summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc5826.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc5826.txt')
-rw-r--r--doc/rfc/rfc5826.txt955
1 files changed, 955 insertions, 0 deletions
diff --git a/doc/rfc/rfc5826.txt b/doc/rfc/rfc5826.txt
new file mode 100644
index 0000000..10b48b9
--- /dev/null
+++ b/doc/rfc/rfc5826.txt
@@ -0,0 +1,955 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF) A. Brandt
+Request for Comments: 5826 J. Buron
+Category: Informational Sigma Designs, Inc.
+ISSN: 2070-1721 G. Porcu
+ Telecom Italia
+ April 2010
+
+
+ Home Automation Routing Requirements in Low-Power and Lossy Networks
+
+Abstract
+
+ This document presents requirements specific to home control and
+ automation applications for Routing Over Low power and Lossy (ROLL)
+ networks. In the near future, many homes will contain high numbers
+ of wireless devices for a wide set of purposes. Examples include
+ actuators (relay, light dimmer, heating valve), sensors (wall switch,
+ water leak, blood pressure), and advanced controllers (radio-
+ frequency-based AV remote control, central server for light and heat
+ control). Because such devices only cover a limited radio range,
+ routing is often required. The aim of this document is to specify
+ the routing requirements for networks comprising such constrained
+ devices in a home-control and automation environment.
+
+Status of This Memo
+
+ This document is not an Internet Standards Track specification; it is
+ published for informational purposes.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Not all documents
+ approved by the IESG are a candidate for any level of Internet
+ Standard; see Section 2 of RFC 5741.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ http://www.rfc-editor.org/info/rfc5286.
+
+
+
+
+
+
+
+
+
+
+
+
+Brandt, et al. Informational [Page 1]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+Copyright Notice
+
+ Copyright (c) 2010 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+ This document may contain material from IETF Documents or IETF
+ Contributions published or made publicly available before November
+ 10, 2008. The person(s) controlling the copyright in some of this
+ material may not have granted the IETF Trust the right to allow
+ modifications of such material outside the IETF Standards Process.
+ Without obtaining an adequate license from the person(s) controlling
+ the copyright in such materials, this document may not be modified
+ outside the IETF Standards Process, and derivative works of it may
+ not be created outside the IETF Standards Process, except to format
+ it for publication as an RFC or to translate it into languages other
+ than English.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Brandt, et al. Informational [Page 2]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+Table of Contents
+
+ 1. Introduction ....................................................3
+ 1.1. Terminology ................................................4
+ 1.2. Requirements Language ......................................6
+ 2. Home Automation Applications ....................................6
+ 2.1. Lighting Application in Action .............................6
+ 2.2. Energy Conservation and Optimizing Energy Consumption ......6
+ 2.3. Moving a Remote Control Around .............................7
+ 2.4. Adding a New Module to the System ..........................7
+ 2.5. Controlling Battery-Operated Window Shades .................8
+ 2.6. Remote Video Surveillance ..................................8
+ 2.7. Healthcare .................................................9
+ 2.7.1. At-Home Health Reporting ...........................10
+ 2.7.2. At-Home Health Monitoring ..........................10
+ 2.8. Alarm Systems .............................................10
+ 3. Unique Routing Requirements of Home Automation Applications ....11
+ 3.1. Constraint-Based Routing ..................................12
+ 3.2. Support of Mobility .......................................12
+ 3.3. Scalability ...............................................13
+ 3.4. Convergence Time ..........................................13
+ 3.5. Manageability .............................................14
+ 3.6. Stability .................................................14
+ 4. Traffic Pattern ................................................14
+ 5. Security Considerations ........................................15
+ 6. Acknowledgments ................................................16
+ 7. References .....................................................16
+ 7.1. Normative References ......................................16
+ 7.2. Informative References ....................................17
+
+1. Introduction
+
+ This document presents requirements specific to home control and
+ automation applications for Routing Over Low power and Lossy (ROLL)
+ networks. In the near future, many homes will contain high numbers
+ of wireless devices for a wide set of purposes. Examples include
+ actuators (relay, light dimmer, heating valve), sensors (wall switch,
+ water leak, blood pressure), and advanced controllers. Basic home-
+ control modules such as wall switches and plug-in modules may be
+ turned into an advanced home automation solution via the use of an
+ IP-enabled application responding to events generated by wall
+ switches, motion sensors, light sensors, rain sensors, and so on.
