IPv6 Based Public Safety & Emergency Services
By Latif Ladid, Founder & President, IPv6 Forum, Senior Researcher, SnT – University of Luxembourg
|Latif Ladid, IPv6 Forum President
Recent 21st century large-scale catastrophes such as Hurricane Katrina, the terrorist attacks of 9/11/01 and the Fukushima disaster have called considerable attention to the need for enhanced communications in the public safety and civil protection sectors. In these cases, first responders' operational capacity was compromised by their inability to communicate with each other in real time.
The reasons behind these limitations are the fact that the safety sector is still dominated by proprietary vendor implementations fragmenting safety and communication between stakeholders in the same country and in cross border implementations either through non-interoperable frequencies or still using older technologies based on voice only such as TETRA and TETRAPOL. The recent decision of the German government to invest in TETRA for 4 B€ proved to be a wrong decision as it decided not to invest anymore in TETRA past this investment. The Polish government has withdrawn its TETRA tender in April 2011 from the market waiting for modern solutions using new technologies. The modernisation and the upgrade of the safety sector are the hot topic of this decade to use latest technologies especially low-cost off the shelf products and services already used by normal consumers to exploit data, video and all possible access technologies wherever they are available to save lives and critical assets.
The University of Luxembourg EU funded projects u2010 ( www.u2010.eu), Secricom ( www.secricom.eu), Freesic (www.freesic.eu) and GEN6 (www.gen6.eu) have already researched and studied in-depth the current and future communication needs and new solutions for the public safety sector, highlighting the fact that public safety stakeholders (i.e. police, fire brigades, ambulances, army and civil protection organisations, etc.) request advanced, secure, broadband services based on IP technology. Public safety organizations call for mechanisms to collect and exchange various kinds of information to improve the work and collaboration among not only national stakeholders but EU-wide partners. Even the new digital trunked radio system (TETRA or TETRAPOL), rolled out currently in some European countries, does not satisfy the need for high data rate services, i.e. the exchange of videos, pictures, sensor data or the high-speed download of documents and database content while being in mission.
Therefore, the public safety organisations have started to recommend the use IP technology based on new broadband radio technologies e.g. UMTS with support for HSDAP/HSUPA and LTE, mobile satellite solutions, and mobile ad-hoc networks, for which the CEPT finalized the Europe-wide harmonization of a new frequency spectrum in the 5GHz band.
APCO (The US-based Association of Public-Safety Communications officials www.apcointl.org) has already recommended use of LTE and IPv6 as the future safety networking solutions. The APCO affiliate in Europe called BAPCO (British www.bapco.org.uk) has followed suit recently especially that they are partners in the Secricom project.
The University of Luxembourg has started the European Public Safety Communication Forum (www.psc-europe.eu) based on the EU funded Coordination Action NARTUS (www.nartus.org). The final recommendation of the PSCE Forum was to move to IP-based broadband networking based on the final roadmap designed from the u2010 project end results.
It is abundantly clear that we are moving from a single service emergency service based on voice-only for decades enabled first over radio and then over GSM-based TETRA voice to a multiple apps and services that can be purchased off-the-shelf in every store. The irony of today is that kids today are better equipped than First-Responders with iPhone to do multiple things. In 2011, the London police has purchased 60,000 iPhones for its police to be able to do more than just voice on Tetra hand-sets.
Following charts shows the logical move from the first safety generation using one-way radio devices to Tetra, a digital GSM-based voice though Push-to-talk was introduced to imitate the one-way radio voice service for traditional reasons and for command reasons too. The move of the US APCO recommending LTE over IPv6 is an obvious decision giving the US head-start leadership by learning from the Katrina experience that communication is a life-saver and not a political tools to please just the command, therefore leaving Europe way behind in the fragmented and non-interoperable services. This generation move is almost similar to the Internet generation moving from NCP (ArpaNet), to IPv4 and now to IPv6.
The introduction of IPv6 in public safety networks and service could substantially improve interoperability and end-to-end security, which is especially crucial for cross-border public safety missions. Public safety is not just a national matter but a Europe-wide and a world-wide, and operation management requires involvement and coordination of (different) public safety organisations from different countries. Examples for international issues are disasters of the recent i.e. the earthquake in Italy 2009, the earthquake in Haiti 2010, the Oder flood in Germany in 1997. Efficient management requires efficient coordination (i.e. coordination of resources, strategy, operation, etc.), and coordination requires efficient and interoperable communication between different teams, different organisations, different nations, and different locations.
Hence, the scope of this experiment is the migration to an advanced public safety service and network (i.e. involving new broadband radio technologies) from IPv4 to IPv6, with a special focus on IPv6 security and IPv6 mobility.
