on January 22, 2018. 37 Copyright Notice 39 Copyright (c) 2017 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. LPWAN Technologies . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. LoRaWAN . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 2.1.1. Provenance and Documents . . . . . . . . . . . . . . 4 58 2.1.2. Characteristics . . . . . . . . . . . . . . . . . . . 4 59 2.2. Narrowband IoT (NB-IoT) . . . . . . . . . . . . . . . . . 10 60 2.2.1. Provenance and Documents . . . . . . . . . . . . . . 10 61 2.2.2. Characteristics . . . . . . . . . . . . . . . . . . . 11 62 2.3. SIGFOX . . . . . . . . . . . . . . . . . . . . . . . . . 15 63 2.3.1. Provenance and Documents . . . . . . . . . . . . . . 15 64 2.3.2. Characteristics . . . . . . . . . . . . . . . . . . . 15 65 2.4. Wi-SUN Alliance Field Area Network (FAN) . . . . . . . . 20 66 2.4.1. Provenance and Documents . . . . . . . . . . . . . . 20 67 2.4.2. Characteristics . . . . . . . . . . . . . . . . . . . 21 68 3. Generic Terminology . . . . . . . . . . . . . . . . . . . . . 24 69 4. Gap Analysis . . . . . . . . . . . . . . . . . . . . . . . . 25 70 4.1. Naive application of IPv6 . . . . . . . . . . . . . . . . 26 71 4.2. 6LoWPAN . . . . . . . . . . . . . . . . . . . . . . . . . 26 72 4.2.1. Header Compression . . . . . . . . . . . . . . . . . 27 73 4.2.2. Address Autoconfiguration . . . . . . . . . . . . . . 27 74 4.2.3. Fragmentation . . . . . . . . . . . . . . . . . . . . 27 75 4.2.4. Neighbor Discovery . . . . . . . . . . . . . . . . . 28 76 4.3. 6lo . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 77 4.4. 6tisch . . . . . . . . . . . . . . . . . . . . . . . . . 29 78 4.5. RoHC . . . . . . . . . . . . . . . . . . . . . . . . . . 29 79 4.6. ROLL . . . . . . . . . . . . . . . . . . . . . . . . . . 30 80 4.7. CoAP . . . . . . . . . . . . . . . . . . . . . . . . . . 30 81 4.8. Mobility . . . . . . . . . . . . . . . . . . . . . . . . 30 82 4.9. DNS and LPWAN . . . . . . . . . . . . . . . . . . . . . . 31 83 5. Security Considerations . . . . . . . . . . . . . . . . . . . 31 84 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 85 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 32 86 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 87 9. Informative References . . . . . . . . . . . . . . . . . . . 35 88 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 40 89 A.1. From -00 to -01 . . . . . . . . . . . . . . . . . . . . . 40 90 A.2. From -01 to -02 . . . . . . . . . . . . . . . . . . . . . 40 91 A.3. From -02 to -03 . . . . . . . . . . . . . . . . . . . . . 41 92 A.4. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 41 93 A.5. From -04 to -05 . . . . . . . . . . . . . . . . . . . . . 41 94 A.6. From -05 to -06 . . . . . . . . . . . . . . . . . . . . . 41 95 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 41 97 1. Introduction 99 This document provides background material and an overview of the 100 technologies being considered in the IETF's Low Power Wide-Area 101 Networking (LPWAN) working group. We also provide a gap analysis 102 between the needs of these technologies and currently available IETF 103 specifications. 105 Most technologies in this space aim for similar goals of supporting 106 large numbers of very low-cost, low-throughput devices with very-low 107 power consumption, so that even battery-powered devices can be 108 deployed for years. LPWAN devices also tend to be constrained in 109 their use of bandwidth, for example with limited frequencies being 110 allowed to be used within limited duty-cycles (usually expressed as a 111 percentage of time per-hour that the device is allowed to transmit.) 112 And as the name implies, coverage of large areas is also a common 113 goal. So, by and large, the different technologies aim for 114 deployment in very similar circumstances. 116 Existing pilot deployments have shown huge potential and created much 117 industrial interest in these technologies. As of today, essentially 118 no LPWAN devices have IP capabilities. Connecting LPWANs to the 119 Internet would provide significant benefits to these networks in 120 terms of interoperability, application deployment, and management, 121 among others. The goal of the IETF LPWAN working group is to, where 122 necessary, adapt IETF-defined protocols, addressing schemes and 123 naming to this particular constrained environment. 125 This document is largely the work of the people listed in Section 7. 127 2. LPWAN Technologies 129 This section provides an overview of the set of LPWAN technologies 130 that are being considered in the LPWAN working group. The text for 131 each was mainly contributed by proponents of each technology. 133 Note that this text is not intended to be normative in any sense, but 134 simply to help the reader in finding the relevant layer 2 135 specifications and in understanding how those integrate with IETF- 136 defined technologies. Similarly, there is no attempt here to set out 137 the pros and cons of the relevant technologies. 139 Note that some of the technology-specific drafts referenced below may 140 have been updated since publication of this document. 142 2.1. LoRaWAN 144 Text here is largely from [I-D.farrell-lpwan-lora-overview] 146 2.1.1. Provenance and Documents 148 LoRaWAN is a wireless technology for long-range low-power low-data- 149 rate applications developed by the LoRa Alliance, a membership 150 consortium. This draft is based on 151 version 1.0.2 [LoRaSpec] of the LoRa specification. Version 1.0, 152 which has also seen some deployment, is available at [LoRaSpec1.0]. 154 2.1.2. Characteristics 156 LoRaWAN networks are typically organized in a star-of-stars topology 157 in which gateways relay messages between end-devices and a central 158 "network server" in the backend. Gateways are connected to the 159 network server via IP links while end-devices use single-hop LoRaWAN 160 communication that can be received at one or more gateways. 161 Communication is generally bi-directional; uplink communication from 162 end-devices to the network server is favored in terms of overall 163 bandwidth availability. 165 Figure 1 shows the entities involved in a LoRaWAN network. 167 +----------+ 168 |End-device| * * * 169 +----------+ * +---------+ 170 * | Gateway +---+ 171 +----------+ * +---------+ | +---------+ 172 |End-device| * * * +---+ Network +--- Application 173 +----------+ * | | Server | 174 * +---------+ | +---------+ 175 +----------+ * | Gateway +---+ 176 |End-device| * * * * +---------+ 177 +----------+ 178 Key: * LoRaWAN Radio 179 +---+ IP connectivity 181 Figure 1: LoRaWAN architecture 183 o End-device: a LoRa client device, sometimes called a mote. 184 Communicates with gateways. 186 o Gateway: a radio on the infrastructure-side, sometimes called a 187 concentrator or base-station. Communicates with end-devices and, 188 via IP, with a network server. 190 o Network Server: The Network Server (NS) terminates the LoRaWAN MAC 191 layer for the end-devices connected to the network. It is the 192 center of the star topology. 194 o - Join Server: The Join Server (JS) is a server on the Internet 195 side of an NS that processes join requests from end-devices. 197 o Uplink message: refers to communications from end-device to 198 network server or application via one or more gateways. 200 o Downlink message: refers to communications from network server or 201 application via one gateway to a single end-device or a group of 202 end-devices (considering multicasting). 204 o Application: refers to application layer code both on the end- 205 device and running "behind" the network server. For LoRaWAN, 206 there will generally only be one application running on most end- 207 devices. Interfaces between the network server and application 208 are not further described here. 210 In LoRaWAN networks, end-device transmissions may be received at 211 multiple gateways, so during nominal operation a network server may 212 see multiple instances of the same uplink message from an end-device. 214 The LoRaWAN network infrastructure manages the data rate and RF 215 output power for each end-device individually by means of an adaptive 216 data rate (ADR) scheme. End-devices may transmit on any channel 217 allowed by local regulation at any time. 219 LoRaWAN radios make use of industrial, scientific and medical (ISM) 220 bands, for example, 433MHz and 868MHz within the European Union and 221 915MHz in the Americas. 223 The end-device changes channel in a pseudo-random fashion for every 224 transmission to help make the system more robust to interference and/ 225 or to conform to local regulations. 227 Figure 2 below shows that after a transmission slot a Class A device 228 turns on its receiver for two short receive windows that are offset 229 from the end of the transmission window. End-devices can only 230 transmit a subsequent uplink frame after the end of the associated 231 receive windows. When a device joins a LoRaWAN network, there are 232 similar timeouts on parts of that process. 234 |----------------------------| |--------| |--------| 235 | Tx | | Rx | | Rx | 236 |----------------------------| |--------| |--------| 237 |---------| 238 Rx delay 1 239 |------------------------| 240 Rx delay 2 242 Figure 2: LoRaWAN Class A transmission and reception window 244 Given the different regional requirements the detailed specification 245 for the LoRaWAN physical layer (taking up more than 30 pages of the 246 specification) is not reproduced here. Instead and mainly to 247 illustrate the kinds of issue encountered, in Table 1 we present some 248 of the default settings for one ISM band (without fully explaining 249 those here) and in Table 2 we describe maxima and minima for some 250 parameters of interest to those defining ways to use IETF protocols 251 over the LoRaWAN MAC layer. 