+
+ Network nodes may be sensors and actuators at the same time. An
+ example is a wall switch for replacement in existing homes. The push
+ buttons may generate events for a controller node or for activating
+ other actuator nodes. At the same time, a built-in relay may act as
+ actuator for a controller or other remote sensors.
+
+
+
+Brandt, et al. Informational [Page 3]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ Because ROLL nodes only cover a limited radio range, routing is often
+ required. These devices are usually highly constrained in terms of
+ resources such as battery and memory and operate in unstable
+ environments. Persons moving around in a house, opening or closing a
+ door, or starting a microwave oven affect the reception of weak radio
+ signals. Reflection and absorption may cause a reliable radio link
+ to turn unreliable for a period of time and then become reusable
+ again, thus the term "lossy". All traffic in a ROLL network is
+ carried as IPv6 packets.
+
+ The connected home area is very much consumer oriented. The
+ implication on network nodes is that devices are very cost sensitive,
+ which leads to resource-constrained environments having slow CPUs and
+ small memory footprints. At the same time, nodes have to be
+ physically small, which puts a limit to the physical size of the
+ battery, and thus, the battery capacity. As a result, it is common
+ for battery-operated, sensor-style nodes to shut down radio and CPU
+ resources for most of the time. The radio tends to use the same
+ power for listening as for transmitting.
+
+ Although this document focuses its text on radio-based wireless
+ networks, home-automation networks may also operate using a variety
+ of links, such as IEEE 802.15.4, Bluetooth, Low-Power WiFi, wired or
+ other low-power PLC (Power-Line Communication) links. Many such low-
+ power link technologies share similar characteristics with low-power
+ wireless and this document should be regarded as applying equally to
+ all such links.
+
+ Section 2 describes a few typical use cases for home automation
+ applications. Section 3 discusses the routing requirements for
+ networks comprising such constrained devices in a home network
+ environment. These requirements may be overlapping requirements
+ derived from other application-specific routing requirements
+ presented in [BUILDING-REQS], [RFC5673], and [RFC5548].
+
+ A full list of requirements documents may be found in Section 7.
+
+1.1. Terminology
+
+ ROLL: Routing Over Low-power and Lossy networks. A ROLL
+ node may be classified as a sensor, actuator, or
+ controller.
+
+ Actuator: Network node that performs some physical action.
+ Dimmers and relays are examples of actuators. If
+ sufficiently powered, actuator nodes may participate
+ in routing network messages.
+
+
+
+
+Brandt, et al. Informational [Page 4]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ Border router: Infrastructure device that connects a ROLL network to
+ the Internet or some backbone network.
+
+ Channel: Radio frequency band used to carry network packets.
+
+ Controller: Network node that controls actuators. Control
+ decisions may be based on sensor readings, sensor
+ events, scheduled actions, or incoming commands from
+ the Internet or other backbone networks. If
+ sufficiently powered, controller nodes may participate
+ in routing network messages.
+
+ Downstream: Data direction traveling from a Local Area Network
+ (LAN) to a Personal Area Network (PAN) device.
+
+ DR: Demand-Response. The mechanism of users adjusting
+ their power consumption in response to the actual
+ pricing of power.
+
+ DSM: Demand-Side Management. Process allowing power
+ utilities to enable and disable loads in consumer
+ premises. Where DR relies on voluntary action from
+ users, DSM may be based on enrollment in a formal
+ program.
