STRATEGIES FOR TELECOMMUNICATIONS

Engineering Technology for Strategy (and Security) - STRATEGOS

Internet of Things (IoT) communication protocols and

examples of application scenarios and solutions

Fabio Patrone – fabio.patrone01@unige.it

2 Table of Contents
 Overview of the IoT communication requirements
 IoT communication protocol classification and details about each mentioned solution:
 Very short range: RFID, NFC
 Short range: Bluetooth
 Medium range: Zigbee, Z-Wave
 Long range:
LPWAN: Sigfox, LoRaWAN, Ingenu, IEEE 802.15.4(k, g, e), LTN
Cellular network-based: EC-GSM-IoT, LTE-M, NB-IoT
 Very long range: Satellite communications for IoT
 IoT Application protocols: CoAP, MQTT, AMQP, DDS, XMPP
 Examples of IoT use case scenarios
3 IoT communication requirements

 Small size data messages: from a few Bytes to a few kiloByte

 Small required bandwidth: from a few hundreds of Hz to a few MHz, with a

consequently low required transmission rate from a few hundreds of bps to a few Mbps

 Network topology: mesh or star

 Limited devices’ energy consumption: devices may be equipped with small batteries

 Low device cost: the application scenario may require the deployment of a high
number of devices

 Long device lifetime: devices may be physically difficult to reach after deployment or
their too frequent change may make the network cost too high
4 Wireless communication protocols

Tens of wireless communication protocols have been defined ad-hoc or «rearrenged» over
time to make them more compatible with the evolving applications and service requirements
5 Wireless communication protocols
6 Wireless communication protocols

WIRELESS PROTOCOLS
COVERAGE RANGE

Very short range Short range Medium range Long range Very long range
up to 10 cm up to 10 metri up to 100 metri up to 100 km
(RFID, NFC) (WBAN, Bluetooth) (Wi-Fi, Zigbee, Z-Wave) (cellulare, LPWAN) (satellitare)

TRANSMISSION POWER

High power Low power

(2G-GSM, 3G-UMTS,
4G-LTE, 5G-NR)
FREQUENCY BANDS
Licensed License-free
(NB-IoT, LTE-M, (LoRaWAN, Sigfox,
EC-GSM-IoT) Ingenu, …)
7 Radio Frequency Identification (RFID)

RFID systems are based on electronic devices (transponder) able to store data inside
them
The data exchange between these devices and RFID readers takes place through
electromagnetic waves
8 Radio Frequency Identification (RFID)
System architecture
RFID systems are composed of two main components:
 Transponder (tag):
device storing the
information related to the
object to identify
 Reader: device aims to
read / write information
from / on transponders
Each transponder is typically composed of an antenna and a microchip
Each reader is typically composed of a radio module, for the data exchanges with the
transponders, and another interface, such as a serial port, for the link with other systems,
such as PC containing data databases
Line-of-Sight (LoS) condition between readers and transponders is not required
9 Radio Frequency Identification (RFID)
Transponder – Passive vs Active

 Passive: they do not have any power source. They activate when entering within the
reader coverage area, since the readers give them enough power to transmit data

 Semi-passive: they are equipped with a battery that powers on the microchip for
long periods (years) but does not give them enough power to transmit data, which is
given by the reader

 Active: they are equipped with a battery that both powers on the microchip and give
them enough power to transmit data
10 Radio Frequency Identification (RFID)
Transponder – Operational frequencies

 Low Frequency – LF (30-300 kHz)

 High Frequency – HF (3-30 MHz)

 Ultra High Frequency – UHF (300 MHz – 3 GHz)

 Super High Frequency – SHF (> 3 GHz)

This choice is made considering the application scenario and the possible transponder
limitations
11 Radio Frequency Identification (RFID)
Transponder – Operational space range

 Close-coupling:

 Passive transponder

 Range: 0-1 cm (they must be inserted into the player or placed on its external
surface)

 Frequency: LF (30-300 kHz) o HF (3-30 MHz)

 Standard: ISO 10536-1

 Used in applications with high security requirements and do not need a long
operational range, such as magnetic cards to open doors or for contactless
payment cards
12 Radio Frequency Identification (RFID)
Transponder – Operational space range

 Remote-coupling:

 Passive transponder

 Range: 0-1 m

 Frequency: LF (30-300 kHz) o HF (3-30 MHz)