253 +------------------------+------------------------------------------+ 254 | Parameters | Default Value | 255 +------------------------+------------------------------------------+ 256 | Rx delay 1 | 1 s | 257 | | | 258 | Rx delay 2 | 2 s (must be RECEIVE_DELAY1 + 1s) | 259 | | | 260 | join delay 1 | 5 s | 261 | | | 262 | join delay 2 | 6 s | 263 | | | 264 | 868MHz Default | 3 (868.1,868.2,868.3), data rate: 0.3-5 | 265 | channels | kbps | 266 +------------------------+------------------------------------------+ 268 Table 1: Default settings for EU868MHz band 270 +-----------------------------------------------+--------+----------+ 271 | Parameter/Notes | Min | Max | 272 +-----------------------------------------------+--------+----------+ 273 | Duty Cycle: some but not all ISM bands impose | 1% | no-limit | 274 | a limit in terms of how often an end-device | | | 275 | can transmit. In some cases LoRaWAN is more | | | 276 | restrictive in an attempt to avoid | | | 277 | congestion. | | | 278 | | | | 279 | EU 868MHz band data rate/frame-size | 250 | 50000 | 280 | | bits/s | bits/s : | 281 | | : 59 | 250 | 282 | | octets | octets | 283 | | | | 284 | US 915MHz band data rate/frame-size | 980 | 21900 | 285 | | bits/s | bits/s : | 286 | | : 19 | 250 | 287 | | octets | octets | 288 +-----------------------------------------------+--------+----------+ 290 Table 2: Minima and Maxima for various LoRaWAN Parameters 292 Note that in the case of the smallest frame size (19 octets), 8 293 octets are required for LoRa MAC layer headers leaving only 11 octets 294 for payload (including MAC layer options). However, those settings 295 do not apply for the join procedure - end-devices are required to use 296 a channel and data rate that can send the 23-byte Join-request 297 message for the join procedure. 299 Uplink and downlink higher layer data is carried in a MACPayload. 300 There is a concept of "ports" (an optional 8-bit value) to handle 301 different applications on an end-device. Port zero is reserved for 302 LoRaWAN specific messaging, such as the configuration of the end 303 device's network parameters (available channels, data rates, ADR 304 parameters, RX1/2 delay, etc.). 306 In addition to carrying higher layer PDUs there are Join-Request and 307 Join-Response (aka Join-Accept) messages for handling network access. 308 And so-called "MAC commands" (see below) up to 15 bytes long can be 309 piggybacked in an options field ("FOpts"). 311 There are a number of MAC commands for link and device status 312 checking, ADR and duty-cycle negotiation, managing the RX windows and 313 radio channel settings. For example, the link check response message 314 allows the network server (in response to a request from an end- 315 device) to inform an end-device about the signal attenuation seen 316 most recently at a gateway, and to also tell the end-device how many 317 gateways received the corresponding link request MAC command. 319 Some MAC commands are initiated by the network server. For example, 320 one command allows the network server to ask an end-device to reduce 321 its duty-cycle to only use a proportion of the maximum allowed in a 322 region. Another allows the network server to query the end-device's 323 power status with the response from the end-device specifying whether 324 it has an external power source or is battery powered (in which case 325 a relative battery level is also sent to the network server). 327 In order to operate nominally on a LoRaWAN network, a device needs a 328 32-bit device address, that is assigned when the device "joins" the 329 network (see below for the join procedure) or that is pre-provisioned 330 into the device. In case of roaming devices, the device address is 331 assigned based on the 24-bit network identifier (NetID) that is 332 allocated to the network by the LoRa Alliance. Non-roaming devices 333 can be assigned device addresses by the network without relying on a 334 LoRa Alliance-assigned NetID. 336 End-devices are assumed to work with one or a quite limited number of 337 applications, identified by a 64-bit AppEUI, which is assumed to be a 338 registered IEEE EUI64 value. In addition, a device needs to have two 339 symmetric session keys, one for protecting network artifacts 340 (port=0), the NwkSKey, and another for protecting application layer 341 traffic, the AppSKey. Both keys are used for 128-bit AES 342 cryptographic operations. So, one option is for an end-device to 343 have all of the above, plus channel information, somehow 344 (pre-)provisioned, in which case the end-device can simply start 345 transmitting. This is achievable in many cases via out-of-band means 346 given the nature of LoRaWAN networks. Table 3 summarizes these 347 values. 349 +---------+---------------------------------------------------------+ 350 | Value | Description | 351 +---------+---------------------------------------------------------+ 352 | DevAddr | DevAddr (32-bits) = device-specific network address | 353 | | generated from the NwkID | 354 | | | 355 | AppEUI | IEEE EUI64 corresponding to the join server for an | 356 | | application | 357 | | | 358 | NwkSKey | 128-bit network session key used with AES-CMAC | 359 | | | 360 | AppSKey | 128-bit application session key used with AES-CTR | 361 | | | 362 | AppKey | 128-bit application session key used with AES-ECB | 363 +---------+---------------------------------------------------------+ 365 Table 3: Values required for nominal operation 367 As an alternative, end-devices can use the LoRaWAN join procedure 368 with a join server behind the NS in order to setup some of these 369 values and dynamically gain access to the network. To use the join 370 procedure, an end-device must still know the AppEUI, and in addition, 371 a different (long-term) symmetric key that is bound to the AppEUI - 372 this is the application key (AppKey), and is distinct from the 373 application session key (AppSKey). The AppKey is required to be 374 specific to the device, that is, each end-device should have a 375 different AppKey value. And finally, the end-device also needs a 376 long-term identifier for itself, syntactically also an EUI-64, and 377 known as the device EUI or DevEUI. Table 4 summarizes these values. 379 +---------+----------------------------------------------------+ 380 | Value | Description | 381 +---------+----------------------------------------------------+ 382 | DevEUI | IEEE EUI64 naming the device | 383 | | | 384 | AppEUI | IEEE EUI64 naming the application | 385 | | | 386 | AppKey | 128-bit long term application key for use with AES | 387 +---------+----------------------------------------------------+ 389 Table 4: Values required for join procedure 391 The join procedure involves a special exchange where the end-device 392 asserts the AppEUI and DevEUI (integrity protected with the long-term 393 AppKey, but not encrypted) in a Join-request uplink message. This is 394 then routed to the network server which interacts with an entity that 395 knows that AppKey to verify the Join-request. All going well, a 396 Join-accept downlink message is returned from the network server to 397 the end-device that specifies the 24-bit NetID, 32-bit DevAddr and 398 channel information and from which the AppSKey and NwkSKey can be 399 derived based on knowledge of the AppKey. This provides the end- 400 device with all the values listed in Table 3. 402 All payloads are encrypted and have data integrity. MAC commands, 403 when sent as a payload (port zero), are therefore protected. MAC 404 commands piggy-backed as frame options ("FOpts") are however sent in 405 clear. Any MAC commands sent as frame options and not only as 406 payload, are visible to a passive attacker but are not malleable for 407 an active attacker due to the use of the Message Integrity Check 408 (MIC) described below. 410 For LoRaWAN version 1.0.x, the NWkSkey session key is used to provide 411 data integrity between the end-device and the network server. The 412 AppSKey is used to provide data confidentiality between the end- 413 device and network server, or to the application "behind" the network 414 server, depending on the implementation of the network. 416 All MAC layer messages have an outer 32-bit MIC calculated using AES- 417 CMAC calculated over the ciphertext payload and other headers and 418 using the NwkSkey. Payloads are encrypted using AES-128, with a 419 counter-mode derived from IEEE 802.15.4 using the AppSKey. Gateways 420 are not expected to be provided with the AppSKey or NwkSKey, all of 421 the infrastructure-side cryptography happens in (or "behind") the 422 network server. When session keys are derived from the AppKey as a 423 result of the join procedure the Join-accept message payload is 424 specially handled. 426 The long-term AppKey is directly used to protect the Join-accept 427 message content, but the function used is not an AES-encrypt 428 operation, but rather an AES-decrypt operation. The justification is 429 that this means that the end-device only needs to implement the AES- 430 encrypt operation. (The counter mode variant used for payload 431 decryption means the end-device doesn't need an AES-decrypt 432 primitive.) 434 The Join-accept plaintext is always less than 16 bytes long, so 435 electronic code book (ECB) mode is used for protecting Join-accept 436 messages. The Join-accept contains an AppNonce (a 24 bit value) that 437 is recovered on the end-device along with the other Join-accept 438 content (e.g. DevAddr) using the AES-encrypt operation. Once the 439 Join-accept payload is available to the end-device the session keys 440 are derived from the AppKey, AppNonce and other values, again using 441 an ECB mode AES-encrypt operation, with the plaintext input being a 442 maximum of 16 octets. 444 2.2. Narrowband IoT (NB-IoT) 446 Text here is largely from [I-D.ratilainen-lpwan-nb-iot] 448 2.2.1. Provenance and Documents 450 Narrowband Internet of Things (NB-IoT) is developed and standardized 451 by 3GPP. The standardization of NB-IoT was finalized with 3GPP 452 Release 13 in June 2016, and further enhancements for NB-IoT are 453 specified in 3GPP Release 14 in 2017, for example in the form of 454 multicast support. Further features and improvements will be 455 developed in the following releases, but NB-IoT has been ready to be 456 deployed since 2016, and is rather simple to deploy especially in the 457 existing LTE networks with a software upgrade in the operator's base 458 stations. For more information of what has been specified for NB- 459 IoT, 3GPP specification 36.300 [TGPP36300] provides an overview and 460 overall description of the E-UTRAN radio interface protocol 461 architecture, while specifications 36.321 [TGPP36321], 36.322 462 [TGPP36322], 36.323 [TGPP36323] and 36.331 [TGPP36331] give more 463 detailed description of MAC, RLC, PDCP and RRC protocol layers, 464 respectively. Note that the description below assumes familiarity 465 with numerous 3GPP terms. 467 2.2.2. Characteristics 469 Specific targets for NB-IoT include: Less than US$5 module cost, 470 extended coverage of 164 dB maximum coupling loss, battery life of 471 over 10 years, ~55000 devices per cell and uplink reporting latency 472 of less than 10 seconds. 474 NB-IoT supports Half Duplex FDD operation mode with 60 kbps peak rate 475 in uplink and 30 kbps peak rate in downlink, and a maximum 476 transmission unit (MTU) size of 1600 bytes limited by PDCP layer (see 477 Figure 4 for the protocol structure), which is the highest layer in 478 the user plane, as explained later. Any packet size up to the said 479 MTU size can be passed to the NB-IoT stack from higher layers, 480 segmentation of the packet is performed in the RLC layer, which can 481 segment the data to transmission blocks with size as small as 16 482 bits. As the name suggests, NB-IoT uses narrowbands with bandwidth 483 of 180 kHz in both downlink and uplink. The multiple access scheme 484 used in the downlink is OFDMA with 15 kHz sub-carrier spacing. In 485 uplink, SC-FDMA single tone with either 15kHz or 3.75 kHz tone 486 spacing is used, or optionally multi-tone SC- FDMA can be used with 487 15 kHz tone spacing. 489 NB-IoT can be deployed in three ways. In-band deployment means that 490 the narrowband is deployed inside the LTE band and radio resources 491 are flexibly shared between NB-IoT and normal LTE carrier. In Guard- 492 band deployment the narrowband uses the unused resource blocks 493 between two adjacent LTE carriers. Standalone deployment is also 494 supported, where the narrowband can be located alone in dedicated 495 spectrum, which makes it possible for example to reframe a GSM 496 carrier at 850/900 MHz for NB-IoT. All three deployment modes are 497 used in licensed frequency bands. The maximum transmission power is 498 either 20 or 23 dBm for uplink transmissions, while for downlink 499 transmission the eNodeB may use higher transmission power, up to 46 500 dBm depending on the deployment. 502 A maximum coupling loss (MCL) target for NB-IoT coverage enhancements 503 defined by 3GPP is 164 dB. With this MCL, the performance of NB-IoT 504 in downlink varies between 200 bps and 2-3 kbps, depending on the 505 deployment mode. Stand-alone operation may achieve the highest data 506 rates, up to few kbps, while in-band and guard-band operations may 507 reach several hundreds of bps. NB-IoT may even operate with MCL 508 higher than 170 dB with very low bit rates. 510 For signaling optimization, two options are introduced in addition to 511 legacy LTE RRC connection setup; mandatory Data-over-NAS (Control 512 Plane optimization, solution 2 in [TGPP23720]) and optional RRC 513 Suspend/Resume (User Plane optimization, solution 18 in [TGPP23720]). 514 In the control plane optimization the data is sent over Non-Access 515 Stratum, directly to/from Mobility Management Entity (MME) (see 516 Figure 3 for the network architecture) in the core network to the 517 User Equipment (UE) without interaction from the base station. This 518 means there are no Access Stratum security or header compression 519 provided by the PDCP layer in the eNodeB, as the Access Stratum is 520 bypassed, and only limited RRC procedures. RoHC based header 521 compression may still optionally be provided and terminated in MME. 523 The RRC Suspend/Resume procedures reduce the signaling overhead 524 required for UE state transition from RRC Idle to RRC Connected mode 525 compared to legacy LTE operation in order to have quicker user plane 526 transaction with the network and return to RRC Idle mode faster. 528 In order to prolong device battery life, both power-saving mode (PSM) 529 and extended DRX (eDRX) are available to NB-IoT. With eDRX the RRC 530 Connected mode DRX cycle is up to 10.24 seconds and in RRC Idle the 531 eDRX cycle can be up to 3 hours. In PSM the device is in a deep 532 sleep state and only wakes up for uplink reporting, after which there 533 is a window, configured by the network, during which the device 534 receiver is open for downlink connectivity, of for periodical "keep- 535 alive" signaling (PSM uses periodic TAU signaling with additional 536 reception window for downlink reachability). 538 Since NB-IoT operates in licensed spectrum, it has no channel access 539 restrictions allowing up to a 100% duty-cycle. 541 3GPP access security is specified in [TGPP33203]. 543 +--+ 544 |UE| \ +------+ +------+ 545 +--+ \ | MME |------| HSS | 546 \ / +------+ +------+ 547 +--+ \+-----+ / | 548 |UE| ----| eNB |- | 549 +--+ /+-----+ \ | 550 / \ +--------+ 551 / \| | +------+ Service PDN 552 +--+ / | S-GW |----| P-GW |---- e.g. Internet 553 |UE| | | +------+ 554 +--+ +--------+ 556 Figure 3: 3GPP network architecture 558 Figure 3 shows the 3GPP network architecture, which applies to NB- 559 IoT. Mobility Management Entity (MME) is responsible for handling 560 the mobility of the UE. MME tasks include tracking and paging UEs, 561 session management, choosing the Serving gateway for the UE during 562 initial attachment and authenticating the user. At MME, the Non- 563 Access Stratum (NAS) signaling from the UE is terminated. 565 Serving Gateway (S-GW) routes and forwards the user data packets 566 through the access network and acts as a mobility anchor for UEs 567 during handover between base stations known as eNodeBs and also 568 during handovers between NB-IoT and other 3GPP technologies. 570 Packet Data Node Gateway (P-GW) works as an interface between 3GPP 571 network and external networks. 573 The Home Subscriber Server (HSS) contains user-related and 574 subscription- related information. It is a database, which performs 575 mobility management, session establishment support, user 576 authentication and access authorization. 578 E-UTRAN consists of components of a single type, eNodeB. eNodeB is a 579 base station, which controls the UEs in one or several cells. 581 The 3GPP radio protocol architecture is illustration in Figure 4. 583 +---------+ +---------+ 584 | NAS |----|-----------------------------|----| NAS | 585 +---------+ | +---------+---------+ | +---------+ 586 | RRC |----|----| RRC | S1-AP |----|----| S1-AP | 587 +---------+ | +---------+---------+ | +---------+ 588 | PDCP |----|----| PDCP | SCTP |----|----| SCTP | 589 +---------+ | +---------+---------+ | +---------+ 590 | RLC |----|----| RLC | IP |----|----| IP | 591 +---------+ | +---------+---------+ | +---------+ 592 | MAC |----|----| MAC | L2 |----|----| L2 | 593 +---------+ | +---------+---------+ | +---------+ 594 | PHY |----|----| PHY | PHY |----|----| PHY | 595 +---------+ +---------+---------+ +---------+ 596 LTE-Uu S1-MME 597 UE eNodeB MME 599 Figure 4: 3GPP radio protocol architecture for control plane 601 Control plane protocol stack 603 The radio protocol architecture of NB-IoT (and LTE) is separated into 604 control plane and user plane. The control plane consists of 605 protocols which control the radio access bearers and the connection 606 between the UE and the network. The highest layer of control plane 607 is called Non-Access Stratum (NAS), which conveys the radio signaling 608 between the UE and the EPC, passing transparently through the radio 609 network. NAS responsible for authentication, security control, 610 mobility management and bearer management. 612 Access Stratum (AS) is the functional layer below NAS, and in the 613 control plane it consists of Radio Resource Control protocol (RRC) 614 [TGPP36331], which handles connection establishment and release 615 functions, broadcast of system information, radio bearer 616 establishment, reconfiguration and release. RRC configures the user 617 and control planes according to the network status. There exists two 618 RRC states, RRC_Idle or RRC_Connected, and RRC entity controls the 619 switching between these states. In RRC_Idle, the network knows that 620 the UE is present in the network and the UE can be reached in case of 621 incoming call/downlink data. In this state, the UE monitors paging, 622 performs cell measurements and cell selection and acquires system 623 information. Also the UE can receive broadcast and multicast data, 624 but it is not expected to transmit or receive unicast data. In 625 RRC_Connected the UE has a connection to the eNodeB, the network 626 knows the UE location on the cell level and the UE may receive and 627 transmit unicast data. An RRC connection is established when the UE 628 is expected to be active in the network, to transmit or receive data. 629 The RRC connection is released, switching back to RRC_Idle, when 630 there is no more traffic in order to preserve UE battery life and 631 radio resources. However, a new feature was introduced for NB-IoT, 632 as mentioned earlier, which allows data to be transmitted from the 633 MME directly to the UE transparently to the eNodeB, thus bypassing AS 634 functions. 636 Packet Data Convergence Protocol's (PDCP) [TGPP36323] main services 637 in control plane are transfer of control plane data, ciphering and 638 integrity protection. 640 Radio Link Control protocol (RLC) [TGPP36322] performs transfer of 641 upper layer PDUs and optionally error correction with Automatic 642 Repeat reQuest (ARQ), concatenation, segmentation, and reassembly of 643 RLC SDUs, in-sequence delivery of upper layer PDUs, duplicate 644 detection, RLC SDU discard, RLC-re-establishment and protocol error 645 detection and recovery. 