+
+ LLNs: Low-Power and Lossy Networks.
+
+ LAN: Local Area Network.
+
+ PAN: Personal Area Network. A geographically limited
+ wireless network based on, e.g., 802.15.4 or Z-Wave
+ radio.
+
+ PDA Personal Digital Assistant. A small, handheld
+ computer.
+
+ PLC Power-Line Communication.
+
+ RAM Random Access Memory.
+
+ Sensor: Network node that measures some physical parameter
+ and/or detects an event. The sensor may generate a
+ trap message to notify a controller or directly
+ activate an actuator. If sufficiently powered, sensor
+ nodes may participate in routing network messages.
+
+ Upstream: Data direction traveling from a PAN to a LAN device.
+
+
+
+
+Brandt, et al. Informational [Page 5]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ Refer to the ROLL terminology reference document [ROLL-TERM] for a
+ full list of terms used in the IETF ROLL WG.
+
+1.2. Requirements Language
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+ document are to be interpreted as described in RFC 2119 [RFC2119].
+
+2. Home Automation Applications
+
+ Home automation applications represent a special segment of networked
+ devices with its unique set of requirements. Historically, such
+ applications used wired networks or power-line communication (PLC)
+ but wireless solutions have emerged, allowing existing homes to be
+ upgraded more easily.
+
+ To facilitate the requirements discussion in Section 3, this section
+ lists a few typical use cases of home automation applications. New
+ applications are being developed at a high pace and this section does
+ not mean to be exhaustive. Most home automation applications tend to
+ be running some kind of command/response protocol. The command may
+ come from several places.
+
+2.1. Lighting Application in Action
+
+ A lamp may be turned on, not only by a wall switch but also by a
+ movement sensor. The wall-switch module may itself be a push-button
+ sensor and an actuator at the same time. This will often be the case
+ when upgrading existing homes as existing wiring is not prepared for
+ automation.
+
+ One event may cause many actuators to be activated at the same time.
+
+ Using the direct analogy to an electronic car key, a house owner may
+ activate the "leaving home" function from an electronic house key,
+ mobile phone, etc. For the sake of visual impression, all lights
+ should turn off at the same time; at least, it should appear to
+ happen at the same time.
+
+2.2. Energy Conservation and Optimizing Energy Consumption
+
+ In order to save energy, air conditioning, central heating, window
+ shades, etc., may be controlled by timers, motion sensors, or
+ remotely via Internet or cell. Central heating may also be set to a
+ reduced temperature during nighttime.
+
+
+
+
+
+Brandt, et al. Informational [Page 6]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ The power grid may experience periods where more wind-generated power
+ is produced than is needed. Typically this may happen during night
+ hours.
+
+ In periods where electricity demands exceed available supply,
+ appliances such as air conditioning, climate-control systems, washing
+ machines, etc., can be turned off to avoid overloading the power
+ grid.
+
+ This is known as Demand-Side Management (DSM). Remote control of
+ household appliances is well-suited for this application.
+
+ The start/stop decision for the appliances can also be regulated by
+ dynamic power pricing information obtained from the electricity
+ utility companies. This method, called Demand-Response (DR), works
+ by motivation of users via pricing, bonus points, etc. For example,
+ the washing machine and dish washer may just as well work while power
+ is cheap. The electric car should also charge its batteries on cheap
+ power.
+
+ In order to achieve effective electricity savings, the energy
+ monitoring application must guarantee that the power consumption of
+ the ROLL devices is much lower than that of the appliance itself.
+
+ Most of these appliances are mains powered and are thus ideal for
+ providing reliable, always-on routing resources. Battery-powered
+ nodes, by comparison, are constrained routing resources and may only
+ provide reliable routing under some circumstances.
+
+2.3. Moving a Remote Control Around
+
+ A remote control is a typical example of a mobile device in a home
+ automation network. An advanced remote control may be used for
+ dimming the light in the dining room while eating and later on,
+ turning up the music while doing the dishes in the kitchen. Reaction
+ must appear to be instant (within a few hundred milliseconds) even
+ when the remote control has moved to a new location. The remote
+ control may be communicating to either a central home automation
+ controller or directly to the lamps and the media center.
+
+2.4. Adding a New Module to the System
+
+ Small-size, low-cost modules may have no user interface except for a
+ single button. Thus, an automated inclusion process is needed for
+ controllers to find new modules. Inclusion covers the detection of
+ neighbors and the assignment of a unique node ID. Inclusion should
+ be completed within a few seconds.
+
+
+
+
+Brandt, et al. Informational [Page 7]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ For ease of use in a consumer application space such as home control,
+ nodes may be included without having to type in special codes before
+ inclusion. One way to achieve an acceptable balance between security
+ and convenience is to block inclusion during normal operation,
+ explicitly enable inclusion support just before adding a new module,
+ and disable it again just after adding a new module.
+
+ For security considerations, refer to Section 5.
+
+ If assignment of unique addresses is performed by a central
+ controller, it must be possible to route the inclusion request from
+ the joining node to the central controller before the joining node
+ has been included in the network.
+
+2.5. Controlling Battery-Operated Window Shades
+
+ In consumer premises, window shades are often battery-powered as
+ there is no access to mains power over the windows. For battery
+ conservation purposes, such an actuator node is sleeping most of the
+ time. A controller sending commands to a sleeping actuator node via
+ ROLL devices will have no problems delivering the packet to the
+ nearest powered router, but that router may experience a delay until
+ the next wake-up time before the command can be delivered.
+
+2.6. Remote Video Surveillance
+
+ Remote video surveillance is a fairly classic application for home
+ networking. It provides the ability for the end-user to get a video
+ stream from a web cam reached via the Internet. The video stream may
+ be triggered by the end-user after receiving an alarm from a sensor
+ (movement or smoke detector) or the user simply wants to check the
+ home status via video.
+
+ Note that in the former case, more than likely, there will be a form
+ of inter-device communication: upon detecting some movement in the
+ home, the movement sensor may send a request to the light controller
+ to turn on the lights, to the Web Cam to start a video stream that
+ would then be directed to the end-user's cell phone or Personal
+ Digital Assistant (PDA) via the Internet.
+
+ In contrast to other applications, e.g., industrial sensors, where
+ data would mainly be originated by a sensor to a sink and vice versa,
+ this scenario implicates a direct inter-device communication between
+ ROLL devices.
+
+
+
+
+
+
+
+Brandt, et al. Informational [Page 8]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+2.7. Healthcare
+
+ By adding communication capability to devices, patients and elderly
+ citizens may be able to do simple measurements at home.
+
+ Thanks to online devices, a doctor can keep an eye on the patient's
+ health and receive warnings if a new trend is discovered by automated
+ filters.
+
+ Fine-grained, daily measurements presented in proper ways may allow
+ the doctor to establish a more precise diagnosis.
+
+ Such applications may be realized as wearable products that
+ frequently do a measurement and automatically deliver the result to a
+ data sink locally or over the Internet.
+
+ Applications falling in this category are referred to as at-home
+ health reporting. Whether measurements are done in a fixed interval
+ or they are manually activated, they leave all processing to the
+ receiving data sink.
+
+ A more active category of applications may send an alarm if some
+ alarm condition is triggered. This category of applications is
+ referred to as at-home health monitoring. Measurements are
+ interpreted in the device and may cause reporting of an event if an
+ alarm is triggered.
+
+ Many implementations may overlap both categories.
+
+ Since wireless and battery operated systems may never reach 100%
+ guaranteed operational time, healthcare and security systems will
+ need a management layer implementing alarm mechanisms for low
+ battery, report activity, etc.
+
+ For instance, if a blood pressure sensor did not report a new
+ measurement, say five minutes after the scheduled time, some
+ responsible person must be notified.
+
+ The structure and performance of such a management layer is outside
+ the scope of the routing requirements listed in this document.
+
+
+
+
+
+
+
+
+
+
+
+Brandt, et al. Informational [Page 9]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+2.7.1. At-Home Health Reporting
+
+ Applications might include:
+
+ o Temperature
+ o Weight
+ o Blood pressure
+ o Insulin level
+
+ Measurements may be stored for long-term statistics. At the same
+ time, a critically high blood pressure may cause the generation of an
+ alarm report. Refer to Section 2.7.2.
+
+ To avoid a high number of request messages, nodes may be configured
+ to autonomously do a measurement and send a report in intervals.
+
+2.7.2. At-Home Health Monitoring
+
+ An alarm event may become active, e.g., if the measured blood
+ pressure exceeds a threshold or if a person falls to the ground.
+ Alarm conditions must be reported with the highest priority and
+ timeliness.
+
+ Applications might include:
+
+ o Temperature
+ o Weight
+ o Blood pressure
+ o Insulin level
+ o Electrocardiogram (ECG)
+ o Position tracker
+
+2.8. Alarm Systems
+
+ A home security alarm system is comprised of various sensors
+ (vibration, fire, carbon monoxide, door/window, glass-break,
+ presence, panic button, etc.).
+
+ Some smoke alarms are battery powered and at the same time mounted in
+ a high place. Battery-powered safety devices should only be used for
+ routing if no other alternatives exist to avoid draining the battery.
+ A smoke alarm with a drained battery does not provide a lot of
+ safety. Also, it may be inconvenient to change the batteries in a
+ smoke alarm.
+
+
+
+
+
+
+
+Brandt, et al. Informational [Page 10]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ Alarm system applications may have both a synchronous and an
+ asynchronous behavior; i.e., they may be periodically queried by a
+ central control application (e.g., for a periodical refreshment of
+ the network state) or send a message to the control application on
+ their own initiative.
+
+ When a node (or a group of nodes) identifies a risk situation (e.g.,
+ intrusion, smoke, fire), it sends an alarm message to a central
+ controller that could autonomously forward it via the Internet or
+ interact with other network nodes (e.g., try to obtain more detailed
+ information or ask other nodes close to the alarm event).
+
+ Finally, routing via battery-powered nodes may be very slow if the
+ nodes are sleeping most of the time (they could appear unresponsive
+ to the alarm detection). To ensure fast message delivery and avoid
+ battery drain, routing should be avoided via sleeping devices.
+
+3. Unique Routing Requirements of Home Automation Applications
+
+ Home automation applications have a number of specific routing
+ requirements related to the set of home networking applications and
+ the perceived operation of the system.
+
+ The relations of use cases to requirements are outlined in the table
+ below:
+
+ +------------------------------+-----------------------------+
+ | Use case | Requirement |
+ +------------------------------+-----------------------------+
+ |2.1. Lighting Application in |3.2. Support of Mobility |
+ |Action |3.3. Scalability |
+ +------------------------------+-----------------------------+
+ |2.2. Energy Conservation and |3.1. Constraint-Based Routing|
+ |Optimizing Energy Consumption | |
+ +------------------------------+-----------------------------+
+ |2.3. Moving a Remote Control |3.2. Support of Mobility |
+ |Around |3.4. Convergence Time |
+ +------------------------------+-----------------------------+
+ |2.4. Adding a New Module to |3.4. Convergence Time |
+ |the System |3.5. Manageability |
+ +------------------------------+-----------------------------+
+ |2.7. Healthcare |3.1. Constraint-Based Routing|
+ | |3.2. Support of Mobility |
+ | |3.4. Convergence Time |
+ +------------------------------+-----------------------------+
+ |2.8. Alarm Systems |3.3. Scalability |
+ | |3.4. Convergence Time |
+ +------------------------------+-----------------------------+
+
+
+
+Brandt, et al. Informational [Page 11]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+3.1. Constraint-Based Routing
+
+ For convenience and low-operational costs, power consumption of
+ consumer products must be kept at a very low level to achieve a long
+ battery lifetime. One implication of this fact is that Random Access
+ Memory (RAM) is limited and it may even be powered down, leaving only
+ a few 100 bytes of RAM alive during the sleep phase.