 Standard: Proximity (ISO 14443) and Vicinity (ISO 15693 e ISO 18000-3)
13 Radio Frequency Identification (RFID)
Transponder – Operational space range

 Long-range:

 Active transponder

 Range: > 1m

 Frequency: UHF (300 MHz – 3 GHz) or SHF (> 3 GHz)

 Standard: ISO 18000-4 and ISO 18000-6

 Need wider frequency ranges to transmit high amount of data

14 Radio Frequency Identification (RFID)
Further information

Data transmission mode:

 Full-duplex: data transmission by the transponders occurs when the reader is

active

 Sequential: readers remain active only for short, fixed and cyclical periods of
time. Transponders only send data during these periods
15 Radio Frequency Identification (RFID)
Further information

Transponder capacity: from a few Bytes to a few kBytes

With the exception of 1-bit transponders, which can assume one out of only
two possible states: “transponder active” or “transponder deactivated”. Typically
used in shops for the protection of goods (anti-theft)

There are transponders enabled only for reading (transmitting) data (read-only)
and others also capable of receiving and storing data (read-write)
16 Radio Frequency Identification (RFID)
Further information

Adequate security requirements, such as encryption of transmitted data and

user authentication, are considered and implemented, especially in applications
involving the exchange of money (contactless cards)

RFID devices must typically be resistant to adverse climatic conditions and

degradation over time and guarantee very short data reading, writing and
verification times
17 Radio Frequency Identification (RFID)
Further information

One of the standard defining communications in RFID is the EPC Radio-

Frequency Identity Protocols Generation-2 UHF RFID
(https://www.gs1.org/sites/default/files/docs/epc/Gen2_Protocol_Standard.pdf)

This protocol defines the physical and logical requirements for a passive-
backscatter, Interrogator-Talks-First (ITF), RFID system operating in the 860 MHz
– 960 MHz frequency range
18 Radio Frequency Identification (RFID)
Standard

 ISO/IEC 10536: Identification cards - Contactless integrated circuits(s)

card – Close-coupled cards (0-1 cm)

 ISO/IEC 14443 (Smart card contactless): Cards and security devices for
personal identification – Contactless proximity objects (0-10 cm)

 ISO/IEC 15693: Identification cards - Contactless integrated circuits(s)

card – Vicinity cards (0-1 m)
19 Radio Frequency Identification (RFID)
Standard

 ISO/IEC 11784, 11785, 14223: Radio-frequency identification of animals

 VDI 4470: Anti-theft systems for goods

 ISO 10374: Freight containers – Automatic identification

 ISO/IEC 15961, 15962, 15963, 18000, 18001, 24791: Radio Frequency

Identification (RFID) for item management
20 Radio Frequency Identification (RFID)
Near Field Communication (NFC)

NFC technology seems more similar to other wireless technologies, such as

Bluetooth, than to RFID systems, although it has several characteristics in common
with the latter

An NFC communication is initialized by a device called reader or polling device to

another device called target or tag

The Tag NDEF Exchange Protocol (TNEP) is an application-level protocol for

sending or retrieving application data units between a polling (reader) device and an
NFC tag

The data units are NFC Data Exchange Format (NDEF) messages
21 Radio Frequency Identification (RFID)
Near Field Communication (NFC)
NFC supports different modes of
operation
In reader/writer mode, one of the
NFC devices (the polling device) is
active and requests and reads data
from the other device (the tag)
The NFC tag is passive. It does
not generate an electromagnetic
field, but it modulates the field that
is generated by the polling device
The tag contains data which can be
read and written by the polling
device
22 Radio Frequency Identification (RFID)
Near Field Communication (NFC)

 Range: 0-20 cm

 Frequency: around 13.56 MHz

 Modulation: Amplitude Shift Keying (ASK)

 Maximum data rate: 424 kbps

 Standard: ISO/IEC 18092 and ISO/IEC 21481

23 Radio Frequency Identification (RFID)
Applications

1. Contactless Credit / Debit cards

2. Electronic tickets for public transportation

3. Passports and ID cards

4. Badges or tags to enter limited access areas (hotel rooms, gates, …)

5. Ski pass

6. Anti-theft protection
24 Radio Frequency Identification (RFID)
Applications

7. Animal identification (under-skin, in ears, collars, …)

8. Vehicle ignition keys

9. Container identification and monitoring

10. Sport event (for example, time measurements in running races)

11. Industrial automation

12. Medical field applications

25 Bluetooth

Bluetooth is a wireless communication technology based on the IEEE 802.15.1 standard

