ArticlePDF Available

Integrating LPWAN Technologies in the 5G Ecosystem: A Survey on Security Challenges and Solutions

Authors:

Abstract and Figures

The convergence of the Internet of Things (IoT) and 5G will open a range of opportunities for the deployment of enhanced sensing, actuating and interactive systems as well as the development of novel services and applications in a plethora of fields. Given the processing and communication limitations of both IoT devices and the most novel IoT transmission technologies, namely, Low Power Wide Area Network (LPWAN), there are notable concerns regarding certain security issues to be overcome in order to achieve a successful integration of LPWAN systems within 5G architectures. In this survey work, we analyze the main security characteristics of LPWANs, specially focusing on network access, and contrast them with 5G security requirements and procedures. Besides, we present a comprehensive review and analysis of research works proposing security solutions for the 5G-LPWAN integration. Finally, we explore open issues and challenges in the field and draw future research directions. From our analysis, it is evident that many efforts are being devoted from the academia, industry and Standards Developing Organizations (SDOs) for achieving the desired confluence of IoT and 5G worlds. We envision a successful integration of both ecosystems by exploiting novel lightweight security schemes addressing the stringent security requirements of 5G while being assumable by constrained IoT devices.
Content may be subject to copyright.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000.
Digital Object Identifier 10.1109/ACCESS.2017.DOI
Integrating LPWAN technologies in the
5G ecosystem: A survey on security
challenges and solutions
JESUS SANCHEZ-GOMEZ1, DAN GARCIA-CARRILLO2, RAMON SANCHEZ-IBORRA1, JOSE
L. HERNANDEZ-RAMOS3, JORGE GRANJAL4, RAFAEL MARIN-PEREZ2, MIGUEL A.
ZAMORA-IZQUIERDO1
1University of Murcia, Department of Information and Communications Engineering, 30100 Murcia, Spain (e-mail: {jesus.sanchez4, ramonsanchez,
mzamora}@um.es)
2Odin Solutions, Department of Research and Innovation, Alcantarilla, 30820 Murcia, Spain (e-mail: {dgarcia,rmarin}@odins.es)
3European Commission, Joint Research Centre, Ispra 21027, Italy, (e-mail: jose-luis.hernandez-ramos@ec.europa.eu)
4University of Coimbra, Centre for Informatics and Systems, 3030-290 Coimbra, Portugal (e-mail: jgranjal@dei.uc.pt)
Corresponding author: Ramon Sanchez-Iborra (e-mail: ramonsanchez@um.es).
ABSTRACT The convergence of the Internet of Things (IoT) and 5G will open a range of opportunities
for the deployment of enhanced sensing, actuating and interactive systems as well as the development of
novel services and applications in a plethora of fields. Given the processing and communication limitations
of both IoT devices and the most novel IoT transmission technologies, namely, Low Power Wide Area
Network (LPWAN), there are notable concerns regarding certain security issues to be overcome in order to
achieve a successful integration of LPWAN systems within 5G architectures. In this survey work, we analyze
the main security characteristics of LPWANs, specially focusing on network access, and contrast them with
5G security requirements and procedures. Besides, we present a comprehensive review and analysis of
research works proposing security solutions for the 5G-LPWAN integration. Finally, we explore open issues
and challenges in the field and draw future research directions. From our analysis, it is evident that many
efforts are being devoted from the academia, industry and Standards Developing Organizations (SDOs)
for achieving the desired confluence of IoT and 5G worlds. We envision a successful integration of both
ecosystems by exploiting novel lightweight security schemes addressing the stringent security requirements
of 5G while being assumable by constrained IoT devices.
INDEX TERMS 5G, Internet of Things (IoT), Low-Power Wide-Area Network (LPWAN), Security
I. INTRODUCTION
The Internet of Things (IoT) has revolutionized our lives
as it has paved the way for a plethora of applications and
services never imagined few time ago. Undoubtedly, the IoT
ecosystem will be integrated as part of the upcoming 5G
paradigm [1]. Before the final development and deployment
of these complex systems, a lot of effort is being devoted
to the security aspects of the novel 5G architecture. It is
envisioned that by the convergence of these technologies
our daily life will be almost continuously connected, hence
several challenges related to security and privacy emerge [2].
Most of the new wave of IoT services will be based
on autonomous end-devices (EDs), which perform specific
tasks in an unsupervised way, i.e., adopting a Machine-type
Communication (MTC) approach [3]. These elements usu-
ally gain connectivity through wireless network technologies,
thus enabling their deployment in remote and wide areas.
Due to the constrained features of both EDs and typical IoT
wireless technologies, the security aspects of these networks
are not as robust as in traditional non-constrained architec-
tures, consequently opening a door for potential malicious
attacks focused on both the end-nodes and the core network.
One of the wireless technologies that is gaining great
relevance for enabling novel IoT applications is Low Power
Wide Are Network (LPWAN) [4]. The most prominent char-
acteristics of these wireless communication solutions are i)
long coverage range of over 10 km, ii) very low power
consumption of EDs, and iii) great scalability. All of them
VOLUME 4, 2016 1
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
are highly beneficial in IoT scenarios. However, these fea-
tures are reached at the expense of reducing the number of
daily transmissions and the size of the transmitted messages.
Clearly, both restrictions severely harm the security capabili-
ties of these wireless links that, as mentioned above, need to
be protected for avoiding attacks of different nature.
The goal of this paper is to analyze the main security
issues of LPWAN technologies that must be addressed, and
their implications for integrating LPWAN networks in the
5G ecosystem. In fact, during recent years, there has been
a constant and steady increase in the volume of publications
about 5G security and LPWAN as presented in Fig. 1, which
shows the yearly publications’ volume extracted from Sco-
pus1, a major academic abstract and citation index database.
The covered time period goes from 1st January 2014 to
31st December 2019. The search returned 1536 publications
during the 2018–2019 period regarding “5G Security” and
“LPWAN” topics. This review analysis evidences the great
interest in 5G and LPWAN ecosystems as well as in their
potential convergence [5]. However, the stringent security
requirements of the complex 5G architecture are not al-
ways simple to be addressed by LPWAN solutions, given
their communication constraints. Even so, many research
proposals from the academia are filling this gap and the
secure integration of LPWAN technologies within the 5G
architecture is now getting a great and firm momentum.
A. CONTRIBUTIONS
Unlike previous surveys that can be found in the literature
[1], [2], [6]–[14], this work aims to focus on current research
proposals and standardization efforts related to security as-
pects, mostly related to network access, which is the basis
for establishing a secure communication with the network,
in relevant LPWAN technologies such as Narrowband-IoT
(NB-IoT) [15]–[19], LoRaWAN [20], or Sigfox [21]. These
tasks are of prominent importance when deploying massive
or ultra-dense networks for ensuring the overall security of
the IoT architecture. We provide several classification aspects
to analyze different approaches, and describe recent research
papers addressing such issues. Besides, we explore the se-
curity requirements of present and future IoT applications,
identifying current challenges that need to be addressed for
a secure and scalable integration of LPWAN technologies
within 5G infrastructures.
Table 1 summarises a comparison of related survey papers
addressing similar topics as those presented in this work.
Concretely, the main contributions of our work are the fol-
lowing: (i) a technical description addressing the security
integration of 3GPP NB-IoT technology into the 5G ecosys-
tem, (ii) a similar discussion regarding other non-3GPP IoT
LPWAN technologies such as LoRaWAN, Sigfox, etc., (iii)
a requirement analysis for IoT technologies in order to be
integrated within the 5G architecture and support its services,
(iv) an analysis of IoT use-case security requirements, (v)
1https://www.scopus.com
a comprehensive review of recent LPWAN security-related
research, (vi) a discussion of international initiatives, spe-
cially focused on European efforts related to the deployment
of a secure 5G ecosystem, and (vii) a review of related
standardisation efforts. As can be seen in Table 1, previous
survey works [1], [2], [6]–[14] do not fully cover all the
aspects pointed above.
The rest of this paper is organized as follows. Section II
justifies the integration of LPWAN and 5G ecosystems by
identifying key IoT-5G fields of application. The require-
ments of the 5G architecture for a secure integration of IoT
systems are deeply discussed in Section III. A wide review
of 5G-LPWAN security proposals from the academia is pre-
sented in Section IV. Open issues and research challenges in
different related aspects are described in Section V. Section
VI explores future research directions and trends. The paper
is concluded in Section VII presenting the most important
facts.
50
87 91
218
410
543
0 2 18
133
222
361
0
100
200
300
400
500
600
2014 2015 2016 2017 2018 2019
5G Security LPWA N
FIGURE 1: Number of “5G Security” and “LPWAN” publi-
cations indexed in Scopus during 2014–2019.
II. IOT APPLICATIONS IN THE 5G ARCHITECTURE
Many vertical industries will benefit from the generalized
deployment of IoT networks and their integration within
5G architectures [1]. Smart cities [22] is one of the most
studied scenarios, envisioning secure and reliable IoT con-
nectivity [23] for novel smart applications such as energy-
efficient buildings, parking control, waste management, etc.
This will entail the coexistence of different type of Radios
Access Technologies (RATs), from broadband connections,
e.g., 4G/5G, WiFi, etc., to low-power alternatives such as
Zigbee [24], 6LoWPAN [25], or LPWAN-based solutions.
This opens real issues from the security perspective in order
to provide a seamless connectivity to the EDs. In this line,
novel authentication mechanisms should be developed for
enabling a fast transition from one RAT to another one,
specially in the case of using constrained communication
channels such as those employed by low-power IoT devices.
Another vertical that will be highly challenging to manage
due to the mobility conditions of the users and EDs is Intelli-
2VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
TABLE 1: Contribution comparison with related survey works
Topic\Work [1] [2] [6] [7] [8] [9] [10] [11] [12] [13] [14] This work
NB-IoT 5G integration Yes Yes Yes Yes Yes Yes Yes No No No Yes Yes
non-3GPP LPWAN – 5G integration Yes No Yes Yes Yes Yes No No No No Yes Yes
LPWAN communication security requirements Yes Yes No No No Yes Yes Yes Yes No Yes Yes
IoT use-case security requirements Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
LPWAN security research No No No No No No No No No No No Yes
International initiatives No No No No No No No Yes No No No Yes
Standardisation efforts Yes No Yes Yes No No No Yes No No No Yes
gent Transportation Systems (ITS) [26]. Many services have
been defined under this umbrella: vehicle monitoring, goods
tracking, safety applications, etc. Depending on the areas in
which the vehicle is travelling, the available RATs are highly
changing. In urban scenarios it is very likely to have a number
of available connections, however in rural regions, only long-
range technologies, e.g., LPWAN, will provide IoT connec-
tivity. In addition, the network requirements of the different
vehicular services are diverse in terms of latency, bandwidth,
or reliability. Therefore, adaptive applications are needed to
adjust their functioning to the available network-resources. A
use case that may be integrated within these verticals (smart-
cities and ITS) is eHealth [27]. Big static infrastructures
such as hospitals and mobile elements such as monitored
individuals or ambulances will cooperate to provide constant
and real-time information about patients. This specific use
case will present additional security requirements due to
the highly sensitive data flowing through the network. Data
leaking must be avoided while patient’ identity-privacy have
to be guaranteed as well. Therefore, highly secured authenti-
cation methods should be implemented in monitoring devices
to ensure the source of the information and protect user’s
privacy.
Besides the verticals industries discussed above, which
include mobile scenarios, other use cases present additional
challenges in static deployments due to the lack of broad-
band connectivity. This situation happens when the EDs
are installed in remote areas, for example in use cases of
smart-grid [28] and smart-agriculture [29]. In both of them,
the elements to be monitored, e.g., electric grids, or crop
plantations, among others, cover wide extensions far from
urban areas. Under these conditions, it is difficult and ex-
pensive to provide broadband connectivity to EDs. Therefore
other communication solutions have been developed such as
LPWAN technologies to cover this gap given the relevant
characteristics mentioned previously [6]. For applications in
rural areas, LPWAN technologies are the main solutions to
provide an adequate connectivity to low-power EDs.
Different LPWAN-based solutions are being currently con-
sidered to be integrated within the 5G ecosystem. Two dif-
ferent families maybe identified: (i) cellular-based solutions,
e.g., NB-IoT, and (ii) standalone infrastructures, e.g., Lo-
RaWAN, Sigfox, etc. Both of them provide key features to
permit low-cost and low-power IoT deployments, but their
integration with 5G infrastructures presents different secu-
rity issues. Regarding the first group, the security demands
of 5G are considered by design. NB-IoT devices imple-
ments the 4G stack, which includes secure authentication
processes as regular cellular terminals. Therefore, the NB-
IoT integration in the 5G ecosystem is straightforward. On
the other hand, non-cellular solutions should adapt their
authentication mechanisms to be compliant with the security
requirements of 5G systems. However, LPWAN solutions
such as LoRaWAN or Sigfox present inherent limitations
for supporting classic authentication protocols (e.g. Internet
Key Exchange (IKE) or Transport Layer Security (TLS)),
which opens a dangerous way of intrusion from the edge
nodes towards the network core. In first place, LPWAN-based
technologies are highly restricted considering the number of
messages allowed for transmissions per day and their length.
For that reason, considering typical authentication protocols
employed in non-restricted systems is not a valid approach
for these systems, as they make use of several big-sized
messages. Besides, IoT EDs are usually severely limited in
terms of computation capacity due to their energetic restric-
tions, so performing complex cryptographic operations is not
a valid option to be considered. Therefore, the authentication
methods under these conditions should be lightweight tech-
niques not involving excessive communication overhead but
providing the security levels demanded by 5G architectures
without the need of performing heavy computations in EDs.
In the following section, a comprehensive description of the
requirements posed by 5G architectures in order to permit the
integration of IoT networks is given.
III. 5G SECURITY FOR IOT INTEGRATION
As stated above, the network access security domain is one
of the most critical aspects in 3rd Generation Partnership
Project (3GPP) architectures as it covers the set of speci-
fications and features that enable EDs to authenticate and
securely access the network. From an architecture-centric
perspective, these mechanisms protect the whole system from
unauthorized access or attacks originated in the radio seg-
ment, so it acts as a first and crucial defensive barrier. While
off-the-self 3GPP communication technologies are compli-
ant with standard network registration and authentication
procedures defined for cellular architectures, the integration
of other non-3GPP solutions like LPWAN, specially in the
IoT field, is not yet clear, given the stringent security re-
quirements posed by cellular architectures and the limited
resources of many IoT devices. In the following, we explore
the authentication mechanisms defined for 5G in order to
VOLUME 4, 2016 3
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
understand the requirements for a potential integration of IoT
solutions within these 3GPP architectures.
A. 5G SECURITY ARCHITECTURE
5G security requirements drive the need for advanced fea-
tures that improve the network authentication and key man-
agement procedures with respect to previous 3GPP-defined
architectures. Some of these features include a unified frame-
work that supports different use cases, ED identity protection,
and secure key derivation and distribution, among others
[30]. Thus, authentication and key management are funda-
mental parts of the cellular network design and their secure
operation in order to enable mutual authentication between
end-user and the Serving Network. Also, the need for a more
modular system architecture leads to the necessity of deriving
crypto keys for protecting both user-plane data and radio
signaling. 5G architecture has evolved from previous cellular
systems by including new blocks that enrich its functionality.
In this line, the 3GPP defines a set of network functions that
take part in the authentication and authorization procedures.
The entities that participate in this process are represented in
Fig. 2 and described as follows:
The SEcurity Anchor Function (SEAF) is located in the
Serving Network, relying the authentication messages
between the ED and the Home Network during authen-
tication. Although this entity can either accept or reject
the ED’s authentication attempt, normally it follows the
Home Network decision.
The AUthentication Server Function (AUSF) is placed
in the Home Network and accessed by the SEAF. This
entity is in charge of performing direct authentication
with the ED, thus deciding whether to accept or not.
Also it depends on the back-end to derive session keys
whenever the procedure employs 5G-defined authen-
tication methods. Besides, it handles queries received
from both 3GPP and non-3GPP access networks.
The Authentication Credential Repository and Process-
ing Function (ARPF) works within the Unified Data
Management (UDM), which hosts a set of functions in
charge of data management. ARPF chooses the authen-
tication method based on subscriber ID and configured
policies. Additionally, it computes the session crypto
material from the long-term key employed in authen-
tication and security association purposes.
The Subscription Identifier De-concealing Function
(SIDF) is also found within the UDM, and provides the
de-concealment of the encrypted subscriber identifier.
During 5G authentication processes, the long-term iden-
tifier (i.e. the Subscription Permanent Identifier (SUPI))
is always encrypted before being transmitted over the
radio link. When encrypted, the long-term identifier
is known as Subscription Concealed Identifier (SUCI).
More specifically, a public-key infrastructure is em-
ployed in the process, where the SIDF holds the private
keys needed for decryption of the SUCI.
The Non-3GPP Interworking Function (N3IWF) is
needed only when the authentication is performed over
an untrusted non-3GPP access network. It acts as a
Virtual Private Network (VPN) server and establishes
an IPSec [31] channel with the User Equipment (UE).
This way, the UE may perform a secure authentication
to access the core services.
FIGURE 2: 5G Security Functions (extracted from [32])
All the aforementioned elements compose the 5G Unified
Authentication Framework, whose goal is two-fold, namely,
to make 5G authentication open by supporting standardised
methods, and being access-network agnostic, i.e., working
with both 3GPP and non-3GPP access networks, e.g., WiFi
or fibre.
In 5G architectures, authentication and key management
procedures are differentiated in primary authentication and
secondary authentication. On the one hand, primary authen-
tication defines the mechanisms that permit UEs accessing
to the Serving Network domain. Hence, it is exclusively
managed by mobile network operators. Additionally, in a
roaming scenario, the Serving Network co-operates with the
subscriber’s Home Network to allow network registration and
access. On the other hand, secondary authentication proce-
dures define how to access Data Networks (DNs) outside
of the cellular infrastructure itself as DNs may belong to
external domains and are not necessarily managed by the
telecom operator. This division is one of the new integration
features of the 5G system with regards to 4G, where this
distinction was not available.
1) Primary Authentication
When a UE tries to register at a specific serving network for
the first time, it creates a new 5G Security Context [33]. The
data stored in this context will change through the authentica-
tion and key derivation exchanges needed by the 5G system.
Additionally, the main goal of holding this information is to
save resources by avoiding repeated transactions procedures,
and further optimising mobility and handover processes. A
UE may hold several different security contexts, one for
4VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
each serving network connection. For instance, if a UE has
previously accessed a serving network and both the UE and
the network domain kept a copy of the security context,
the serving network may re-activate the previously obtained
context and skip the authentication and key derivation pro-
cedures. Besides, mobility and handover leverage on two
kinds of UE registrations, namely, (i) with different serving
networks, or (ii) with the same serving network but through
different radio access networks. In the first case, the UE must
separately authenticate with each serving network and keep
one 5G security context for each operator. In the latter, the UE
can access the same serving network through different access
technologies, 3GPP and non-3GPP, reusing the same 5G
security context even when switching access networks [33].
The 5G security context is the established local state at
the UE and the serving network domain. It is composed
by the 5G Non-Access Stratum (NAS) security context, the
5G Access Stratum (AS) security context for 3GPP access,
and/or the 5G AS security context for non-3GPP Access.
The security contexts hold different types of data like derived
keys, cryptographic material, different counter variables for
security algorithms, UE security capabilities, key set identi-
fiers, etc.
In order to register at a serving network, the system must
employ the two major authentication services defined by 5G,
namely: (i) NAUSFUEAuthentication exposed by the AUSF,
and (ii) NUDMUEAuthentication exposed by the UDM. Re-
garding authentication methods, 5G specifies three of them to
be taken as default mechanisms, namely: (i) 5G-AKA [33],
(ii) Improved Extensible Authentication Protocol Method for
3rd Generation Authentication and Key Agreement (EAP-
AKA’) [34], and (iii) the EAP-TLS Authentication Protocol
(EAP-TLS) [35]. These authentication and key exchange
methodologies are described in the following:
(i) 5G-AKA: Fig. 3 showcases the sequence diagram of
the 5G-AKA exchange. As a common procedure to all the
authentication methods mentioned above, first, the UE sends
a registration request including its SUCI to the SEAF in order
to start the authentication process. Next, the SEAF begins the
authentication process with the Home Network by sending an
authentication request to the AUSF. This permits the AUSF
to verify if the Serving Network is authorised to perform such
task. In turn, the AUSF will send the authentication request
to the UDM/ARPF. Since the SUCI is provided, the SIDF
will be invoked to obtain the long-term identifier in its plain-
text form, i.e., the SUPI. Finally, the SUPI is employed by
the system to choose the authentication method and policies
regarding the UE.