+
+ The use of battery-powered devices reduces installation costs and
+ does enable installation of devices even where main power lines are
+ not available. On the other hand, in order to be cost effective and
+ efficient, the devices have to maximize the sleep phase with a duty
+ cycle lower than 1%.
+
+ Some devices only wake up in response to an event, e.g., a push
+ button.
+
+ Simple battery-powered nodes such as movement sensors on garage doors
+ and rain sensors may not be able to assist in routing. Depending on
+ the node type, the node never listens at all, listens rarely, or
+ makes contact on demand to a pre-configured target node. Attempting
+ to communicate with such nodes may at best require a long time before
+ getting a response.
+
+ Other battery-powered nodes may have the capability to participate in
+ routing. The routing protocol SHOULD route via mains-powered nodes
+ if possible.
+
+ The routing protocol MUST support constraint-based routing taking
+ into account node properties (CPU, memory, level of energy, sleep
+ intervals, safety/convenience of changing battery).
+
+3.2. Support of Mobility
+
+ In a home environment, although the majority of devices are fixed
+ devices, there is still a variety of mobile devices, for example, a
+ remote control is likely to move. Another example of mobile devices
+ is wearable healthcare devices.
+
+ While healthcare devices delivering measurement results can tolerate
+ route discovery times measured in seconds, a remote control appears
+ unresponsive if using more than 0.5 seconds to, e.g., pause the
+ music.
+
+ On more rare occasions, receiving nodes may also have moved.
+ Examples include a safety-off switch in a clothes iron, a vacuum
+ cleaner robot, or the wireless chime of doorbell set.
+
+
+
+
+Brandt, et al. Informational [Page 12]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ Refer to Section 3.4 for routing protocol convergence times.
+
+ A non-responsive node can either be caused by 1) a failure in the
+ node, 2) a failed link on the path to the node, or 3) a moved node.
+ In the first two cases, the node can be expected to reappear at
+ roughly the same location in the network, whereas it can return
+ anywhere in the network in the latter case.
+
+3.3. Scalability
+
+ Looking at the number of wall switches, power outlets, sensors of
+ various natures, video equipment, and so on in a modern house, it
+ seems quite realistic that hundreds of devices may form a home-
+ automation network in a fully populated "smart" home, and a large
+ proportion of those may be low-power devices. Moving towards
+ professional-building automation, the number of such devices may be
+ in the order of several thousands.
+
+ The routing protocol needs to be able to support a basic home
+ deployment and so MUST be able to support at least 250 devices in the
+ network. Furthermore, the protocol SHOULD be extensible to support
+ more sophisticated and future deployments with a larger number of
+ devices.
+
+3.4. Convergence Time
+
+ A wireless home automation network is subject to various
+ instabilities due to signal strength variation, moving persons, and
+ the like.
+
+ Measured from the transmission of a packet, the following convergence
+ time requirements apply.
+
+ The routing protocol MUST converge within 0.5 seconds if no nodes
+ have moved (see Section 3.2 for motivation).
+
+ The routing protocol MUST converge within four seconds if nodes have
+ moved to re-establish connectivity within a time that a human
+ operator would find tolerable as, for example, when moving a remote
+ control unit.
+
+ In both cases, "converge" means "the originator node has received a
+ response from the destination node". The above-mentioned convergence
+ time requirements apply to a home control network environment of up
+ to 250 nodes with up to four repeating nodes between source and
+ destination.
