Provisioning Devices for Activation by Personalization
ABP devices are provisioned with the information required for network connectivity without going through the OTAA Join procedure. They are provisioned with a DevEUI, a DevAddr, and session keys.
While provisioning devices with ABP, the best practice is to also provision them with all the elements necessary for OTAA (i.e., DevEUI, JoinEUI, and Root Keys). This way, an ABP device can operate as an OTAA device if required. Because OTAA has simpler provisioning requirements, uses a dynamic address and session key generation mechanism, and has more robust security, OTAA is the recommended provisioning approach.
This section describes the provisioning requirements for both the end device and the network that are necessary for supporting ABP operation.
Device EUI (DevEUI): Globally unique EUI-64, legitimately allocated
to the end device by the organization owning the OUI.
Device Address (DevAddr): This is a 32-bit address assigned by a network operator to a device that is to be provisioned for their network via ABP. The DevAddr is allocated from one of the operator’s private NetID ranges.
Session Keys: Security keys that are provisioned on the device itself when it is manufactured. The full set of these keys must be provisioned both on the end device and on the network in order for the device to be able to operate on the network. These security keys must not be printed or displayed in any way on the end device.