Then, the UDM/ARPF starts its specific procedure by
sending an authentication vector that contains the authenti-
cation token, AU T H token, the expected response token,
XRES token, and the authentication and encryption deriva-
tion key, KAU S F . Optionally, if the SUCI was included in the
request, the SUPI is added to the preceding fields as follows:
[AU T H, X RES, KAU S F ,[SU P I ]].
Next, the AUSF stores the KAUSF and computes the hash
Home NetworkServing Network
UE SEAF AUSF UDM/ARPF/SIDF
SUPI SUCI
Choose Auth. Method
Generate Auth. Vec.
HXRESXRES
Auth Request
[AUTH]
Check AUTH
Auth Response
[RES]
Check RES
KSEAFKAUSF
Auth Success
KAMFKSEAF
Check RES
Auth Success
[ngKSI, ABBA]
Auth Req. Signal
[SUCI]
Nudm_UEAuthentication_
GetRequest
[SUCI, SNid]
[SUCI, SNid]
Nausf_UEAuthentication_
AuthenticateRequest
Nausf_UEAuthentication_
AuthenticateResponse
Nausf_UEAuthentication_
AuthenticateRequest
[AUTH, HXRES]
[RES]
[KSEAF[,SUPI]]
[AUTH, XRES, KAUSF[,SUPI]]
Nudm_UEAuthentication_
GetResponse
Nausf_UEAuthentication_
AuthenticateResponse
FIGURE 3: 5G-AKA exchange sequence diagram.
of the expected response token as HX RES, which in turn
is bundled with the AU T H token and sent together to the
SEAF as [AU T H tok en, HX RES ]. Next, the SEAF stores
the HXRES and sends the AU T H token to the UE. In
turn, the UE validates the received AUT H token with the
shared key, which is only known by the Home Network. At
this point, if the validation was successful, the UE considers
the network as authenticated. This ends the first stage of the
procedure; as a result, the UE has derived its local copy of the
key hierarchy. The UE will follow by notifying the Serving
Network of the successful result of the operation.
Then, the UE sends the authentication response message in
order to continue the process by generating the authentication
response token, RES token, and sending it to the SEAF.
The SEAF validates the RES token and delivers its contents
to the AUSF. As mentioned above, the AUSF in the Home
Network ultimately decides if the authentication is accepted
or rejected. If the AUSF accepts the RES token as valid,
it generates the anchor key, KS EAF , and sends it back to
the SEAF. Optionally, if the SUCI was included in the origi-
nal registration request, the SUPI is added to the response.
As soon as the SEAF receives the KSEAF , it derives a
KAMF and deletes the KSE AF . Then, it will notify the
authentication’s success to the UE, including other security
parameters that allow the UE to derive the KAMF locally.
The Access and Mobility Management Function (AMF) will
employ KAMF to generate the confidentiality and integrity
keys that protect UE’s signaling. Finally, the AUSF notifies
VOLUME 4, 2016 5
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
the UDM/ARPF about the result of the procedure for logging
and auditing purposes. As aforementioned, the UE keeps
hold of the long-term key that is employed to derive all
the key hierarchy. Hence, the UE will share a local copy
of the whole set of keys. Note the important function of
the KSE AF , known as anchor key in 5G-AKA procedures,
employed in both 3GPP and non-3GPP access networks
aiming at identifying an authorised Serving Network, thus
preventing Serving Network impersonation attacks.
(ii) EAP-AKA’ in 5G: If either EAP-AKA’ or EAP-TLS
are employed instead of 5G-AKA, then the UE and AUSF
act as EAP end-points [36]. In this scenario, the UE and
AUSF behave as EAP peer and server, respectively, and the
SEAF plays a pass-through role during the authentication
process. Like 5G-AKA, EAP-AKA’ is based in the challenge
- response principle, with a shared secret key known by both
UE and Home Network. Likewise, it obtains the same secu-
rity features as 5G-AKA. However, the message exchange is
different to those of 5G-AKA as shown in Fig. 4.
First, similar to the 5G-AKA method, the UE launches
the primary authentication process by sending a registration
request signal that will eventually reach the UDM. With the
data contained in the registration request, the UDM attains
the UE’s SUPI and the authentication method is chosen based
on the user policies. Then, a regular EAP-AKA’ exchange
takes place as described in RFC 5448 [34]. During this pro-
cedure, EAP payloads get encapsulated in NAS packets when
travelling between UE and SEAF. Then, they are forwarded
within 5G service messages from SEAF to the AUSF. As
aforementioned, in EAP-AKA’ the SEAF forwards certain
messages without taking part in the authentication decision
process.
(iii) EAP-TLS in 5G: EAP-TLS is mainly defined in 5G to
be used in specific deployment modes of operation. The most
typical scenarios are private networks or IoT environments.
The architecture is similar to that of EAP-AKA’, i.e., the au-
thentication end-points are the UE and AUSF, with the SEAF
assuming the role of transparent forwarder. Nevertheless,
EAP-TLS presents fundamental differences with the other
authentication methodologies. Its main characteristic is the
trust model established between the UE and network. EAP-
TLS mutual authentication between them leverages on trust
of public certificates. In some cases pre-shared keys (PSKs)
can also be employed. However, in AKA-based methods, the
trust exclusively leverages on the shared symmetric key pre-
installed in both UE and network. EAP-TLS removes the
need of managing and storing large amounts of long-term
keys at the Home Network. This considerably reduces key
management issues, at the cost of introducing a Public Key
Infrastructure (PKI) into the system.
In order to obtain mutual authentication, both the UE and
AUSF can verify each other’s certificates or PSKs. Both of
them must have been previously established either in a previ-
ous TLS handshake or by means of out-of-band methods. At
the end of the EAP-TLS process, an Extended Master Session
Key (EMSK) is derived and the KAU S F is taken from the
Home NetworkServing Network
UE SEAF AUSF UDM/ARPF/SIDF
Nudm_UEAuthentication_
GetResponse
[EAP-AKA AV [, SUPI]]
Nausf_UEAuthentication_
AuthenticateResponse
Auth-Request
[EAP Request / AKA Challenge ,
ngKSI, ABBA]
Calculate Auth
Response
Auth-Response
[EAP Response / AKA-Challenge]
[EAP Request / AKA-Challenge]
Nasuf_UEAuthentication_
AuthenticateRequest
[EAP Response / AKA-Challenge]
Verify Response
Optional exchange of
further EAP Messages
Nausf_UEAuthentication_
AuthenticateResponse
[EAP Success , KSEAF ,
SUPI]
N1 Message
[EAP Success, ngKSI, ABBA]
Auth Req. Signal
[ SUCI ]
SUPI SUCI
Choose Auth. Method
Generate Auth. Vec.
Nudm_UEAuthentication_
GetRequest
Nausf_UEAuthentication_
AuthenticateRequest
[ SUCI , SNid ]
[ SUCI, SNid ]
FIGURE 4: Authentication procedure for EAP-AKA
lowest 256 bits of it.
Fig. 5 presents the 5G EAP-TLS protocol steps. Given
their complexity, in the following we provide a comprehen-
sive description of these steps.
1) Similar to the rest of primary authentication methods,
first, the UE sends a registration request signal to the SEAF
in the Serving Network. As aforementioned, this registration
request includes the UE’s SUCI. Upon receiving this mes-
sage, the Serving Network starts the authentication process
by including its identifier and forwarding this message to the
Home Network. The AUSF checks that the identifier belongs
to a legitimate Serving Network and, in that case, the request
gets passed onto the UDM to obtain the SUPI by deciphering
the SUCI.
2) The UDM checks the policies associated to the received
SUPI, this way, the authentication method to be used is
determined. Thereby, it signals the AUSF that 5G EAP-TLS
is the chosen authentication method. In turn, the AUSF sends
aTLS_START to the UE through the SEAF, indicating the UE
that the EAP-TLS procedure has been initiated.
3) The UE aggregates several ciphering attributes that
include a list with the supported algorithms by the UE.
This message is known in the EAP-TLS exchange as the
client_hello.
4) The AUSF answers the UE with its own cipher-
ing attributes, including the supported algorithms, and the
Home Network certificate. This EAP message is known as
server_hello. Note that as EAP-TLS supports several TLS
6VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
Home NetworkServing Network
UE SEAF AUSF UDM/ARPF/SIDF
Nudm_UEAuthentication_
GetResponse
[SUPI, Indicator (EAP-TLS)]
Nausf_UEAuthentication_
AuthenticateResponse
[EAP Request/ EAP Type =
EAP-TLS(TLS Start)]
Auth-Req.
[EAP Request/ EAP-Type =
EAP-TLS(TLS Start), ngKSI, ABBA]
Auth-Resp.
[EAP Response/ EAP-Type =
EAP-TLS(TLS client_hello)]
Nausf_UEAuthentication_
AuthenticateRequest
[EAP Response/ EAP-Type =
EAP-TLS(TLS client_hello)]
Nausf_UEAuthentication_
AuthenticateResponse
[EAP Request/ EAP-Type =
EAP-TLS(TLS server_hello,
TLS Certificate,
[TLS server_key_exchange,]
TLS certificate_request,
TLS server_hello_done)]
[EAP Request/ EAP-Type =
EAP-TLS(TLS server_hello,
TLS Certificate,
[TLS server_key_exchange,]
TLS certificate_request,
TLS server_hello_done),
ngKSI, ABBA]
Auth-Req.
UE authenticate
network certificate
Auth-Resp.
[EAP Response/ EAP-Type =
EAP-TLS(TLS Certificate,
[TLS client_key_exchange,]
TLS certificate_verify,
TLS change_cipher_spec,
TLS finished)]
[EAP Response/ EAP-Type =
EAP-TLS(TLS Certificate,
[TLS client_key_exchange,]
TLS certificate_verify,
TLS change_cipher_spec,
TLS finished)]
Nausf_UEAuthentication_
AuthenticateRequest
Network authenticate
UE certificate
Nausf_UEAuthentication_
AuthenticateResponse
[EAP Request/ EAP-Type =
EAP-TLS(
TLS change_cipher_spec,
TLS finished)]
Auth-Req.
[EAP Request/ EAP-Type =
EAP-TLS(
TLS change_cipher_spec,
TLS finished),
ngKSI, ABBA]
Auth-Resp.
[EAP Response/ EAP-Type =
EAP-TLS]
Nausf_UEAuthentication_
AuthenticateRequest
[EAP Response/ EAP-Type =
EAP-TLS]
Nausf_UEAuthentication_
AuthenticateResponse
[EAP Success, KSEAF, SUPI]
N1
[EAP Success, ngKSI, ABBA]
Auth Req. Signal
[SUCI]
SUPI SUCI
Choose Auth. Method
Generate Auth. Vec.
Nudm_UEAuthentication_
GetRequest
[SUCI, SNid]
[SUCI, SNid]
Nausf_UEAuthentication_
AuthenticateRequest
Derive KAUSF
Derive KAUSF
FIGURE 5: EAP-TLS authentication procedure over 5G
networks for initial authentication
versions, negotiating the version to be employed is part of the
client_hello/server_hello exchange. The protocol procedure
described here follows the RFC5216 [35] standard, which
uses TLS v1.1. Finally, the UE validates the Home Network
by verifying the received certificate. If the check successes,
at this point in the procedure, the UE considers the Home
Network as authenticated. As aforementioned, the UE is able
to validate the certificate because a previous trust model is
established.
5) Next, the UE generates a session key Ksession as
detailed in [35], which will be employed during the rest of
the exchange. Likewise, it computes several crypto attributes
including a hash of the previous handshake messages, i.e.,
steps 2, 3, and 4. They are added to the following package
that also includes a copy of the UE’s certificate. Additionally,
the change_cipher_spec signals the other end-point a success
in the algorithm negotiation, indicating that the chosen al-
gorithm will be employed during the rest of the handshake.
When receiving this message, the AUSF verifies the UE’s
certificate, hence the Home Network considering the UE as
authenticated. Similarly to the UE, the Home Network is
expected to be pre-configured with all the material needed
to validate the UE’s certificate. Alternatively the Home Net-
work may use the PKI to attain such information. Then, the
AUSF also computes the hash of the previous handshake
messages and checks if the values match with those received
from the UE. As a result of these computations, the AUSF
derives the session key Ksession.
6) The AUSF encrypts its computed hash of the previous
handshake messages, i.e., steps 2-4, with the Ksession, and
sends it to the UE. Upon reception, the UE will check if
the received hash equals its own copy. If they match, the UE
considers the authentication process successful.
7) To indicate the end of the procedure, the UE sends an
EAP_TLS message to the SEAF, which forwards it to the
AUSF. The AUSF generates a new KS EAF using crypto
attributes exchanged during the handshake.
8) Finally, the AUSF sends the KSE AF and the SUPI
together in a success message to the SEAF. The SEAF
forwards the success message to the UE. Then, the SEAF
considers the primary authentication process as completed.
In turn, the UE derives its own copy of the KSEAF . From
this point onward, all the communications will be encrypted
with the KSE AF .
There are two 5G security parameters employed in all
primary authentication methods described above, namely the
5G Key Set Identifier (ngKSI) and the 5G Anti-Bidding down
Between Architectures (ABBA) parameter. Both of them are
sent from the SEAF to the UE, in order to securely derive the
KAMF . On the one hand, the ngKSI parameter is an identifier
that points to the specific key set in the partial security
context employed during the key exchange procedure. On
the other hand, the ABBA is a parameter meant to provide
flexibility and security in future 5G releases. It is initialised
to zero and updated each time the security parameters are
changed during authentication. This way, the system avoids
attacks related to one party switching to a lower security
release midway.
As a result of a UE authentication process, a number of
implications take place, namely:
The Serving Network must authenticate the UE with its
identifier in plain-text, i.e., the SUPI.
The UE also authenticates the Serving Network as a side
effect of the authentication and key agreement process.
The Serving Network gets authorization by the Home
Network to provide access and services to the UE.
The UE will get assurance that it is connected to an
authorized Access Network.
The Serving Network will authorize the UE’s access to
the offered services based on its profile.
Unauthenticated Emergency Services will be granted to
UEs in order to meet the region regulations.
VOLUME 4, 2016 7
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
2) Non-3GPP Access Technologies
As explained before, the underlying aim of 5G authentication
procedures is to support several kinds of accesses by exploit-
ing a series of standardised mechanisms [37]. To enable that,
the core provides each UE with specific interfaces for user
and control planes. These are employed to communicate with
the device, regardless of the employed access technology.
To keep the unified association between UE and Serving
Network despite the network access methodology, there are
some common protocols and services kept in both 3GPP and
non-3GPP access. Some of the most relevant services include
the same NAS protocol between the UE and 5G core, through
the so-called N1 interface. Also, the same User Plane Func-
tion (UPF) service maintains the Packet Data Unit (PDU)
session despite the UE switching from and to 3GPP or non-
3GPP technologies. This improves the overall efficiency of
advanced mobility services because only one UPF is involved
in 3GPP and non-3GPP access. Nevertheless, some particular
aspects of 3GPP standardised technologies are lost when
the non-3GPP access is employed. For example, the User
Location Info (ULI) service providing geographical position
data employs the cell identifier that the UE employs to access
the core. However, there is no such functionality defined
when the UE employs non-3GPP access. Another feature not
available for non-3GPP accessing UEs is the Discontinuous
Reception (DRX) procedure that notifies the existence of
downlink information waiting to be transmitted. Lastly, the
handover processes of 3GPP technologies is managed by the
Radio Access Network (RAN); in contrast, non-3GPP EDs
manage the handover themselves without external support.
Since there is only a single control plane connection for
each UE, this allows the 5G core to manage the device in
a similar manner, despite employing 3GPP or non-3GPP
access technologies [38]. This is possible thanks to common
services like the NAS signaling, address allocation, or policy
enforcement. As a result, the management effort is coordi-
nated by converging all the traffic to the same core. Traffic
flows from the core or originated in the access network may
be efficiently optimised in an end-to-end basis. Thanks to
this design, the UPF retains an overall vision of all anchored
accesses, from and to the UE. At the same time, the AMF
has the visibility over all radio links statuses and the radio
spectrum availability. All the aforementioned design choices
enable high performance features like load balancing, more
accurate access technology selection, core network traffic op-
timisation, and end-user energy performance, among others.
In 5G, UE access to the Serving Network through non-
3GPP technologies is established by a signaling between the
UE and the core. First, the UE connects to the chosen non-
3GPP access network by procedures outside of 3GPP spec-
ification scope, e.g., WiFi. This connection may or may not
be secured, with regards to data confidentiality or integrity.
From the viewpoint of the 5G, it does not matter because the
5G core does not rely on the non-3GPP technology’s security
features. Thus, the UE starts communicating with the N3IWF
employing the non-3GPP access technology as a mere carrier
of signaling information. The end-goal of this procedure is
to establish a secure signaling connectivity between UE and
the serving network over an untrusted channel, namely, the
non-3GPP access network. In order to achieve this, an IPSec
link is attained between UE and AMF. The UE receives the
N3IWF’s IP address from the access network and begins an
IKE [39] exchange with the N3IWF. The goal is to protect
both UE and N3IWF from possibles attacks over the un-
trusted non-3GPP access network. The IKE procedure com-
plies with the RFC7296 specification with a few adjustments,
i.e., the UE will provide the N3IWF with its AMF identifier
so that it can negotiate access to the core. Through the AMF,
the UE establishes its NAS signaling channel with the 5G
core, employed in further services like registration or authen-
tication signaling. Note that, at this point the IKE exchange is
still halfway its authentication phase, hence using the EAP-
5G protocol, the NAS signaling is sent as a specific variation
of the common EAP defined in RFC3748 [36]. Finally, the
AMF provides the N3IWF with security material needed to
finish the IKE establishment. Moreover, an IPSec security
association is achieved, dedicated to NAS signaling. From
that moment, the NAS signaling travels embedded within the
IPSec tunnel.
3) Secondary Authentication
As mentioned previously, secondary authentication proce-
dures define how to access data networks (public or private)
outside of the cellular infrastructure itself. One of the advan-
tages of secondary authentication is that devices can access
the data network regardless of their communication technol-
ogy. It employs standardised EAP technologies through the
Serving Network to transparently access the target domain
without specific customization by the administrators, thus
improving flexibility of deployments by broadening the type
of compatible devices. This is specially relevant in IoT sce-
narios due to the heterogeneity of devices composing them.
Secondary authentication is optional and, as a pre-condition,
the UE must be registered in the Serving Network and have
a network access security context, obtained through primary
authentication.
In this scenario, UE, Session Management Function
(SMF), and external Authentication, Authorization and Ac-
counting (AAA) [40] server act as the EAP peer, authentica-
tor, and server, respectively. The authentication procedure is
started by the UE, which sends a PDU session establishment
request to the Serving Network. This request contains all
the authentication and authorisation information required for
the Serving Network to identify the specified Data-Network
Authentication, Authorisation, and Accounting (DN-AAA)
server. Next the AMF, SMF, and UPF within the Serving Net-
work forward the EAP request/response messages between
UE and DN-AAA. All authentication and key derivation
messages pass through the Serving Network. Finally, after
a successful EAP authentication, the DN-AAA sends an
EAP-Success message to the SMF, which stores the new
security relationship between UE identifier and data network
8VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
identifier (DNN). This ends the secondary authentication
procedure and gives way to a new PDU session establishment
procedure initiated by the UE.
B. REQUIREMENTS FOR SECURE IOT APPLICATIONS
OVER 5G
Being able to cope with a highly dynamic ecosystem is one
of the 5G security drivers [37]. Current cellular networks are
dominated by monolithic deployments controlled by a single
network operator which owns all the radio access and system
infrastructure, and manages all the offered services. In turn,
5G is aimed at supporting several specialised stakeholders
that will provide end-user network services. For this reason,
5G security requires high flexibility in order to efficiently
support any unexpected use-case or application. For instance,
security mechanisms devoted to ultra-low latency mission-
critical communications may not be adequate for massive IoT
deployments consisting of constrained devices sporadically
sending small packets.
5G service requirements are collected in [41]. These were
identified by 3GPP’s service and system technical specifica-
tion group (TSG-SA) and include the security requirements
of IoT applications. The IoT umbrella covers EDs with
different characteristics, e.g., diverse life-cycles, long life-
spans of years, lack of keypads or displays, etc. These devices
may change owner several times, e.g., inherited IoT deploy-
ments or consumer goods, and, in many cases, there are
not any solution for customization or firmware modification.
Additionally, the majority of these devices can operate au-
tonomously without human supervision. This drives the need
to dynamically establish or refresh cryptographic material
such as credentials. Although there are some out-of-band
(OOB) bootstrapping protocols currently under standardisa-
tion [42]–[44], they require physical access for each device to
be updated, which greatly increments management overhead.