The Bluetooth specification was developed by Ericsson and later formalized by
the Bluetooth Special Interest Group (SIG) starting in 1999
26 Bluetooth
General information
 Requires low energy consumption

 Range: between 0.5 m and 100 m (depending on the protocol version)

 Frequency: 2.4 GHz (2.40-2.48 GHz) ISM (Industrial, Scientific and Medical) license-
free

 Modulation: Gaussian Frequency Shift Keying (GFSK), π/4 Differential Quadrature

Phase Shift Keying (DQPSK), or 8 Differential Phase Shift Keying (DPSK)

 Maximum data rate: 1, 2, or 3 Mbps (depending on the modulation)

27 Bluetooth
General information

Divides the available bandwidth into 79 channels of 1 MHz each

Each transmission “hops” among the channels 1600 times per second (Frequency
Hopping Spread Spectrum – FHSS) to reduce interference both between nearby
devices and from external sources

Device operations are synchronized through a shared clock signal

6 versions with different variations have been defined adding further functionalities

The currently last version is 6.0 (August 2024) and its detailed specification can be found
here: https://www.bluetooth.com/specifications/specs/core-specification-6-0/
28 Bluetooth
Network architecture

Bluetooth networks, called Piconets, are

composed of two kinds of devices:

 Master: manages the synchronization

within the Piconet and defines the
frequency hopping sequence of each
slave device

 Slave: connects to the Piconet

generated by a master device

When connected to the network, each device identifies the other active devices through a
24-bit code (Class Of Device - COD) in order to activate the related services
29 Bluetooth
Network topologies

 Point-to-point (piconets with a single slave): communications take place only

between a pair of master-slave nodes

 Point-to-multipoint (piconets with multiple slaves): communications take place

between a single master and multiple slaves

 Scatternet: composed of two or more piconets connected to each other through one
or more common slaves

The available frequencies are used independently by each network

As the number of slaves in the same piconet or scatternet increases, the probability of
data packet collision and number of collisions increases, with a consequent performance
degradation
30 Bluetooth
Connection procedure

To transmit and/or receive data, a device must “physically” connect to another before
starting the data exchange.

The connection procedure involves the following steps:

1. Inquiry: a new device entering the piconet sends a packet (inquiry) in order to
“discover” if there are other devices within the coverage range: if there are, it will
receive a reply from each of them containing some data, including their address

2. Paging: the connection between two devices is established

31 Bluetooth
Connection procedure

3. Connection: after the connection establishment, the slave can operate in 4 different
modes:

i. Active: the device is active and transmitting or receiving data

ii. Sniff: energy-saving mode in which the device is at rest (sleep) and periodically “wakes
up” to “hear” if there are data transmissions destined to it on the shared channel

iii. Hold: energy-saving mode in which the device is at rest for a certain fixed time interval
after which it comes back to the active mode

iv. Park: most energy-saving mode, the master imposes the slave to enter this idle mode, the
slave stays there until the master tells it to “wake up”
32 Bluetooth
Connection types

 Connectionless: it is based on the Asynchronous Connection-Less (ACL)

protocol. Data transmission takes place within the time slots assigned by the master
node (slave nodes access the channel via Time Division Multiple Access - TDMA),
packets are retransmitted in case of missing ack reception, typically used for normal
data exchange

 Connection-oriented: it is based on the Synchronous Connection-Oriented

(SCO) protocol. Data transmission takes place within reserved time slots in order to
guarantee a certain data transmission frequency, no retransmissions, typically used for
voice data exchange
33 Bluetooth
Data transmission
Both master and slave nodes can periodically but alternatively transmit data on the same
channel only for a specific uplink and downlink time slot, respectively (Time Division
Duplex – TDD)

The master node transmits in the even

time slots while the slave nodes
transmit in the odd time slots
There are no channel «jumps» during
the transmission of the same data
packet

It is also possible to transmit multislot packets, i.e. packets which, given their size, can
occupy up to 5 consecutive slots
34 Bluetooth
Device classes

There are four device classes that differ from the transmission power and,
consequently, the coverage range:

