CS6014 - IoT and Smart Appliances

RPL:IPv6 Routing Protocol for Low Power and Lossy Networks

Prepared by
Dr. S. Chithra,
ASP/DCT,
Anna University, MIT Campus

CS6014 IoT and Smart Appliances Module 4 1

Course Objectives and Outcomes

CS6014 IoT and Smart Appliances 2

Text Book and Ref Books

CS6014 IoT and Smart Appliances 3

 Evaluation

• Over the last years WSNs have become a very

important and challenging research field.

• There are cases where a network can only achieve

approximately the half of the throughput of the
corresponding lossless network.

• Lossy links effect the power consumption due to packet

retransmissions and broadcasting.
Evaluation (cont..)
• Such LLNs are additionally characterized by connections
that are not restricted to two endpoints.

• The Internet Engineering Task Force (IETF) ROLL Working

Group designed a new routing protocol, called RPL.

• Intuitively, tree structure is formed with root of the tree at

the A

• The highest goal of RPL is to provide efficient routing paths

for P2MP and MP2P traffic patters in LLNs.
 Introduction of RPL

1. What is low power/Lossy network? How does that

relate to IoT?
2. What is RPL and how does it work?
3. What are some applicability examples?
 Introduction of RPL

1. What is low power/Lossy network? How does that

relate to IoT?
2. What is RPL and how does it work?
3. What are some applicability examples?
 Constrained Node:
• A node where some of the characteristics that are
otherwise pretty much taken for granted for Internet
nodes in 2013 are not attainable, often due to cost
constraints and/or physical constraints on
characteristics such as size, weight, and available
power.
 Constrained Network
A network where some of the characteristics pretty much
taken for granted with link layers in common use in the
Internet at the time of writing are not attainable.
Constraints may include:
• low achievable bit rate
• high packet loss and variability of packet loss
(delivery rate),
• severe penalties for using larger packets (e.g., high
packet loss due to link layer fragmentation),
• lack of (or severe constraints on) advanced services
such as IP multicast.
 Constrained Node Network
• A network whose characteristics are influenced by
being composed of a significant portion of
constrained nodes.

• A constrained node network always is a constrained

network because of the network constraints stemming
from the node constraints, but may also have other
constraints that already make it a constrained
network.
 LLN: Low-Power and Lossy Network

• “LLN: Low-Power and Lossy Network. Typically composed of many

embedded devices with limited power, memory, and processing resources
interconnected by a variety of links, such as IEEE 802.15.4 or low-power
Wi-Fi.
• There is a wide scope of application areas for LLNs, including industrial
monitoring, building automation (heating, ventilation, and air conditioning
(HVAC), llighting, access control, fire),” RFC 7228

IPv6 over Low power WPAN(6Lowpan)

Internet
6LBR
(6LowPAN border router )
6LR
(6LowPAN router ) 6LN
(6LowPAN Node )
 Introduction of RPL

1. What is low power/Lossy network? How does that

relate to IoT?
2. What is RPL and how does it work?
3. What are some applicability examples?
 RPL
• RPL is a distance-vector protocol and a source
routing protocol that is designed to operate on top of
several link layer mechanisms.

• Dynamic rate of control message dispatch based on

network consistency and addressing topology
changes only when data packets have to be sent.

• RPL forms the DODAG(Destination Oriented

Directed Acyclic Graph)tree, which contain only 1
root. the root node is also called sink node.
 RPL Terminology
• DAG(Directed Acyclic Graph)
• DAG root
• DODAG (Destination-Oriented DAG)
• DODAG root
• Rank
• OF (Objective Function)
• RPL Instance
• RPL Instance ID
• DODAGID
• Sub-DODAG
• DIO (DODAG Information Object)
• DAO (Destination Advertisement Object)
• DIS (DODAG Information Solicitation)
 DoDAG
DODAG root

DAG(Directed Acyclic Graph) DODAG(Destination Oriented

Directed Acyclic Graph)

A DAG rooted at a single destination at a single DAG root (DODAG root) with no
outgoing edges
 RPL Idendifier

•Unique Identifier (RPL InstanceID, DODAGID, version Number)

•All DODAGs is same RPL INSTANCE use the same OF(Object Function)
A RPL Instance is a set of one or more DODAGs that share a RPLInstanceID.
(RPL Instance #1,
RPL Instance #1 DODAGID #2,version #1)