IoT devices are not only heterogeneous in their computing
power but also in their networking capabilities. Different-
purpose EDs may require the transmission of packets with
diverse lengths employing different communication channels
and using a variety of data-rates; for example, periodic report
packets from a light post may not be as urgent as the alarms
triggered by a fire detector. Moreover, some IoT scenarios
would prefer fairness in network resource allocation, i.e.,
all devices have similar available network resources for
transmitting/receiving data. In this line, 5G security is also
characterized by the need of seamlessly available access-
independent security mechanisms due to the constant emer-
gence of novel access technologies, including licensed and
unlicensed, 3GPP and non-3GPP.
In order to handle the discussed security requirements, and
as described in the previous section, 5G manages authen-
tication employing a unified framework. Some of its main
security requirements include support of efficient authentica-
tion means for a wide range of IoT devices, and the use of
a suitable authentication framework, namely EAP, to allow
alternative authentication mechanisms to those standardised
by 3GPP, e.g., 5G-AKA. These mechanisms may employ
different types of credentials defined by standardisation bod-
ies outside of the 3GPP when accessing non-public net-
works [41]. Besides, the 5G authentication shall also support
alternative authentication methods defined by the operator
with different types of credentials for IoT deployments in
private and isolated deployments.
The lack of trust in a roaming partner is another major
5G security design choice [45]. As Home Networks do not
usually trust the Serving Networks employed by EDs, the
full control of authentication and key derivation processes
is given to the former. Through these procedures, the Home
Network is able to discover if the ED is connected to the le-
gitimate Serving Network, and not a malicious impostor. 5G
standardisation has chosen EAP as a suitable authentication
framework because it is compatible with different methods
that can match the specific use-case characteristics and needs.
With a focus on flexibility and scalability, EAP and AAA are
key technologies in massive IoT use case integration [46].
Finally, bandwidth efficiency is one of the major concerns
regarding massive IoT scenarios. 5G security requisites [41]
indicate that the system shall minimize the security signalling
overhead without compromising the level of system protec-
tion. With the arrival of LPWANs, the IoT long-range and
energy efficient networking gap has been partially filled.
However, these notable characteristics are attained through
the severe expense of having a highly constrained commu-
nication channel. In general, LPWANs were designed with
support for a few packets each day per device. This limitation
is even more exacerbated in unlicensed LPWAN technolo-
gies like LoRaWAN or Sigfox. As a result, confidentiality
and privacy schemes exchanging packets larger than tens or
hundred bytes are prohibitive. For this reason, authentication
and privacy protocols for non-constrained scenarios are not
commonly used in constrained IoT. Therefore, in massive
IoT there is a preference for reduced protocol layers, due to
the implicit overhead of having more headers [47]. Another
reason to prefer shorter packets is to avoid fragmentation;
for example, typical long security messages including crypto-
graphic material would need to be fragmented for being used
in LPWAN networks. This can potentially open new attacks
vectors that exploit reassembly state and exhaustion [47].
Section V reviews additional challenges regarding the inte-
gration of IoT and 5G.
C. 5G IDENTITY MANAGEMENT
The 5G architecture should protect the subscriber identity
together with other user’s sensitive data from both passive
and active attacks [41]. This goal has been addressed since
the beginning of the standardisation process as described
as follows. The 5G Phase 1 [45] introduced several main
security enhancements related with user and data privacy,
namely, (i) user privacy through the protection of the long-
term permanent identifier, and (ii) user plane integrity protec-
tion. Each (U)SIM card contains a fixed long-time identifier
attached to the subscription. This was commonly known
VOLUME 4, 2016 9
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
in 4G as International Mobile Subscriber Identity (IMSI),
renamed as SUPI for 5G systems. Since 5G primary authen-
tication is based on a pre-shared trust relationship, first, it is
needed to identify the user while the connection establish-
ment. However, sending the plain-text long-term subscriber
identifier over radio may result in the user being identified,
located, or tracked. 4G-LTE systems avoided sending the
plain-text IMSI by employing a temporary identifier instead,
namely, the Temporary Mobile Subscriber Identity (TMSI).
This temporary identifier is assigned by the visited network,
mapping to the long-term identifier at the core. Likewise,
5G employs the analogous 5G Global Unique Temporary
Identifier (5G-GUTI) that fulfills the same role.
However, in legacy 4G systems, there are situations when
the UE needs to send the IMSI in plain-text instead of the
TMSI. For instance, when the ED registers for the first time in
a visited network or if the core network itself cannot resolve
the mapping of the temporal ID to the long-term identifier.
This behaviour can be exploited by attackers by employing
a 4G-LTE base-station that triggers the transmission of the
plain-text IMSI by the UE. This attack is known as IMSI
Catching and has been a vestigial vulnerability of 4G-LTE
systems for decades. This is because 4G retained backwards
compatibility with all the previous systems, i.e., GSM and
3G. The 3GPP solution to this issue is brought by 5G in
the form of the Subscription Concealed Identifier (SUCI).
This design choice sacrifices backwards compatibility with
previous 3GPP systems by never allowing the transmission of
plain-text user identifiers over radio interfaces. The motiva-
tion of the SUCI is to protect the user identity from malicious
visited networks and passive radio attacks. The SUCI is
encrypted using the Home Network’s public key, contained
in the (U)SIM card. Thus, the long-term credentials stored in
the UDM must remain secure during the ED’s lifetime.
Regarding user plane integrity aspects, the protection is
limited to the UE’s chipset capabilities. Some offer cryp-
tography functions limited by the transmission bit rate, for
example in the user plane [45]. Although this is a valid
solution for most of massive IoT use-cases given the limited
traffic produced/received by each ED, this is an issue to be
addressed.
IV. SECURITY SOLUTIONS FOR LPWAN-5G
INTEGRATION
In recent years, the security aspects related to the LPWAN-
5G integration have attracted a significant interest from the
research community. This section describes the main propos-
als addressing security aspects of LPWAN-based technolo-
gies and their relationship with the integration into the 5G
ecosystem based on the security mechanisms described in the
previous section. Our analysis also covers research works that
do not explicitly address the integration of LPWAN in 5G, but
are focused on security aspects that can be also considered for
such integration.
A. CLASSIFICATION ASPECTS
Before describing the different surveyed research proposals,
we propose diverse aspects to help in the classification and
analysis of the current landscape of approaches:
LPWAN technology: As described in recent works [7],
[48], current landscape of LPWAN solutions is still
fragmented. Indeed, there is a plethora of existing tech-
nologies, including Dash7 Alliance Protocol Low-Rate
(D7AP Low-Rate) [49], Weightless [50], Extended Cov-
erage GSM (EC-GSM) [51], or LTE Cat-M1 (LTE-M)
[52]. However, we focus our analysis on the technolo-
gies that are considered in the scope of the Internet
Engineering Task Force (IETF) RFC 8376 [53], namely,
LoRAWAN, NB-IoT, Sigfox, and Wi-SUN FAN [54].
The main purpose to consider such technologies is to
narrow down our analysis to communication approaches
that are contemplated under current standardisation ac-
tions.
Security aspects: Most of current works are focused on a
specific security aspect for the LPWAN-5G integration.
According to our analysis, authentication, key manage-
ment and the prevention of different security attacks rep-
resent the most widely considered concerns in existing
literature. Furthermore, as already mentioned, we also
include in our analysis research proposals coping with
additional security aspects of LPWAN technologies, as
they provide insights to be considered for the integration
into the 5G ecosystem.
5G integration: The third aspect to classify the different
research proposals is related to its level of maturity, i.e.,
if the solution has been implemented and validated. As
will be described in Section IV-F, some of the proposals
do not address explicitly the integration within the 5G
architecture or such integration is only conceptually
considered.
Use case/Application: While most of the research works
analyzed are intended to be used in any IoT-enabled
scenario, some of these proposals are focused on spe-
cific use cases or applications, such as smart agriculture
[55] or industrial IoT [56]. A description of potential
applications was provided in Section II.
These aspects have been used to classify the research
proposals that are described in Section IV-F. Furthermore,
Table 2 provides a summary of such analysis. Before this
comprehensive review, in the following we provide a general
overview of the main LPWAN technologies being considered
in this work with an emphasis in their off-the-shelf security
mechanisms.
B. LORAWAN
LoRaWAN is one of the solutions based on LPWAN that has
received more attention from academia and industry in recent
years. This technology is supported by large companies such
as Cisco or Semtech, which have joined together through
10 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
the LoRa Alliance2. LoRaWAN provides a well-defined two-
layer architecture: the lowest layer LoRa defines the physical
(PHY) level, and above this layer, the medium access control
(MAC) level is defined by LoRaWAN. The technology uses
unlicensed frequency bands, so it has been widely adopted.
The LoRaWAN architecture consists of a set of EDs that
are enabled to communicate with multiple gateways using a
star topology. Then, a network server receives the messages
from the end-nodes through the gateways. To participate
in a LoRAWAN network, each device must be activated
by following the Over-the-Air Activation (OTA) or Acti-
vation by Personalization (ABP) procedures. In the first
case, the device and the network server carry out a joining
process by using an AES-128 shared key (AppKey), which
is used to derive two symmetric keys: a network session
key (NwkSKey) and an application session key (AppSKey).
While the NwkSKey is used between the device and the
network server, the AppSKey is used to encrypt/decrypt
the message payload between the device and an application
server. On the other hand, in the case of ABP it is assumed
that EDs are already equipped with both keys. Such keys
are used to provide basic security aspects, including integrity
checking and device authentication.
It should be noted that the previous description is based on
the LoRAWAN 1.0 specification [57]. However, as reported
by different works that are reviewed in section IV-F, this
simple security approach implies different issues, especially
regarding key management aspects. In order to mitigate some
of these problems, the LoRaWAN 1.1 specification [58]
considers two keys (AppKey and NwkKey) that are used
to derive different session keys. This way, key management
aspects are separated for network and application data. Addi-
tionally, this version of LoRAWAN improves authentication
and key management by providing a re-join mechanism,
which can be used for handover between two networks, key
refreshing or even to change the ED’s address
C. NARROWBAND IOT (NB-IOT)
NB-IoT was specified in 3GPP’s release 13 [59], and it is
characterized by enabling low cost terminals, long battery
life and massive capacity [60]. This LPWAN technology is
integrated into the Long Term Evolution (LTE) standard, so
that it can be activated in the existing LTE networks with a
software upgrade in the operator’s base stations [53]. NB-
IoT provides three different operation modes. In the in-band
mode, the narrowband is deployed within a LTE carrier. In
the guardband mode, NB-IoT can use the unused resources
by LTE. In the case of the standalone mode, the narrowband
is deployed in a dedicated spectrum.
As described in [61], the NB-IoT architecture is based
on an enhanced version of the LTE-A one [62] aiming at
meeting the requirements of NB-IoT devices. In particular,
it includes the control plane, which makes use of the Service
Capability Exposure Function (SCEF) to send IP and non-IP
2https://lora-alliance.org/
data between the NB-IoT node and the LTE-A network. The
SCEF component exposes service and network capabilities
in a secure way, and provides authentication mechanisms.
Furthermore, the user plane enables the communication fol-
lowing the LTE approach. It should be noted that the specifi-
cation of NB-IoT is linked to the 3GPP, so the integration into
the 5G ecosystem is already considered. Indeed, as discussed
in [63], 5G authentication mechanisms such as 5G-AKA and
EAP-AKA’ need to be implemented by NB-IoT devices (or
UEs using the 3GPP terminology).
D. SIGFOX
Sigfox is the name of a network operator and an LPWAN
technology, which was firstly launched in France in 2009.
Currently, Sigfox offers their IoT solution over 30 countries
in partnership with several network operators3. Its main
purpose is to be used by highly-constrained autonomous
and battery-operated IoT devices that send a limited number
bytes over a specific period of time, which allows the devices
to operate with a single battery for more than 10 years [21].
The Sigfox radio protocol is non connection-oriented and
it is optimized for uplink communications. The capacity of
a base station relies on the number of messages emitted
by the devices rather than the volume of the latter. Sim-
ilarly, the duration of the battery relies on the number of
messages generated by the device. Sigfox makes use of the
Ultra Narrow Band (UNB) transmission technology, which
consists of using narrow channels of the spectrum to reach
long distances, whilst reducing the energy requirement to
do so. The coverage of Sigfox cells depends on the link
allowance and on the location of the actual deployment, e.g,
rural, urban, etc.
The Sigfox architecture is supported by a Central LPWA
Gateway or a Cloud-based Service Center. In communication
with Sigfox EDs there are a number of Cooperative Radio
Gateways, called base stations, with support for Multiple
Input Multiple Output (MIMO) communications. Regarding
authentication, Sigfox uses a Central and Global Authentica-
tion system. This means that there is no need for supporting
roaming. In terms of communications, Sigfox provides an
unique device ID of 32 bits, supports fragmentation and
asynchronous unicast communications. To secure the com-
munications, it provides message integrity with authentica-
tion code (MAC) at link layer generated using the device
ID and AES-128. Application layer encryption is optional,
depending on the specific application.
In Sigfox deployments, the information is encrypted using
AES-128 in counter mode with cipher keys being indepen-
dent for each device. These keys are associated with the
unique device ID and there are different keys for integrity and
confidentiality. The key material in Sigfox is pre-provisioned,
hence the bootstrapping process [47] is not considered in this
technology. Lastly, Sigfox uses the pre-provisioned keys di-
rectly to perform the crypto operations, it does not derive key
3https://www.sigfox.com/en/coverage
VOLUME 4, 2016 11
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
material from the pre-provisioned keys, which is a notable
risk if the keys are compromised.
E. WI-SUN ALLIANCE FIELD AREA NETWORK (FAN)
The Wi-SUN Alliance is a global member-based and non-
profit association composed of industry leading companies4.
Its goal is to drive the adoption of interoperable wireless so-
lutions in smart cities, smart grids and other IoT applications,
based on open and international standards [54].
Here we focus on the FAN (Field Area Network) profile
that is akin to the LPWAN set of technologies, but it works on
top of IEEE 802.15.4g [64]. Wi-SUN FAN provides a large
coverage range of several kilometers, high bandwidth with
transmissions up to 300 kbps and low latency. In terms of
energy, they require less than 2 uA when resting and 8 mA
in listening mode. From a scalability perspective, Wi-SUN
networks can support thousands of devices.
Authentication and access control is done using the EAP
lower-layer IEEE802.1x, also known as EAPOL, with the
EAP-TLS method. To support muti-hop scenarios, when the
EAP peer is not able to reach the EAP authenticator by its
own means, the EAPOL datagram can be forwarded by mul-
tiple routing nodes. Additionally, FAN nodes support Node
Pairwise (N2NP) Authentication [65] among neighbors in the
mesh. Furthermore, FAN integrates additional protocols and
methods for managing the network access exploiting EAP,
which brings the possibility of an easier integration within a
5G infrastructure.
F. ANALYSIS OF RESEARCH PROPOSALS
As previously mentioned, the security limitations of current
LPWAN technologies have attracted a significant interest
from both industry and academia in recent years. In addition
to the security aspects of the technology itself, the integra-
tion with the 5G ecosystem represents a new challenge in
terms of interoperability with 5G security technologies. This
section describes the main research proposals addressing
security issues in the LPWAN technologies described above.
Additionally, our analysis explores security approaches for
the integration of each LPWAN technology within the 5G
architecture.
In the case of LoRaWAN, the limitations on its key
management scheme have been widely reported by different
works. As discussed by [66], in the LoRaWAN 1.0 specifica-
tion [57], the network server is responsible for generating the
NwkSKey and AppSKey session keys even if they are used at
different layers. It means that the network server could have
access to the application data sent by the device. To cope
with this issue, authors describe a dual key-based activation
scheme, so that network server and application server use
different keys to generate the corresponding session keys.
Therefore, key management is separated between network
and application layers. This aspect is also addressed in [67],
which proposes a security protocol to provide end-to-end
4https://wi-sun.org/
security between device and the application server. Authors
validated their proposal by using the Automated Validation of
Internet Security Protocols and Applications (AVISPA) tool
[68], and provided some evaluation results, which are com-
pared with the Datagram Transport Layer Security (DTLS)
[69]. Furthermore, [70] proposed the use of the Ephemeral
Diffie-Hellman Over COSE (EDHOC) [71], which repre-
sents a standardisation effort for a lightweight authenticated
key exchange protocol in the scope of the IETF’s LAKE
WG5. In this case, the NwkSKey and AppSKey session keys
are updated/refreshed through the execution of such protocol.
A different approach was proposed in [72], which presents an
enhanced key management and update approach by adding a
trusted key distribution server in the context of smart grid
scenarios [73].
An additional issue identified in [66] is that LoRaWAN 1.0
does not define any mechanism to update the initial AppKey.
This means that such key can be used throughout the whole
device’s lifecycle, which may represent a significant security
issue if it compromised as the attacker could obtain all the
previous session keys. In this direction, work in [74] defined
an authentication service (Low-Overhead CoAP-EAP (LO-
CoAP-EAP)) to generate an AppKey based on the integration
of three main technologies: the Constrained Application Pro-
tocol (CoAP) [75], the Extensible Authentication Protocol
[76], and the use of AAA infrastructures. This approach
represents an adaptation of the solution proposed in [77]
for LoRaWAN networks. The same authors also defined a
mechanism to integrate the LoRaWAN join procedure with
AAA for RADIUS and Diameter protocols [78]–[80]. This
proposal provides several advantages in terms of scalability,
efficiency and flexibility. Furthermore, the use of EAP and
AAA could foster its integration into the 5G architecture,
which defines an authentication process based on such tech-
nologies, as described in the previous section. While previous
issues are partially mitigated by the LoRaWAN 1.1 specifica-
tion [58], security aspects of the new release have also been
discussed by recent works [81]. In this line, authors of [82]
analysed key management aspects of the LoRaWAN 1.1 join
procedure, and discussed several issues around perfect for-
ward secrecy and backward compatibility. Moreover, work
in [83] described an enhanced key management scheme to
update the root keys, i.e., AppKey and NwkKey, by using the
Rabbit cipher scheme [84]. Furthermore, work in [85] pro-
posed the addition of a trusted third party for the generation
of session keys. Also addressing key management aspects,
[86] proposes a re-keying approach to ease the deployment
of LoRaWAN devices in which a smartphone’s camera flash
is employed to transfer the necessary credentials.
In addition to key management, other LoRaWAN security
issues are addressed by other works. In this direction, work
in [87] presented a replay attack prevention scheme for the
join mechanism, which follows the standard packet structure.
In particular, authors added a new non-initial join request,
5https://datatracker.ietf.org/wg/lake/about/
12 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
in which the NwkSKey is used by the network server to
detect replay attacks, as it changes for each request. More-
over, authors of [88] defined a secure device-to-device link
establishment scheme based on two new messages to allow
secure communications between devices. Furthermore, the
integration of distributed ledger technology [89] has been
considered in [90] to cope with the centralized nature of
LoRaWAN network servers. Specifically, authors proposed
a two-factor authentication approach for the join procedure,
in which the information of EDs is stored in a simulated
blockchain by using Ethereum [91]. Furthermore, authors of
[92] proposed a permissioned blockchain, in which smart
contracts are used for key management aspects. A similar
approach is also designed in [93] in which network servers
were extended with blockchain functionality.
More focused on the integration of LoRAWAN within the
5G architecture, work in [94] analyzed the role of LPWAN
in 5G by presenting a performance analysis for LoRaWAN
in terms of coverage and throughput. Authors identified
some potential issues of such integration specially related
to scalability. Moreover, a discussion regarding the integra-
tion of LoRaWAN into 4G/5G for industrial IoT scenarios
was presented in [95]. Authors also proposed an approach
in which only LoRaWAN gateways need to be modified.
Moreover, work in [96] addressed mobility aspects through a
handover roaming mechanism for LoRaWAN, where devices
can use 5G or LoRaWAN authentication to enable interoper-
ability between both technologies. Authors also implemented
and validated their solution in an integrated 5G-LoRaWAN
testbed.
In the case of NB-IoT, authors of [60] identified several
security attacks including resource exhaustion, selective for-
warding or Distributed Denial-of-Service (DDoS) attacks.
They also proposed several security countermeasures in the
scope of different scenarios, such as smart healthcare or
smart agriculture. Security threats and attacks in NB-IoT
are also discussed by [97], which defines an architecture to
demonstrate the possibility of launching certain attacks on a
NB-IoT network. Furthermore, the work in [98] described a
differential radio frequency watermark approach to mitigate
several security attacks and eavesdropping based on compu-
tations over the received signals. This approach represents
an alternative solution to well-known network or application
layer solutions.
