December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
Contents
A. M2M Reference Architecture .................................................................................................. 2
1. M2M Architectural Components ......................................................................................... 2
2. ETSI Reference Points .......................................................................................................... 3
3. M2M High Level Functional Diagram................................................................................... 5
B.
M2M Service Capabilities ........................................................................................................ 6
C.
M2M High Level Event Flow .................................................................................................... 6
D. M2M Module Identifiers ......................................................................................................... 8
E.
M2M Protocol Stack ................................................................................................................ 9
F.
M2M Resource Management .................................................................................................. 9
G. M2M Service Bootstrapping .................................................................................................. 13
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 1
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
A. M2M REFERENCE ARCHITECTURE
Courtesy of ETSI Spec
1. M2M Architectural Components
M2M Device (D)
Any device with a M2M application and offers M2M service capabilities in that it is capable of
responding to external request for data as well as autonomously transmit data to an external
object as targeted.
M2M Gateway (G)
A gateway module runs a M2M application which offers M2M capabilities and act as a bridge
between M2M devices and the M2M Access Network. Devices without M2M capabilities builtin can go through M2M gateway to interconnect and interwork with the M2M access network.
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 2
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
M2M Area Network
A wired or wireless access network provides connectivity and transport of M2M data/messages
between M2M devices, M2M gateways and M2M servers. Some M2M area network
technologies include: PWLAN, ZWave, Zigbee, Bluetooth, 802.15, PLC (Power Line
Communication), M-Bus used for metering and others.
M2M Core Network (N)
This is the central part of the M2M communication network that provides various services to
service providers connected via the access network such as GERAN, WiMAX, Satellite, DSL,
UTRAN, WLAN or eUTRAN.
M2M Application / Server (A)
This is software running in the middleware layer designed to perform specific business
processes over the M2M Core network.
M2M Service Capabilities Layer (SCL)
This is an abstraction layer of the M2M software where common functionalities are
implemented to serve the M2M application. It exists within M2M Device (DSCL), Gateway
(GSCL) and the Network (NSCL) and provides a set of APIs to expose the M2M service
capabilities closest to the application using them.
Non-ETSI M2M Compliant Device (D’)
Any device with no M2M service capabilities built-in can connect to a M2M gateway to make
use of the M2M service capabilities offered in the gateway via the Gateway Interworking Proxy
(GIP) capability (optional). There is also the Network Interworking Proxy (NIP) and the Device
Interworking Proxy (DIP).
2. ETSI Reference Points
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 3
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
dIa
This reference point is the interface between the Device Application (DA) within a device to the
Device Service Capabilities Layer (DSCL) or a Gateway Service Capabilities Layer (GSCL) in a
M2M gateway. The Gateway Application (GA) also uses this reference point to interface with its
own built-in GSCL and to DSCL of a connected M2M device.
mIa
This reference point is the interface between the Network Application (NA) and its closest
Network Service Capabilities Layer (NSCL).
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 4
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
mld
This reference point is the interface between Service Capabilities Layers from different M2M
components (i.e. DSCL  DSCL GSCL NSCL interchangeably).
3. M2M High Level Functional Diagram
Courtesy of ETSI Spec
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 5
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
Above is the ETSI version of the high-level M2M functional diagram in which the M2M core
interworks with XDMS (XML Document Management System) for different service providers.
B. M2M SERVICE CAPABILITIES
There are three categories of M2M Service Capabilities Layers. One resides in the M2M
Network (NSCL), another in the M2M Gateway (GSCL) and one in the M2M Device.
DAE exposes functionalities implemented in DSCL via a single reference point: dIa
C. M2M HIGH LEVEL EVENT FLOW
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 6
December
11, 2011
1.
2.
3.
4.
5.
6.
7.
8.
Machine-to-machine (M2M)
Functional Architecture Overview
Network Bootstrap – Provisions names, service levels, security, etc.
Network Registration – Can be based on 3GPP, ETSI, TISPAN, etc.
M2M Service Bootstrap – Provisions M2M Service Provider ID and Kmr (M2M Root Key).
M2M Service Connection (mId Security) – Mutual authentication of mId end points and
optional establishment of secure communication over mId based on Kmc (M2M connection
key, generated from Kmr) and sub-keys of Kmc.
SCL Registration – Establishes context of D/GSCL in NSCL and vice versa.
D/GSCL now interacts with NSCL in the network domain.
Application Registration (of D/GA on D/GSCL) – Establishes context of D/GA in D/GSCL and
optional generation of Kma provisioning to application.
D/GA now interacts with local D/GSCL.
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 7
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
9. D/GA now interacts with NSCL in the network domain via D/GSCL.
10. Application Registration (of NA on NSCL) – Establishes context of NA in NSCL.
11. NA in the network domain now interacts with local NSCL.
D. M2M MODULE IDENTIFIERS
List of Identifiers include:
Application identifier, App-ID
This is a globally unique identifier created by the M2M Service Provider to identify M2M
applications running on a M2M Device, M2M Gateway, M2M Network or a non-M2M device.
This App-ID identifies an application, registers with a Service Capabilities Layer (SCL) in order to
interact with the application.
SCL identifier, SCL-ID
This is a globally unique identifier for an instantiation of the Service Capabilities Layer in a M2M
device/gateway/network (server). M2M Service Providers can set SCL-ID to be the same value
as the M2M-Node-ID.
M2M node identifier, M2M-Node-ID
Owned by the Service Provider, this identifier represents a M2M component in the M2M
Device, Gateway or Network. A M2M component includes one SCL, M2M Service Bootstrap
Function (MSBF) if any and a M2M Service Connection Function. This identifier is instantiated
upon M2M Bootstrap procedure or pre-provisioning of the M2M Device/Gateway with an M2M
Service Provider.
M2M Service Connection identifier, M2M-Connection-ID
This identifier identifies a connection between M2M Device/Gateway and the SCL of the
Network component. This connection is for the physical, data link and the network layers and is
instantiated upon D/G SCL being authenticated and authorized by a NSCL for the connection.
M2M Service Provider identifier, M2M-SP-ID
This is a static value representing a M2M Service Provider and shall be unique.
MSBF (M2M Service Bootstrap Function) identifier, MSBF-ID
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 8
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
This is a static value assigned by the M2M Service Provider for a M2M Service Bootstrap
Function.
MAS (M2M Authentication Service) identifier, MAS-ID
This is a static value assigned by the M2M Service Provider for a M2M Authentication Service.
E. M2M PROTOCOL STACK
F. M2M RESOURCE MANAGEMENT
M2M Applications (DA, GA, NA) and M2M SCL are exchanging information with each other
using the clients/servers RESTful architecture. Requests and responses are built around the
transfer of representations of resources addressable by URIs. RESTful resources are handled by
the four basic methods CRUD (Create, Retrieve, Update and Delete). ETSI M2M standardized
resource structures on a SCL.
Resource <sclBase> is the root of all resources under the hosting SCL resource tree. Here are a
few examples of standardized resource structures to illustrate the M2M RESTful resource
hierarchy. Details can be found in the ETSI TS 102 series specifications.
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 9
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
Structure of <sclBase>-resources
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 10
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
Structure of <scl> resource
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 11
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
Structure of registered applications and applications resources
Structure of <application> resource
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 12
December
11, 2011
Machine-to-machine (M2M)
Functional Architecture Overview
G. M2M SERVICE BOOTSTRAPPING
The purpose of this process is to provision a M2M Root Key in the D/G M2M Node and in the
MAS (M2M Authentication Server). The D/G M2M Node may also be provisioned for an M2MNode-ID, SCL-ID and/or one or more NSCL identifiers for use as the next point of contact.
The M2M Service Bootstrap procedures can be based on the access network credentials or can
be completely independent from the access network.
When the access network provider and the M2M service provider share a business relationship,
the access network provides the interface for M2M Service Bootstrapping and its security
credentials are used for the process. SIM and AKA(Authentication and Key Agreement)-based
credentials can be used by both GBA (Generic Bootstrapping Architecture) and EAP-based
(Extensible Authentication Protocol) procedures. Here are the 3 types of Access Network
Assisted M2M Service Bootstrap procedures:



GBA based M2M Service Bootstrap procedure
EAP-based Bootstrap Procedure using SIM/AKA-based credentials
Bootstrap procedure utilizing EAP-based Network Access Authentication
When there is no business relationships between access network provider and M2M service
provider or between M2M device/gateway manufacturer and M2 service provider or in cases
where no security operations are configured in the access network layer, Access Network
Independent M2M Service Bootstrap procedures will take place. Let’s examine this type of
bootstrap procedures from different angles:

M2M Service Bootstrap required properties include:
o Each D/G M2M nodes establishes a secure service session with SCL and not with
other D/G nodes.
o Only minor signaling is required
o No manual provisioning of keys into servers during M2M D/G deployment.

M2M Service Bootstrap Authentication and Transport Options
Either EAP over PANA (Protocol for carrying Authentication for Network Access) or TLS
(Transport Layer Security) over TCP (Transmission Control Protocol) can be used for
carrying the automated bootstrapping authentication methods (i.e. EAP-IBAKE over
EAP/PANA, EAP-TLS over EAP/PANA and TLS over TCP).
Full Scale Technologies
Author: Mimi Tam (CTO)
Page 13
December
11, 2011
Full Scale Technologies
Machine-to-machine (M2M)
Functional Architecture Overview
Author: Mimi Tam (CTO)
Page 14