An LPWAN can provide an enticing target to hackers. It offers low-cost, reliable connectivity over distances of 10 km and sometimes more. This makes the networks much easier to find than private short-range WiFi and Bluetooth networks and attacks can potentially be staged from many locations.
The devices that LPWANs connect are also of high interest to malicious users. For example, smart-city systems use LPWANs to automate the collection of meter data and perform control and monitoring functions of the urban infrastructure. Systems use this data to show parking availability and control when refuse is collected. Utilities are using LPWANs to collect data from remote substations. And farmers are making use of the technology to monitor livestock and crops all day, every day.
LoRaWAN itself has emerged as the dominant open specification for LPWANs. As of 2018, there are more than 500 vendors in the LoRaWAN ecosystem with some 60 service providers operating public networks around the world.
The types of systems for which LoRaWAN is designed place a number of constraints on designers that are not found in many traditional networking technologies. Low power and low cost are essential. Some devices that need to communicate over LoRaWAN may only keep running thanks to energy harvesting. This calls for a security infrastructure that can operate efficiently and rules out more heavyweight systems that were developed for desktops and servers that access the internet. But the protocol cannot skimp on protections and weak encryption schemes. Networks and devices need to be sure when they operate on a network they are talking to legitimate systems. And they need to use proven technologies.