R1 R2 R3

(RPL Instance #1,

D F G H DODAGID #3,
A B C version #1)
E
DODAGID #1 DODAGID #3
DODAGID #2

DODAGID #1
R1 R2

A (RPL Instance #1,

C DODAGID #1,
A B C
B version #2)
version #1 version #2
 RPL control messages
DODAGVersionNumber A DODAGVersion is a specific iteration of a DODAG with a given
DODAGID A DODAGVersionNumber Is a sequential counter that is incremented by the
root to form a new version
DIO
DAO

DIO Rank=1
DIO
DAO
A B DIO
DIO Rank=2
DIO DAO
DAO DAO
C D E
DIO Rank=3
DIO DAO
DIO DIO DAO DIO
DAO DODAG
F G H I

RPLInstanceID is a unique identifier within a network. DODAGs with the same

RPLInstanceID share the same Function (OF) used to compute the position of node in
the DODAG .
 Grounded and Floating DODAG

• A grounded DODAG offers connectivity to hosts that

are required for satisfying the application goal

• A floating DODAG is not expected to satisfy the

goal, it only provides routes to nodes within the
DODAG. e.g, provide interconnectivity during repair
 Goal
• The Goal is an application-specific goal that is
defined outside the scope of RPL. Any node that roots
a DODAG will need to know about this Goal to
decide whether or not the Goal can be satisfied.

• A typical Goal is to construct the DODAG according

to a specific Objective Function and to keep
connectivity to a set of hosts (e.g., to use an Objective
Function that minimizes a metric and is connected to
a specific database host to store the collected data).
 Storing and Non-Storing Mode-of-Operation

• A storing LLN keeps a downward routing table at each

node.
traffic travels only as far as common parent.
storing mode limited by size of routing table
o nodes with lower rank, have bigger tables!
o protocol fails when any table is full.
• A non-storing LLN sends all traffic to root. Root uses
source routes to send traffic to leafs.
 limited by ram of DODAG root/6LBR, but usually non- constrained device
requires more bits on wire, which often is more expensive(energy wise) than
more ram, or compute cycles.
Storing and Non-Storing mode
 Routing Loop
• The formation of routing loops is a common problem in
all kinds of networks.
• RPL define two mechanisms to solve this problem.
1) Avoidance Mechanisms ETX=1
2) Detection Mechanisms ETX=2

1 1

2 3 2 3

4 5 4 5

Loop Creation
 Avoidance Mechanisms
1. RPL node does not process DIO messages from nodes deeper (higher Rank) than
itself.
2. RPL specification suggests that a node must never advertise within a DODAG
Version a Rank higher than RankLowest + RankMaxInc.
• RankLowest is the lowest Rank the node has advertised within a DODAG
Version.
• RankMaxInc is a predefined constant received via a DIO.

Rank=0
1
Rank=1<1+1

2 3
Rank=2=1+1

4 3

Rank=3>1+1
3
 Detection Mechanisms
• RPL loop detection uses additional information that is transported
in the data packets.
• It places a RPL Packet Information in the IPv6 option field which
is updated and examined on each hop.
• There are five control fields within the RPL Packet Information.
1. The packet is sent in a upward or downward direction.
2. Reports if a Rank mismatch has been detected.
3. Report a error field by a child node.
4. The Rank of the sender.
5. The RPL Instance ID.
 Node Metric/Constraint Objects
• Node State and Attribute Object
− Propose to reflect Node workload (CPU, Memory, etc)
• Node Energy Object
− Constraint
− three types of power sources: "powered", "battery", and
"scavenger"
• Hop Count Object
− Can be used as metric or constraint
− Constraint: max number of hops can be traversed
− Metric: total number of hops traversed
 Link Metric/Constraint Objects

• Throughput Object:
− Currently available throughput (Bytes per second)
• Latency:
− Can be used as a metric or constraint
− Constraint: Max latency allowable on path
Metric: aditive metric updated along path
• Link Reability:
− Link Quality Level Reliability (LQL): 0=Unknown,
1=High, 2=Medium, 3=Low
− Expected Transmission Count (ETX) (Average
number of TX to deliver a packet)
• Link Colour:
− Metric or constraint, arbitrary admin value
 Introduction of RPL

1. What is low power/Lossy network? How does that

relate to IoT?
2. What is RPL and how does it work?
3. What are some applicability examples?
 RPL Implementations
• Open source
 ContikiRPL
→https://github.com/contikios/contiki/tree/master/core/net/rpl
TinyRPL
→https://github.com/tinyos/tinyosmain/tree/master/tos/lib/net/rpl
Unstrung → http://unstrung.sandelman.ca/
 IEEE 802.15.4 - Security

• IEEE 802.15.4 uses Advanced Encryption Standard (AES) with a 128-

bit key length as the base encryption algorithm for securing its data and
also validates the data that is sent
– Validation is accomplished by a message integrity code (MIC), which
is calculated for the entire frame using the same AES key that is used
for encryption.
– AES is a block cipher, which means it operates on fixed-size blocks of
data.