647 Medium Access Control protocol (MAC) [TGPP36321] provides mapping 648 between logical channels and transport channels, multiplexing of MAC 649 SDUs, scheduling information reporting, error correction with HARQ, 650 priority handling and transport format selection. 652 Physical layer [TGPP36201] provides data transport services to higher 653 layers. These include error detection and indication to higher 654 layers, FEC encoding, HARQ soft-combining, rate matching and mapping 655 of the transport channels onto physical channels, power weighting and 656 modulation of physical channels, frequency and time synchronization 657 and radio characteristics measurements. 659 User plane protocol stack 661 User plane is responsible for transferring the user data through the 662 Access Stratum. It interfaces with IP and the highest layer of user 663 plane is PDCP, which in user plane performs header compression using 664 Robust Header Compression (RoHC), transfer of user plane data between 665 eNodeB and UE, ciphering and integrity protection. Similar to 666 control plane, lower layers in user plane include RLC, MAC and 667 physical layer performing the same tasks as in control plane. 669 2.3. SIGFOX 671 Text here is largely from 672 [I-D.zuniga-lpwan-sigfox-system-description] which may have been 673 updated since this was published. 675 2.3.1. Provenance and Documents 677 The SIGFOX LPWAN is in line with the terminology and specifications 678 being defined by ETSI [etsi_unb]. As of today, SIGFOX's network has 679 been fully deployed in 12 countries, with ongoing deployments on 26 680 other countries, giving in total a geography of 2 million square 681 kilometers, containing 512 million people. 683 2.3.2. Characteristics 685 SIGFOX LPWAN autonomous battery-operated devices send only a few 686 bytes per day, week or month, in principle allowing them to remain on 687 a single battery for up to 10-15 years. Hence, the system is 688 designed as to allow devices to last several years, sometimes even 689 buried underground. 691 Since the radio protocol is connection-less and optimized for uplink 692 communications, the capacity of a SIGFOX base station depends on the 693 number of messages generated by devices, and not on the actual number 694 of devices. Likewise, the battery life of devices depends on the 695 number of messages generated by the device. Depending on the use 696 case, devices can vary from sending less than one message per device 697 per day, to dozens of messages per device per day. 699 The coverage of the cell depends on the link budget and on the type 700 of deployment (urban, rural, etc.). The radio interface is compliant 701 with the following regulations: 703 Spectrum allocation in the USA [fcc_ref] 704 Spectrum allocation in Europe [etsi_ref] 706 Spectrum allocation in Japan [arib_ref] 708 The SIGFOX radio interface is also compliant with the local 709 regulations of the following countries: Australia, Brazil, Canada, 710 Kenya, Lebanon, Mauritius, Mexico, New Zealand, Oman, Peru, 711 Singapore, South Africa, South Korea, and Thailand. 713 The radio interface is based on Ultra Narrow Band (UNB) 714 communications, which allow an increased transmission range by 715 spending a limited amount of energy at the device. Moreover, UNB 716 allows a large number of devices to coexist in a given cell without 717 significantly increasing the spectrum interference. 719 Both uplink and downlink are supported, although the system is 720 optimized for uplink communications. Due to spectrum optimizations, 721 different uplink and downlink frames and time synchronization methods 722 are needed. 724 The main radio characteristics of the UNB uplink transmission are: 726 o Channelization mask: 100 Hz / 600 Hz (depending on the region) 728 o Uplink baud rate: 100 baud / 600 baud (depending on the region) 730 o Modulation scheme: DBPSK 732 o Uplink transmission power: compliant with local regulation 734 o Link budget: 155 dB (or better) 736 o Central frequency accuracy: not relevant, provided there is no 737 significant frequency drift within an uplink packet transmission 739 For example, in Europe the UNB uplink frequency band is limited to 740 868.00 to 868.60 MHz, with a maximum output power of 25 mW and a duty 741 cycle of 1%. 743 The format of the uplink frame is the following: 745 +--------+--------+--------+------------------+-------------+-----+ 746 |Preamble| Frame | Dev ID | Payload |Msg Auth Code| FCS | 747 | | Sync | | | | | 748 +--------+--------+--------+------------------+-------------+-----+ 750 Figure 5: Uplink Frame Format 752 The uplink frame is composed of the following fields: 754 o Preamble: 19 bits 756 o Frame sync and header: 29 bits 758 o Device ID: 32 bits 760 o Payload: 0-96 bits 762 o Authentication: 16-40 bits 764 o Frame check sequence: 16 bits (CRC) 766 The main radio characteristics of the UNB downlink transmission are: 768 o Channelization mask: 1.5 kHz 770 o Downlink baud rate: 600 baud 772 o Modulation scheme: GFSK 774 o Downlink transmission power: 500 mW / 4W (depending on the region) 776 o Link budget: 153 dB (or better) 778 o Central frequency accuracy: the center frequency of downlink 779 transmission is set by the network according to the corresponding 780 uplink transmission 782 For example, in Europe the UNB downlink frequency band is limited to 783 869.40 to 869.65 MHz, with a maximum output power of 500 mW with 10% 784 duty cycle. 786 The format of the downlink frame is the following: 788 +------------+-----+---------+------------------+-------------+-----+ 789 | Preamble |Frame| ECC | Payload |Msg Auth Code| FCS | 790 | |Sync | | | | | 791 +------------+-----+---------+------------------+-------------+-----+ 793 Figure 6: Downlink Frame Format 795 The downlink frame is composed of the following fields: 797 o Preamble: 91 bits 798 o Frame sync and header: 13 bits 800 o Error Correcting Code (ECC): 32 bits 802 o Payload: 0-64 bits 804 o Authentication: 16 bits 806 o Frame check sequence: 8 bits (CRC) 808 The radio interface is optimized for uplink transmissions, which are 809 asynchronous. Downlink communications are achieved by devices 810 querying the network for available data. 812 A device willing to receive downlink messages opens a fixed window 813 for reception after sending an uplink transmission. The delay and 814 duration of this window have fixed values. The network transmits the 815 downlink message for a given device during the reception window, and 816 the network also selects the base station (BS) for transmitting the 817 corresponding downlink message. 819 Uplink and downlink transmissions are unbalanced due to the 820 regulatory constraints on ISM bands. Under the strictest 821 regulations, the system can allow a maximum of 140 uplink messages 822 and 4 downlink messages per device per day. These restrictions can 823 be slightly relaxed depending on system conditions and the specific 824 regulatory domain of operation. 826 +---+ 827 |DEV| * +------+ 828 +---+ * | RA | 829 * +------+ 830 +---+ * | 831 |DEV| * * * * | 832 +---+ * +----+ | 833 * | BS | \ +--------+ 834 +---+ * +----+ \ | | 835 DA -----|DEV| * * * | SC |----- NA 836 +---+ * / | | 837 * +----+ / +--------+ 838 +---+ * | BS |/ 839 |DEV| * * * * +----+ 840 +---+ * 841 * 842 +---+ * 843 |DEV| * * 844 +---+ 846 Figure 7: SIGFOX network architecture 848 Figure 7 depicts the different elements of the SIGFOX network 849 architecture. 851 SIGFOX has a "one-contract one-network" model allowing devices to 852 connect in any country, without any need or notion of either roaming 853 or handover. 855 The architecture consists of a single cloud-based core network, which 856 allows global connectivity with minimal impact on the end device and 857 radio access network. The core network elements are the Service 858 Center (SC) and the Registration Authority (RA). The SC is in charge 859 of the data connectivity between the Base Station (BS) and the 860 Internet, as well as the control and management of the BSs and End 861 Points. The RA is in charge of the End Point network access 862 authorization. 864 The radio access network is comprised of several BSs connected 865 directly to the SC. Each BS performs complex L1/L2 functions, 866 leaving some L2 and L3 functionalities to the SC. 868 The Devices (DEVs) or End Points (EPs) are the objects that 869 communicate application data between local device applications (DAs) 870 and network applications (NAs). 872 Devices (or EPs) can be static or nomadic, as they associate with the 873 SC and they do not attach to any specific BS. Hence, they can 874 communicate with the SC through one or multiple BSs. 876 Due to constraints in the complexity of the Device, it is assumed 877 that Devices host only one or very few device applications, which 878 most of the time communicate each to a single network application at 879 a time. 881 The radio protocol authenticates and ensures the integrity of each 882 message. This is achieved by using a unique device ID and an AES-128 883 based message authentication code, ensuring that the message has been 884 generated and sent by the device with the ID claimed in the message. 885 Application data can be encrypted at the application level or not, 886 depending on the criticality of the use case, to provide a balance 887 between cost and effort vs. risk. AES-128 in counter mode is used 888 for encryption. Cryptographic keys are independent for each device. 889 These keys are associated with the device ID and separate integrity 890 and confidentiality keys are pre-provisioned. A confidentiality key 891 is only provisioned if confidentiality is to be used. At the time of 892 writing the algorithms and keying details for this are not published. 894 2.4. Wi-SUN Alliance Field Area Network (FAN) 896 Text here is via personal communication from Bob Heile 897 (bheile@ieee.org) and was authored by Bob and Sum Chin Sean. Duffy 898 (paduffy@cisco.com) also provided additional comments/input on this 899 section. 901 2.4.1. Provenance and Documents 903 The Wi-SUN Alliance is an industry alliance 904 for smart city, smart grid, smart utility, and a broad set of general 905 IoT applications. The Wi-SUN Alliance Field Area Network (FAN) 906 profile is open standards based (primarily on IETF and IEEE802 907 standards) and was developed to address applications like smart 908 municipality/city infrastructure monitoring and management, electric 909 vehicle (EV) infrastructure, advanced metering infrastructure (AMI), 910 distribution automation (DA), supervisory control and data 911 acquisition (SCADA) protection/management, distributed generation 912 monitoring and management, and many more IoT applications. 913 Additionally, the Alliance has created a certification program to 914 promote global multi-vendor interoperability. 916 The FAN profile is specified within ANSI/TIA as an extension of work 917 previously done on Smart Utility Networks. [ANSI-4957-000]. Updates 918 to those specifications intended to be published in 2017 will contain 919 details of the FAN profile. A current snapshot of the work to 920 produce that profile is presented in [wisun-pressie1] 921 [wisun-pressie2] . 923 2.4.2. Characteristics 925 The FAN profile is an IPv6 wireless mesh network with support for 926 enterprise level security. The frequency hopping wireless mesh 927 topology aims to offer superior network robustness, reliability due 928 to high redundancy, good scalability due to the flexible mesh 929 configuration and good resilience to interference. Very low power 930 modes are in development permitting long term battery operation of 931 network nodes. 933 The following list contains some overall characteristics of Wi-SUN 934 that are relevant to LPWAN applications. 936 o Coverage The range of Wi-SUN FAN is typically 2 -- 3 km in line of 937 sight, matching the needs of neighborhood area networks, campus 938 area networks, or corporate area networks. The range can also be 939 extended via multi-hop networking. 941 o High bandwidth, low link latency: Wi-SUN supports relatively high 942 bandwidth, i.e. up to 300 kbps [FANTPS], enables remote update and 943 upgrade of devices so that they can handle new applications, 944 extending their working life. Wi-SUN supports LPWAN IoT 945 applications that require on-demand control by providing low link 946 latency (0.02s) and bi-directional communication. 948 o Low power consumption: FAN devices draw less than 2 uA when 949 resting and only 8 mA when listening. Such devices can maintain a 950 long lifetime even if they are frequently listening. For 951 instance, suppose the device transmits data for 10 ms once every 952 10 s; theoretically, a battery of 1000 mAh can last more than 10 953 years. 955 o Scalability: Tens of millions Wi-SUN FAN devices have been 956 deployed in urban, suburban and rural environments, including 957 deployments with more than 1 million devices. 959 A FAN contains one or more networks. Within a network, nodes assume 960 one of three operational roles. First, each network contains a 961 Border Router providing Wide Area Network (WAN) connectivity to the 962 network. The Border Router maintains source routing tables for all 963 nodes within its network, provides node authentication and key 964 management services, and disseminates network-wide information such 965 as broadcast schedules. Secondly, Router nodes, which provide upward 966 and downward packet forwarding (within a network). A Router also 967 provides services for relaying security and address management 968 protocols. Lastly, Leaf nodes provide minimum capabilities: 969 discovering and joining a network, send/receive IPv6 packets, etc. A 970 low power network may contain a mesh topology with Routers at the 971 edges that construct a star topology with Leaf nodes. 973 The FAN profile is based on various open standards developed by the 974 IETF (including [RFC0768], [RFC2460], [RFC4443] and [RFC6282]), 975 IEEE802 (including [IEEE-802-15-4] and [IEEE-802-15-9]) and ANSI/TIA 976 [ANSI-4957-210] for low power and lossy networks. 978 The FAN profile specification provides an application-independent 979 IPv6-based transport service. There are two possible methods for 980 establishing the IPv6 packet routing: Routing Protocol for Low-Power 981 and Lossy Networks (RPL) at the Network layer is mandatory, and 982 Multi-Hop Delivery Service (MHDS) is optional at the Data Link layer. 983 Table 5 provides an overview of the FAN network stack. 985 The Transport service is based on User Datagram Protocol (UDP) 986 defined in RFC768 or Transmission Control Protocol (TCP) defined in 987 RFC793. 989 The Network service is provided by IPv6 as defined in RFC2460 with 990 6LoWPAN adaptation as defined in RFC4944 and RFC6282. ICMPv6, as 991 defined in RFC4443, is used for the control plane during information 992 exchange. 994 The Data Link service provides both control/management of the 995 Physical layer and data transfer/management services to the Network 996 layer. These services are divided into Media Access Control (MAC) 997 and Logical Link Control (LLC) sub-layers. The LLC sub-layer 998 provides a protocol dispatch service which supports 6LoWPAN and an 999 optional MAC sub-layer mesh service. The MAC sub-layer is 1000 constructed using data structures defined in IEEE802.15.4-2015. 1001 Multiple modes of frequency hopping are defined. The entire MAC 1002 payload is encapsulated in an IEEE802.15.9 Information Element to 1003 enable LLC protocol dispatch between upper layer 6LoWPAN processing, 1004 MAC sublayer mesh processing, etc. These areas will be expanded once 1005 IEEE802.15.12 is completed. 1007 The PHY service is derived from a sub-set of the SUN FSK 1008 specification in IEEE802.15.4-2015. The 2-FSK modulation schemes, 1009 with channel spacing range from 200 to 600 kHz, are defined to 1010 provide data rates from 50 to 300 kbps, with Forward Error Coding 1011 (FEC) as an optional feature. Towards enabling ultra-low-power 1012 applications, the PHY layer design is also extendable to low energy 1013 and critical infrastructure monitoring networks. 1015 +----------------------+--------------------------------------------+ 1016 | Layer | Description | 1017 +----------------------+--------------------------------------------+ 1018 | IPv6 protocol suite | TCP/UDP | 1019 | | | 1020 | | 6LoWPAN Adaptation + Header Compression | 1021 | | | 1022 | | DHCPv6 for IP address management. | 1023 | | | 1024 | | Routing using RPL. | 1025 | | | 1026 | | ICMPv6. | 1027 | | | 1028 | | Unicast and Multicast forwarding. | 1029 | | | 1030 | MAC based on IEEE | Frequency hopping | 1031 | 802.15.4e + IE | | 1032 | extensions | | 1033 | | | 1034 | | Discovery and Join | 1035 | | | 1036 | | Protocol Dispatch (IEEE 802.15.9) | 1037 | | | 1038 | | Several Frame Exchange patterns | 1039 | | | 1040 | | Optional Mesh Under routing (ANSI | 1041 | | 4957.210). | 1042 | | | 1043 | PHY based on | Various data rates and regions | 1044 | 802.15.4g | | 1045 | | | 1046 | Security | 802.1X/EAP-TLS/PKI Authentication. | 1047 | | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | 1048 | | required for EAP-TLS. | 1049 | | | 1050 | | 802.11i Group Key Management | 1051 | | | 1052 | | Frame security is implemented as AES-CCM* | 1053 | | as specified in IEEE 802.15.4 | 1054 | | | 1055 | | Optional ETSI-TS-102-887-2 Node 2 Node Key | 1056 | | Management | 1057 +----------------------+--------------------------------------------+ 1059 Table 5: Wi-SUN Stack Overview 1061 The FAN security supports Data Link layer network access control, 1062 mutual authentication, and establishment of a secure pairwise link 1063 between a FAN node and its Border Router, which is implemented with 1064 an adaptation of IEEE802.1X and EAP-TLS as described in [RFC5216] 1065 using secure device identity as described in IEEE802.1AR. 1066 Certificate formats are based upon [RFC5280]. A secure group link 1067 between a Border Router and a set of FAN nodes is established using 1068 an adaptation of the IEEE802.11 Four-Way Handshake. A set of 4 group 1069 keys are maintained within the network, one of which is the current 1070 transmit key. Secure node to node links are supported between one- 1071 hop FAN neighbors using an adaptation of ETSI-TS-102-887-2. FAN 1072 nodes implement Frame Security as specified in IEEE802.15.4-2015. 1074 3. Generic Terminology 1076 LPWAN technologies, such as those discussed above, have similar 1077 architectures but different terminology. We can identify different 1078 types of entities in a typical LPWAN network: 1080 o End-Devices are the devices or the "things" (e.g. sensors, 1081 actuators, etc.); they are named differently in each technology 1082 (End Device, User Equipment or End Point). There can be a high 1083 density of end devices per radio gateway. 1085 o The Radio Gateway, which is the end point of the constrained link. 1086 It is known as: Gateway, Evolved Node B or Base station. 1088 o The Network Gateway or Router is the interconnection node between 1089 the Radio Gateway and the Internet. It is known as: Network 1090 Server, Serving GW or Service Center. 1092 o LPWAN-AAA Server, which controls the user authentication, the 1093 applications. It is known as: Join-Server, Home Subscriber Server 1094 or Registration Authority. (We use the term LPWAN-AAA server 1095 because we're not assuming that this entity speaks RADIUS or 1096 Diameter as many/most AAA servers do, but equally we don't want to 1097 rule that out, as the functionality will be similar. 1099 o At last we have the Application Server, known also as Packet Data 1100 Node Gateway or Network Application. 1102 +---------------------------------------------------------------------+ 1103 | Function/ | | | | | | 1104 |Technology | LORAWAN | NB-IOT | SIGFOX | Wi-SUN | IETF | 1105 +-----------+-----------+-----------+------------+--------+-----------+ 1106 | Sensor, | | | | | | 1107 |Actuator, | End | User | End | Leaf | Device | 1108 |device, | Device | Equipment | Point | Node | (Dev) | 1109 | object | | | | | | 1110 +-----------+-----------+-----------+------------+--------+-----------+ 1111 |Transceiver| | Evolved | Base | Router | RADIO | 1112 | Antenna | Gateway | Node B | Station | Node | Gateway | 1113 +-----------+-----------+-----------+------------+--------+-----------+ 1114 | Server | Network | PDN GW/ | Service | Border | Network | 1115 | | Server | SCEF | Center | Router | Gateway | 1116 | | | | | | (NGW) | 1117 +-----------+-----------+-----------+------------+--------+-----------+ 1118 | Security | Join | Home |Registration|Authent.| LPWAN- | 1119 | Server | Server | Subscriber| Authority | Server | AAA | 1120 | | | Server | | | SERVER | 1121 +-----------+-----------+-----------+------------+--------+-----------+ 1122 |Application|Application|Application| Network |Appli- |Application| 1123 | | Server | Server | Application| cation | (App) | 1124 +---------------------------------------------------------------------+ 1126 Figure 8: LPWAN Architecture Terminology 1128 +------+ 1129 () () () | |LPWAN-| 1130 () () () () / \ +---------+ | AAA | 1131 () () () () () () / \========| /\ |====|Server| +-----------+ 1132 () () () | | <--|--> | +------+ |APPLICATION| 1133 () () () () / \============| v |==============| (App) | 1134 () () () / \ +---------+ +-----------+ 1135 Dev Radio Gateways NGW 1137 Figure 9: LPWAN Architecture 1139 In addition to the names of entities, LPWANs are also subject to 1140 possibly regional frequency band regulations. Those may include 1141 restrictions on the duty-cycle, for example requiring that hosts only 1142 transmit for a certain percentage of each hour. 1144 4. Gap Analysis 1145 4.1. Naive application of IPv6 1147 IPv6 [RFC2460] has been designed to allocate addresses to all the 1148 nodes connected to the Internet. Nevertheless, the header overhead 1149 of at least 40 bytes introduced by the protocol is incompatible with 1150 LPWAN constraints. If IPv6 with no further optimization were used, 1151 several LPWAN frames could be needed just to carry the IP header. 1152 Another problem arises from IPv6 MTU requirements, which require the 1153 layer below to support at least 1280 byte packets [RFC2460]. 1155 IPv6 has a configuration protocol - neighbor discovery protocol, 1156 (NDP) [RFC4861]). For a node to learn network parameters NDP 1157 generates regular traffic with a relatively large message size that 1158 does not fit LPWAN constraints. 1160 In some LPWAN technologies, layer two multicast is not supported. In 1161 that case, if the network topology is a star, the solution and 1162 considerations of section 3.2.5 of [RFC7668] may be applied. 1164 Other key protocols such as DHCPv6 [RFC3315], IPsec [RFC4301] and TLS 1165 [RFC5246] have similarly problematic properties in this context. 1166 Each of those require relatively frequent round-trips between the 1167 host and some other host on the network. In the case of 1168 cryptographic protocols such as IPsec and TLS, in addition to the 1169 round-trips required for secure session establishment, cryptographic 1170 operations can require padding and addition of authenticators that 1171 are problematic when considering LPWAN lower layers. Note that mains 1172 powered Wi-SUN mesh router nodes will typically be more resource 1173 capable than the other LPWAN techs discussed. This can enable use of 1174 more "chatty" protocols for some aspects of Wi-SUN. 1176 4.2. 6LoWPAN 1178 Several technologies that exhibit significant constraints in various 1179 dimensions have exploited the 6LoWPAN suite of specifications 1180 [RFC4944], [RFC6282], [RFC6775] to support IPv6 [I-D.hong-6lo-use- 1181 cases]. However, the constraints of LPWANs, often more extreme than 1182 those typical of technologies that have (re)used 6LoWPAN, constitute 1183 a challenge for the 6LoWPAN suite in order to enable IPv6 over LPWAN. 1184 LPWANs are characterized by device constraints (in terms of 1185 processing capacity, memory, and energy availability), and specially, 1186 link constraints, such as: 1188 o very low layer two payload size (from ~10 to ~100 bytes), 1190 o very low bit rate (from ~10 bit/s to ~100 kbit/s), and 1191 o in some specific technologies, further message rate constraints 1192 (e.g. between ~0.1 message/minute and ~1 message/minute) due to 1193 regional regulations that limit the duty cycle. 1195 4.2.1. Header Compression 1197 6LoWPAN header compression reduces IPv6 (and UDP) header overhead by 1198 eliding header fields when they can be derived from the link layer, 1199 and by assuming that some of the header fields will frequently carry 1200 expected values. 6LoWPAN provides both stateless and stateful header 1201 compression. In the latter, all nodes of a 6LoWPAN are assumed to 1202 share compression context. In the best case, the IPv6 header for 1203 link-local communication can be reduced to only 2 bytes. For global 1204 communication, the IPv6 header may be compressed down to 3 bytes in 1205 the most extreme case. However, in more practical situations, the 1206 smallest IPv6 header size may be 11 bytes (one address prefix 1207 compressed) or 19 bytes (both source and destination prefixes 1208 compressed). These headers are large considering the link layer 1209 payload size of LPWAN technologies, and in some cases are even bigger 1210 than the LPWAN PDUs. 6LoWPAN has been initially designed for IEEE 1211 802.15.4 networks with a frame size up to 127 bytes and a throughput 1212 of up to 250 kb/s, which may or may not be duty-cycled. 1214 4.2.2. Address Autoconfiguration 1216 Traditionally, Interface Identifiers (IIDs) have been derived from 1217 link layer identifiers [RFC4944] . This allows optimizations such as 1218 header compression. Nevertheless, recent guidance has given advice 1219 on the fact that, due to privacy concerns, 6LoWPAN devices should not 1220 be configured to embed their link layer addresses in the IID by 1221 default. 1223 4.2.3. Fragmentation 1225 As stated above, IPv6 requires the layer below to support an MTU of 1226 1280 bytes [RFC2460]. Therefore, given the low maximum payload size 1227 of LPWAN technologies, fragmentation is needed. 1229 If a layer of an LPWAN technology supports fragmentation, proper 1230 analysis has to be carried out to decide whether the fragmentation 1231 functionality provided by the lower layer or fragmentation at the 1232 adaptation layer should be used. Otherwise, fragmentation 1233 functionality shall be used at the adaptation layer. 1235 6LoWPAN defined a fragmentation mechanism and a fragmentation header 1236 to support the transmission of IPv6 packets over IEEE 802.15.4 1237 networks [RFC4944]. While the 6LoWPAN fragmentation header is 1238 appropriate for IEEE 802.15.4-2003 (which has a frame payload size of 1239 81-102 bytes), it is not suitable for several LPWAN technologies, 1240 many of which have a maximum payload size that is one order of 1241 magnitude below that of IEEE 802.15.4-2003. The overhead of the 1242 6LoWPAN fragmentation header is high, considering the reduced payload 1243 size of LPWAN technologies and the limited energy availability of the 1244 devices using such technologies. Furthermore, its datagram offset 1245 field is expressed in increments of eight octets. In some LPWAN 1246 technologies, the 6LoWPAN fragmentation header plus eight octets from 1247 the original datagram exceeds the available space in the layer two 1248 payload. In addition, the MTU in the LPWAN networks could be 1249 variable which implies a variable fragmentation solution. 1251 4.2.4. Neighbor Discovery 1253 6LoWPAN Neighbor Discovery [RFC6775] defined optimizations to IPv6 1254 Neighbor Discovery [RFC4861], in order to adapt functionality of the 1255 latter for networks of devices using IEEE 802.15.4 or similar 1256 technologies. The optimizations comprise host-initiated interactions 1257 to allow for sleeping hosts, replacement of multicast-based address 1258 resolution for hosts by an address registration mechanism, multihop 1259 extensions for prefix distribution and duplicate address detection 1260 (note that these are not needed in a star topology network), and 1261 support for 6LoWPAN header compression. 1263 6LoWPAN Neighbor Discovery may be used in not so severely constrained 1264 LPWAN networks. The relative overhead incurred will depend on the 1265 LPWAN technology used (and on its configuration, if appropriate). In 1266 certain LPWAN setups (with a maximum payload size above ~60 bytes, 1267 and duty-cycle-free or equivalent operation), an RS/RA/NS/NA exchange 1268 may be completed in a few seconds, without incurring packet 1269 fragmentation. 1271 In other LPWANs (with a maximum payload size of ~10 bytes, and a 1272 message rate of ~0.1 message/minute), the same exchange may take 1273 hours or even days, leading to severe fragmentation and consuming a 1274 significant amount of the available network resources. 6LoWPAN 1275 Neighbor Discovery behavior may be tuned through the use of 1276 appropriate values for the default Router Lifetime, the Valid 1277 Lifetime in the PIOs, and the Valid Lifetime in the 6CO, as well as 1278 the address Registration Lifetime. However, for the latter LPWANs 1279 mentioned above, 6LoWPAN Neighbor Discovery is not suitable. 1281 4.3. 6lo 1283 The 6lo WG has been reusing and adapting 6LoWPAN to enable IPv6 1284 support over link layer technologies such as Bluetooth Low Energy 1285 (BTLE), ITU-T G.9959, DECT-ULE, MS/TP-RS485, NFC IEEE 802.11ah. (See 1286 for details.) These technologies are 1287 similar in several aspects to IEEE 802.15.4, which was the original 1288 6LoWPAN target technology. 1290 6lo has mostly used the subset of 6LoWPAN techniques best suited for 1291 each lower layer technology, and has provided additional 1292 optimizations for technologies where the star topology is used, such 1293 as BTLE or DECT-ULE. 1295 The main constraint in these networks comes from the nature of the 1296 devices (constrained devices), whereas in LPWANs it is the network 1297 itself that imposes the most stringent constraints. 1299 4.4. 