Other papers focused on the authentication aspects of NB-
IoT by proposing different mechanisms to make the authen-
tication process more efficient specially in the cases with a
high number of devices. In this line, authors of [63] reported
the overhead required by authentication mechanisms, e.g.,
5G-AKA, by describing a fast access mutual authentication
and data distribution scheme with quantum attacks resis-
tance. Furthermore, work in [99] proposed a multi-party
authenticated encryption scheme without certificates, which
is used by NB-IoT devices to be authenticated through their
serial number. The proposal also exploits a data aggregation
technique to reduce communication overhead. Also based on
an authentication scheme without certificates [100], a mech-
anism to enable the simultaneous authentication of several
NB-IoT devices was proposed in [61]. Specifically, this work
considered an entity called group leader, which aggregates
the authentication information of a certain group of devices to
be sent to the Mobility Management Entity (MME). Also fo-
cused on authentication, authors of [101] proposed the use of
LO-CoAP-EAP [74] for the initial authentication of NB-IoT
devices. This solution combines the use of the EAP frame-
work and CoAP [75] to realize a lightweight and efficient
approach. Moreover, the use of physical unclonable functions
(PUF) [102] was considered in [103] to complement the key
derivation process between NB-IoT devices and smart grid
platforms. A similar approach was also proposed in [104] by
using the concept of PUF.
In addition to authentication aspects, additional NB-IoT
security concerns have been addressed by additional works.
Work in [105] proposed a trust and reputation model based
on social aspects of IoT devices [106], in such a way that
the definition of a new topology takes the model’s values
into account. Moreover, authors of [107] integrated SDN
and NFV concepts to design an automated deployment of
virtual firewalls to protect NB-IoT communications. Besides,
in [108] an efficient traffic filtering approach for encapsulated
traffic was proposed in order to address mobility require-
ments of 5G networks based on NB-IoT devices.
Although Sigfox and Wi-SUN FAN technologies are also
considered in RFC 8376 [53], they have received less atten-
tion in the related literature in order to be integrated within
the 5G ecosystem. In the case of Sigfox, this may be due
to the fact that it is defined as a closed system, so that it is
difficult to design and develop further improvements devoted
to increase its robustness or performance. Even so, one pro-
posal addressing security aspects was represented in [109],
which discussed the general aspects of Sigfox security and
provided a comparison of different encryption techniques,
such as AES, Chacha [110], and one time pad encryption
[111] when combined with this technology. As mentioned
above, Sigfox is included in the RFC 8376, where three
main LPWAN areas are identified to be further developed,
namely, (i) management features, (ii) security features, and
(iii) applications profiles. The initial defined considerations
regarding authentication and authorization at large scale, and
the implications on key management could be extended to
enhance Sigfox in such security aspects. In terms of suit-
ability for integration in 5G networks, Sigfox does not use
protocols and technologies that are natively used in 5G for
network access. As stated in [112], Sigfox is understood as
a technology to coexist with 5G, but as a complementary
technology.
Finally, regarding Wi-SUN FAN technology, its security
aspects have been not considered yet in the related literature.
The main reasons are its novelty and that this technology is
based on a standardized stack based on well-known standards
from the IETF. Therefore, the security issues are already
addressed by technologies that have been widely tested and
VOLUME 4, 2016 13
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
deployed, such as 802.1X or EAP, with EAP-TLS for au-
thentication purposes. Indeed, the use of 802.1X typically is
linked to the use of an AAA infrastructure to perform the
authentication, which leads to consider that Wi-SUN FAN is
able to provide support for AAA infrastructures. This aspect
could facilitate the integration of this technology into the
5G ecosystem considering the authentication mechanisms
described in Section III.
As already described, the security aspects of LPWAN
networks have attracted a significant interest in recent years.
However, our analysis shows that there are still few proposals
that address such issues considering the integration with the
5G ecosystem. Among the main LPWAN technologies, most
of the analyzed works are based on the use of LoRaWAN
and NB-IoT. This is mainly because both technologies have
public specifications and are receiving a strong support from
industry and SDOs. Moreover, it should be noted that most
of research proposals focus on authentication and key man-
agement aspects. While both are essential to guarantee a
secure integration of LPWAN technologies, it is expected an
increase of research proposals in the coming years to address
other security issues, such as trust management, access con-
trol, intrusion detection and privacy [13]. This will require
the integration of emerging technologies, such as the use of
machine learning techniques [113] to build effective systems
for detecting and mitigating security threats in 5G scenarios,
or distributed ledger technologies, e.g., blockchain, to foster
a more trustworthy integration of end devices. Beyond the
specific security-related aspects, the integration of LPWAN
networks in the 5G ecosystem sets out significant challenges
that may impact in a potential secure and large-scale 5G de-
ployment. These challenges are described in the next section.
V. OPEN ISSUES AND CHALLENGES
Based on the analysis provided in the previous section, in the
following we describe the main open issues and challenges
for the integration of LPWAN technologies in the 5G ecosys-
tem.
A. IOT HETEROGENEITY
The vision of IoT includes the interconnection of hetero-
geneous EDs communicating through low-bandwidth links.
This demands novel protocols or mechanisms dealing with
this heterogeneity and also guaranteeing the secure and
seamless information exchange of EDs [114]. This approach
should be maintained when integrating IoT applications in
5G. Thus, this IoT (LPWAN)–5G interconnected environ-
ment leverages on the trend of avoiding individual solutions
with vendor-specific dependencies, towards novel distributed
and inter-operable service ecosystems. Still, compatibility
among different-technology LPWAN systems remains as one
of the greatest gaps in order to achieve large-scale deploy-
ments to enable next-generation applications. This is due to
the characteristic heterogeneity of IoT deployments, where
establishing communication links between devices connected
to different types of networks is required.
Achieving this in LPWAN is complex due to the existing
landscape of available communication technologies, where
some of them are open solutions while others are closed
products. Indeed, authors of [6] conclude that further efforts
towards the compatibility among different technologies are
needed and a key factor of this process is the adoption and
use of standards. To accomplish this, organizations such as
the IETF play an important role in the definition of standards
and guidelines to provide common foundations to LPWANs.
In this line, authors of [115] provided an overview of the
status of LPWAN technologies in the IETF. From this paper,
it can be extracted that there is a need for homogenizing
different aspects of the life-cycle of the IoT devices, such
as authentication, authorization and key management, a task
that is being tackled by the IETF through its different WGs,
as explained later. This work also describes a general archi-
tecture that covers common points of the different LPWAN
technologies, such as a radio gateway that connects EDs
and LPWAN gateways that aggregate the different radio
gateways and provide them with connectivity towards the
Internet. From this generalization, authors proposed a series
of building blocks for the different LPWAN technologies to
be used in order to find interoperation points.
Regarding the related efforts of IETF’S WGs mentioned
above, the LPWAN WG has developed the Static Con-
text Header Compression (SCHC) scheme [116] that re-
duces message size and provides fragmentation to make
IPv6 and UDP protocols available for LPWAN technolo-
gies. Currently, a version of SCHC for CoAP is still un-
der development [117] to apply the SCHC mechanism to
the flexible headers of CoAP for achieving more efficient
compression ratios. Besides, there is also work in progress
to provide SCHC support to specific technologies, namely,
Sigfox [118], LoRaWAN [119], and NB-IoT [120]. Once the
technologies have the basic communication functionalities,
more advance features should be considered such as identity
and device management, security, or mobility, among others.
Future work of the LPWAN WG may span to more advanced
features such as the support of AAA as mentioned in the
LPWAN Overview RFC [53], introducing a more centralized
security management, and additional features such as identity
federation. These novel characteristics are in line with the
security architecture used in 5G, where EAP and AAA are
adopted to manage the identity and network access for dif-
ferent devices. There are existing proposals in this direction
such as the AAA adaptation for LoRaWAN with RADIUS
[78] and Diameter [80]. However, the development of these
features will not be the focus of the LPWAN WG until the
foundations for the communications of LPWAN technologies
are completed.
The proliferating LPWAN technologies that are targeted
at being eventually integrated within the 5G ecosystem
do not currently incorporate inter-vendor or inter-operable
functionalities that allow their integration within third-party
networks. These mechanisms are key to support the hetero-
geneous IoT landscape of devices that 5G aims to integrate. It
14 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
TABLE 2: Research papers addressing security aspects in LPWAN technologies
Research proposal Year LPWAN Technology Security aspect
addressed
5G
integration
Implemented/
Validated Application Approach
Enhancing LoRAWAN security through a lightweight
and authenticated key management approach [70] 2018 LoRaWAN Key Management No Yes Generic Use of the EDHOC protocol to update the NwkSKey and
AppSKey session keys
Enabling Roaming across Heterogeneous IoT
Wireless Networks: LoRaWAN meets 5G [96] 2020 LoRaWAN Authentication Yes Yes Generic Proposal of a handover roaming mechanism for LoRaWAN,
enabling 5G and LoRaWANauthentication
Integration of LoRaWANand 4G/5G for the
Industrial Internet of Things [95] 2018 LoRaWAN Authentication, Key
management Yes Yes Industrial IoT
Modification of LoRaWANgateways to use 4G/5G
cryptographic material to ensure end-to-end confidentiality
and integrity
A CoAP-based network access authentication service
for low-power wide area networks: LO-CoAP-EAP
[74]
2017 LoRaWAN Key Management No Yes Generic Integration of CoAP-EAP and AAA infrastructures to
generate the AppKey through a bootstrapping process
Fast Authentication and Data Transfer Scheme for
Massive NB-IoT Devices in 3GPP 5G Network [61] 2019 NB-IoT Authentication Yes Yes Generic Proposal of a certificateless scheme to improve the efficiency
of NB-IoT authentication
On track of Sigfox confidentiality with end-to-end
encryption [109] 2018 Sigfox Key Management No Yes Generic Comparison of different encryption techniques for
confidentiality of Sigfox systems
5G NB-IoT: Efficient network trafficfiltering for
multitenant IoT cellular networks [108] 2018 NB-IoT Traffic filtering Yes Yes Generic A mechanism for traffic filtering in NB-IoT scenarios with
mobility requirements
A dual key-based activation scheme for secure
LoRaWAN[66] 2017 LoRaWAN Key Management No Yes Generic Separation of key management tasks between a network and
an application server for LoRaWAN
A secure device-to-device link establishment scheme
for LoRaWAN[88] 2018 LoRaWAN Key Management No Yes Generic Improved LoRaWAN key management scheme to support
device-to-device communication
A Simple and Efficient Replay Attack Prevention
Scheme for LoRaWAN[87] 2018 LoRaWAN Replay attack
prevention No Yes Generic A replay attack prevention scheme for the LoRaWANjoining
mechanism by following the standard packet structure
An enhanced key management scheme for LoRaWAN
[83] 2018 LoRaWAN Key Management No Yes Generic Use of the Rabiit cipher scheme to enable the updating of
LoRaWANAppKey and NwkKey keys
An enhanced LoRaWANsecurity protocol for privacy
preservation in IoT with a case study on a smart
factory-enabled parking system [67]
2018 LoRaWAN Key Management No Yes Smart
buildings
Enhanced LoRaWANkey management to enable end-to-end
security between device and application server.
Anti-quantum fast authentication and data
transmission scheme for massive devices in 5G
NB-IoT system [63]
2019 NB-IoT Authentication Yes Yes Generic An efficient and quantum-resistant authentication scheme for
the integration of NB-IoT devices in 5G
LoRaWANAuthentication in RADIUS [78] 2017 LoRaWAN Authentication No No Generic Standardization proposal for the integration of LoRaWAN
with RADIUS
LoRaWANAuthentication in Diameter [80] 2017 LoRaWAN Authentication No No Generic Standardization proposal for the integration of LoRaWAN
with Diameter
Certificateless multi-party authenticated encryption
for NB-IoT terminals in 5G networks [99] 2019 NB-IoT Authentication Yes Yes Generic A certificateless multi-party authenticated encryption scheme
for NB-IoT devices based on their serial number
A lightweight blockchain based two factor
authentication mechanism for LoRaWANjoin
procedure [90]
2019 LoRAWAN Authentication No Yes Generic Two-factor authentication mechanism for the join procedure,
in which the information of EDs is stored in Ethereum
NB-IoT for D2D-enhanced content uploading with
social trustworthiness in 5G systems [105] 2017 NB-IoT Trust management No Yes Social IoT Establishment of a NB-IoT topology based on a trust and
reputation model for IoT devices
Reliable and Secure Constellation Shifting Aided
Differential Radio Frequency WatermarkDesign for
NB-IoT Systems [98]
2019 NB-IoT Attack prevention No Yes Generic A mitigation approach for several security attacks and
eavesdropping in NB-IoT based on the received signals
Research on PUF-based security enhancement of
narrow-band Internet of Things [104] 2018 NB-IoT Authentication No Yes Generic Use of PUF to enhance security of NB-IoT devices
Research on End-to-End Security Authentication
Protocol of NB-IoT for Smart Grid Based on Physical
Unclonable Function [103]
2019 NB-IoT Authentication No Yes Smart grid A PUF-based mechanism for the key derivation process
between NB-IoT devices and smart grid platforms
Secure Authentication and Credential Establishment
in Narrowband IoT and 5Gs [101] 2020 NB-IoT Authentication, Key
management Yes Yes Smart
agriculture
Integration of the LO-CoAP-EAP to carry out the initial
authentication (bootstrapping) of NB-IoT devices
Secure Session Key Management Scheme for
Meter-Reading System Based on LoRa Technology
[72]
2018 LoRAWAN Key Management No Yes Smart grid Enhanced key management and update mechanism based on
a trusted key distribution server for smart grid scenarios
Security of join procedure and its delegation in
LoRaWANv1. 1 [82] 2018 LoRAWAN Key Management No No Generic Security analysis of the LoRaWAN 1.1 join procedure and
backward compatibility
Enhancing Key Management in LoRaWAN with
Permissioned Blockchain [92] 2020 LoRAWAN Key Management No Yes Generic Use of permissioned blockchain to improve key management
in LoRaWAN
Trusted third party based key management for
enhancing LoRaWANsecurity [85] 2017 LoRAWAN Key Management No Yes Generic Enhancement of key management in LoRaWAN by adding a
trusted third party
Using blockchain technology to build trust in sharing
LoRaWANIoT [93] 2017 LoRAWAN Key Management No Yes Generic Use of blockchain to extend network servers functionality in
LoRaWANfor key management aspects
Towardsautomatic deployment of virtual firewalls to
support secure mMTC in 5G networks [107] 2019 NB-IoT Attack prevention Yes Yes Generic Deployment of virtual firewalls to protect NB-IoT traffic
based on SDN and NFV concepts
Secure decentralised deployment of LoRaWAN
sensors [86] 2020 LoRaWAN Key Management No Yes Generic Re-keying approach based on the use of a smartphone to
transfer the device’s credentials
is currently an ongoing effort by the research community and
different SDOs to develop non-vendor locking solutions that
further support the compatibility among LPWANs. These
solutions take advantage from common characteristics of
all IoT devices connected through LPWANs, e.g., similar
architectural models, critical bandwidth usage, low-overhead
standardised protocols to perform security-related network
administration tasks, among others. Therefore, we can expect
in the near future more advances in the area of security
and related fields applied to LPWAN coming from other
WGs. A clear example is the work of the IETF’s LAKE
WG and their use case for LPWAN, where the requirements
of a lightweight Authenticated Key Exchange (AKE) for
OSCORE are being discussed. One of the studied cases is the
use of LoRaWAN, which has also received attention from the
research community in similar terms [121].
B. INTEROPERABILITY
Regarding the smoothness in the LPWAN integration process
within the 5G architecture, the open or closed nature of the
LPWAN solution to be integrated should be considered, e.g.,
LoRaWAN vs. Sigfox. Besides, the use (or not) of standard-
ised protocols or mechanisms is another issue that should
be taken into account to evaluate the complexity of such
integration regarding the interoperability between LPWAN
and 5G procedures.
Therefore, the desired integration should be free-flowing
when dealing with an LPWAN solution based on an open
specification using standardised mechanisms. The main con-
cern in this case may be the off-the-shelf compatibility of
the adopted standards with 5G procedures. It is interesting
to note that none of the principal LPWAN technologies
fall into this category. In turn, LPWAN solutions based on
closed specifications but using standards schemes, as long
VOLUME 4, 2016 15
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
as they were compatible with 5G, should be fairly easy to
interoperate with 5G procedures. This is the case of Wi-SUN,
where the customer has no control over the development of
the technology or how to customize it, but since they are
using standard protocols, the integration with 5G may be
reasonably feasible.
In the case of dealing with solutions based on an open
specification that makes use of non-standard protocols, an
adaptation process should be taken in order to perform the
necessary modifications to integrate the technology with 5G.
An example of a specific solution customisation is shown
in [95], where authors proposed different ways of coupling
LoRaWAN with 5G. Lastly, LPWAN solutions based on
closed designs that do not use standard procedures are the
hardest case as no adaptations would be possible, unless
some intermediate entity may assume the role of a interop-
erability bridge between the proprietary protocol and the 5G
infrastructure. This would be the case of Sigfox, where there
is no control over the development of the technology and it
employs proprietary protocols.
In addition, current IoT ecosystem includes highly closed
environments, typical in industrial settings, where many
different ad-hoc protocols coexist, forcing vendor-locking
architectures and solutions. While there are some efforts
related to improve system’s scalability or even network fed-
eration approaches in specific LPWAN technologies, e.g.,
LoRaWAN [122], these are usually only compatible with na-
tive intra-technology deployments. That means that LPWAN-
based solutions do not include in their specifications mecha-
nisms to manage a combined deployment with other tech-
nologies, hence the development of interoperable procedures
among different LPWAN solutions to integrate them into 5G
still remains a great open challenge.
In addition, there are still open issues regarding the mutual
lack of trust among 5G Home, Serving, and Access networks.
This includes the end-user herself, who may not trust the
different network operators due to their particular procedures
to manage network security aspects. This is reasonable for
certain users and use cases, as the level of security depends
on the network operators [45] as discussed in Section III-C.
To solve this issue, two different approaches have been
proposed in the literature, namely, (i) adding a trusted third-
party element to the architecture in charge of managing the
security mechanisms [85], and (ii) exploiting a distributed
ledger architecture deployed along the different involved
parties [90], [92], [123]. Following these proposals, in order
to increase the confidence in 5G as a system for critical
applications, the potential solutions are based on providing
customers with additional trust mechanisms able to handle
or bypass potential exploited vulnerabilities on the network
operator side.
C. MOBILITY
Mobility in the context of network access is a term that
refers to the dynamic change of Point of Attachment (PoA).
This generalization can be narrowed by considering if the
PoA change is within the same administrative domain or in
a different one. When it comes to LPWANs, mobility does
not have the typical connotations of cellular networks, where
mobility refers to keeping a constant uninterrupted stream
of information by performing the handover process without
data loss. In contrast, LPWAN traffic is usually devised
as small packets of data transmitted at sporadic periods,
most of the time in delay tolerant scenarios. Despite this,
there are uses cases where mobility is relevant in LPWAN,
such as those from Intelligent Transportation Systems (ITS)
[124], which consider mobility as a specific need to pro-
vide uninterrupted connectivity. Hence, when changing the
administrative domain, we find a roaming scenario where
it is crucial to account for a specific set of preconditions
that need to be met such as pre-established trust relations
between the two domains as well as identity management
and security specifically associated to this scenario. Some
LPWAN technologies present mobility capabilities, even in
roaming scenarios, such as LoRaWAN [20]. The main related
issue is not having a native support to the technology but
an interoperable one, as remarked by Torroglosa-Garcia et
al. in [96], where they proposed a mobility solution, which
employed 5G to provide an interoperable roaming solution,
either by running a standard 5G authentication or doing it
through a LoRaWAN network.
Therefore, providing EDs with roaming capabilities is a
highly discussed 5G security challenge. This is because the
user security parameters are not updated when visiting a
new administrative domain, leading to a trade-off between
access security and roaming capabilities [125]. Some of the
limitations to the deployment of a roaming solution is the
lack of pre-existing trust agreements among the different
administrative domains. This process is typically performed
by relying on AAA infrastructures, where the mobile node
(MN) in a visiting network delegates the authentication
process to the local AAA server, which in turn forwards
the request to the home AAA of the MN. To enable this
process, the integration of AAA within LPWAN solutions
is needed. Some of them such as Wi-SUN provide native
support by their native stack, although it can be limited
by the manufacturer’s design. The are additional proposals
for other LPWAN technologies, e.g., LoRaWAN, such as
the IETF’s I-D from Garcia-Carrillo et al. [78] where they
propose the integration of the LoRaWAN joining procedure
within RADIUS and Diameter architectures.
