Machine to Machine (M2M) communication is a form of data communication applicable in a wide variety of areas which can be applied and managed between certain M2M Equipments (M2ME's) without requiring any human interaction.
FIG. 1 is illustrating a typical 3G network architecture which enables M2MEs, here represented by M2ME 100, to connect to and communicate with a home operator (HO), which typically may be referred to as a Selected Home Operator (SHO) in case alternative home operators are accessible, offering one or more services to the M2ME. Typically a plurality of M2MEs located within the same geographical area using the same, or similar, services are connected to the same HO, and may be considered as a dedicated group of M2MEs.
As indicated in FIG. 1, an M2ME 100 may connect to an HO 103 by first connecting to an access point which provides wireless connectivity between the M2ME 100 and the HO 103. In FIG. 1 a Virtual Network Operator or Visiting Network operator (VNO) 101 provides wireless access to M2MEs via a wireless network, such as e.g. a 3G or a 4G network. Once the M2ME 100 has established wireless access to HO 103, conventional registration procedures may be executed by the M2ME 100, interacting with a Registration Operator (RO) 102 and a Platform Validation Authority (PVA) 104. Although not shown in FIG. 1, RO 102 typically comprises a Discovery and Registration Function (DRF), an Initial Connectivity Function (IFC) and a Downloading and Provisioning Function (DPF) which, together with the PVA 104, are used for executing a registration of the M2M2. Alternatively the DPF may reside at the HO 103 instead of in the RO 102.
More details on how to provide 3G connectivity for M2MEs can be studied in 3GPP TR 33.812 “Feasibility Study on the Security Aspects of Remote Provisioning and Change of Subscription for M2M Equipment”.
The M2MEs referred to in this document may be configured as fully self contained devices or devices with interfaces, which enables a respective M2ME to attach to external devices, such as e.g. sensors and/or on-site service equipments.
Irrespective of the applied network configuration, practically any M2ME scenario will assume connectivity between the VNO and the M2MEs that is always kept present, since without cellular connectivity, this type of applications will in general not be able to operate reliably. In practice, however, constant connectivity cannot be guaranteed in presently available M2ME applications.
A Universal Integrated Circuit Card (UICC) is a smart card used in mobile User Equipments (UEs) adapted for wireless network access to the HO 103. The UICC ensures the integrity and security of all kinds of personal data handled by the UEs. For UMTS a Universal Subscriber Identity Module (USIM) is typically running on the UICC. With the UMTS release 5 a new application, the IP multimedia Services Identity Module (ISIM), is instead required if services in the IP-Multimedia Subsystem (IMS) are to be applied on the mobile terminal.
As for mobile terminals providing M2ME functionality, the USIM or ISIM application may reside either within the UICC, or as a separate entity within the M2ME. In the former case the UICC may be either physically integrated with the M2ME, or it may be implemented as a removable UICC, where the UICC is configured to carry the USIM/ISIM, while in the latter case the USIM/ISIM application may be integrated and embedded within the M2ME in a protected module, but without a physical UICC.
The Machine Communications Identity Module (MCIM) application is a USIM/ISIM application which is applicable at an M2ME and which can reside either in a UICC within the M2ME, or in the M2ME without a physical UICC once it has been allocated from the HO to the M2ME, e.g. by way of pushing the MCIM to the M2ME.
Once an M2ME is in possession of an MCIM, a subscription can be managed by the home operator, thereby allowing the M2ME to establish communication with the home operator.
Changing subscription can be a costly process since it may involve costly physical maintenance work on the M2MEs in the field, especially for the scenario involving a large number of M2MEs. Changing of a subscription also require a non-trivial procedure as the UICC and/or MCIM needs to be carefully protected against tampering and stealing, since M2MEs are typically left unattended.
There are a great number of interesting application areas and usage scenarios available for M2ME 3G and 4G communication. In one scenario traffic cameras suitable for making use of cellular connectivity via respective M2ME functionality may be installed in locations, such as e.g. motorway overpasses, remote stretches of roadway, or other traffic constructions, which require traffic monitoring.
Cameras may also require simultaneous secure local WLAN connectivity, such that one camera can communicate with the next camera placed further down the road, e.g. for the purpose of measuring average speed of vehicles passing by the camera arrangement. It will be necessary to securely provision these cameras with subscription credentials. When cameras are deployed over a large area, it may also be necessary to be able to select a carrier for a given camera after it has been deployed, where also such a selection process must be properly secured. In addition, secure post-deployment changes in subscription data will be needed.
In another scenario, referring to the use of M2MEs for a remote metering application, a change of utility by a residential customer may also require a change of operator. The utility itself may switch operators, requiring a change to many meters dispersed over a large geographical area in a limited time frame. The management of these changes may also require very complex accounting mechanisms. Without the ability to remotely change subscription, a service person may need to visit each affected device. For commercial applications, obtaining physical access to deployed devices may be expensive, e.g. because of geography, extreme environmental conditions, and/or due to the need to interrupt a manufacturing process, such as e.g. a petrochemical refining process. Therefore, remote means to enable change of subscription would be desired.
In yet another scenario, M2MEs may be user together with vending machines. Vending machines are however subject to regular attacks on their contents, which increase the threat also to other items of value being contained in the machine. Normally, vending machine
connectivity may come from a Home Node B or from 3GPP I-WLAN access within the M2M subscriber premises.
As indicated in the different scenarios mentioned above, M2MEs are proposed to be used in various types of mission critical deployments, where a failure of the wireless network access could have severe and, in some situations, such as e.g. traffic surveillance, even potentially fatal consequences.
A more reliable solution to a potential wireless disruption scenario where the conventional way of communicating applied by at least two M2MEs is standing the risk of being inoperable is therefore a requirement for the exemplifying scenarios mentioned above, as well as for many other potential M2ME applications.