+
+
+
+
+
+Brandt, et al. Informational [Page 13]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+3.5. Manageability
+
+ The ability of the home network to support auto-configuration is of
+ the utmost importance. Indeed, most end-users will not have the
+ expertise and the skills to perform advanced configuration and
+ troubleshooting. Thus, the routing protocol designed for home-
+ automation networks MUST provide a set of features including zero-
+ configuration of the routing protocol for a new node to be added to
+ the network. From a routing perspective, zero-configuration means
+ that a node can obtain an address and join the network on its own,
+ almost without human intervention.
+
+3.6. Stability
+
+ If a node is found to fail often compared to the rest of the network,
+ this node SHOULD NOT be the first choice for routing of traffic.
+
+4. Traffic Pattern
+
+ Depending on the design philosophy of the home network, wall switches
+ may be configured to directly control individual lamps or
+ alternatively, all wall switches send control commands to a central
+ lighting control computer, which again sends out control commands to
+ relevant devices.
+
+ In a distributed system, the traffic tends to be multipoint-to-
+ multipoint. In a centralized system, it is a mix of multipoint-to-
+ point and point-to-multipoint.
+
+ Wall switches only generate traffic when activated, which typically
+ happens from one to ten times per hour.
+
+ Remote controls have a similar transmit pattern to wall switches but
+ may be activated more frequently in some deployments.
+
+ Temperature/air and pressure/rain sensors send frames when queried by
+ the user or can be preconfigured to send measurements at fixed
+ intervals (typically minutes). Motion sensors typically send a frame
+ when motion is first detected and another frame when an idle period
+ with no movement has elapsed. The highest transmission frequency
+ depends on the idle period used in the sensor. Sometimes, a timer
+ will trigger a frame transmission when an extended period without
+ status change has elapsed.
+
+ All frames sent in the above examples are quite short, typically less
+ than five bytes of payload. Lost frames and interference from other
+ transmitters may lead to retransmissions. In all cases,
+ acknowledgment frames with a size of a few bytes are used.
+
+
+
+Brandt, et al. Informational [Page 14]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+5. Security Considerations
+
+ As is the case with every network, LLNs are exposed to routing
+ security threats that need to be addressed. The wireless and
+ distributed nature of these networks increases the spectrum of
+ potential routing security threats. This is further amplified by the
+ resource constraints of the nodes, thereby preventing resource-
+ intensive routing security approaches from being deployed. A viable
+ routing security approach SHOULD be sufficiently lightweight that it
+ may be implemented across all nodes in a LLN. These issues require
+ special attention during the design process, so as to facilitate a
+ commercially attractive deployment.
+
+ An attacker can snoop, replay, or originate arbitrary messages to a
+ node in an attempt to manipulate or disable the routing function.
+
+ To mitigate this, the LLN MUST be able to authenticate a new node
+ prior to allowing it to participate in the routing decision process.
+ The routing protocol MUST support message integrity.
+
+ A further example of routing security issues that may arise is the
+ abnormal behavior of nodes that exhibit an egoistic conduct, such as
+ not obeying network rules or forwarding no or false packets.
+
+ Other important issues may arise in the context of denial-of-service
+ (DoS) attacks, malicious address space allocations, advertisement of
+ variable addresses, a wrong neighborhood, etc. The routing
+ protocol(s) SHOULD support defense against DoS attacks and other
+ attempts to maliciously or inadvertently cause the mechanisms of the
+ routing protocol(s) to over-consume the limited resources of LLN
+ nodes, e.g., by constructing forwarding loops or causing excessive
+ routing protocol overhead traffic, etc.
+
+ The properties of self-configuration and self-organization that are
+ desirable in a LLN introduce additional routing security
+ considerations. Mechanisms MUST be in place to deny any node that
+ attempts to take malicious advantage of self-configuration and self-
+ organization procedures. Such attacks may attempt, for example, to
+ cause DoS, drain the energy of power-constrained devices, or to
+ hijack the routing mechanism. A node MUST authenticate itself to a
+ trusted node that is already associated with the LLN before the
+ former can take part in self-configuration or self-organization. A
+ node that has already authenticated and associated with the LLN MUST
+ deny, to the maximum extent possible, the allocation of resources to
+ any unauthenticated peer. The routing protocol(s) MUST deny service
+ to any node that has not clearly established trust with the HC-LLN.