D. SCALABILITY
Many 5G security challenges in IoT scenarios identified by
the research community are tightly related to scalability.
This includes flash or surge network traffic in massive IoT
deployments, radio link jamming, signalling storms, Denial-
of-Service (DoS) attacks aimed at constrained EDs, DDos
attacks coming from EDs, etc. [126]. Scalability has sev-
eral connotations, in this case for LPWAN we focus on
the issues to support a large number of devices within a
single deployment, which has its own inherited limitations
16 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
due the physical characteristics of the radio technology, and
also the constraints caused by the duty-cycle imposed to
LPWAN technologies that use ISM bands. Besides, we also
consider the interoperability factor, which is the main effort
within the IETF’s LPWAN WG as explained previously. To
provide such interoperability, not just the homogenization of
communications protocols should be considered, as elabo-
rated in section V-A, but also security aspects such as user
authentication and authorization as well as key agreement
and distribution should be taken into account. These aspects
were previously discussed in section V-C.
The use of AAA infrastructures does not only fit in the
mobility use case, but also helps establishing the necessary
trust relationships between different domains. This paves the
way for having large-scale deployments similar to mobile
network systems, supporting a high number of devices and,
at the same time, giving the possibility of using different
authentication mechanisms if coupled with protocols such
as EAP [74]. Therefore, regardless the underlying authen-
tication mechanism used for network access, the use of a
centralized entity, e.g., LPWAN-AAA using the terminology
in [47], will open a range of opportunities for managing
security procedures in large-scale IoT deployments.
Consequently, the scalability problem presented by mas-
sive IoT scenarios, such as those accommodated by LP-
WANs, revolves around the management issues brought by
the desired support for different security procedures and
types of keys. One single administrative domain must support
a daunting amount of devices, many of them with their own
set of keys and trust relationships. In order to mitigate these
administrative problems, the major research and standardisa-
tion efforts are those focused towards centralised and scalable
AAA architectures that facilitate management tasks.
E. PERFORMANCE
Most of the security concerns found in LPWAN scenarios
are related with radio attacks in the constrained wireless link.
Given the wide coverage area of LPWANs, the available
geographical locations are prone to allow attacks such as
eavesdropping, DoS, tampering, etc. LPWANs are character-
ized by the limitation of available bandwidth and restricted
access to the medium, which evidences the need for security
solutions, e.g., bootstrapping, authentication and key agree-
ment protocols, etc., that put an effort in limiting the number
of information to be exchanged. In contrast, the use of typical
security protocols such as IKE, TLS, or even DTLS in its
previous version DTLSv1.2, implies an important overhead
in terms of exchanged cryptographic data [127] that may be
unaffordable for LPWAN solutions. Besides, one remaining
challenge for 5G-LPWAN integration consists in developing
a set of optimised downlink multicast methods required to
transmit the same data to a large set of IoT devices. Besides
the obvious improvement of network efficiency, multicast
transmissions are also relevant in a security context, due to
the possibility of simultaneously authenticating large groups
of IoT devices [37].
From a processing perspective, computing power is limited
due to the constrained nature of EDs, hence strong cryp-
tographic primitives that require large amounts of time and
energy to be performed are prohibitive. As aforementioned,
different works suggest the use of alternative cryptographic
schemes to avoid heavy computations [103], [104]. However,
there is still a notable need for mechanisms that enhance
lightweight security features without the expense of exces-
sive energy consumption and economic cost for LPWAN
systems. Interesting related advances are being achieved in
other fields such as the TinyML paradigm [128], which
proposes to adapt powerful machine learning mechanisms in
order to make them runnable by constrained IoT devices. In
fact, some of the identified potential applications are oriented
to on-device security operations [129].
Currently, there are ongoing initiatives that are having
these issues into account and are designing new security pro-
tocols to provide lightweight alternatives devoted to highly
constrained networks and devices. These are the cases of
Compact TLS (CTLS) [130] and EDHOC, recently adopted
in TLS and LAKE WGs, respectively. This shows not only
an interest, but a serious effort to provide security to these
type of networks. It can be seen that there is a clear line of re-
search and innovation in this area, developing authentication
protocols or solutions to help not only in the reduction of the
communication and processing overheads, but also providing
interoperability and flexibility to this process in the LPWAN
landscape.
VI. RESEARCH DIRECTIONS
Based on our analysis and the challenges previously de-
scribed, in this section we describe some of the main research
directions to deal with such challenges. In particular, we
consider the integration with emerging technologies, as well
as the advances derived from ongoing standardisation efforts
and current EU initiatives to foster a large-scale and secure
5G deployment.
A. INTEGRATION WITH EMERGING PARADIGMS
The integration of heterogeneous IoT systems within 5G
architectures may be smoother by the support of novel
paradigms such as Multi-access Edge Computing (MEC),
Software Defined Networks (SDN), Network Function Vir-
tualization (NFV), or advanced RAN management schemes.
The flexibility provided by these technologies can notably
help on giving an adequate treatment to the traffic flows
generated by massive IoT deployments, specially from a
cyber-security perspective.
Adopting a MEC architecture is beneficial as it permits
to set a first point of connection between EDs and the fixed
network infrastructure. For example, performing traffic flow
inspection in this specific point prevents dangerous deep
intrusions into the 5G infrastructure. This point may be also
in charge of forwarding authentication messages to the proper
AAA server in the case of having a multi-tenancy system
[131]. In general, MEC nodes can offload or filter many
VOLUME 4, 2016 17
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
operations that are currently performed in the core network,
hence reducing the load in this saturated segment of the
system.
Besides, the use of SDN-based routing approaches also
permits a flexible management of traffic flows by making
smart decisions from a central controller with a general
perspective of the whole network architecture. This can be
exploited for security purposes, as malicious traffic, e.g.,
Denial-of-Service (DoS) attack, can be quickly redirected
avoiding catastrophic consequences. SDN can be comple-
mented with other useful traffic management and security
functions that can be instantiated on-demand in the form
of VNFs [132]. The main advantage of VNFs is that these
functions can be deployed at any level of the network archi-
tecture when needed for performing specific tasks, e.g., threat
detection and mitigation, firewalling, AAA verification, etc.
Besides, these novel paradigms can be additionally comple-
mented with the use of blockchain-based trust systems in
order to increase the auditability and accountability of the
data transactions and operations [123].
Finally, from a RAN perspective, the use of advanced
highly selective beamforming or even cognitive radio tech-
niques may also permit to increase the robustness of IoT
wireless communications against different types of radio
attacks [133]. For example, by avoiding widespread omni-
directional transmissions, the possibilities of suffering an
eavesdropping attack are notably reduced. Besides, an ade-
quate channel-hopping strategy may also avoid these kinds
of attacks, specially during the authentication phase, when
initial messages may be sent unprotected.
B. STANDARDIZATION
The current landscape of technologies and protocols en-
abling the 5G ecosystem is still fragmented. For this reason,
the main Standards Developing Organizations (SDOs) have
proposed different initiatives in recent years to promote a
security by-design development based on a common under-
standing, in order to achieve a large-scale 5G deployment.
The main body working on the standardization of 5G is the
3rd Generation Partnership Project (3GPP)6, which groups
different SDOs to provide specifications on 3GPP technolo-
gies. In particular, 3GPP is divided into different Technical
Specification Groups (TSGs) focused on RAN, services and
systems (SA), and network and core terminals (CT). 3GPP
launched in 2019 the first set of 5G standards (3GPP release
15) in which security is considered in different documents.
In addition to the “Security architecture and procedures for
5G System” [33] specification, which has been partially
described in Section III, additional reports provide differ-
ent perceptions of security aspects to be considered in 5G
deployments. In this direction, the SA3 working group has
elaborated the “Study on security aspects of 5G network
slicing management” [134], which analyzes the threats and
potential security requirements of 5G network slicing. Other
6https://www.3gpp.org/dynareport/SpecList.htm?release=Rel15&tech=4
specifications address additional security aspects, such as the
“Study on security aspects of the 5G Service Based Archi-
tecture (SBA)” [135] which identifies key security concerns
in a new service-based architecture for 5G. In addition, the
recent release 16 delves into aspects about the integration of
IoT into the 5G ecosystem and the corresponding security
aspects7.
In addition to 3GPP, standardization in 5G has attracted
a significant interest from other SDOs. On the one hand,
the Next Generation Mobile Networks (NGMN) Alliance8is
intended to define requirements for 5G systems, as well as
to provide guidelines for potential standardization activities.
In fact, NGMN published in 2015 a white paper with an
exhaustive set of requirements for the development of 5G,
including security, privacy, virtualization, and IoT aspects
[126]. On the other hand, the study group “SG17: Security”
of the ITU Telecommunication Standardization Sector (ITU-
T)9is focused on the security aspects of communication
and information technologies. In particular, the group con-
siders security aspects in 5G through the topic “Security
aspects of telecommunication services, networks and Internet
of Things”10, which addresses research and development of
standards on security and privacy features of 5G services.
Furthermore, European Telecommunication Standards In-
stitute (ETSI) has different working groups related to tech-
nologies that are intended to be part of the 5G ecosystem (see
Section V-A). Thereby, the ETSI NFV11 is focused on the
standardization of SDN and NFV technologies, as well as the
associated security aspects. Besides, the ETSI ISGN MEC
is intended to create a standardised environment for MEC
technologies in order to foster seamless integration. Finally,
the ETSI TC CYBER12 is focused on the development of
standards for cybersecurity. As part of its activities, secu-
rity aspects in 5G are mentioned in [136], where attribute-
based encryption (ABE) is considered to protect personal
data. Also focused on the security capacities of SDN, the
Open Networking Foundation (ONF)13 being a non-profit
organization has promoted the development of SDN and its
integration into 5G scenarios, such as in the case of network
slicing [137].
Additionally, while the IETF does not have specific ini-
tiatives focused on 5G, the contributions of different work-
ing groups can be considered in diverse technologies com-
posing the 5G ecosystem. Apart from the working group
for LPWAN networks (IPv6 over Low Power Wide-Area
Networks)14, the Authentication and Authorization for Con-
7https://www.3gpp.org/release-16
8https://www.ngmn.org/
9https://www.itu.int/en/ITU-T/studygroups/2017-
2020/17/Pages/default.aspx
10https://www.itu.int/en/ITU-T/studygroups/2017-
2020/17/Pages/q6.aspx
11https://www.etsi.org/technologies/nfv
12https://www.etsi.org/committee/cyber
13https://www.opennetworking.org/mission/
14https://datatracker.ietf.org/wg/lpwan/about/
18 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
strained Environments (ACE) WG15 is focused on adapting
authentication technologies and authorization environments
with devices and restricted networks. In addition, the re-
cent establishment of the Lightweight Authenticated Key
Exchange (LAKE) WG16 provides a LAKE protocol for con-
strained environments. The solutions of these working groups
could be applied in the context of LPWAN networks in order
to improve the security aspects of these technologies. Indeed,
our previous work about key management in LoRaWAN
[70] proposes the use of the Ephemeral Diffie-Hellman over
COSE (EDHOC) [71] [138], which is being currently defined
in the scope of the ACE WG.
In the light of the previous discussion, it is clear the
great interest from SDOs in the further development of IoT
security mechanisms for making them compatible with 5G
security procedures. While 3GPP is the main SDO defining
the 5G architecture, others such as NGMN, ITU, and ETSI
are proposing security enhancements and compatibility solu-
tions to integrate other network access technologies within
5G systems. Besides, the specific efforts of IETF on the
development of lightweight security schemes paves the way
for their implementation on constrained IoT devices hence
providing them with the required security capabilities as
any other 5G UE. Thus, given these efforts from prominent
SDOs, we envision a highly promising near future in which
the convergence between IoT and 5G will become a fruitful
reality.
C. 5G INITIATIVES IN THE EU
In recent years, the development of 5G technologies has
been widely considered as one of the main enablers of
future digital services. The European Commission (EC) has
launched ambitious initiatives to support the cooperation
among stakeholders in different Member States (MSs) for
the development of 5G-enabled services. These initiatives
include the 5G Action Plan17, which represents a strategic
effort to align roadmaps and priorities for a coordinated 5G
deployment across the EU. Furthermore, the 5G Infrastruc-
ture Public Private Partnership (5GPPP)18 is a joint initiative
between the EC and EU industry (including telecommuni-
cations operators, SMEs or research institutes) to foster a
common vision about 5G developments in the EU. Indeed,
the development of 5G is widely considered as crucial to
ensure the strategic autonomy of the EU.
In this context, previous initiatives consider cybersecurity
as a critical aspect for the deployment of 5G in the EU. In
fact, it is expected that 5G technologies will play a key role
in the Digital Single Market (DSM) with a strong impact
in several scenarios, such as energy, transport, or health
services. Moreover, 5G will enable a more interconnected
world, where vulnerabilities of 5G systems in a single mem-
ber state could affect the EU as a whole. Therefore, there
15https://datatracker.ietf.org/wg/ace/about/
16https://datatracker.ietf.org/wg/lake/about/
17https://ec.europa.eu/digital-single-market/en/5g-europe-action-plan
18https://5g-ppp.eu/
is a need to promote collaboration and cooperation among
countries to support a coordinated and secure deployment
of 5G. To address such need, the EC launched the Rec-
ommendation “Cybersecurity of 5G networks”19 in 2019 to
propose a set of concrete actions for ensuring cybersecurity
of 5G networks, including the development of national risk
assessment strategies of 5G infrastructures. The main goal
is to leverage national efforts to develop a coordinated EU
risk assessment, in order to create a common toolbox of
best risk management measures. As part of these efforts, the
“EU coordinated risk assessment of the cybersecurity of 5G
networks” report [139] identifies the main threats, sensitive
assets, vulnerabilities and associated risks of 5G networks.
This report was used together a recent ENISA report on 5G
threats [140] to create the initial version of the mentioned
toolbox.
To ensure the development of secure 5G deployments, cy-
bersecurity certification is essential to promote a transparent
and trustworthy ecosystem of 5G devices and systems. The
new EU cybersecurity regulation “Cybersecurity Act” en-
tered into force in 2019 to create a cybersecurity certification
framework for any ICT product, service or process. It com-
plements the existing GDPR and NIS Directive to strengthen
the cybersecurity in the EU. Indeed, it is expected that the
Cybersecurity Act plays a key role in the development of
5G technologies. As described in the already mentioned
Recommendation “Cybersecurity of 5G networks”, the re-
alization of such framework is an essential tool to promote
consistent levels of security and the creation of certification
schemes adapted to 5G related equipment. Furthermore, the
mentioned toolbox identifies the EU certification for 5G
network components, customer equipment and/or suppliers’
processes as one of the main technical measures to strengthen
the security of 5G networks. In this direction, a common
understanding of the threats, assets, attacks and risks of 5G
systems is essential to create a certification scheme that could
help to recognize the security level of a certain 5G system
across all the member states. Toward this end, the outcomes
of existing initiatives, such as the creation of a EU risk
assessment strategy could help to reach such harmonized
view.
Besides the already mentioned initiatives, in recent years
the EU has funded several research projects in the scope of
the Horizon H2020 programme. Indeed, there are currently
several ongoing efforts dealing with the convergence of IoT
and 5G ecosystems, such as COREnect [141], which is in-
tended to develop a roadmap of core technologies for 5G and
beyond. More focused on specific use cases and scenarios,
5G-LOGINNOV [142] deals with the integration of 5G in
several applications, such as Industry 4.0 and Cooperative
Intelligent Transport Systems (C-ITS). This scenario is the
main topic of the 5G-MOBIX project [143], which aims at
developing automated vehicle functionalities, such as coop-
19https://ec.europa.eu/digital-single-market/en/news/cybersecurity-5g-
networks
VOLUME 4, 2016 19
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
erative overtake, truck platooning, valet parking, road user
detection, vehicle remote control, HD map update and media
& entertainment by using 5G core technological innovations
along multiple cross-border corridors and different urban
settings. Moreover, other projects are focused on certain
technologies to foster the integration of IoT devices into
the 5G ecosystem. In this direction, Int5Gent [144] works
on a 5G-system platform to validate 5G services and IoT
solutions. In particular, the project is intended to integrate
a slice and application orchestration framework based on
SDN, NFV and edge computing to provide such platform.
These aspects are also addressed in the scope of the 5G-DIVE
[145] project, which is focused on the integration of edge/fog
computing and orchestration systems to build an end-to-
end network testing platform for 5G systems. Furthermore,
5G-COMPLETE [146] deals with the integration of com-
puting and storage functionality over a fiber-wireless radio
access network by using post-quantum crypto-systems for
security encryption. More focused on security management,
INSPIRE-5Gplus [147] is currently implementing a fully
automated end-to-end smart network and service security
management framework that empowers not only protection
but also trustworthiness and liability in managing 5G net-
work infrastructures across multiple domains, including IoT
systems. Moreover, SPIDER [148] is working on a replicable
cyber range platform for 5G systems by providing cybersecu-
rity emulation tools, novel training methods based on active
learning as well as econometric models based on real-time
emulation of modern cyber-attacks.
As we can see there is a clear interest in the development
of 5G solutions and their relation to different branches of the
IoT ecosystem. However, based on our analysis, still there is
a lack of specific initiatives coping with the security concerns
associated to LPWAN-enabled devices and their integration
in 5G systems. These aspects need to be considered in the
coming future to deal with the heterogeneous nature of such
devices, and the requirements about lightweight, flexible and
scalable security mechanisms.
VII. CONCLUSION
The great interest in the convergence of IoT and 5G ecosys-
tems has fueled the development of standards, industrial so-
lutions and research proposals for solving the security issues
that this complex integration brings. This paper has deeply
reviewed the security procedures of the 5G architecture, as
defined by the 3GPP standard, and explored the security
strengths and weaknesses of widely adopted LPWAN-based
technologies such as LoRaWAN, Sigfox, or NB-IoT. From
this discussion, it can be concluded that current security
schemes employed in LPWAN-based solutions require addi-
tional enhancements and adaptations for complying with 5G
network-access requirements. In this line, many initiatives to
solve these issues can be found in the literature. Different
SDOs such as ITU or IETF are proposing concrete actions for
the smooth integration of both ecosystems, with interesting
efforts from the latter in the development of lightweight
security protocols for IoT EDs. Many proposals from the
academia and ongoing projects have been also reviewed,
showing the great momentum of this hot topic, which augurs
a successful evolution of IoT systems and their security
mechanisms to be compliant with the stringent 5G security
requirements. However, for this to be done, some addi-
tional steps should be taken. Firstly, the adoption of novel
paradigms such as network virtualisation, i.e., SDN and NFV,
or MEC will be of great help for a seamless interoperability
of heterogeneous IoT systems among themselves and with
the 5G infrastructure. Secondly, the additional development
of simple but robust network access procedures is crucial
for enabling constrained IoT EDs to perform lighter crypto-
graphic operations as well as exchanging a reduced number
of messages. Finally, the massive and dynamic nature of
certain IoT deployments call for solutions to ensure the
system scalability and the mobility of EDs by means of novel
simple roaming mechanisms.
VIII. ACKNOWLEDGMENTS
This work has been supported by the Spanish Ministry
of Science, Innovation and Universities, under the projects
PERSEIDES (Grant No. TIN2017-86885-R), GUARDIAN
(Grant No. TSI-100110-2019-20) and 5GHuerta (Grant No.
EQC2019-006364-P) all with ERDF funds; by FPI Grant
20751/FPI/18 of Seneca Foundation in Murcia Region, the
Grant DI-16-08432 for Industrial Doctorate from MINECO
and PEANA UNMU13-2E-2536, which is partially funded
by FEDER funds; and by the European Commission, under
the INSPIRE-5Gplus (Grant No. 871808), Plug-n-Harvest
(Grant No. 768735), SerIoT (Grant No. 780139), Fed4IoT
(Grant No. 814918), EU IoTrust (Grant No. 825618),
PHOENIX (Grant No. 893079), and PRECEPT (Grant No.
958284) projects.
REFERENCES
[1] G. A. Akpakwu, B. J. Silva, G. P. Hancke, and A. M. Abu-Mahfouz,
“A Survey on 5G Networks for the Internet of Things: Communication
technologies and challenges,” IEEE Access, vol. 6, pp. 3619–3647, 2017.
[2] S. Li, L. Da Xu, and S. Zhao, “5G Internet of Things: A survey,” Journal
of Industrial Information Integration, vol. 10, pp. 1–9, 2018.
[3] S. K. Sharma and X. Wang, “Toward Massive Machine Type Com-
munications in Ultra-Dense Cellular IoT Networks: Current Issues and
Machine Learning-Assisted Solutions,” IEEE Communications Surveys
& Tutorials, vol. 22, no. 1, pp. 426–471, 2019.
