Rough Guide to IETF 100: Internet of Things
The Internet of Things (IoT) is a major buzzword around the Internet industry and the broader technology and innovation business arenas. We are often asked what the IETF is doing in relation to IoT and in this Rough Guide to IETF 100 post I’d like to highlight some of the relevant sessions scheduled during the upcoming IETF 100 meeting in Singapore. Check out the IETF Journal IoT Category, the Internet Society’s IoT page, or the Online Trust Alliance IoT page for more details about many of these topics.
The Thing-to-Thing Research Group (T2TRG) investigates open research issues in turning the IoT into reality. The research group will be holding a half-day joint meeting with the Open Connectivity Foundation (OCF) on the Friday before IETF, and they will also be meeting on Tuesday afternoon in Singapore to report out on their recent activities. Included on the agenda is the upcoming Workshop on Decentralized IoT Security and Standards (DISS). This workshop will be held in conjunction with the Network and Distributed System Security (NDSS) Symposium on 18 February 2018 in San Diego, CA, USA. The DISS workshop will gather researchers and the open standards community together to help address the challenges of IoT Security. The Call For Papers for DISS closes on 8 Dec 2017.
In addition, T2TRG is undertaking ongoing work resulting from the Workshop on IoT Semantic/Hypermedia Interoperability in Prague held last July in conjunction with IETF 99.
The Constrained RESTful Environments (core) WG aims to extend the Web architecture to most constrained networks and embedded devices. This is one of the most active IoT working groups and they will be meeting twice in Singapore, on Monday afternoon and Tuesday afternoon.
The IPv6 over Networks of Resource-constrained Nodes (6lo) WG defines mechanisms to adapt IPv6 to a wide range of radio technologies, including “Bluetooth Low Energy” (RFC 7668), ITU-T G.9959 (as used in Z-Wave, RFC 7428), and the Digital Enhanced Cordless Telecommunications (DECT) Ultra Low Energy (ULE) cordless phone standard and the low-cost wired networking technology Master-Slave/Token-Passing (MS/TP) that is widely used over RS-485 in building automation. There is a very useful Internet Draft recently released, which should prove to be a good reference: IPv6 over Constrained Node Networks (6lo) Applicability & Use cases. They will be meeting on Thursday afternoon in Singapore.
The IPv6 over the TSCH mode of IEEE 802.15.4e (6tisch) WG was chartered in 2014 to enable IPv6 for the Time-Slotted Channel Hopping (TSCH) mode that was recently added to IEEE 802.15.4 networks. The 6top Protocol is defined in a recently revised Internet Draft, as a Proposed Standard. They are meeting on Monday afternoon in Singapore.
The IPv6 over Low Power Wide-Area Networks (lpwan) WG will be meeting in Singapore on Monday morning. Typical LPWANs provide low-rate connectivity to vast numbers of battery-powered devices over distances that may span tens of miles, using license-exempt bands. There is a recently-published LPWAN Overview.
The IP Wireless Access in Vehicular Environments (ipwave) WG‘s primary deliverable is a specification for mechanisms to transmit IPv6 datagrams over IEEE 802.11-OCB mode. For more about this very timely topic, there is a recently released Internet Draft: IP-based Vehicular Networking: Use Cases, Survey and Problem Statement. IPWAVE will meet on Monday afternoon in Singapore.
Security for IoT is addressed in several WGs including the Authentication and Authorization for Constrained Environments (ace) WG that is concerned with, as its name suggests, authentication and authorization mechanisms in constrained environments, where network nodes are limited in CPU, memory and power. The proposed standard is the subject of a recently-released Internet Draft. ACE will meet on Tuesday morning.
Routing for IoT is tackled by the Routing Over Low power and Lossy networks (roll) WG which focuses on routing protocols for constrained-node networks. Wednesday afternoon is the time for them to meet in Singapore.
Software Updates for Internet of Things (suit) (formerly known as FUD – Firmware Updating Description) – this nascent working group will hold a BoF on Monday afternoon. This is a very interesting WG that I am very pleased to see spinning up, tackling a very challenging and important problem. There are four Internet Drafts that provide a good overview. From the draft charter:
Vulnerabilities in Internet of Things (IoT) devices have raised the need for a secure firmware update mechanism that is also suitable for constrained devices. Security experts, researchers, and regulators recommend that all IoT devices be equipped with such a mechanism. While there are many proprietary firmware update mechanisms in use today, there is a lack of a modern interoperable approach of securely updating the software in IoT devices.
Finally, in addition to the new protocols and other mechanisms developed by IETF working groups, IoT developers often benefit from additional guidance for efficient implementation techniques and other considerations. The Lightweight Implementation Guidance (lwig) WG is developing such documents and they will meet in Singapore on Wednesday morning. The recently published Internet Draft CoAP Implementation Guidance should be a good resource.
I also want to draw your attention to a very interesting (Standards Track) Internet Draft being discussed in the Operations and Management Area Working Group (opsawg), which seems to hold promise, and which appears to be gaining some serious traction: “Manufacturer Usage Description Specification“ (MUD). From the abstract: This memo specifies a component-based architecture for manufacturer usage descriptions (MUD). The goal of MUD is to provide a means for Things to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control. Later work can delve into other aspects. The opsawg meeting will be held on Tuesday afternoon.
MUD plays a significant role in the draft project description – Mitigating IoT-Based Automated Distributed Threats – being developed by the US National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE).
If you have an interest in how the IoT is developing and being standardized in the IETF, I hope to see you in person or online at some of these meetings during IETF 100. (Note that if you will be unable to travel to the meeting and would like to participate remotely, you must register as a remote participant. There is no fee to be a remote participant at an IETF meeting, but registration is required. If you do not want to register, you may opt to listen to the live audio stream of the sessions instead.)
Related Working Groups at IETF 100
There’s a lot going on in Singapore, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Society Blog, Twitter, Facebook, or see https://www.internetsociety.org/events/ietf/ietf-100/.