The architecture enhancements for UAVs introduce the following functionality:
Authentication and authorization of a UAV with the USS during 5GS registration (optional).
Authentication and authorization of a UAV with the USS during PDU session establishment and PDN connection establishment.
Support for USS authorization of C2 Communication.
A reference model for UAV tracking, supporting three UAV tracking modes: UAV location reporting mode, UAV presence monitoring mode, and list of Aerial UEs in a geographic area. The 3GPP system supports geofencing (for in-flight UAV) and geocaging (for UAV on the ground intending to fly) functionality in USS by providing enablers such as location services, event notification to a subscribing USS, etc.
This specification covers UAV functionality provided by 5GC connected to NG-RAN and EPC connected to LTE.
The following functionality is defined for UAV support in the 3GPP system:
An UAV is authenticated and authorized by USS via a USS UAV Authentication & Authorization (UUAA) with the support of the 3GPP system before connectivity for UAS services is enabled.
Depending on 3GPP network operator and/or regulatory requirements, the UUAA is performed:
In 5GS: either as a separate procedure during the 5GS registration procedure (optional and based on specific PLMN policies, USS requirements, and geographic regulatory requirements), or when the UAV requests user plane resources for UAV operation (i.e. PDU session establishment). The UAV shall support UUAA during Registration and PDU session establishment procedure. The network shall support UUAA during PDU session establishment.
In EPS: during the attach procedure and the corresponding PDN connection establishment. The network shall support UUAA during PDN connection establishment. The UAV shall support UUAA during PDN connection establishment procedure.
A UAV that is provisioned with a CAA-Level UAV ID shall provide the CAA-Level UAV ID in 5GS in both Registration and in PDU Session establishment. In EPC, a UAV that is provisioned with a CAA-Level UAV ID provides the CAA-Level UAV ID in PDN Connection establishment in SM-PCO. The CN determine whether UUAA is executed at 5GS registration or at PDU session/PDN Connection establishment, based on local policies.
If UUAA is not performed during the Registration procedure in 5GS, the UUAA is performed at PDU session establishment when the UAV requests user plane resources for UAV operation and the UAV provides its CAA Level ID during PDU session (PDN connection) establishment.
The UAV flight authorization and UAV-UAVC pairing authorization is performed at PDU session/PDN connection establishment/modification procedures.
The 3GPP system supports USS authorization of pairing between a UAV and a networked UAVC or a UAVC that connects to the UAV via Internet connectivity during either the establishment of the PDN connection/PDU session for C2 communication or a modification of a PDN connection/PDU session either dedicated to C2 communication or common to USS communication and C2 communication. Modifications of the pairing or re-authorization take place via modification of the established PDN connection/PDU session. During such procedures, the USS provides to the 3GPP system information (e.g. QoS requirement, data flow descriptors, etc.) that enable traffic between the UAV and the UAVC.
For EPC, the PDN connections used by UAV are served by SMF+PGW-C regardless of whether the UAV support 5G NAS or whether their subscription allows access to 5GC. The APN(s) used by the UAV for contacting USS or for C2 communication always resolves to a SMF+PWG-C.
The following architectural assumptions apply:
It is assumed that the UAV trying to access UAS services using 3GPP connectivity is already registered with a USS and has been assigned a CAA-Level-UAV ID. The procedure for UAV registration and assignment of CAA-Level-UAV ID is out of scope of 3GPP. The USS assigns to the UAV a CAA-Level UAV ID, or is made aware of the assigned CAA-Level UAV ID.
A UAV is associated with an Aerial subscription in the UDM. The Aerial subscription contains aerial UE indication (to be used similarly to aerial UE indication defined in EPS) and SM data that indicate that authentication/authorization has to be done using API based mechanism.
An UAV is identified by USS using a CAA-level UAV ID, and identified by the 3GPP System using a 3GPP UAV ID assigned by the MNO:
It is assumed that an aerial subscription associated to a UAV includes at least one GPSI to be used as 3GPP UAV ID.
A UAV is registered with the USS either before connecting with the 3GPP system or using plain internet connectivity via the 3GPP system. Before registering for UAS services with the 3GPP system, the UAV shall be provisioned with a CAA-Level UAV Identity.
In roaming scenarios, it is assumed that access to USS is in the VPLMN, thus packet data connectivity for UAV-USS communication is in local breakout, and the UAS NF function is located in the VPLMN.
In this Release, the UAV uses 3GPP access (i.e. LTE & NR) for 3GPP UAV related operations.
Activation of RAN aerial features for UAV accessing via E-UTRA reuses the existing mechanism defined in TS 36.300.
One or more USS(s) may be present in a specific region and may manage UAVs over one or more 3GPP networks.
The 3GPP Network subscription for the UAV is not assumed to contain any information about the USS.
The USS address, if known to the UAV, is configured in the UAV via mechanisms outside the scope of 3GPP.