6tisch 1301 The 6tisch solution is dedicated to mesh networks that operate using 1302 802.15.4e MAC with a deterministic slotted channel. The time slot 1303 channel (TSCH) can help to reduce collisions and to enable a better 1304 balance over the channels. It improves the battery life by avoiding 1305 the idle listening time for the return channel. 1307 A key element of 6tisch is the use of synchronization to enable 1308 determinism. TSCH and 6TiSCH may provide a standard scheduling 1309 function. The LPWAN networks probably will not support 1310 synchronization like the one used in 6tisch. 1312 4.5. RoHC 1314 Robust header compression (RoHC) is a header compression mechanism 1315 [RFC3095] developed for multimedia flows in a point to point channel. 1316 RoHC uses 3 levels of compression, each level having its own header 1317 format. In the first level, RoHC sends 52 bytes of header, in the 1318 second level the header could be from 34 to 15 bytes and in the third 1319 level header size could be from 7 to 2 bytes. The level of 1320 compression is managed by a sequence number, which varies in size 1321 from 2 bytes to 4 bits in the minimal compression. SN compression is 1322 done with an algorithm called W-LSB (Window- Least Significant Bits). 1323 This window has a 4-bit size representing 15 packets, so every 15 1324 packets RoHC needs to slide the window in order to receive the 1325 correct sequence number, and sliding the window implies a reduction 1326 of the level of compression. When packets are lost or errored, the 1327 decompressor loses context and drops packets until a bigger header is 1328 sent with more complete information. To estimate the performance of 1329 RoHC, an average header size is used. This average depends on the 1330 transmission conditions, but most of the time is between 3 and 4 1331 bytes. 1333 RoHC has not been adapted specifically to the constrained hosts and 1334 networks of LPWANs: it does not take into account energy limitations 1335 nor the transmission rate, and RoHC context is synchronised during 1336 transmission, which does not allow better compression. 1338 4.6. ROLL 1340 Most technologies considered by the lpwan WG are based on a star 1341 topology, which eliminates the need for routing at that layer. 1342 Future work may address additional use-cases that may require 1343 adaptation of existing routing protocols or the definition of new 1344 ones. As of the time of writing, work similar to that done in the 1345 ROLL WG and other routing protocols are out of scope of the LPWAN WG. 1347 4.7. CoAP 1349 CoAP [RFC7252] provides a RESTful framework for applications intended 1350 to run on constrained IP networks. It may be necessary to adapt CoAP 1351 or related protocols to take into account for the extreme duty cycles 1352 and the potentially extremely limited throughput of LPWANs. 1354 For example, some of the timers in CoAP may need to be redefined. 1355 Taking into account CoAP acknowledgments may allow the reduction of 1356 L2 acknowledgments. On the other hand, the current work in progress 1357 in the CoRE WG where the COMI/CoOL network management interface 1358 which, uses Structured Identifiers (SID) to reduce payload size over 1359 CoAP may prove to be a good solution for the LPWAN technologies. The 1360 overhead is reduced by adding a dictionary which matches a URI to a 1361 small identifier and a compact mapping of the YANG model into the 1362 CBOR binary representation. 1364 4.8. Mobility 1366 LPWANs nodes can be mobile. However, LPWAN mobility is different 1367 from the one specified for Mobile IP. LPWAN implies sporadic traffic 1368 and will rarely be used for high-frequency, real-time communications. 1369 The applications do not generate a flow, they need to save energy and 1370 most of the time the node will be down. 1372 In addition, LPWAN mobility may mostly apply to groups of devices, 1373 that represent a network in which case mobility is more a concern for 1374 the gateway than the devices. NEMO [RFC3963] Mobility solutions may 1375 be used in the case where some end-devices belonging to the same 1376 network gateway move from one point to another such that they are not 1377 aware of being mobile. 1379 4.9. DNS and LPWAN 1381 The Domain Name System (DNS) DNS [RFC1035], enables applications to 1382 name things with a globally resolvable name. Many protocols use the 1383 DNS to identify hosts, for example applications using CoAP. 1385 The DNS query/answer protocol as a pre-cursor to other communication 1386 within the time-to-live (TTL) of a DNS answer is clearly problematic 1387 in an LPWAN, say where only one round-trip per hour can be used, and 1388 with a TTL that is less than 3600. It is currently unclear whether 1389 and how DNS-like functionality might be provided in LPWANs. 1391 5. Security Considerations 1393 Most LPWAN technologies integrate some authentication or encryption 1394 mechanisms that were defined outside the IETF. The working group may 1395 need to do work to integrate these mechanisms to unify management. A 1396 standardized Authentication, Accounting, and Authorization (AAA) 1397 infrastructure [RFC2904] may offer a scalable solution for some of 1398 the security and management issues for LPWANs. AAA offers 1399 centralized management that may be of use in LPWANs, for example 1400 [I-D.garcia-dime-diameter-lorawan] and 1401 [I-D.garcia-radext-radius-lorawan] suggest possible security 1402 processes for a LoRaWAN network. Similar mechanisms may be useful to 1403 explore for other LPWAN technologies. 1405 Some applications using LPWANs may raise few or no privacy 1406 considerations. For example, temperature sensors in a large office 1407 building may not raise privacy issues. However, the same sensors, if 1408 deployed in a home environment and especially if triggered due to 1409 human presence, can raise significant privacy issues - if an end- 1410 device emits (an encrypted) packet every time someone enters a room 1411 in a home, then that traffic is privacy sensitive. And the more that 1412 the existence of that traffic is visible to network entities, the 1413 more privacy sensitivities arise. At this point, it is not clear 1414 whether there are workable mitigations for problems like this - in a 1415 more typical network, one would consider defining padding mechanisms 1416 and allowing for cover traffic. In some LPWANs, those mechanisms may 1417 not be feasible. Nonetheless, the privacy challenges do exist and 1418 can be real and so some solutions will be needed. Note that many 1419 aspects of solutions in this space may not be visible in IETF 1420 specifications, but can be e.g. implementation or deployment 1421 specific. 1423 Another challenge for LPWANs will be how to handle key management and 1424 associated protocols. In a more traditional network (e.g. the web), 1425 servers can "staple" OCSP responses in order to allow browsers to 1426 check revocation status for presented certificates. [RFC6961] While 1427 the stapling approach is likely something that would help in an 1428 LPWAN, as it avoids an RTT, certificates and OCSP responses are bulky 1429 items and will prove challenging to handle in LPWANs with bounded 1430 bandwidth. 1432 6. IANA Considerations 1434 There are no IANA considerations related to this memo. 1436 7. Contributors 1438 As stated above this document is mainly a collection of content 1439 developed by the full set of contributors listed below. The main 1440 input documents and their authors were: 1442 o Text for Section 2.1 was provided by Alper Yegin and Stephen 1443 Farrell in [I-D.farrell-lpwan-lora-overview]. 1445 o Text for Section 2.2 was provided by Antti Ratilainen in 1446 [I-D.ratilainen-lpwan-nb-iot]. 1448 o Text for Section 2.3 was provided by Juan Carlos Zuniga and Benoit 1449 Ponsard in [I-D.zuniga-lpwan-sigfox-system-description]. 1451 o Text for Section 2.4 was provided via personal communication from 1452 Bob Heile (bheile@ieee.org) and was authored by Bob and Sum Chin 1453 Sean. There is no Internet draft for that at present. 1455 o Text for Section 4 was provided by Ana Minabiru, Carles Gomez, 1456 Laurent Toutain, Josep Paradells and Jon Crowcroft in 1457 [I-D.minaburo-lpwan-gap-analysis]. Additional text from that 1458 draft is also used elsewhere above. 1460 The full list of contributors are: 1462 Jon Crowcroft 1463 University of Cambridge 1464 JJ Thomson Avenue 1465 Cambridge, CB3 0FD 1466 United Kingdom 1468 Email: jon.crowcroft@cl.cam.ac.uk 1470 Carles Gomez 1471 UPC/i2CAT 1472 C/Esteve Terradas, 7 1473 Castelldefels 08860 1474 Spain 1476 Email: carlesgo@entel.upc.edu 1478 Bob Heile 1479 Wi-Sun Alliance 1480 11 Robert Toner Blvd, Suite 5-301 1481 North Attleboro, MA 02763 1482 USA 1484 Phone: +1-781-929-4832 1485 Email: bheile@ieee.org 1487 Ana Minaburo 1488 Acklio 1489 2bis rue de la Chataigneraie 1490 35510 Cesson-Sevigne Cedex 1491 France 1493 Email: ana@ackl.io 1495 Josep PAradells 1496 UPC/i2CAT 1497 C/Jordi Girona, 1-3 1498 Barcelona 08034 1499 Spain 1501 Email: josep.paradells@entel.upc.edu 1503 Benoit Ponsard 1504 SIGFOX 1505 425 rue Jean Rostand 1506 Labege 31670 1507 France 1509 Email: Benoit.Ponsard@sigfox.com 1510 URI: http://www.sigfox.com/ 1512 Antti Ratilainen 1513 Ericsson 1514 Hirsalantie 11 1515 Jorvas 02420 1516 Finland 1518 Email: antti.ratilainen@ericsson.com 1520 Chin-Sean SUM 1521 Wi-Sun Alliance 1522 20, Science Park Rd 1523 Singapore 117674 1525 Phone: +65 6771 1011 1526 Email: sum@wi-sun.org 1528 Laurent Toutain 1529 Institut MINES TELECOM ; TELECOM Bretagne 1530 2 rue de la Chataigneraie 1531 CS 17607 1532 35576 Cesson-Sevigne Cedex 1533 France 1535 Email: Laurent.Toutain@telecom-bretagne.eu 1537 Alper Yegin 1538 Actility 1539 Paris, Paris 1540 FR 1542 Email: alper.yegin@actility.com 1544 Juan Carlos Zuniga 1545 SIGFOX 1546 425 rue Jean Rostand 1547 Labege 31670 1548 France 1550 Email: JuanCarlos.Zuniga@sigfox.com 1551 URI: http://www.sigfox.com/ 1553 8. Acknowledgments 1555 Thanks to all those listed in Section 7 for the excellent text. 1556 Errors in the handling of that are solely the editor's fault. 