Public safety scenario and architecture:
Figure 1 illustrates the scenario and network architecture for public safety communication. Mainly, the network comprises on-site networks (i.e. belonging to different public safety agencies or to distributed teams of one agency), one or more command control centres, databases and information servers, and the backbone. For communication, the team members on-site use several different devices (e.g. smart phones, laptops, tablets, sensors, cameras, etc.). Recently, public safety agencies have started to deploy mobile ad-hoc networks (MANETs) comprising several Mobile Routers to interconnect the user devices on-site. One of the Mobile Routers provides the gateway service and connects to the backbone via a directional radio link, a satellite link, 3G/4G, or DSL.
|Figure 1: Public safety scenario
Examples for public safety services in scope are:
- Access to common databases and information servers while being in mission (blue line).
- Communication between different on-site teams (red line) in order to exchange videos or sensor data for common situation awareness, voice communication, or the sharing of documents.
- Communication between on-site team and command control centre (green line) for coordination and resource management.
Public safety is a governmental area where future IPv6-based services can substantially enhance the efficiency of communication and coordination due to the following IPv6 advantages:
- IPv6 provides interoperability and easier integration of heterogeneous networks (i.e. based on new emerging radio technologies) due to its huge address space. For example, in case nodes of different on-site networks are communicating (red line), with IPv6 each node has got its own unique public address while in IPv4 private addresses could be conflicting. Furthermore, since each mobile node has its own unique IP address, the operations center is able to initiate the communication, not just the mobile node. Moreover, any service can be connected directly (e.g. VOIP call to SIP client, check the temperature on fireman’s clothes sensor, engage GPS on MN, send instructions and video, etc...).
- IPv6 offers several security advantages. IPv6 security experts, has recently performed an EU study called “IPv6 security models and dual-stack (IPv6/IPv4) implications” in which the advantages and challenges of IPv6 security have been identified and described. For instance, IPv6 facilitates easy deployment of end-to-end security without the need for complex NAT traversal mechanisms. Furthermore, more fine grained security policies and filtering rules can be applied due to unique end system addresses, especially interesting for mobile devices.
- IPv6 provides enhanced mobility features (i.e. Mobile IPv6 and NEMO). In public safety scenarios the user devices are likely to be mobile, e.g. nodes attach to different networks on demand. When a mobile node changes location it can connect over the best possible reachable network and change of the network will not impact the reachability of mobile node from operations center because of overlay network called Dual Stack mobile IPv6. Appropriate IPv6-based mobility solutions will be selected and integrated in the experiment.
- IPv6 provides enhanced auto configuration features, e.g. IPv6 stateless auto configuration. Auto configuration facilitates ad-hoc service availability without complex user involvement.
- IPv6 facilitates the development and deployment of new services (without suffering from NAT boxes and the requirement for application level gateways), e.g. large scale deployment of VoIP, exchange of sensor data, information services for situation monitoring, etc.
- Quality of Service support with DiffServ and Flow Label enablement in local and global network environment
- Multicast transmission
- Scope identifier for limiting multimedia/live content reach ability
- MLDv2/PIM-SSM for live multimedia streaming locally and globally
With mobility, a mobile node always has got the same static IPv6 and IPv4 address, no matter to which network it is connected and in which part of the world the node is. Mobile node can change networks, and the user of the communication device doesn’t even notice the change.
This way we can reach mobile nodes, attached to public safety team members, engaging GPS and determine their exact position. When we deploy mobility in such teams, possibilities of use and new services becomes unlimited. We can send pictures, video, instructions to the individual member of team, we can call them via SIP protocol directly to their device, no matter where they are and also get the data from sensors, e.g. video cameras.
This way we can assure better control of the teams, much more data from the field and teams can be better coordinated to do their work more efficiently - help people when in trouble.
In future, an IPv6-enabled public safety network could even facilitate services like temperature reading from the sensor in the clothes of fireman and to create a heat-map of the area by requesting data from multiple mobile nodes.
IPv6 migration and transition plan:
For the migration of an IPv4-based public safety network and service to IPv6-based ones require a clear and detailed transition plan. First, nodes, applications, protocols, and networks need to be identified that are not IPv6-ready and require replacement or upgrade. Second, candidates for replacement or upgrade have to be identified. Third, transition mechanisms needs to be selected for the migration phase.
Various mature applications and devices are available that already support IPv6 and can be used to built the experiment without the requirement for research work. In the EU project U2010, the University Luxembourg realized an IPv6-ready public safety demonstrator via the integration of IPv6-capabable satellite solutions, sensors, and applications.
A key aspect for performing the migration in a secure and save way is to perform a detailed security analysis among device, protocols and applications involved, e.g. a security evaluation of transition mechanisms to select the right ones and the analysis of potentially changed security policies.
For more information visit: