12.2. Bootstrapping

As discussed in the LWM2M core specification [LWM2M-Core] section 6.1, there are four ways to bootstrap a device so that it knows how to contact its LWM2M server for management:

  • Factory Bootstrap

  • Bootstrap from Smartcard

  • Client Initiated

  • Server Initiated

Using Factory Bootstrap, devices are provisioned during manufacturing with security credentials and Management Server (edge management system) information. Upon initial field installation, devices will automatically connect directly to their Management Server (Edge Management System/EMS) to perform registration.

Under a Client-Initiated Bootstrap, shown below in Figure 12.1, devices are provisioned during manufacturing with Bootstrap Server (BS) information. Upon field installation, devices initiate the connection to the Bootstrap Server for the provisioning of Security credentials (object 0) and Management Server information (and subsequent registration).

../_images/client-bootstrap.svg

Figure 12.1 Client Bootstrap

As noted in [LWM2M-Core], GEISA ADM conformant devices SHALL support Client Initiated bootstrapping. GESIA ADM conformant devices MAY support other bootstrapping methods. For mass deployed devices, like smart meters, Factory Bootstrapping is usually preferred by system operators.

GEISA ADM conformant devices SHALL provide an accessible out-of-band mechanism which allows the system operator to preprovision the URL of the CoAp Bootstrap-Server, the Bootstrap-Server Account credentials, and any other data needed to complete the boostrapping process (e.g. certificates, keys, etc.).

Note

GEISA ADM Conformant EMS are not required to provide a Bootstrap Server. If a platform provider ships devices set to use client intiated bootstrap, it is expected that they will inform the purchaser in advance or provide a bootstrap server.

Note

ToDo: LWM2M Bootstrapping can include an endpoint client name. This is optional if the identifier provided in the security protocol is sufficient. We need to agree on the security mechanism and discuss whether the identifiers it provides are sufficient.