[4] K. Mekki, E. Bajic, F. Chaxel, and F. Meyer, “A comparative study
of LPWAN technologies for large-scale IoT deployment,” ICT express,
vol. 5, no. 1, pp. 1–7, 2019.
[5] S. Böcker, C. Arendt, P. Jörke, and C. Wietfeld, “LPWAN in the Context
of 5G: Capability of LoRaWAN to Contribute to mMTC,” in 2019 IEEE
5th World Forum on Internet of Things (WF-IoT), 2019, pp. 737–742.
[6] Q. M. Qadir, T. A. Rashid, N. K. Al-Salihi, B. Ismael, A. A. Kist, and
Z. Zhang, “Low Power Wide Area Networks: A Survey of Enabling
Technologies, Applications and Interoperability Needs,” IEEE Access,
vol. 6, pp. 77 454–77 473, 2018.
[7] U. Raza, P. Kulkarni, and M. Sooriyabandara, “Low Power Wide Area
Networks: An Overview,” IEEE Communications Surveys & Tutorials,
vol. 19, no. 2, pp. 855–873, 2017.
[8] M. Bembe, A. Abu-Mahfouz, M. Masonta, and T. Ngqondi, “A
survey on low-power wide area networks for IoT applications,
Telecommunication Systems, vol. 71, no. 2, pp. 249–274, jun 2019.
20 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
[Online]. Available: https://doi.org/10.1007/s11235-019-00557-9http:
//link.springer.com/10.1007/s11235-019-00557- 9
[9] L. Chettri and R. Bera, “A Comprehensive Survey on Internet of
Things (IoT) Toward 5G Wireless Systems,” IEEE Internet of Things
Journal, vol. 7, no. 1, pp. 16–32, jan 2020. [Online]. Available:
https://ieeexplore.ieee.org/document/8879484/
[10] J. Cao, M. Ma, H. Li, R. Ma, Y. Sun, P. Yu, and L. Xiong, “A Survey
on Security Aspects for 3GPP 5G Networks,” IEEE Communications
Surveys & Tutorials, vol. 22, no. 1, pp. 170–195, 2020. [Online].
Available: https://ieeexplore.ieee.org/document/8894379/
[11] R. Khan, P. Kumar, D. N. K. Jayakody, and M. Liyanage, “A Survey
on Security and Privacy of 5G Technologies: Potential Solutions, Recent
Advancements, and Future Directions,” IEEE Communications Surveys
& Tutorials, vol. 22, no. 1, pp. 196–248, 2020. [Online]. Available:
https://ieeexplore.ieee.org/document/8792139/
[12] S. Zhang, Y. Wang, and W. Zhou, “Towards secure 5G networks:
A Survey,” Computer Networks, vol. 162, p. 106871, oct 2019.
[Online]. Available: https://doi.org/10.1016/j.comnet.2019.106871https:
//linkinghub.elsevier.com/retrieve/pii/S138912861830817X
[13] S. Sicari, A. Rizzardi, and A. Coen-Porisini, “5G In the internet
of things era: An overview on security and privacy challenges,”
Computer Networks, vol. 179, p. 107345, 2020. [Online]. Available:
http://www.sciencedirect.com/science/article/pii/S1389128620300827
[14] R. Fujdiak, K. Mikhaylov, M. Stusek, P. Masek, I. Ahmad, L. Malina,
P. Porambage, M. Voznak, A. Pouttu, and P. Mlynek, “17 - Security in
low-power wide-area networks: state-of-the-art and development toward
the 5G,” in LPWAN Technologies for IoT and M2M Applications, B. S.
Chaudhari and M. Zennaro, Eds. Academic Press, 2020, pp. 373 –
396. [Online]. Available: http://www.sciencedirect.com/science/article/
pii/B9780128188804000181
[15] R. Ratasuk, B. Vejlgaard, N. Mangalvedhe, and A. Ghosh, “NB-IoT sys-
tem for M2M communication,” in 2016 IEEE wireless communications
and networking conference. IEEE, 2016, pp. 1–5.
[16] R. Ratasuk, N. Mangalvedhe, Y. Zhang, M. Robert, and J.-P.
Koskinen, “Overview of narrowband IoT in LTE Rel-13,” in 2016
IEEE Conference on Standards for Communications and Networking
(CSCN). IEEE, oct 2016, pp. 1–7. [Online]. Available: http:
//ieeexplore.ieee.org/document/7785170/
[17] Y.-P. E. Wang, X. Lin, A. Adhikary, A. Grovlen, Y. Sui, Y. Blankenship,
J. Bergman, and H. S. Razaghi, “A Primer on 3GPP Narrowband
Internet of Things,” IEEE Communications Magazine, vol. 55, no. 3,
pp. 117–123, mar 2017. [Online]. Available: http://ieeexplore.ieee.org/
document/7876968/
[18] J. Schlienz and D. Raddino, “Narrowband Internet of Things whitepaper,
White Paper, Rohde&Schwarz, pp. 1–42, 2016.
[19] Y. D. Beyene, R. Jantti, O. Tirkkonen, K. Ruttik, S. Iraji, A. Larmo,
T. Tirronen, and J. Torsner, “NB-IoT technology overview and experi-
ence from cloud-RAN implementation,” IEEE wireless communications,
vol. 24, no. 3, pp. 26–32, 2017.
[20] LoRa Alliance™, “What is it LoRaWAN™ - A technical overview
of LoRa ® and LoRaWAN™,” Tech. Rep. November, 2015. [Online].
Available: https://lora- alliance.org/resource-hub/what-lorawantm
[21] J. C. Zuniga and B. Ponsard, “Sigfox system description,” LPWAN@
IETF97, Nov. 14th, vol. 25, 2016.
[22] H. Song, R. Srinivasan, T. Sookoor, and S. Jeschke, Smart cities: founda-
tions, principles, and applications. John Wiley & Sons, 2017.
[23] J. L. Hernandez-Ramos, J. A. Martinez, V. Savarino, M. Angelini,
V. Napolitano, A. Skarmeta, and G. Baldini, “Security and Privacy in
Internet of Things-Enabled Smart Cities: Challenges and Future Direc-
tions,” IEEE Security & Privacy, 2020.
[24] S. Farahani, ZigBee wireless networks and transceivers. Newnes, 2011.
[25] Z. Shelby and C. Bormann, 6LoWPAN: The wireless embedded Internet.
John Wiley & Sons, 2011, vol. 43.
[26] L. Zhu, F. R. Yu, Y. Wang, B. Ning, and T. Tang, “Big data analytics
in intelligent transportation systems: A survey,” IEEE Transactions on
Intelligent Transportation Systems, vol. 20, no. 1, pp. 383–398, 2018.
[27] O. Hamdi, M. A. Chalouf, D. Ouattara, and F. Krief, “eHealth: Survey on
research projects, comparative study of telemonitoring architectures and
main issues,” Journal of Network and Computer Applications, vol. 46,
pp. 100–112, 2014.
[28] Z. El Mrabet, N. Kaabouch, H. El Ghazi, and H. El Ghazi, “Cyber-
security in smart grid: Survey and challenges,” Computers & Electrical
Engineering, vol. 67, pp. 469–482, 2018.
[29] M. S. Mekala and P. Viswanathan, “A Survey: Smart agriculture IoT with
cloud computing,” in 2017 international conference on microelectronic
devices, circuits and systems (ICMDCS). IEEE, 2017, pp. 1–7.
[30] R. Khan, P. Kumar, D. N. K. Jayakody, and M. Liyanage, “A Survey
on Security and Privacy of 5G Technologies: Potential Solutions, Recent
Advancements, and Future Directions,” IEEE Communications Surveys
& Tutorials, vol. 22, no. 1, pp. 196–248, 2020. [Online]. Available:
https://ieeexplore.ieee.org/document/8792139
[31] S. Kent and K. Seo, “Security Architecture for the Internet Protocol,”
Tech. Rep., dec 2005. [Online]. Available: https://www.rfc-editor.org/
info/rfc4301
[32] A. R. Prasad, “3GPP 5G Security,” Tech. Rep., October
2018. [Online]. Available: https://www.3gpp.org/ftp/Information/
presentations/presentations_2018/2018_10_17_tokyo/presentations/
2018_1017_3GPP%20Summit_06_5G%20Security_Prasad.pdf
[33] 3GPP, “Security architecture and procedures for 5G System,” 3rd
Generation Partnership Project (3GPP), Technical Specification (TS)
33.501, version 15.5.0. [Online]. Available: http://www.3gpp.org/
DynaReport/33501.htm
[34] J. Arkko, V. Lehtovirta, and P. Eronen, “Improved Extensible
Authentication Protocol Method for 3rd Generation Authentication
and Key Agreement (EAP-AKA’),” RFC 5448, May 2009. [Online].
Available: https://rfc- editor.org/rfc/rfc5448.txt
[35] D. Simon, R. Hurst, and D. B. D. A. Ph.D., “The EAP-TLS
Authentication Protocol,” RFC 5216, Mar. 2008. [Online]. Available:
https://rfc-editor.org/rfc/rfc5216.txt
[36] B. Aboba, L. Blunk, J. Vollbrecht, and J. Carlson, “Extensible
Authentication Protocol (EAP),” Tech. Rep., jun 2004. [Online].
Available: https://www.rfc-editor.org/info/rfc3748
[37] D. Chandramouli, R. Liebhart, J. Pirskanen, G. Choudhary, J. Kim, and
V. Sharma, “5G for the Connected World,” Wiley, vol. 9, no. 4, pp. –,
2019.
[38] M. Condoluci, S. H. Johnson, V. Ayadurai, M. A. Lema, M. A. Cuevas,
M. Dohler, and T. Mahmoodi, “Fixed-Mobile Convergence in the 5G Era:
From Hybrid Access to Converged Core,” IEEE Network, vol. 33, no. 2,
pp. 138–145, 2019.
[39] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen,
“Internet Key Exchange Protocol Version 2 (IKEv2),” RFC 7296,
oct 2014. [Online]. Available: https://rfc-editor.org/rfc/rfc7296.txthttps:
//www.rfc-editor.org/info/rfc7296
[40] R. Housley and B. Aboba, “RFC 4962 - Guidance for Authentication,
Authorization, and Accounting (AAA) Key Management,” 2007.
[Online]. Available: https://tools.ietf.org/html/rfc4962
[41] 3GPP, “Service requirements for next generation new services and
markets,” 3rd Generation Partnership Project (3GPP), Technical
Specification (TS) 22.261, version 16.8.0. [Online]. Available: http:
//www.3gpp.org/DynaReport/22261.htm
[42] M. Sethi, B. Sarikaya, and D. Garcia-Carillo, “Secure IoT Bootstrapping:
A Survey,” Internet Engineering Task Force, Internet-Draft draft-
sarikaya-t2trg-sbootstrapping-08, 2020. [Online]. Available: https://
datatracker.ietf.org/doc/html/draft-sarikaya-t2trg-sbootstrapping- 08
[43] P. Wouters, H. Tschofenig, J. Gilmore, S. Weiler, and T. Kivinen,
“Using Raw Public Keys in Transport Layer Security (TLS) and
Datagram Transport Layer Security (DTLS),” RFC 7250, 2014. [Online].
Available: https://rfc- editor.org/rfc/rfc7250.txt
[44] T. Aura and M. Sethi, “Nimble out-of-band authentication for EAP
(EAP-NOOB),” Internet Engineering Task Force, Internet-Draft draft-
aura-eap-noob-08, 2020. [Online]. Available: https://datatracker.ietf.org/
doc/html/draft-aura-eap-noob- 08
[45] A. Kunz and X. Zhang, “New 3GPP Security Features in 5G Phase
1,” in 2018 IEEE Conference on Standards for Communications and
Networking (CSCN). IEEE, 2018, pp. 1–6.
[46] D. Garcia-Carrillo, R. Marin-Lopez, A. Kandasamy, and A. Pelov, “A
CoAP-based network access authentication service for low-power wide
area networks: LO-CoAP-EAP,” Sensors (Switzerland), vol. 17, no. 11,
p. 2646, 2017.
[47] Garcia-Morchon, Kumar, and Sethi, “Internet of Things (IoT) Security:
State of the Art and Challenges,” Tech. Rep., 2019.
[48] F. Montori, L. Bedogni, M. Di Felice, and L. Bononi, “Machine-
to-machine wireless communication technologies for the Internet
of Things: Taxonomy, comparison and open issues,” Pervasive
and Mobile Computing, vol. 50, pp. 56–81, oct 2018. [Online].
Available: https://doi.org/10.1016/j.pmcj.2018.08.002https://linkinghub.
elsevier.com/retrieve/pii/S1574119217303668
VOLUME 4, 2016 21
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
[49] G. Ergeerts, M. Nikodem, D. Subotic, T. Surmacz, B. Wojciechowski,
P. De Meulenaere, and M. Weyn, “DASH7 Alliance protocol in monitor-
ing applications,” in 2015 10th International Conference on P2P, Parallel,
Grid, Cloud and Internet Computing (3PGCIC). IEEE, 2015, pp. 623–
628.
[50] W. Webb, Understanding Weightless: Technology, Equipment, and Net-
work Deployment for M2M Communications in White Space. Cam-
bridge University Press, 2012.
[51] S. Lippuner, B. Weber, M. Salomon, M. Korb, and Q. Huang, “EC-GSM-
IoT network synchronization with support for large frequency offsets,
in 2018 IEEE Wireless Communications and Networking Conference
(WCNC). IEEE, 2018, pp. 1–6.
[52] P.-C. Hsieh, Y. Jia, D. Parra, and P. Aithal, “An Experimental Study on
Coverage Enhancement of LTE Cat-M1 for Machine-Type Communica-
tion,” in 2018 IEEE International Conference on Communications (ICC).
IEEE, 2018, pp. 1–5.
[53] S. Farrell, “Low-Power Wide Area Network (LPWAN) Overview,” RFC
8376, may 2018. [Online]. Available: https://rfc-editor.org/rfc/rfc8376.
txt
[54] Wi-SUN Alliance, “Wi-SUN Alliance and FAN - Secure large-scale
IoT networking for today and tomorrow,” 2018. [Online]. Available:
https://wi-sun.org/wp-content/uploads/Wi-SUN-Alliance- and-FAN.pdf
[55] N. Gondchawar, R. Kawitkar et al., “IoT based smart agriculture,” Inter-
national Journal of advanced research in Computer and Communication
Engineering, vol. 5, no. 6, pp. 838–842, 2016.
[56] J. Cheng, W. Chen, F. Tao, and C.-L. Lin, “Industrial IoT in 5G envi-
ronment towards smart manufacturing,” Journal of Industrial Information
Integration, vol. 10, pp. 10–19, 2018.
[57] LoRa Alliance, “LoRaWAN™ 1.0 Specification,” 2015.
[58] LoRa Alliance, “LoRaWAN™ 1.1 Specification,” 2017.
[59] H. Holma, A. Toskala, and J. Reunanen, LTE Small Cell Optimization:
3GPP Evolution to Release 13. John Wiley & Sons, 2016.
[60] V. Kumar, R. K. Jha, and S. Jain, “NB-IoT Security: A Survey,” Wireless
Personal Communications, pp. 1–48, 2020.
[61] J. Cao, P. Yu, M. Ma, and W. Gao, “Fast Authentication and Data
Transfer Scheme for Massive NB-IoT Devices in 3GPP 5G Network,”
IEEE Internet of Things Journal, vol. 6, no. 2, pp. 1561–1575, 2018.
[62] F. Ghavimi and H.-H. Chen, “M2M communications in 3GPP LTE/LTE-
A networks: Architectures, service requirements, challenges, and appli-
cations,” IEEE Communications Surveys & Tutorials, vol. 17, no. 2, pp.
525–549, 2014.
[63] J. Cao, P. Yu, X. Xiang, M. Ma, and H. Li, “Anti-quantum fast authenti-
cation and data transmission scheme for massive devices in 5G NB-IoT
system,” IEEE Internet of Things Journal, vol. 6, no. 6, pp. 9794–9805,
2019.
[64] H. Harada, K. Mizutani, J. Fujiwara, K. Mochizuki, K. Obata, and
R. Okumura, “IEEE 802.15. 4G based Wi-SUN Communication Sys-
tems,” IEICE Transactions on Communications, vol. 100, no. 7, pp.
1032–1043, 2017.
[65] ETSI, “Electromagnetic compatibility and Radio spectrum Matters
(ERM); Short Range Devices; Smart Metering Wireless Access
Protocol; Part 2: Data Link Layer (MAC Sub-layer),” European
Telecommunications Standards Institute (ETSI), Tech. Rep., version
1.1.1. [Online]. Available: https://www.etsi.org/deliver/etsi_ts/102800_
102899/10288702/01.01.01_60/ts_10288702v010101p.pdf
[66] J. Kim and J. Song, “A dual key-based activation scheme for secure
LoRaWAN,” Wireless Communications and Mobile Computing, vol.
2017, 2017.
[67] I. You, S. Kwon, G. Choudhary, V. Sharma, and J. T. Seo, “An enhanced
LoRaWAN security protocol for privacy preservation in IoT with a case
study on a smart factory-enabled parking system,” Sensors, vol. 18, no. 6,
p. 1888, 2018.
[68] L. Viganò, “Automated security protocol analysis with the AVISPA tool,”
Electronic Notes in Theoretical Computer Science, vol. 155, pp. 61–86,
2006.
[69] E. Rescorla and N. Modadugu, Datagram Transport Layer Security
Version 1.2, 2012, published: RFC 6347. [Online]. Available: https:
//tools.ietf.org/html/rfc6347
[70] R. Sanchez-Iborra, J. Sánchez-Gómez, S. Pérez, P. Fernández, J. Santa,
J. Hernández-Ramos, and A. Skarmeta, “Enhancing LoRaWAN Security
Through a Lightweight and Authenticated Key Management Approach,
Sensors, vol. 18, no. 6, p. 1833, 2018.
[71] G. Selander, J. Mattsson, and F. Palombini, “Ephemeral Diffie-
Hellman Over COSE (EDHOC),” Internet Engineering Task Force,
Internet-Draft draft-selander-lake-edhoc-01, 2020. [Online]. Available:
https://datatracker.ietf.org/doc/html/draft-selander-lake-edhoc- 01
[72] Z. Xia, H. Zhou, K. Gu, B. Yin, Y. Zeng, and M. Xu, “Secure Session
Key Management Scheme for Meter-Reading System Based on LoRa
Technology,” IEEE Access, vol. 6, pp. 75015–75 024, 2018.
[73] X. Fang, S. Misra, G. Xue, and D. Yang, “Smart grid—The new and im-
proved power grid: A survey,” IEEE communications surveys & tutorials,
vol. 14, no. 4, pp. 944–980, 2011.
[74] D. Garcia-Carrillo, R. Marin-Lopez, A. Kandasamy, and A. Pelov, “A
CoAP-based network access authentication service for low-power wide
area networks: LO-CoAP-EAP,” Sensors, vol. 17, no. 11, p. 2646, 2017.
[75] Z. Shelby, K. Hartke, and C. Bormann, “RFC 7252: The Constrained
Application Protocol (CoAP),” Request for Comments, IETF, June 2014.
[Online]. Available: http://www.rfc-editor.org/rfc/rfc7252.txt
[76] B. Aboba, D. Simon, and P. Eronen, “Extensible Authentication Protocol
(EAP) Key Management Framework,” 2008. [Online]. Available:
https://tools.ietf.org/html/rfc5247
[77] D. Garcia-Carrillo and R. Marin-Lopez, “Lightweight coap-based boot-
strapping service for the internet of things,” Sensors, vol. 16, no. 3, p.
358, 2016.
[78] D. Garcia-Carrillo, R. Lopez, A. Kandasamy, and A. Pelov,
“LoRaWAN Authentication in RADIUS,” Internet Engineering Task
Force, Internet-Draft draft-garcia-radext-radius-lorawan-03, May 2017,
work in Progress. [Online]. Available: https://datatracker.ietf.org/doc/
html/draft-garcia-radext-radius-lorawan-03
[79] P. R. Calhoun et al., “Diameter Network Access Server Application",
RFC 4005,” 2005.
[80] D. Garcia-Carrillo, R. Lopez, A. Kandasamy, and A. Pelov,
“LoRaWAN Authentication in Diameter,” Internet Engineering
Task Force, Internet-Draft draft-garcia-dime-diameter-lorawan-00,
May 2016, work in Progress. [Online]. Available: https:
//tools.ietf.org/html/draft-garcia-dime-diameter-lorawan-00
[81] I. Butun, N. Pereira, and M. Gidlund, “Analysis of LoRaWAN v1.