The UAS Network Function is supported by the NEF or SCEF+NEF and used for external exposure of services to the USS. The UAS-NF makes use of existing NEF/SCEF exposure services for UAV authentication/authorization, for UAV flight authorization, for UAV-UAVC pairing authorization, and related re-authentication/re-authorization and revocation; for location reporting, presence monitoring, obtaining list of Aerial UEs in a geographic area and control of QoS/traffic filtering for C2 communication.
The UAS NF may coordinate with the USS to assist CAA-Level UAV ID assignment.
A dedicated NEF may be deployed to provide only the UAS NF functionality, i.e. to support the UAS specific features/APIs and the NEF features/APIs that are specified for capability exposure towards the USS.
For external exposure of services related to specific UAV(s), the UAS NF resides in the VPLMN, in order to interface with country specific USS(es).
When CAPIF is supported by the UAS NF, the UAS NF supports the CAPIF API provider domain functions as specified in TS 23.222.
To support re-authentication/re-authorization and revocation request by USS, the UAS NF stores information as to whether the re-authentication/re-authorization and revocation is towards an AMF or SMF/SMF+PGW-C and the address of the serving AMF or SMF/SMF+PGW-C.
UAS NF stores the result of UUAA-MM procedures and the result of UUAA-SM procedures.
The UAV is a 3GPP UE supporting the UE functionality defined in TS 23.401 and in TS 23.501.
a UAV that is configured for UAS services is provisioned with a single CAA-Level UAV ID;
a UAV that is configured for UAS services (i.e. is provisioned with a CAA-Level UAV ID) registers to the 3GPP system for UAS services (i.e. to take advantage of aerial features, connectivity with USS and for C2 connectivity) and provides the CAA-Level UAV ID and a UUAA Aviation Payload to 5GS or EPS. A UAV that has not performed a registration with aviation authorities shall not attempt to request for UAS services.
In addition to the functionality defined in TS 23.501, the AMF:
may trigger the UUAA-MM procedure for a UE requiring UAV authentication and authorization by a USS when registering with 5GS when the UE has Aerial UE subscription information and based on local operator policy, or when the USS that authenticated the UAV triggers a re-authentication, or when AMF itself determines to re-authentication the UAV after the initial registration.
In addition to the functionality defined in TS 23.501, the SMF:
triggers the UUAA-SM procedure for a UE requiring UAV authentication and authorization by a USS when requesting user plane resources for UAV operation, or when the USS/UTM that authenticated the UAV triggers a re-authentication;
may trigger the authorization of pairing between a UAV and a networked UAVC or a UAVC that connects to the UAV via Internet connectivity during the establishment/modification of the PDN connection/PDU session for C2 communication.
This service enables the consumer to either authenticate and authorise, or just authorize, the Service Level Device Identity. In case of UAS, the service is used to authenticate and/or authorize the UAV identified by a CAA-Level UAV ID.
When creating an authentication session, the AMF/SMF implicitly subscribes to NEF about notification related with the authentication/authorization (e.g. re-authenticate, update authorization data or revoke the UUAA authorization). This implicit subscription is implicitly released by UAS NF/NEF when the corresponding authentication association is removed (e.g. in the case of re-authentication failure and USS indicating to release network resource, or in the case of authorization revocation).
Provides the authentication and authorization result of the Service Level device Identity.
Service Level Device Identity (i.e. CAA-Level UAV ID) for authentication, GPSI, NF Type.
Input, Conditional Required:
Notification endpoint (required for initial authentication request), DNN, S-NSSAI (in case the consumer NF is SMF).
Authorization Server Address (i.e. USS Address), PEI, UE IP address (in case the consumer NF is SMF), authentication/authorization container provided by UE, UAV location.
Output, Conditional Required:
Success/Failure indication [Not required when PDU Session Modification for C2 Communication], Authorization Data container, Indication whether the PDU sessions associated with the "DNN(s) subject to aerial services" can be released [Required for re-authentication failure].
This service enables the consumer to authenticate and authorize the Service Level Device Identity. In case of UAS, the service is used to authenticate and authorize the UAV identified by a CAA-Level UAV ID.
When creating an authentication session, the UAS NF/NEF implicitly subscribes to USS about notification related with the authentication/authorization (e.g. re-authenticate, update authorization data or revoke the UUAA authorization). This implicit subscription is implicitly released by USS when the corresponding authentication session is removed (e.g. in the case of re-authentication failure and USS indicating to release network resource, or in the case of authorization revocation).
Provides the Authentication and Authorization result of the Service Level Device Identity (i.e. CAA-Level UAV ID for UAS).
Service Level Device Identity for authentication, GPSI.
Notification endpoint (required for initial authentication request), PEI, UE IP address, authentication container provided by UE, UAV location.
Output, Conditional Required:
Success/Failure indication and GPSI [Not required when PDU Session Modification for C2 Communication], Authorization Data container, Indication whether the UAS service related network resource can be released [Required for re-authentication failure]
SMF services related to UAS are defined in TS 23.502, clause 5.2.8.
In addition, when the AMF invokes Nsmf_PDUSession_CreateSMContext service operation for DNN(s) subject to aerial services, the AMF provides an indication to indicate "UAV has been authenticated by the USS", if the UUAA has taken place during registration procedure by the AMF. The SMF decides whether it needs to perform UUAA-SM or not based on this indication.