 Class 1: transmission power 100 mW (20 dBm), coverage range 100 m

 Class 2: transmission power 2.5 mW (4 dBm), coverage range 10 m

 Class 3: transmission power 1 mW (0 dBm), coverage range 1 m

 Class 4: transmission power 0.5 mW (-3 dBm), coverage range 0.5 m

35 Bluetooth
Bluetooth Low Energy (LE)

Subsequent version aimed at further improving the energy consumption:

 Frequency: 2.4 GHz ISM

 40 channels of 2 MHz each

 Modulation: only GFSK

 Maximum data rate: 125 kbps, 500 kbps, 1 Mbps, and 2 Mbps

 Defines an additional device class (1.5) with 10 mW (10 dBm) transmission power
and 20 m coverage range
36 Bluetooth
Security

Each device has a unique 48-bit address (BD_ADDR) where the first 24 bits
uniquely identify the manufacturing organization and the last 24 bits identify the
single device among those built by the same organization

Two error correction schemes: Forward Error Correction (FEC) 1/3 and
FEC 2/3

It provides device authentication with 128-bit key and data encryption with 8
to 128-bit keys
37 Bluetooth
Application profiles

To ease the use of Bluetooth devices and distinguish the functions that each device can
perform, a set of 37 possible application profiles have been defined. For example:

 Advanced Audio Distribution Profile (A2DP): defines how multimedia content can
be transmitted and played from one device to another through a Bluetooth connection

 Audio/Video Remote Control Profile (AVRCP): defines how a device can be used
as a TV “remote control” or other audio/video devices

 Basic Printing Profile (BPP): defines the sending of text, email, and other printer-
like content
38 Bluetooth
Application profiles

 Cordless Telephony Profile (CTP): defines the use of Bluetooth-based cordless phones

 File Transfer Profile (FTP): defines the ability to add, edit, or transfer files from one
device to another one

 Handset Profile (HSP): defines how Bluetooth headsets can interface with mobile
phones or game consoles to initiate/end calls or change the volume of the audio output

 Human Interface Device Profile (HIDP): defines how devices with simple buttons
and indicators (mouse, keyboards, joysticks, ...) can interface with PCs and video game
consoles
39 ZigBee

ZigBee is a wireless communication technology based on the IEEE 802.15.4 standard

and maintained by the ZigBee Alliance

The 1.0 specification was approved in 2004 and is publicly available, while the latest
specification (3.0) was initially released in 2014 and subsequently improved until 2017

ZigBee detailed specifications can be found here:

https://csa-iot.org/developer-resource/specifications-download-request/

https://zigbeealliance.org/wp-content/uploads/2019/11/docs-05-3474-21-0csg-zigbee-
specification.pdf
40 ZigBee
General information

The available band is divided into 16 channels of 2 MHz each and involves the use of
the Direct Sequence Spread Spectrum (DSSS) technique

Range: 300 m in LoS condition, up to 75/100 m indoor

Frequency: ISM license-free 868 MHz (Europe), 915 MHz (USA) e 2,4 GHz (World)

Modulation: Binary Phase Shift Keying (BPSK) and Quadrature Phase Shift Keying
(QPSK)

Maximum data rate: 20, 40, and 250 kbps

Maximum transmission power: 1 mW

41 ZigBee
Device types

 ZigBee Coordinator: manages the network. It is in charge of the following

operations:
 give unique addresses to the other nodes in the network
 manage the access to and exit from the network of the other nodes
 select the channel to use for each other node in the network
 store data destined to other temporary inactive nodes of the network

 ZigBee Router: aims to extend the network coverage, routes the data packets destined
to or generated by the End Devices

 ZigBee End Device: data source and/or destination, communicates only with the
associated parent node (a router or the coordinator)
42 ZigBee
Network architecture
 ZigBee Star: star network, one or more end
devices are connected and managed directly by
the coordinator
 ZigBee Tree: tree network, one or more routers
extend the network coverage, uses a hierarchical
routing strategy
 ZigBee Mesh: mesh network, one or more
routers are used to extend the network coverage,
uses a non-hierarchical routing strategy, typically
used to distribute some coordinator functions
(for example, related to security)
There can be only one coordinator per network. Coordinator differ from routers from the
software an logical viewpoint but not at the hardware level
43 ZigBee
Channel access
The different devices can access the channel to transmit data by using the Carrier Sense
Multiple Access / Collision Avoidance (CSMA/CA) technique
Before starting to transmit, a device “senses”
the channel to understand if there are other
ongoing transmissions