1 security,” in Proceedings of the 4th ACM MobiHoc Workshop on
Experiences with the Design and Implementation of Smart Objects, 2018,
pp. 1–6.
[82] T. C. Dönmez and E. Nigussie, “Security of Join Procedure and its
Delegation in LoRaWAN v1.1,” Procedia Computer Science, vol. 134,
pp. 204–211, 2018.
[83] J. Han and J. Wang, “An enhanced key management scheme for Lo-
RaWAN,” Cryptography, vol. 2, no. 4, p. 34, 2018.
[84] M. Boesgaard, M. Vesterager, T. Pedersen, J. Christiansen, and O. Scav-
enius, “Rabbit: A new high-performance stream cipher,” in International
Workshop on Fast Software Encryption. Springer, 2003, pp. 307–329.
[85] S. Naoui, M. E. Elhdhili, and L. A. Saidane, “Trusted third party based
key management for enhancing LoRaWAN security,” in 2017 IEEE/ACS
14th International Conference on Computer Systems and Applications
(AICCSA). IEEE, 2017, pp. 1306–1313.
[86] R. McPherson and J. Irvine, “Secure decentralised deployment of Lo-
RaWAN sensors,” IEEE Sensors Journal, 2020.
[87] J. Kim and J. Song, “A simple and efficient replay attack prevention
scheme for LoRaWAN,” in Proceedings of the 2017 the 7th International
Conference on Communication and Network Security, 2017, pp. 32–36.
[88] J. Kim and J. Song, “A secure device-to-device link establishment
scheme for LoRaWAN,” IEEE Sensors Journal, vol. 18, no. 5, pp. 2153–
2160, 2018.
[89] Z. Zheng, S. Xie, H.-N. Dai, X. Chen, and H. Wang, “Blockchain
challenges and opportunities: A survey,” International Journal of Web and
Grid Services, vol. 14, no. 4, pp. 352–375, 2018.
[90] S. M. Danish, M. Lestas, W. Asif, H. K. Qureshi, and M. Rajarajan, “A
Lightweight Blockchain Based Two Factor Authentication Mechanism
for LoRaWAN Join Procedure,” in 2019 IEEE International Conference
on Communications Workshops (ICC Workshops). IEEE, 2019, pp. 1–6.
[91] G. Wood et al., “Ethereum: A secure decentralised generalised transac-
tion ledger,” Ethereum project yellow paper, vol. 151, no. 2014, pp. 1–32,
2014.
[92] V. Ribeiro, R. Holanda, A. Ramos, and J. J. Rodrigues, “Enhancing Key
Management in LoRaWAN with Permissioned Blockchain,” Sensors,
vol. 20, no. 11, p. 3068, 2020.
[93] J. Lin, Z. Shen, and C. Miao, “Using blockchain technology to build
trust in sharing LoRaWAN IoT,” in Proceedings of the 2nd International
Conference on Crowd Science and Engineering, 2017, pp. 38–43.
[94] A. Hoeller, J. Sant’Ana, J. Markkula, K. Mikhaylov, R. Souza, and
H. Alves, “Beyond 5G Low-Power Wide-Area Networks: A LoRaWAN
22 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
Suitability Study,” in 2020 2nd 6G Wireless Summit (6G SUMMIT).
IEEE, 2020, pp. 1–5.
[95] J. Navarro-Ortiz, S. Sendra, P. Ameigeiras, and J. M. Lopez-Soler, “Inte-
gration of LoRaWAN and 4G/5G for the Industrial Internet of Things,”
IEEE Communications Magazine, vol. 56, no. 2, pp. 60–67, 2018.
[96] E. M. Torroglosa-Garcia, J. M. A. Calero, J. B. Bernabe, and
A. Skarmeta, “Enabling Roaming across Heterogeneous IoT Wireless
Networks: LoRaWAN meets 5G,” IEEE Access, 2020.
[97] R. K. Jha, R. S. H. Kour, M. Kumar et al., “Layer Based Security
in Narrow Band Internet of Things (NB-IoT),” Computer Networks, p.
107592, 2020.
[98] H. Huang and L. Zhang, “Reliable and Secure Constellation Shifting
Aided Differential Radio Frequency Watermark Design for NB-IoT Sys-
tems,” IEEE Communications Letters, vol. 23, no. 12, pp. 2262–2265,
2019.
[99] Y. Zhang, F. Ren, A. Wu, T. Zhang, J. Cao, and D. Zheng, “Certificateless
multi-party authenticated encryption for NB-IoT terminals in 5G net-
works,” IEEE Access, vol. 7, pp. 114 721–114 730, 2019.
[100] M. Wang and Z. Qi, “A certificateless aggregate signcryption scheme
without bilinear pairing,” Comput. Technol. Develop., vol. 27, no. 8, pp.
1–5, 2017.
[101] J. Sanchez-Gomez, D. Garcia-Carrillo, R. Marin-Perez, and A. F.
Skarmeta, “Secure Authentication and Credential Establishment in Nar-
rowband IoT and 5G,” Sensors, vol. 20, no. 3, p. 882, 2020.
[102] G. E. Suh and S. Devadas, “Physical unclonable functions for device
authentication and secret key generation,” in 2007 44th ACM/IEEE
Design Automation Conference. IEEE, 2007, pp. 9–14.
[103] D. Liu, X. Liu, H. Zhang, H. Yu, W. Wang, L. Ma, J. Chen, and
D. Li, “Research on End-to-End Security Authentication Protocol of NB-
IoT for Smart Grid Based on Physical Unclonable Function,” in 2019
IEEE 11th International Conference on Communication Software and
Networks (ICCSN). IEEE, 2019, pp. 239–244.
[104] Y. Lin, F. Jiang, Z. Wang, and Z. Wang, “Research on PUF-based
security enhancement of narrow-band Internet of Things,” in 2018 IEEE
32nd International Conference on Advanced Information Networking and
Applications (AINA). IEEE, 2018, pp. 702–709.
[105] L. Militano, A. Orsino, G. Araniti, and A. Iera, “NB-IoT for D2D-
enhanced content uploading with social trustworthiness in 5G systems,”
Future Internet, vol. 9, no. 3, p. 31, 2017.
[106] L. Atzori, A. Iera, G. Morabito, and M. Nitti, “The social internet of
things (siot)–when social networks meet the internet of things: Concept,
architecture and network characterization,” Computer networks, vol. 56,
no. 16, pp. 3594–3608, 2012.
[107] P. Salva-Garcia, E. Chirevella-Perez, J. B. Bernabe, J. M. Alcaraz-Calero,
and Q. Wang, “Towards automatic deployment of virtual firewalls to
support secure mMTC in 5G networks,” in IEEE INFOCOM 2019-IEEE
Conference on Computer Communications Workshops (INFOCOM WK-
SHPS). IEEE, 2019, pp. 385–390.
[108] P. Salva-Garcia, J. M. Alcaraz-Calero, Q. Wang, J. B. Bernabe, and
A. Skarmeta, “5G NB-IoT: Efficient network traffic filtering for mul-
titenant iot cellular networks,” Security and Communication Networks,
vol. 2018, 2018.
[109] R. Fujdiak, P. Blazek, K. Mikhaylov, L. Malina, P. Mlynek, J. Mis-
urec, and V. Blazek, “On track of sigfox confidentiality with end-to-
end encryption,” in Proceedings of the 13th International Conference on
Availability, Reliability and Security. ACM, 2018, p. 19.
[110] D. J. Bernstein, “ChaCha, a variant of Salsa20,” in Workshop Record of
SASC, vol. 8, 2008, pp. 3–5.
[111] S. M. Bellovin, “Frank Miller: Inventor of the one-time pad,” Cryptolo-
gia, vol. 35, no. 3, pp. 203–222, 2011.
[112] L. L. Moan, ZÉRO G: Le réseau mondial de connexion des objets va
changer le monde, 2020.
[113] N. Haider, M. Z. Baig, and M. Imran, “Artificial Intelligence and Machine
Learning in 5G Network Security: Opportunities, advantages, and future
research trends,” arXiv preprint arXiv:2007.04490, 2020.
[114] J. Sanchez-Gomez, D. Garcia-Carrillo, R. Marin-Perez, R. Sanchez-
Iborra, and A. F. S. Gomez, “Secure bootstrapping and header
compression for IoT constrained networks,” in 2020 Global Internet of
Things Summit (GIoTS), no. i. IEEE, jun 2020, pp. 1–6. [Online].
Available: https://ieeexplore.ieee.org/document/9119644/
[115] P. Thubert, A. Pelov, and S. Krishnan, “Low-power wide-area networks
at the ietf,” IEEE Communications Standards Magazine, vol. 1, no. 1, pp.
76–79, 2017.
[116] A. Minaburo, L. Toutain, C. Gomez, and D. Barthel, “SCHC: Generic
Framework for Static Context Header Compression and Fragmentation,
RFC 8724, Tech. Rep. 8724, apr 2020. [Online]. Available: https:
//rfc-editor.org/rfc/rfc8724.txthttps://www.rfc-editor.org/info/rfc8724
[117] A. Minaburo, L. Toutain, and R. Andreasen, “LPWAN Static
Context Header Compression (SCHC) for CoAP,” Internet Engineering
Task Force, Internet-Draft draft-ietf-lpwan-coap-static-context-hc-
15, 2020. [Online]. Available: https://datatracker.ietf.org/doc/html/
draft-ietf-lpwan-coap-static-context-hc-15
[118] J.-C. Zúñiga, C. Gomez, and L. Toutain, “SCHC over Sigfox LPWAN,
Internet Engineering Task Force, Internet-Draft draft-ietf-lpwan-schc-
over-sigfox-03, 2020. [Online]. Available: https://datatracker.ietf.org/
doc/html/draft-ietf-lpwan-schc-over-sigfox-03
[119] O. Gimenez and I. Petrov, “Static Context Header Compression (SCHC)
over LoRaWAN,” Internet Engineering Task Force, Internet-Draft
draft-ietf-lpwan-schc-over-lorawan-08, 2020. [Online]. Available: https:
//datatracker.ietf.org/doc/html/draft-ietf-lpwan-schc-over-lorawan-08
[120] E. Ramos and A. Minaburo, “SCHC over NB-IoT,” Internet
Engineering Task Force, Internet-Draft draft-ietf-lpwan-schc-over-
nbiot-03, 2020. [Online]. Available: https://datatracker.ietf.org/doc/
html/draft-ietf-lpwan-schc-over-nbiot-03
[121] M. Vuˇ
cini´
c, G. Selander, J. Mattsson, and D. Garcia-Carillo, “Require-
ments for a Lightweight AKE for OSCORE,” Internet Engineering Task
Force, Internet-Draft draft-ietf-lake-reqs-04, 2020. [Online]. Available:
https://datatracker.ietf.org/doc/html/draft-ietf-lake-reqs-04
[122] S. Delbruel, N. Small, E. Aras, J. Oostvogels, and D. Hughes, “Tack-
ling Contention Through Cooperation: A Distributed Federation in Lo-
RaWAN Space,” in 2020 International Conference on Embedded Wire-
less Systems and Networks, 2020, pp. 13–24.
[123] C. Tselios, I. Politis, and S. Kotsopoulos, “Enhancing SDN security for
IoT-related deployments through blockchain,” in 2017 IEEE Conference
on Network Function Virtualization and Software Defined Networks
(NFV-SDN). IEEE, nov 2017, pp. 303–308. [Online]. Available:
http://ieeexplore.ieee.org/document/8169860/
[124] J. Santa, R. Sanchez-Iborra, P. Rodriguez-Rey, L. Bernal-Escobedo, and
A. F. Skarmeta, “LPWAN-based vehicular monitoring platform with a
generic IP network interface,” Sensors, vol. 19, no. 2, p. 264, 2019.
[125] I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila, and
A. Gurtov, “Overview of 5G security challenges and solutions,” IEEE
Communications Standards Magazine, vol. 2, no. 1, pp. 36–43, 2018.
[126] N. Alliance, “5G white paper,” Next generation mobile networks,
white paper, vol. 1, 2015. [Online]. Available: https://www.ngmn.org/
work-programme/5g-white-paper.html
[127] J. Mattsson, F. Palombini, and M. Vuˇ
cini´
c, “Comparison
of CoAP Security Protocols,” Internet Engineering Task
Force, Internet-Draft draft-ietf-lwig-security-protocol-comparison-
04, 2020. [Online]. Available: https://datatracker.ietf.org/doc/html/
draft-ietf-lwig-security-protocol-comparison- 04
[128] P. Warden and D. Situnayake, Tinyml: Machine Learning with Tensor-
flow Lite on Arduino and Ultra-Low-Power Microcontrollers. O’Reilly
UK Ltd., 2019.
[129] R. Sanchez-Iborra and A. F. Skarmeta, “TinyML-Enabled Frugal
Smart Objects: Challenges and Opportunities,” IEEE Circuits and
Systems Magazine, vol. 20, no. 3, pp. 4–18, 2020. [Online]. Available:
https://ieeexplore.ieee.org/document/9166461/
[130] E. Rescorla, R. Barnes, and H. Tschofenig, “Compact TLS 1.3,”
Internet Engineering Task Force, Internet-Draft draft-rescorla-tls-
ctls-04, 2020. [Online]. Available: https://datatracker.ietf.org/doc/html/
draft-rescorla-tls-ctls- 04
[131] M. Steinke, I. Adam, and W. Hommel, “Multi-Tenancy-Capable
Correlation of Security Events in 5G Networks,” in 2018 IEEE
Conference on Network Function Virtualization and Software Defined
Networks (NFV-SDN). IEEE, nov 2018, pp. 1–6. [Online]. Available:
https://ieeexplore.ieee.org/document/8725633/
[132] D. Ageyev, O. Bondarenko, W. Alfroukh, and T. Radivilova, “Provision
security in SDN/NFV,” in 2018 14th International Conference
on Advanced Trends in Radioelecrtronics, Telecommunications and
Computer Engineering (TCSET). IEEE, feb 2018, pp. 506–509.
[Online]. Available: http://ieeexplore.ieee.org/document/8336252/
[133] A. Dhaka, A. Nandal, and R. Dixit, “Cognitive Radio Network-
Based Design and Security Challenges in 5G Communication,”
in Forensic Investigations and Risk Management in Mobile
and Wireless Communications. IGI Global, 2020, pp. 221–241.
VOLUME 4, 2016 23
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
[Online]. Available: http://services.igi-global.com/resolvedoi/resolve.
aspx?doi=10.4018/978-1-5225-9554- 0.ch009
[134] 3GPP, “Study on security aspects of 5G network slicing management,”
3rd Generation Partnership Project (3GPP), Technical Specification
(TS) 33.811, version 15. [Online]. Available: http://www.3gpp.org/
DynaReport/33811.htm
[135] 3GPP, “Study on security aspects of the 5G Service Based
Architecture (SBA),” 3rd Generation Partnership Project (3GPP),
Technical Specification (TS) 33.855, version 15. [Online]. Available:
http://www.3gpp.org/DynaReport/33855.htm
[136] ETSI, “ETSI TS 103 458 V1.1.1. CYBER; Application of Attribute
Based Encryption (ABE) for PII and personal data protection on IoT
devices, WLAN, cloud and mobile services - High level requirements ,
European Telecommunications Standards Institute (ETSI), Tech. Rep.,
version 1.1.1. [Online]. Available: https://www.etsi.org/deliver/etsi_ts/
103400_103499/103458/01.01.01_60/ts_103458v010101p.pdf
[137] Open Networking Foundation, “TR-526 "Applying SDN Ar-
chitecture to 5G Slicing",” Tech. Rep. 1, 2016. [Online].
Available: https://www.opennetworking.org/wp-content/uploads/2014/
10/Applying_SDN_Architecture_to_5G_Slicing_TR-526.pdf
[138] S. Pérez, J. L. Hernández-Ramos, S. Raza, and A. Skarmeta, “Application
Layer Key Establishment for End-to-End Security in IoT,” IEEE Internet
of Things Journal, vol. 7, no. 3, pp. 2117–2128, 2019.
[139] NIS Cooperation Group, “EU coordinated risk
assessment of the cybersecurity of 5G networks,”
Tech. Rep. October, 2019. [Online]. Available: https:
//g8fip1kplyr33r3krz5b97d1-wpengine.netdna-ssl.com/wp-content/
uploads/2019/10/Report-EU-risk-assessment- final-October-9.pdf
[140] European Union Agency for Cybersecurity (ENISA), “ENISA
Threat Landscape for 5G Networks,” Tech. Rep. November,
2019. [Online]. Available: https://www.enisa.europa.eu/publications/
enisa-threat-landscape-for-5g-networks
[141] “European Core Technologies for future connectivity systems and
components (COREnect),” 2020. [Online]. Available: https://cordis.
europa.eu/project/id/956830
[142] “5G creating opportunities for LOGistics supply chain INNOVation
(5G-LOGINNOV),” 2020. [Online]. Available: https://cordis.europa.eu/
project/id/957400
[143] “5G for cooperative & connected automated MOBIility on X-
border corridors (5G-MOBIX),” 2020. [Online]. Available: https:
//www.5g-mobix.com/
[144] “Integrating 5G enabling technologies in a holistic service to physical
layer 5G system platform (Int5Gent),” 2020. [Online]. Available:
https://cordis.europa.eu/project/id/957403
[145] “5G-DIVE: eDge Intelligence for Vertical Experimentation,” 2020.
[Online]. Available: https://cordis.europa.eu/project/id/859881
[146] “A unified network, Computational and stOrage resource Management
framework targeting end-to-end Performance optimization for
secure 5G muLti-tEchnology and multi-Tenancy Environments (5G-
COMPLETE),” 2020. [Online]. Available: https://cordis.europa.eu/
project/id/871900
[147] J. Ortiz, R. Sanchez-Iborra, J. B. Bernabe, A. Skarmeta, C. Benzaid,
T. Taleb, P. Alemany, R. Muñoz, R. Vilalta, C. Gaber et al., “INSPIRE-
5Gplus: intelligent security and pervasive trust for 5G and beyond net-
works,” in Proceedings of the 15th International Conference on Avail-
ability, Reliability and Security, 2020, pp. 1–10.
[148] “a cyberSecurity Platform for vIrtualiseD 5G cybEr Range services
(SPIDER),” 2020. [Online]. Available: https://cordis.europa.eu/project/
id/833685
JESUS SANCHEZ-GOMEZ received from Uni-
versity of Murcia the BSc degree in Computer
Engineering and the MSc on New Technologies in
Computer Science in 2017 and 2018, respectively.
Currently he is a PhD student and researcher at
the same university under Fundación Séneca -
Agencia de Ciencia y Tecnología de la Región de
Murcia FPI Grant 20751/FPI/18, at Department of
Information and Communication Engineering. His
research interests include 5G, LPWANs, and IoT.
DAN GARCÍA CARRILLO received his Ph.D.
in Computer Science at the University of Murcia
in 2018 under an Industrial Doctorate grant. He
is involved in the IETF in several standardization
efforts regarding bootstrapping and security in the
context of the Internet of Things. Currently he is
a postdoctoral researcher, continuing the research
on new protocols and proposal to secure IoT in
different types of constrained networks such as
6LoWPAN, 6TiSCH, LP-WAN and, recently, 5G.
He has collaborated in EU projects like Sociotal, SMARTIE, ANASTACIA
and Plug-N-Harvest. His main research interests are security and privacy for
IoT as well as emergent technologies.
RAMON SANCHEZ-IBORRA received the BSc
degree in telecommunication engineering in 2007
and the MSc and PhD degrees in information and
communication technologies in 2013 and 2016, re-
spectively, from the Technical University of Carta-
gena. His main research interests are evaluation
of QoE in multimedia services, management of
wireless mobile networks, green networking tech-
niques, and IoT/M2M architectures. Currently he
is an Assistant Professor and Researcher at the
Information and Communications Engineering Department in the University
of Murcia.
JOSÉ L. HERNÁNDEZ-RAMOS is a Scien-
tific Project Officer with the European Commis-
sion, Joint Research Centre. His research interests
include the application of security and privacy
mechanisms in the Internet of Things and trans-
port systems scenarios, including blockchain and
machine learning. He has participated in differ-
ent European research projects, such as SocIo-
Tal, SMARTIE and SerIoT. He has served as a
technical program committee and chair member
for different international confer-ences. He received the Ph.D. degree in
computer science from the University of Murcia, Spain.
24 VOLUME 4, 2016
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.3041057, IEEE Access
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
JORGE GRANJAL is an Assistant Professor at
the Department of Informatics Engineering of the
Faculty of Science and Technology of the Univer-
sity of Coimbra, in Portugal. He also a Researcher
of the Laboratory of Communication and Telem-
atics of the Centre for Informatics and Systems of
the University of Coimbra. He obtained is PhD
in 2014, and his main current research interests
are Computer Networks, Network Security and
Wireless Sensor Networks. Jorge is also a member
of IEEE and ACM communications groups.