02:36 PM 29
 IEEE 802.15.4 - Security

02:36 PM 30
 IEEE 802.15.4 - Security

• Security features of 802.15.4 slightly and consumes some of the payload.

• Using the Security Enabled field in the Frame Control portion of the
802.15.4 header is the first step to enabling AES encryption.
– This field is a single bit that is set to 1 for security.
– Once this bit is set, a field called the Auxiliary Security Header is
created after the Source Address field, by stealing some bytes from the
Payload field.

02:36 PM 31
 IEEE 802.15.4g and 802.15.4e
Security

• Encryption is provided by AES

02:36 PM 32
 IEEE 802.15.4g and 802.15.4e
Security
• The full frame in Figure gets authenticated through the
MIC at the end of frame.
– The MIC is a unique value that is calculated based on the frame
contents.
• The Security Header
– Is composed of the Auxiliary Security field and one or more
Information Elements fields.
– Integration of the Information Elements fields allows for the
adoption of additional security capabilities, such as the IEEE
802.15.9 Key Management Protocol (KMP) specification.
• KMP provides a means for establishing keys for robust datagram security. Without key
management support, weak keys are often the result, leaving the security system open to
attack.

02:36 PM 33
 IEEE 1901.2a
Security
• Security offers similar features to IEEE 802.15.4g
• These differences are mostly tied to the PHY layer fragmentation
capabilities of IEEE 1901.2a and include the following:
• The Security Enabled bit in the Frame Control field should be set in all
MAC frames carrying segments of an encrypted frame.
• If data encryption is required, it should be done before packet
segmentation. During packet encryption, the Segment Control field should
not be included in the input to the encryption algorithm.
• On the receiver side, the data decryption is done after packet reassembly.
• When security is enabled, the MAC payload is composed of the ciphered
payload and the message integrity code (MIC) authentication tag for non-
segmented payloads. If the payload is segmented, the MIC is part of the
last packet (segment) only. The MIC authentication is computed using only
information from the MHR of the frame carrying the first segment.

02:36 PM 34
 IEEE 802.11ah
Security

• This include IEEE 802.15.4, IEEE 802.15.4e,

and IEEE 1901.2a, and the security
information for them is also applicable to IEEE
802.11ah.

02:36 PM 35
 LoRaWAN
Security

02:36 PM 36
 LoRaWAN
Security

• LoRaWAN endpoints must implement two

layers of security,
– Protecting communications
– Data privacy across the network.

02:36 PM 37
 LoRaWAN
Security
• Protecting communications
– Also called “network security” but applied at the MAC
layer,
– guarantees the authentication of the endpoints by the
LoRaWAN network server.
– It protects LoRaWAN packets by performing encryption
based on AES.
– Each endpoint implements a network session key
(NwkSKey), used by both itself and the LoRaWAN network
server.
• The NwkSKey ensures data integrity through computing and checking the MIC of every
data message as well as encrypting and decrypting MAC-only data message payloads.

02:36 PM 38
 LoRaWAN
Security

• Data privacy :
– An application session key (AppSKey), which performs
encryption and decryption functions between the
endpoint and its application server.
– It computes and checks the application-level MIC, if
included.
• This ensures that the LoRaWAN service provider does not have access to the
application payload if it is not allowed that access.
– Endpoints receive their AES-128 application key
(AppKey) from the application owner.
• This key is most likely derived from an application-specific root key exclusively
known to and under the control of the application provider.

02:36 PM 39
 LoRaWAN
Security
• LoRaWAN endpoints attached to a LoRaWAN network
must get registered and authenticated.
• This can be achieved through one of the two join
mechanisms:
• Activation by personalization (ABP):
• Endpoints don’t need to run a join procedure as their individual details, including DevAddr and
the NwkSKey and AppSKey session keys, are preconfigured and stored in the end device. This
same information is registered in the LoRaWAN network server.
• Over-the-air activation (OTAA):
• Endpoints are allowed to dynamically join a particular LoRaWAN network after successfully
going through a join procedure. The join procedure must be done every time a session context is
renewed. During the join process, which involves the sending and receiving of MAC layer join
request and join accept messages, the node establishes its credentials with a LoRaWAN network
server, exchanging its globally unique DevEUI, AppEUI, and AppKey. The AppKey is then used to
derive the session NwkSKey and AppSKey keys.

02:36 PM 40