+
+
+
+
+
+Brandt, et al. Informational [Page 15]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+ In a home-control environment, it is considered unlikely that a
+ network is constantly being snooped and at the same time, ease of use
+ is important. As a consequence, the network key MAY be exposed for
+ short periods during inclusion of new nodes.
+
+ Electronic door locks and other critical applications SHOULD apply
+ end-to-end application security on top of the network transport
+ security.
+
+ If connected to a backbone network, the LLN SHOULD be capable of
+ limiting the resources utilized by nodes in said backbone network so
+ as not to be vulnerable to DoS. This should typically be handled by
+ border routers providing access from a backbone network to resources
+ in the LLN.
+
+ With low-computation power and scarce energy resources, LLNs' nodes
+ may not be able to resist any attack from high-power malicious nodes
+ (e.g., laptops and strong radios). However, the amount of damage
+ generated to the whole network SHOULD be commensurate with the number
+ of nodes physically compromised. For example, an intruder taking
+ control over a single node SHOULD NOT be able to completely deny
+ service to the whole network.
+
+ In general, the routing protocol(s) SHOULD support the implementation
+ of routing security best practices across the LLN. Such an
+ implementation ought to include defense against, for example,
+ eavesdropping, replay, message insertion, modification, and man-in-
+ the-middle attacks.
+
+ The choice of the routing security solutions will have an impact on
+ the routing protocol(s). To this end, routing protocol(s) proposed
+ in the context of LLNs MUST support authentication and integrity
+ measures and SHOULD support confidentiality (routing security)
+ measures.
+
+6. Acknowledgments
+
+ J. P. Vasseur, Jonathan Hui, Eunsook "Eunah" Kim, Mischa Dohler, and
+ Massimo Maggiorotti are gratefully acknowledged for their
+ contributions to this document.
+
+7. References
+
+7.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+
+
+
+Brandt, et al. Informational [Page 16]
+
+RFC 5826 Home Automation Routing Requirements in LLNs April 2010
+
+
+7.2. Informative References
+
+ [BUILDING-REQS] Martocci, J., Ed., De Mil, P., Vermeylen, W., and N.
+ Riou, "Building Automation Routing Requirements in
+ Low Power and Lossy Networks", Work in Progress,
+ January 2010.
+
+ [RFC5548] Dohler, M., Ed., Watteyne, T., Ed., Winter, T., Ed.,
+ and D. Barthel, Ed., "Routing Requirements for Urban
+ Low-Power and Lossy Networks", RFC 5548, May 2009.
+
+ [RFC5673] Pister, K., Ed., Thubert, P., Ed., Dwars, S., and T.
+ Phinney, "Industrial Routing Requirements in Low-
+ Power and Lossy Networks", RFC 5673, October 2009.
+
+ [ROLL-TERM] Vasseur, JP. "Terminology in Low power And Lossy
+ Networks", Work in Progress, October 2009.
+
+Authors' Addresses
+
+ Anders Brandt
+ Sigma Designs, Inc.
+ Emdrupvej 26
+ Copenhagen, DK-2100
+ Denmark
+
+ EMail: abr@sdesigns.dk
+
+
+ Jakob Buron
+ Sigma Designs, Inc.
+ Emdrupvej 26
+ Copenhagen, DK-2100
+ Denmark
+
+ EMail: jbu@sdesigns.dk
+
+
+ Giorgio Porcu
+ Telecom Italia
+ Piazza degli Affari, 2
+ 20123 Milan
+ Italy
+
+ EMail: gporcu@gmail.com
+
+
+
+
+
+
+Brandt, et al. Informational [Page 17]
+