RAFAEL MARIN-PEREZ received his Ph.D. in
Computer Science, at University of Murcia in
2012. Since 2006, he worked as full-time re-
searcher on more 10 international projects like
ARMOUR, ANASTACIA, Plug-n-Harvest and
DEMETER, as well in national projects such as
SAVIA, HospiSegur, MCiudad and MARTA in
the fields of Wireless Sensor Networks, Internet
of Things and CyberSecurity/Privacy. Currently,
he is technology manager in the Department of
Research and Innovation at Odin Solutions SL.
MIGUEL A. ZAMORA-IZQUIERDO received
the M.S. degree in Automation and Electronics
and the Ph.D. degree in Industrial Engineering
from the University of Murcia (UMU), Spain,
in 1997 and 2003, respectively. In 1999, he was
Assistant Professor with the Department of Infor-
mation and Communication Engineering, UMU.
Temporarily he also was an external researcher
at the LCPC (Laboratoire Central des Ponts et
Chaussées), Nantes, France. Since 2010 he is an
Associate Professor at the same Department. His research interest covers
ubiquitous and embedded systems, sensors fusion and integration and com-
munication architectures.
VOLUME 4, 2016 25
... Another feature to consider when choosing the radio communication technology is the capability to pass the messages of mobile end devices from one server to another. This feature, known as handover, is managed by the external radio access network (RAN) in 3GPP technologies, while non-3GPP technologies manage the handover themselves without external support [22]. In LoRaWAN, the handling of messages over the nearest servers for mobile devices is avoided by the ability for message reception from numerous base stations. ...
... NB-IoT's specifications are linked to the 3rd Generation Partnership Project (3GPP), so the integration into the 5G ecosystem is considered. Some authentication mechanisms of 5G networks such as 5G-AKA and EAP-AKA need to be implemented by NB-IoT devices that use the 3GPP specifications [22]. In addition to Long-Term Evolution (LTE) networks, NB-IoT can be deployed on Global System for Mobile Communications (GSM) or Universal Mobile Telecommunications System (UMTS) networks. ...
Article
Full-text available
With the emerging Internet of Things (IoT) technologies, the smart city paradigm has become a reality. Wireless low-power communication technologies (LPWAN) are widely used for device connection in smart homes, smart lighting, mitering, and so on. This work suggests a new approach to a smart parking solution using the benefits of narrowband Internet of Things (NB-IoT) technology. NB-IoT is an LPWAN technology dedicated to sensor communication within 5G mobile networks. This paper proposes the integration of NB-IoT into the core IoT platform, enabling direct sensor data navigation to the IoT radio stations for processing, after which they are forwarded to the user application programming interface (API). Showcasing the results of our research and experiments, this work suggests the ability of NB-IoT technology to support geolocation and navigation services, as well as payment and reservation services for vehicle parking to make the smart parking solutions smarter.
... Shancang et al. [8] surveyed the current research state-of-the-art of 5G IoT, key enabling technologies, and main research trends and challenges in 5G IoT. Jesus et al. [9] presented a comprehensive review and analysis of research works proposing security solutions for the 5G-LPWAN integration. In [10], the state-of-the-art of IoT application requirements along with their associated communication technologies is explored. ...
Article
Full-text available
Addressing the recent trend of the massive demand for resources and ubiquitous use for all citizens has led to the conceptualization of technologies such as the Internet of Things (IoT) and smart cities. Ubiquitous IoT connectivity can be achieved to serve both urban and underserved remote areas such as rural communities by deploying 5G mobile networks with Low Power Wide Area Network (LPWAN). The current architectures will not offer flexible connectivity to many IoT applications due to high service demand, data exchange, emerging technologies, and security challenges. Hence, this paper explores various architectures that consider a hybrid 5G-LPWAN-IoT and Smart Cities. This includes security challenges as well as endogenous security and solutions in 5G and LPWAN-IoT. The slicing of virtual networks using software-defined network (SDN)/network function virtualization (NFV) based on the different quality of service (QoS) to satisfy different services and quality of experience (QoE) is presented. Also, a strategy that considers the implementation of 5G jointly with Weightless-N (TVWS) technologies to reduce the cell edge interference is considered. Discussions on the need for ubiquity connectivity leveraging 5G and LPWAN-IoT are presented. In addition, future research directions are presented, including a unified 5G network and LPWAN-IoT architecture that will holistically support integration with emerging technologies and endogenous security for improved/secured smart cities and remote areas IoT applications. Finally, the use of LPWAN jointly with low earth orbit (LEO) satellites for ubiquitous IoT connectivity is advocated in this paper.
... Recently, LPWANs [65], [66] are gaining relevance due to their long range, low power capabilities and great scalability. Other aspects like security are currently being analyzed [67]. Examples of LPWAN technologies are LoRa/LoRaWAN, NB-IoT or SigFox. ...
Article
Full-text available
Industry 5.0 follows the steps of the Industry 4.0 paradigm and seeks for revolutionizing the way industries operate. In fact, Industry 5.0 focuses on research and innovation to support industrial production sustainability and place the well-being of industrial workers at the center of the production process. Thus, Industry 5.0 relies on three pillars: it is human-centric, it encourages sustainability and it is aimed at developing resilience against disruptions. Such core aspects cannot be fully achieved without a transparent end-to-end human-centered traceability throughout the value chain. As a consequence, Auto-Identification (Auto-ID) technologies play a key role, since they are able to provide automated item recognition, positioning and tracking without human intervention or in cooperation with industrial operators. Although the most popular Auto-ID technologies provide a certain degree of security and productivity, there are still open challenges for future Industry 5.0 factories. This article analyzes and evaluates the Auto-ID landscape and delivers a holistic perspective and understanding of the most popular and the latest technologies, looking for solutions that cope with harsh, diverse and complex industrial scenarios. In addition, it describes a methodology for selecting Auto-ID technologies for Industry 5.0 factories. Such a methodology is applied to a specific use case of the shipbuilding industry that requires identifying the main components of a ship during its construction and repair. To validate the outcomes of the methodology, a practical evaluation of passive and active UHF RFID tags was performed in an Offshore Patrol Vessel (OPV) under construction, showing that a careful selection and evaluation of the tags enables product identification and tracking even in areas with a very high density of metallic objects. As a result, this article serves as a useful guide for industrial stakeholders, including future developers and managers that seek for deploying identification and traceability technologies in Industry 5.0 scenarios.
... Some potential security attacks are device software malfunction, prying, malevolent code infusions, device tampering, and unauthorized access [12]. Furthermore, studies such as [13,14] investigated the security issues of integrating LPWAN in the 5G ecosystem, as well as the practical evaluation of compression and fragmentation of standard protocols as applied to IoTs in LPWAN, respectively. Hence, IoT devices require more capable security schemes that work in tandem with the communication protocols to mitigate these security attacks. ...
Article
Full-text available
Most existing conventional security mechanisms are insufficient, mainly attributable to their requirements for heavy processing capacity, large protocol message size, and longer round trips, for resource-intensive devices operating in an Internet of Things (IoT) context. These devices necessitate efficient communication and security protocols that are cognizant of the severe resource restrictions regarding energy, computation, communication, and storage. To realize this, the IETF (Internet Engineering Task Force) is currently working towards standardizing an ephemeral key-based lightweight and authenticated key exchange protocol called EDHOC (Ephemeral Diffie–Hellman over COSE). The protocol’s primary purpose is to build an OSCORE (Object Security for Constrained RESTful Environments) security environment by supplying crucial security properties such as secure key exchange, mutual authentication, perfect forward secrecy, and identity protection. EDHOC will most likely dominate IoT security once it becomes a standard. It is, therefore, imperative to inspect the protocol for any security flaw. In this regard, two previous studies have shown different security vulnerabilities of the protocol using formal security verification methods. Yet, both missed the vital security flaws we found in this paper: resource exhaustion and privacy attacks. In finding these vulnerabilities, we leveraged BAN-Logic and AVISPA to formally verify both EDHOC protocol variants. Consequently, we described these security flaws together with the results of the related studies and put forward recommended solutions as part of our future work.
... This is especially critical in the case of using LPWANs, given their constraints in the amount and size of the transported messages. Different solutions are under study, to enable efficient key generation and renewal for constrained end-devices [66], even being compliant with the security requirements of the novel 5G architecture [67]. The malicious access to the data that are transmitted by a wearable may permit user identification, as well as exposing sensitive data, which easily allows the monitoring user habits and real-time sensed information. ...
Article
Full-text available
The penetration of wearable devices in our daily lives is unstoppable. Although they are very popular, so far, these elements provide a limited range of services that are mostly focused on monitoring tasks such as fitness, activity, or health tracking. Besides, given their hardware and power constraints, wearable units are dependent on a master device, e.g., a smartphone, to make decisions or send the collected data to the cloud. However, a new wave of both communication and artificial intelligence (AI)-based technologies fuels the evolution of wearables to an upper level. Concretely, they are the low-power wide-area network (LPWAN) and tiny machine-learning (TinyML) technologies. This paper reviews and discusses these solutions, and explores the major implications and challenges of this technological transformation. Finally, the results of an experimental study are presented, analyzing (i) the long-range connectivity gained by a wearable device in a university campus scenario, thanks to the integration of LPWAN communications, and (ii) how complex the intelligence embedded in this wearable unit can be. This study shows the interesting characteristics brought by these state-of-the-art paradigms, concluding that a wide variety of novel services and applications will be supported by the next generation of wearables.
... Krawetz's experience in cyber forensics, cybersecurity, and software solutions enable him to provide valuable insight into the configuration, development, and maintenance of safe networks. (Sanchez-Gomez et al., 2020) The literature presented the security procedures for the 5G system, as specified by the 3GPP specification, were examined, as well as the security strengths and vulnerabilities of commonly deployed LPWAN technologies such as LoRaWAN, Sigfox, or NB-IoT. Various SDOs, such as the ITU or the IETF, have proposed tangible measures to ensure the seamless convergence between the two ecosystems. ...
Article
5G communication provide a promising platform for new, innovative and diverse enhanced mobile broadband (eMBB) and massive device connectivity applications, such as streaming media, machine vision and Internet of Things (IoT), real-time and dynamic data processing, intensive computation. However, 5G multimedia devices deployment relies on the coverage of base stations, which is inefficient and costly in wide-area coverage and physical penetration. In this paper, a 5G and wide-area Ad Hoc network fusion architecture is proposed to flexibly provide scalable 5G and extensible low-power devices interconnection liberated from geographical restriction, which consists of a low-power wide-area network and an edge processing gateway. Moreover, the intelligent edge gateway near a specific base station can support real-time ultra-high-definition video streams access and achieve traffic optimization by compressing, intelligent identification and preprocessing of the video streams to alleviate traffic congestion. The coverage capacity efficiency of wide-area Ad Hoc networks is restricted by the "funnel effect" in multihop cascading, and adaptive resource allocation strategies will present a promising approach to realize energy-efficient deployment. A non-convex optimization problem is formulated to maximize the energy-efficient deployment of Ad Hoc network. Then, a coordination and optimization strategy of internal resource allocation in deployed multihop nodes based on Lagrange relaxation algorithm was presented to solve the optimization problem. The actual system deployment and real measurement proved that the system function is running normally and stably. The experimental simulation test results show that the proposed 5G wide-area Ad Hoc network can effectively make up for the adaptive streaming needs of 5G coverage blind spots. Compared with static resource allocation, the proposed resource allocation and deployment scheme reduces energy consumption by 42.31%.
Article
The expansion of the Internet of Moving Things (IoMT) leads to limitless and continuous working playgrounds exploited by highly dynamic end devices. This requires the adoption of multi-Radio Access Technologies (RATs)-based strategies to provide IoMT units with ubiquitous connectivity. To this end, the development of secure bootstrapping and authentication mechanisms is necessary to permit the secure operation of end devices. Given the transmission and power limitations of these elements, current cryptographic solutions do not address these stringent requirements. For that reason, in the study we present a Multi-Access Edge Computing (MEC)-based end-to-end architecture that enables an efficient and secure authentication and key agreement between end devices and network servers over heterogeneous resource-limited networks such as the Low Power Wide Area Networks (LPWANs). Our proposal is based on the Authentication, Authorization, and Accounting (AAA) architecture and the recent Internet Engineering Task Force initiatives Static Context Header Compression and Low-Overhead CoAP-EAP. The results obtained from experimental tests reveal the validity of the proposal as it enables constrained IoMT devices to gain IPv6 connectivity as well as performs end-to-end secure authentication with notable reliability and controlled latency.
Technical Report
Full-text available
This document defines the Static Context Header Compression and fragmentation (SCHC) framework, which provides both a header compression mechanism and an optional fragmentation mechanism. SCHC has been designed with Low-Power Wide Area Networks (LPWANs) in mind. SCHC compression is based on a common static context stored both in the LPWAN device and in the network infrastructure side. This document defines a generic header compression mechanism and its application to compress IPv6/UDP headers. This document also specifies an optional fragmentation and reassembly mechanism. It can be used to support the IPv6 MTU requirement over the LPWAN technologies. Fragmentation is needed for IPv6 datagrams that, after SCHC compression or when such compression was not possible, still exceed the Layer 2 maximum payload size. The SCHC header compression and fragmentation mechanisms are independent of the specific LPWAN technology over which they are used. This document defines generic functionalities and offers flexibility with regard to parameter settings and mechanism choices. This document standardizes the exchange over the LPWAN between two SCHC entities. Settings and choices specific to a technology or a product are expected to be grouped into profiles, which are specified in other documents. Data models for the context and profiles are out of scope.
Conference Paper
Full-text available
The promise of disparate features envisioned by the 3GPP for 5G, such as offering enhanced Mobile Broadband connectivity while providing massive Machine Type Communications likely with very low data rates and maintaining Ultra Reliable Low Latency Communications requirements, create a very challenging environment for protecting the 5G networks themselves and associated assets. To overcome such complexity, future 5G networks must employ a very high degree of network and service management automation, which is a security challenge by itself as well as an opportunity for smarter and more efficient security functions. In this paper, we present the smart, trustworthy and liable 5G security platform being designed and developed in the INSPIRE-5Gplus1 project. This platform takes advantage of new techniques such as Machine Learning (ML), Artificial Intelligence (AI), Distributed Ledger Technologies (DLT), network softwarization and Trusted Execution Environment (TEE) for closed-loop and end-to-end security management following a zero-touch model in 5G and Beyond 5G networks. To this end, we specifically elaborate on two key aspects of our platform, namely security management with Security Service Level Agreements (SSLAs) and liability management, in addition to the description of the overall architecture.
Article
Full-text available
The digitalization of current urban spaces is realizing the vision of so-called smart cities, where security and privacy concerns could affect citizens’ safety. This work discusses potential solutions derived from European Union research efforts to be considered in the coming years.
Article
Full-text available
Low-Power Wide-Area Network (LPWAN) is one of the enabling technologies of the Internet of Things (IoT), and focuses on providing long distance connectivity for a vast amount of smart devices. Currently, LoRa is one of the leading LPWAN solutions available for public use. In LPWANs, especially in LoRa, security is a major concern due to the resource constraints of the devices, the sensitivity level of the transmitted data, the large amount of connected devices, among other reasons. This paper studies the key management mechanism of LoRaWAN environments. A secure architecture for key management based on smart contracts and permissioned blockchain to enhance security and availability in LoRaWAN networks is proposed. To demonstrate the feasibility of the proposed blockchain-based LoRaWAN architecture, a working prototype has been created using open-source tools and commodity hardware. Performance analysis shows that the prototype presents similar execution time and latency values, when compared to a traditional system, especially for small and medium-sized LoRaWAN networks. We also discuss why the proposed solution can be used in environments with a large number of end-devices.
Article
Full-text available
Now reaching 2020, the world is witnessing the initial diffusion of 5G networks, which promise to revolutionize the mobile wireless communications, providing faster services, very low delays, and a very pervasive connectivity via mobile devices. It is worth to remark that the main paradigm which will take advantage from 5G is really the Internet of Things (IoT). However, the spreading of 5G technology also generates important concerns in terms of security and privacy, due to the continuous and wireless connection to the network, which hinders the reliability of the involved devices. This paper deeply analyzed the current state of the art about the existing security and privacy solutions tailored to 5G. More in detail, the following requirements are discussed: data integrity, confidentiality, authentication, access control, non-repudiation, trust, privacy, identity management, key management, policy enforcement, and intrusion detection. Furthermore, the paper aims to shed the light on future research directions towards the realization of secure and privacy aware 5G systems. To this end, the role of emerging paradigms, such as IoT, fog computing, and blockchain is investigated.
Article
The TinyML paradigm proposes to integrate Machine Learning (ML)-based mechanisms within small objects powered by Microcontroller Units (MCUs). This paves the way for the development of novel applications and services that do not need the omnipresent processing support from the cloud, which is power consuming and involves data security and privacy risks. In this work, a comprehensive review of the novel TinyML ecosystem is provided. The related challenges and opportunities are identified and the potential services that will be enabled by the development of truly smart frugal objects are discussed. As a main contribution of this paper, a detailed survey of the available TinyML frameworks for integrating ML algorithms within MCUs is provided. Besides, aiming at illustrating the given discussion, a real case study is presented. Concretely, we propose a multi-Radio Access Network (RAT) architecture for smart frugal objects. The issue of selecting the most adequate communication interface for sending sporadic messages considering both the status of the device and the characteristics of the data to be sent is addressed. To this end, several TinyML frameworks are evaluated and the performances of a number of ML algorithms embedded in an Arduino Uno board are analyzed. The attained results reveal the validity of the TinyML approach, which successfully enables the integration of techniques such as Neural Networks (NNs), Support Vector Machine (SVM), decision trees, or Random Forest (RF) in frugal objects with constrained hardware resources. The outcomes also show promising results in terms of algorithm's accuracy and computation performance.
Chapter
This chapter deals with the main development challenges of 5G network. The 5G terminals can be made as reconfigurable multimode and cognitive radio enabled. Such networks will have software defined radio modulation schemes. The 5G mobile networks will focus on the development of the user terminals where the terminals will have access to different wireless technologies at the same time and will combine different flows from different technologies. It is beneficial to deploy cloud-computing platforms running on general-purpose hardware, leading to a cloud-RAN system. This chapter is focused on the challenges and benefits of implementing reconfigurable signal processing algorithms on a cloud-computing platform and address various security issues with cognitive radio networks.
Article
In the recent years, the growth of technology and the resulting transformation is happening at a rapid pace. In this junction, IoT has provided a great platform and bridge between these technologies. A lot of research regarding the application of IoT Systems has been done in the recent years but one area that lacks research is security issues in Narrow Band Internet of Things (NB-IoT).It is noticed that security and Privacy in NB-IoT system is a challenging task for researchers and academia. Application of NB-IoT in Defense security opened a new way for the researchers but at the same time security threat can lead to drastic loss. Nowadays, MEMS-NB-IoT device (Bug)/ BOT are being used for carrying out any malicious security attack. This can be a serious area of concern in the case of defense security. These MEMS device are very dangerous and it can spoof data from any type of network. The size of this device is very small, it can travel to any location for monitoring the enemy movement, and it is very difficult to identify these types of bugs. These BOT device very sensitive at Perception and Network Layered. In this paper, we have provided detail analysis of IoT/NB-IoT Layered architecture. A novel proposal depicting security attack in a Smart home system with IoT and NB-IoT enabled devices is presented. The Secrecy Rate (SR), the Secrecy Outage Probability (SOP) is being calculated, and performance analysis of IoT system in the presence of Bugs for a smart home system is carried out. Simulations have been performed and the performance analysis done is based on Security non-outage probability vs security rate with real time analysis.
Article
Low-power wide-area networks (LPWAN) technologies, such as LoRaWAN, have become a popular and cost-effective way of monitoring assets. Two considerations which still present a barrier to deployment are the cost of deployment and the potential cost and disruption of re-keying a compromised network. This loss of functionality from a compromised network has made security conscious industries reluctant to embrace LPWAN technology. This paper will address these concerns by simplifying the deployment and re-keying of LoRaWAN devices, by detailing a procedure which uses a smartphone’s camera flash to transfer the necessary credentials. Smartphones were chosen as a transfer mechanism since they are both abundant and suitably powerful to generate and transfer secure keys. Using smartphones and light also removes the need for a laptop, a wired connection and programming software, allowing devices to be provisioned out in the field without the need for calibration or specialised tools. The design was created and successfully programs sensor devices in variety of environments, and has demonstrated benefits to critical national infrastructure industries such as utilities.