There may be multiple USS(es) serving UASs in a country, and no direct association is expected between the 3GPP network serving a UAS and the USS providing services to the UAS. How the association between a UAV and a USS is realized, is outside the scope of 3GPP and is not related to the UAV subscription with the mobile operator.
In order to enable the interaction between the 3GPP network and the USS serving a UAS, the 3GPP network needs to discover the correct USS serving a specific UAV. This is required either during 5GS registration (when the UUAA is performed during 5GS registration), or during PDU session/PDN connection establishment.
It is assumed that mechanisms for resolution of CAA Level UAV ID to the USS serving the corresponding UAV, defined outside 3GPP, and available to entities outside the 3GPP system (e.g. the TPAE), are used in the 3GPP system to discover the USS for the UAV.
Optionally, the UAV may also provide to the 3GPP system, in addition to the CAA-level UAV ID, the USS address or USS FQDN in order to discover the USS for the UAV.
When the UAV provides the USS Address separately from the CAA-Level UAV ID in UUAA-MM or UUAA-SM, the USS Address shall be used to discover the USS. The USS address, when available, is used by the UAS NF in addition to CAA-Level UAV ID to discover a specific USS.
The format of the CAA-Level UAV ID is defined outside 3GPP, however how such identity is used to enable a TPAE to query about UAV information is defined with respect to the 3GPP functionality.
In this release, the assignment of a CAA-level UAV ID for Remote Identification functionality applies solely to the UAV. No CAA-level UAV ID is assigned to and used by a UAVC.
Various formats of CAA-level UAV ID must be supported by the UAV to support various geo-specific regulations. At least Serial Number Identification, a CAA-Issued Registration Identifier (aka Session ID), and USS Issued UUID shall be supported.
In the case of Session ID, though the actual format of the CAA-Level UAV ID is defined outside 3GPP and is not decided by 3GPP, it is assumed that the CAA-Level UAV ID used for Remote Identification contains at least the following information:
an identity unique to the UAV, which may preferably have temporary validity: this identifies uniquely the UAV with the entity that allocates the CAA-level UAV ID.
CAA-level UAV ID Routing Information, used by an entity attempting to retrieve the UAV data (e.g. TPAE) to identify and address the appropriate UAS NF/NEF where to send the query. This is also used in USS discovery.
Two types of CAA-level UAV ID assignment are supported:
USS-assigned CAA-Level UAV ID: the identity is assigned completely at USS level.
3GPP-assisted CAA-Level UAV ID assignment:
The allocation to the UAV of a CAA-Level UAV ID by the USS is done in collaboration with the UAS NF, for the use by the UAV for UUAA, and for the use for Remote Identification.
The USS interacts with the UAS NF to allocates the UAV identities to be used for Remote Identification (i.e. the CAA-Level UAV ID). When the UAV registers with the USS before registering to a 3GPP system for UAS services, the UAV operator provides information about the serving PLMN to the USS. In order to allocate a CAA-Level UAV ID, the USS interacts with a UAS NF if 3GPP Assisted CAA-Level UAV ID Assignment is desired. The 3GPP network selects a UAS NF to respond to the USS, and the UAS NF provides to the USS the CAA-Level Routing Information to enable a resolver of the CAA-level UAV ID to resolve to the UAS NF.
The USS delegates to the UAS NF the role of "resolver" of the CAA-Level UAV ID and return to an entity (e.g. the TPAE) querying information about the UAV based on the CAA-Level UAV ID the UAV data that the UAS NF retrieves from the USS.
It is assumed that the mapping between USS assigned CAA-level UAV ID and the associated 3GPP UAV ID is known by the UAS NF after the UAV is authorized by the USS via a successful UUAA. If UAS NF receives a remote identification and tracking query from a TPAE with the USS-assigned CAA-Level UAV ID, the UAS NF uses the mapped 3GPP UAV ID to coordinate with different 3GPP functions to collect the UAV remote identification and tracking information. In addition, the UAS NF can retrieve aviation-level information (e.g. pilot information, USS operator, etc.) from the USS to provide it to the querying party (e.g. TPAE).
A UAV is assigned a CAA-level UAV Identity by functions in the aviation domain (e.g. USS). This assigned identity is used for Remote Identification and Tracking and to identify the UAV.
The UAV provides the CAA-level UAV Identity to the 3GPP system during UUAA procedures.
The CAA-level UAV Identity is used by the UAV as UAV identity in Remote Identification.
The aviation domain may allocate a new CAA-level UAV Identity for the UAV at any time. The new CAA-level UAV Identity may be provided to the UAV and 3GPP system during UAS related procedures.
A 3GPP UAV ID is associated to the UAV by the 3GPP system in the subscription information and is used by the 3GPP system to identify the UAV. GPSI in the format of External Identifier is used as the 3GPP UAV ID.
The USS stores the association of the CAA-level UAV ID (provided by the UAV or a new one allocated by the aviation domain) to the 3GPP UAV ID (which is provided during the UUAA procedure).