The receiving node notifies the transmission

intention of the transmitting node in order to
completely avoid possible collisions
44 ZigBee
Security
Each device has a unique 64-bit MAC address
Each device receives a 16-bit address from the coordinator after being associated to a
network that uniquely identifies it within the network and that will be used for data routing.
When the device leaves the network, its address can be reassigned by the coordinator to
another device
AES encryption with 128-bit keys
Security can be implemented in two ways:
 Centralized: only the coordinator can create and exchange the encryption keys
operating as a trust center
 Distributed: each router can locally create and exchange the encryption keys for the
end devices directly connected to it
Error detection with 16-bit Cyclic Redundancy Check (CRC) technique
45 ZigBee
Application profiles

ZigBee also defines a set of application profiles that are structured in two categories:
public and manufacturer-specific

Examples of the public profiles are:

 Commercial Building Automation (CBA): designed for the typical commercial

building environment (offices, meeting rooms, …)

 Home Automation (HA): designed for the smart home environment

 Industrial Plant Monitoring (IPM): designed for monitoring industrial production

processes within a smart industry environment
46 ZigBee
Application profiles

 Personal Home & Hospital Care (PHHC): includes devices aim to provide non-
invasive medical monitoring and treatment

 Smart Energy (SE): applications for two-way communication of energy consumption

data and a more efficient and reliable management of the available energy

 Telecom Applications (TA): applications aim to improve the offered telephone

service and offer additional functionalities
47 Low Power Wide Area Network (LPWAN)

The LPWA protocols have been defined to address the requirements of applications
that cannot be satisfied by the short-range communication protocols (Bluetooth,
ZigBee, Z-Wave, ...), the “classic” protocol for wireless networks (Wi-Fi) and those
based on the cellular network (GSM, UMTS, LTE, ...)

They guarantee long-range transmission (from a few kilometers to a few tens of

kilometers), low energy consumption for data transmission/reception, and low
cost of device manufacturing, at the cost of a reduced data rate (a few tens of
kilobits per second)
48 Low Power Wide Area Network (LPWAN)

They are particularly suitable for delay-tolerant services that do not require
transmission/reception of large amounts of data but require a low energy
consumption enough to guarantee a long operational life (years) despite being
equipped with small batteries

They are mainly used for massive Machine Type Communication (mMTC)
applications, instead of critical MTC (cMTC) applications that require higher data
transmission speeds, lower latencies, and great reliability
49 Low Power Wide Area Network (LPWAN)
Applications
50 Low Power Wide Area Network (LPWAN)
Main features

Long Range Transmission

Most LPWA protocols operate in the Sub-GHz frequency band (< 1 GHz) where the
effect of attenuations and multipath fading due to the presence of obstacles is lower. The
used modulations aim to keep the transmission speed low to be able to allocate a greater
amount of energy per single transmitted bit (or symbol):
 Narrowband (NB): Bandwidth smaller than 25 kHz in order to maximize the use of the
frequency spectrum between a large number of devices and minimize the effect of noise. No
reception gain is needed, making transceivers simpler and less expensive. A variant called
Ultra Narrowband (UNB) has a bandwidth of 100 Hz
 Spread Spectrum: the signal is expanded to be transmitted in a wider frequency band while
keeping the power density unchanged, making the signal more robust to interference (natural
or intentionally generated). Certain processing is necessary to allow correct reception of the
signal. Less efficient use of the frequency spectrum
51 Low Power Wide Area Network (LPWAN)
Main features
Low Power Consumption
Batteries should last years thanks to proper choices in the following aspects:
 Topology: star (devices connected to a central base station) in order to limit the number of
transmissions per device
 Duty cycling: hardware components in charge of data transmission/reception (transceiver) are
activated and kept active only when it is needed and for the necessary time
 Lightweight channel access schemes: Random channel access schemes, such as Carrier
Sense Multiple Access with Collision Avoidance (CSMA/CA) or the simpler Aloha, are
popular as they do not involve any synchronization among devices. Synchronous variants, such
as Time Division Multiple Access (TDMA), are still present as they offer more efficient
radio resource allocation at the price of increased complexity
 Computational complexity offloading: certain operations, such as data processing, are
performed in the base stations or backend network rather than on-board devices, leveraging
emerging paradigms, such as Multi-access Edge Computing (MEC)
52 Low Power Wide Area Network (LPWAN)
Main features
Low Cost
Limited cost to build devices and maintain connectivity thanks to:
 Reduced hardware complexity: simple waveforms allow reducing hardware
complexity in terms of computational power and required memory
 Minimal communication infrastructure: a single base station can connect tens
of thousands of devices distributed over an area of several square kilometers
 Use of license-free or pre-licensed spectral bands: Many LPWA protocols
exploit license-free frequency bands, such as ISM or TV white-spaces. Others
share bands already purchased for other types of communication, such as cellular
communication bands, avoiding additional license fees
53 Low Power Wide Area Network (LPWAN)
Main features
Great scalability
A large number of devices have to coexist within a small area thanks to:
 Diversification techniques: allow multiple parallel data transmissions through
multi-channel transmissions and the use of multi-antenna systems
 Densification of the base stations: based on the use of multiple base stations
widely spread throughout the covered area and the consequent use of strategies for
the coordinated management of the available radio resources
 Selection of the channel and adaptable data rate: properly and dynamically select
the transmission channel, transmission power, and modulation depending on certain
parameters, such as the channel conditions, distance between device and base station,
interference between devices, …
54 LPWA proprietary protocols
55 LPWA proprietary protocols
SigFox

SigFox is a proprietary solution in which the devices send/receive data to/from the network
connecting to an ad-hoc deployed throughput the covered area making a star topology
network
56 LPWA proprietary protocols
SigFox

Uplink: each device sends multiple copies (3 by default) of each message through 3 different
randomly chosen channels in order to increase the probability of correct reception. Each copy
can be received by more than one base station. Each station sends the received messages to the
SigFox Cloud platform which eliminates duplicate messages and sends a copy of each message to
the end user, acting as an interface between users and IoT devices
57 LPWA proprietary protocols
SigFox

Downlink: A message can be delivered to a device only in the time periods when it explicitly
communicated its reception availability. The rest of the time, the device is not listening to save
power
58 LPWA proprietary protocols
SigFox

 Range: 10 km in urban areas and 50 km in rural areas maximum

 Frequency: ISM license-free Sub-GHz 868 MHz (Europe) and 902 MHz (USA)

 Modulation: Differential Binary Phase Shift Keying (D-BPSK) in uplink and Gaussian
Frequency Shift Keying (GFSK) in downlink

 Bandwidth: Ultra Narrow (100 Hz)

 Data rate: between 100 bps and 600 bps in uplink (depending on the geographical area)
and 600 bps in downlink
59 LPWA proprietary protocols
SigFox

 Messages per day: 140 messages in uplink and 4 in downlink

 Channels: 360 different channels

 Message size: header 14 Byte fixed, data payload 12 Bytes maximum in uplink and 8
Bytes maximum in downlink (depending on the geographical area)

 Channel access method: random access, Unslotted Aloha

60 LPWA proprietary protocols
LoRaWAN

LoRaWAN (Low Range Wide Area Network) is based on a proprietary technology

developed by Semtech and managed by the LoRa Alliance

LoRaWAN detailed specifications can be found here:

https://resources.lora-alliance.org/technical-specifications
61 LPWA proprietary protocols
LoRaWAN

LoRaWAN networks are typically laid out in a star-of-stars topology composed of

three kinds of nodes:
Gateways
Operate as access nodes for the
LoRaWAN end-devices
Gateways are connected to one
or multiple Network Server(s) via
standard IP connections, whereas
end-devices use single-hop radio-
frequency RF communication to
one or multiple gateways
62 LPWA proprietary protocols
LoRaWAN

LoRaWAN networks are typically laid out in a star-of-stars topology composed of

three kinds of nodes:
Network Server
Takes care of the end-device
activation process and the end-
device session keys generation,
deletes the possible duplicate
packets, and routes the packets
from each end-device to the
associated Application Server
63 LPWA proprietary protocols
LoRaWAN

LoRaWAN networks are typically laid out in a star-of-stars topology composed of

three kinds of nodes:
Application Server
Receive, decrypt, and store the
data payloads sent by the end-
devices
The Application Server operates
as an interface toward the users
64 LPWA proprietary protocols
LoRaWAN

Each end-device has to perform an activation process before start transmitting in the
network

Activation of an end-device can be achieved in two ways:

 Over-The-Air Activation (OTAA): end-devices perform a Join Procedure with a

Network Server before starting the data exchanges. It consists in the exchange of two
MAC frames with the Network Server namely Join-Request and Join-Accept. The
NwkSKey is generated with this process

 Activation By Personalization (ABP): ties an end-device directly to a specific network

thus bypassing the Join-Request – Join-Accept procedure. DevAddr, NwkSKey, and
AppSKey are already stored within the end-device
65 LPWA proprietary protocols
LoRaWAN

After activation, each device possesses the following information:

 End-device Address (DevAddr): 32-bit address that uniquely identifies the end-device
within the network. It is allocated by the Network Server

 Network Session Key (NwkSKey): 128-bit network session key specific to each end-
device, created and shared between the end-device and the Network Server, and used to
encrypt and decrypt the payload field of MAC-only data frames

 Application Session Key (AppSKey): 128-bit application session key specific to each
end-device, already stored at both end-device and Application Server sides, and used by
both the Application Server and the end-device to encrypt and decrypt the payload field
of application-specific data frames
66 LPWA proprietary protocols
LoRaWAN

Communication between end-devices and gateways is distributed over different frequency

channels and data rates. To maximize both battery life of the end-devices and overall
network capacity, the LoRa network infrastructure can manage the data rate and RF output
for each end-device individually by means of an Adaptive Data Rate (ADR) scheme
An end-device may transmit on any channel available at any time using any available data
rate, as long as the following rules are observed:
 The end-device changes channels in a pseudo-random fashion for every transmission
 The end-device pseudo-randomly changes its transmit periodicity to prevent systematic
synchronization of populations of end-device transmissions
 The end-device complies with all local regulations governing its behavior in the band in
which it is operating
67 LPWA proprietary protocols
LoRaWAN
Each message sent by the devices
can be received by multiple
gateways depending on the area
coverage in order to increase the
probability of correct reception
Each device keeps listening to the
channel for a certain amount of
time (opportunity to receive) to
receive positive feedback on
successful transmissions

Uplink transmissions require an acknowledgment from the Network or an Application

Server and are retransmitted by the end-device if the acknowledgment is not received
68 LPWA proprietary protocols
LoRaWAN

LoRaWAN distinguishes 3 different classes of devices according to data transmission

and reception needs with decreasing latency but increasing energy consumption
69 LPWA proprietary protocols
LoRaWAN

 Class A: a transmission opportunity is followed by 2 reception opportunities

70 LPWA proprietary protocols
LoRaWAN

 Class B: a greater number of reception opportunities than in Class A can follow each
transmission opportunity at scheduled time instants synchronized with the base
stations. Its main purpose is to have an end-device available for reception at a
predictable time, in addition to the reception windows that follows the random uplink
transmission from the end-device

 Class C: the devices are always on and ready to receive except when they are
transmitting. Its main purpose is to maximize the downlink bandwidth at the cost of a
higher energy consumption
71 LPWA proprietary protocols
LoRaWAN

 Range: 5 km in urban areas, 15 km in rural areas

 Frequency: ISM license-free Sub-GHz 433 and 868 MHz (Europe), 915 MHz (USA), and
430 MHz (Asia)
 Modulation: a Chirp Spread Spectrum (CSS) proprietary technology (LoRa), FSK
 Data rate: between 0.3 and 50 kbps (depending on the geographical area)
 Channels: 10 in Europe, 72 downlinks + 8 uplinks in USA
 Message size: maximum 250 Bytes
 Channel access method: random access, Unslotted Aloha
 Multiple spreading factors: between 7 and 12, which introduce a tradeoff between
transmission range and data rate (the higher the value of the spreading factor, the lower the
usable data rate and vice versa)
72 Application scenarios and solution examples
Vehicle monitoring
Solutions that include localization and real-time knowledge of information about the
vehicle status, such as speed, fuel consumption, tire pressure, …
Vehicle tracking system based on GPS to
keep monitoring the vehicle position and
GSM to send vehicle information to an
online database
(figure from the article ‘‘Design and
Implementation of Vehicle Tracking System Using
GPS/GSM/GPRS Technology and Smartphone
Application’’)
The article ‘‘Vehicle traffic congestion control & monitoring system in IoT’’ proposes a similar
approach but based on Bluetooth, while the article ‘‘Research on the innovation path of
logistics formats based on 5G technology’’ proposes a possible solution based on 5G
73 Application scenarios and solution examples
Driver monitoring