1558 In addition to the contributors above, thanks are due to Arun 1559 (arun@acklio.com), Dan Garcia Carrillo, Paul Duffy, Russ Housley, 1560 Thad Guidry, Jiazi Yi, for comments. 1562 Alexander Pelov and Pascal Thubert were the LPWAN WG chairs while 1563 this document was developed. 1565 Stephen Farrell's work on this memo was supported by Pervasive 1566 Nation, the Science Foundation Ireland's CONNECT centre national IoT 1567 network. 1569 9. Informative References 1571 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 1572 DOI 10.17487/RFC0768, August 1980, 1573 . 1575 [RFC1035] Mockapetris, P., "Domain names - implementation and 1576 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 1577 November 1987, . 1579 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1580 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1581 December 1998, . 1583 [RFC2904] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., 1584 Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., and 1585 D. Spence, "AAA Authorization Framework", RFC 2904, 1586 DOI 10.17487/RFC2904, August 2000, 1587 . 1589 [RFC3095] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H., 1590 Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, 1591 K., Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., 1592 Wiebke, T., Yoshimura, T., and H. Zheng, "RObust Header 1593 Compression (ROHC): Framework and four profiles: RTP, UDP, 1594 ESP, and uncompressed", RFC 3095, DOI 10.17487/RFC3095, 1595 July 2001, . 1597 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1598 C., and M. Carney, "Dynamic Host Configuration Protocol 1599 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1600 2003, . 1602 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 1603 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 1604 RFC 3963, DOI 10.17487/RFC3963, January 2005, 1605 . 1607 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1608 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1609 December 2005, . 1611 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1612 Control Message Protocol (ICMPv6) for the Internet 1613 Protocol Version 6 (IPv6) Specification", STD 89, 1614 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1615 . 1617 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1618 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1619 DOI 10.17487/RFC4861, September 2007, 1620 . 1622 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1623 "Transmission of IPv6 Packets over IEEE 802.15.4 1624 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1625 . 1627 [RFC5216] Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS 1628 Authentication Protocol", RFC 5216, DOI 10.17487/RFC5216, 1629 March 2008, . 1631 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1632 (TLS) Protocol Version 1.2", RFC 5246, 1633 DOI 10.17487/RFC5246, August 2008, 1634 . 1636 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1637 Housley, R., and W. Polk, "Internet X.509 Public Key 1638 Infrastructure Certificate and Certificate Revocation List 1639 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 1640 . 1642 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1643 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1644 DOI 10.17487/RFC6282, September 2011, 1645 . 1647 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1648 Bormann, "Neighbor Discovery Optimization for IPv6 over 1649 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1650 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1651 . 1653 [RFC6961] Pettersen, Y., "The Transport Layer Security (TLS) 1654 Multiple Certificate Status Request Extension", RFC 6961, 1655 DOI 10.17487/RFC6961, June 2013, 1656 . 1658 [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained 1659 Application Protocol (CoAP)", RFC 7252, 1660 DOI 10.17487/RFC7252, June 2014, 1661 . 1663 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1664 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1665 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1666 . 1668 [I-D.farrell-lpwan-lora-overview] 1669 Farrell, S. and A. Yegin, "LoRaWAN Overview", draft- 1670 farrell-lpwan-lora-overview-01 (work in progress), October 1671 2016. 1673 [I-D.minaburo-lpwan-gap-analysis] 1674 Minaburo, A., Gomez, C., Toutain, L., Paradells, J., and 1675 J. Crowcroft, "LPWAN Survey and GAP Analysis", draft- 1676 minaburo-lpwan-gap-analysis-02 (work in progress), October 1677 2016. 1679 [I-D.zuniga-lpwan-sigfox-system-description] 1680 Zuniga, J. and B. PONSARD, "SIGFOX System Description", 1681 draft-zuniga-lpwan-sigfox-system-description-03 (work in 1682 progress), June 2017. 1684 [I-D.ratilainen-lpwan-nb-iot] 1685 Ratilainen, A., "NB-IoT characteristics", draft- 1686 ratilainen-lpwan-nb-iot-00 (work in progress), July 2016. 1688 [I-D.garcia-dime-diameter-lorawan] 1689 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1690 "LoRaWAN Authentication in Diameter", draft-garcia-dime- 1691 diameter-lorawan-00 (work in progress), May 2016. 1693 [I-D.garcia-radext-radius-lorawan] 1694 Garcia, D., Lopez, R., Kandasamy, A., and A. Pelov, 1695 "LoRaWAN Authentication in RADIUS", draft-garcia-radext- 1696 radius-lorawan-03 (work in progress), May 2017. 1698 [TGPP36300] 1699 3GPP, "TS 36.300 v13.4.0 Evolved Universal Terrestrial 1700 Radio Access (E-UTRA) and Evolved Universal Terrestrial 1701 Radio Access Network (E-UTRAN); Overall description; Stage 1702 2", 2016, 1703 . 1705 [TGPP36321] 1706 3GPP, "TS 36.321 v13.2.0 Evolved Universal Terrestrial 1707 Radio Access (E-UTRA); Medium Access Control (MAC) 1708 protocol specification", 2016. 1710 [TGPP36322] 1711 3GPP, "TS 36.322 v13.2.0 Evolved Universal Terrestrial 1712 Radio Access (E-UTRA); Radio Link Control (RLC) protocol 1713 specification", 2016. 1715 [TGPP36323] 1716 3GPP, "TS 36.323 v13.2.0 Evolved Universal Terrestrial 1717 Radio Access (E-UTRA); Packet Data Convergence Protocol 1718 (PDCP) specification (Not yet available)", 2016. 1720 [TGPP36331] 1721 3GPP, "TS 36.331 v13.2.0 Evolved Universal Terrestrial 1722 Radio Access (E-UTRA); Radio Resource Control (RRC); 1723 Protocol specification", 2016. 1725 [TGPP36201] 1726 3GPP, "TS 36.201 v13.2.0 - Evolved Universal Terrestrial 1727 Radio Access (E-UTRA); LTE physical layer; General 1728 description", 2016. 1730 [TGPP23720] 1731 3GPP, "TR 23.720 v13.0.0 - Study on architecture 1732 enhancements for Cellular Internet of Things", 2016. 1734 [TGPP33203] 1735 3GPP, "TS 33.203 v13.1.0 - 3G security; Access security 1736 for IP-based services", 2016. 1738 [fcc_ref] "FCC CFR 47 Part 15.247 Telecommunication Radio Frequency 1739 Devices - Operation within the bands 902-928 MHz, 1740 2400-2483.5 MHz, and 5725-5850 MHz.", June 2016. 1742 [etsi_ref] 1743 "ETSI EN 300-220 (Parts 1 and 2): Electromagnetic 1744 compatibility and Radio spectrum Matters (ERM); Short 1745 Range Devices (SRD); Radio equipment to be used in the 25 1746 MHz to 1 000 MHz frequency range with power levels ranging 1747 up to 500 mW", May 2016. 1749 [arib_ref] 1750 "ARIB STD-T108 (Version 1.0): 920MHz-Band Telemeter, 1751 Telecontrol and data transmission radio equipment.", 1752 February 2012. 1754 [LoRaSpec] 1755 LoRa Alliance, "LoRaWAN Specification Version V1.0.2", 1756 July 2016, . 1760 [LoRaSpec1.0] 1761 LoRa Alliance, "LoRaWAN Specification Version V1.0", Jan 1762 2015, . 1765 [ANSI-4957-000] 1766 ANSI, TIA-4957.000, "Architecture Overview for the Smart 1767 Utility Network", May 2013, . 1770 [ANSI-4957-210] 1771 ANSI, TIA-4957.210, "Multi-Hop Delivery Specification of a 1772 Data Link Sub-Layer", May 2013, . 1775 [wisun-pressie1] 1776 Phil Beecher, Chair, Wi-SUN Alliance, "Wi-SUN Alliance 1777 Overview", March 2017, . 1781 [wisun-pressie2] 1782 Bob Heile, Director of Standards, Wi-SUN Alliance, "IETF97 1783 Wi-SUN Alliance Field Area Network (FAN) Overview", 1784 November 2016, 1785 . 1788 [IEEE-802-15-4] 1789 "IEEE Standard for Low-Rate Wireless Personal Area 1790 Networks (WPANs)", IEEE Standard 802.15.4, 2015, 1791 . 1794 [IEEE-802-15-9] 1795 "IEEE Recommended Practice for Transport of Key Management 1796 Protocol (KMP) Datagrams", IEEE Standard 802.15.9, 2016, 1797 . 1800 [etsi_unb] 1801 "ETSI TR 103 435 System Reference document (SRdoc); Short 1802 Range Devices (SRD); Technical characteristics for Ultra 1803 Narrow Band (UNB) SRDs operating in the UHF spectrum below 1804 1 GHz", February 2017. 1806 Appendix A. Changes 1808 A.1. From -00 to -01 1810 o WG have stated they want this to be an RFC. 1812 o WG clearly want to keep the RF details. 1814 o Various changes made to remove/resolve a number of editorial notes 1815 from -00 (in some cases as per suggestions from Ana Minaburo) 1817 o Merged PR's: #1... 1819 o Rejected PR's: #2 (change was made to .txt not .xml but was 1820 replicated manually by editor) 1822 o Github repo is at: https://github.com/sftcd/lpwan-ov 1824 A.2. From -01 to -02 1826 o WG seem to agree with editor suggestions in slides 13-24 of the 1827 presentation on this topic given at IETF98 (See: 1828 https://www.ietf.org/proceedings/98/slides/slides-98-lpwan- 1829 aggregated-slides-07.pdf) 1831 o Got new text wrt Wi-SUN via email from Paul Duffy and merged that 1832 in 1834 o Reflected list discussion wrt terminology and "end-device" 1835 o Merged PR's: #3... 1837 A.3. From -02 to -03 1839 o Editorial changes and typo fixes thanks to Fred Baker running 1840 something called Grammerly and sending me it's report. 1842 o Merged PR's: #4, #6, #7... 1844 o Editor did an editing pass on the lot. 1846 A.4. From -03 to -04 1848 o Picked up a PR that had been wrongly applied that expands UE 1850 o Editorial changes wrt LoRa suggested by Alper 1852 o Editorial changes wrt SIGFOX provided by Juan-Carlos 1854 A.5. From -04 to -05 1856 o Handled Russ Housley's WGLC review. 1858 o Handled Alper Yegin's WGLC review. 1860 A.6. From -05 to -06 1862 o More Alper comments:-) 1864 o Added some more detail about sigfox security. 1866 o Added Wi-SUN changes from Charlie Perkins 1868 Author's Address 1870 Stephen Farrell (editor) 1871 Trinity College Dublin 1872 Dublin 2 1873 Ireland 1875 Phone: +353-1-896-2354 1876 Email: stephen.farrell@cs.tcd.ie