Driver monitoring system that collect data about

driver, vehicle, and surrounding environment status
from multiple sensors in real-time

These data are then sent in real-time to a

management platform that analyzes them and
consequently sends proper indications

(figure from the article ‘‘Fog Assisted Driver Behavior

Monitoring for Intelligent Transportation System’’)
74 Application examples
Smart warehouse management
Solutions regarding warehouse positioning planning, optimization of the available space
within warehouses, warehouse environment monitoring, optimize the warehouse
operations (increase the speed of goods shipment, lower the cost of warehouse
management, …)

Autonomous logistics system based

on RFID
(figure from the article ‘‘Design and
application of Internet of Things based
warehouse management system for smart
logistics’’)
75 Application examples
Goods monitoring

Solutions that consider the real-time knowledge of the goods in terms of current
positions, current and historical temperatures, current and historical pressure, …

The article ‘‘Intelligent Cargo Tracking System Based on the Internet of Things’’ proposes an
architecture for a goods smart tracking system based on RFID for the data
collection and UMTS to send these data to an online database where they are analysed
by using AI techniques

The article ‘‘EURIDICE – IoT applied to Logistics using the Intelligent Cargo Concept’’ describes
a smart system for multiple operation management, such as goods tracking and
monitoring and their possible re-route without human intervention
76 Application examples
Smart goods packing

Solutions to make the goods packing operation more autonomous and efficient

Autonomous system to manage, prepare, pack, and ship the goods triggered by each
order made by the customers through an e-commerce platform (think about Amazon…)

(figure from the article ‘‘A three-dimensional adaptive PSO-based packing algorithm for an IoT-
based automated e-fulfillment packing system’’)
77 Application examples
Smart goods load/unload
Solutions regarding the smart goods load and unload that, if properly organized, can
lead to lower handling times and movement costs (‘vertical’ movements)

Smart forklift with a data collection and transmission system based on wireless technologies
(figure from the article ‘‘IoT-based data transmitting system using a UWB and RFID system in smart
warehouse’’)
78 Application examples
Smart goods transportation
Solutions regarding smart goods transportation through different means (wheel, water,
air, …) that, if properly organized, can lead to lower transportation times and costs
(‘horizontal’ movement with related functionalities, such as optimal route computation)

AGV: Autonomous
Guided Vehicle

System to manage autonomous vehicles based on ZigBee and WiFi protocols for the data
exchange among vehicles and between vehicle and control infrastructure
(figure from the article ‘‘Wireless communication technologies in automated guided vehicles: Survey and Analysis’’)
79 Application examples
Port automation
Example of a system to automate port operations

(figure from the article ‘‘Ultra-Reliable and Low-Latency 5G Systems for Port Automation’)
80 Application examples
eHealth
The eHealth sector is benefitting from a deeper integration with the ICT technologies
This not only improved the capabilities of the medical instrumentations, but is improving
several functionalities, such as disease diagnosis and patient monitoring, through a more
capillary and efficient data collection and management

(figure from the article

‘‘A New 5G eHealth
Architecture Based on Optical
Camera Communication: An
Overview, Prospects, and
Applications’’)
81 Application examples
eHealth

Example of a patient home caring solution

(figure from the article ‘‘A New 5G eHealth Architecture Based on Optical Camera
Communication: An Overview, Prospects, and Applications’’)
82 Application examples
eHealth

Example of an implantable system for neural communication and stimulation

(figure from the article ‘‘An Implantable System for Neural Communication and Stimulation:
Design and Implementation’’)
83 Application examples
Vehicular communications
Vehicles are becoming “smarter” and able to offer additional functionalities
To do so, they need to collect and process a huge amount of data and talk to each others
(V2V), to the pedestrian (V2P), to the communication infrastructure (V2I), and to the core
part of the communication network (V2N). Generally speaking, exchange data with
everything around them (V2X)

(figure from the article ‘‘V2X Support in

3GPP Specifications: From 4G to 5G and
Beyond’’)
84 Application examples
Vehicular communications

Examples of the offered additional functionalities

(figure from the article ‘‘V2X Support in 3GPP Specifications: From 4G to 5G and Beyond’’)
85 Application examples
Vehicular communications

Example of system able to offer high-speed connectivity in trans-country highways

(figure from the article ‘‘HAPS-ITS: Enabling Future ITS Services in Trans-Continental Highways’)