948 IEEE 802.15.4 Review: Frame Structure and Security

948.1 Learning Objectives

By the end of this chapter, you will be able to:

Analyze Frame Structure: Understand MAC frame components and their sizes
Calculate Overhead: Determine addressing and security overhead for different configurations
Configure Security: Select appropriate security levels for application requirements
Optimize Payload: Maximize application data within frame constraints

948.2 Prerequisites

Required Chapters:

802.15.4 Fundamentals - Core standard introduction
Protocol Stack and Specifications - Stack architecture

Related Chapters

Deep Dives:

802.15.4 Topic Review - Complete review hub
802.15.4 Comprehensive Review - Detailed specification

Other Review Topics:

Network Operations - Device types and CSMA-CA
Protocols and Performance - Higher-layer protocols

Security Topics:

IoT Security Fundamentals - Security principles
Cryptographic Foundations - Encryption basics

Estimated Time: 15 minutes

948.3 MAC Frame Format

The 802.15.4 MAC frame structure is critical for understanding overhead and efficiency. The maximum frame size is 127 bytes, making efficient use of every byte essential for low-power wireless networks.

%%{init: {'theme': 'base', 'themeVariables': {'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#E67E22', 'secondaryColor': '#16A085', 'tertiaryColor': '#7F8C8D'}}}%%
graph LR
    FC[Frame Control<br/>2 bytes] --> SEQ[Sequence<br/>1 byte]
    SEQ --> ADDR[Addressing Fields<br/>4-20 bytes variable]
    ADDR --> SEC[Security Header<br/>0-14 bytes optional]
    SEC --> PAY[Payload<br/>0-102 bytes]
    PAY --> FCS[FCS<br/>2 bytes]

    style FC fill:#E67E22,stroke:#2C3E50,color:#fff
    style SEQ fill:#16A085,stroke:#2C3E50,color:#fff
    style ADDR fill:#2C3E50,stroke:#16A085,color:#fff
    style SEC fill:#7F8C8D,stroke:#2C3E50,color:#fff
    style PAY fill:#27ae60,stroke:#2C3E50,color:#fff
    style FCS fill:#E67E22,stroke:#2C3E50,color:#fff

Figure 948.1: IEEE 802.15.4 MAC frame structure with variable addressing and optional security

948.3.1 Frame Components

Field	Size	Purpose
Frame Control	2 bytes	Frame type, addressing modes, security flag
Sequence Number	1 byte	Frame identification for ACK matching
Addressing Fields	4-20 bytes	Destination and source addresses
Security Header	0-14 bytes	Security control, frame counter, key ID
Payload	0-102 bytes	Application data
FCS	2 bytes	16-bit CRC for error detection

948.3.2 Frame Control Field Breakdown

The 2-byte Frame Control field contains critical information about the frame:

Bits	Field	Values	Purpose
0-2	Frame Type	000=Beacon, 001=Data, 010=ACK, 011=MAC Cmd	Identifies frame purpose
3	Security Enabled	0=No, 1=Yes	Indicates encryption/auth
4	Frame Pending	0=No, 1=Yes	More data available
5	ACK Request	0=No, 1=Yes	Sender wants ACK
6	PAN ID Compression	0=No, 1=Yes	Reduces overhead
7-9	Reserved	-	Future use
10-11	Dest Addr Mode	00=None, 10=Short, 11=Extended	Address type
12-13	Frame Version	00=2003, 01=2006	Standard version
14-15	Source Addr Mode	00=None, 10=Short, 11=Extended	Address type

948.3.3 Frame Types

IEEE 802.15.4 defines four frame types:

Frame Type	Code	Purpose	Typical Size
Beacon	000	Synchronization, network info	15-25 bytes
Data	001	Application payload	Variable
ACK	010	Delivery confirmation	5 bytes
MAC Command	011	Network operations	10-25 bytes

948.4 Addressing Field Variations

The addressing overhead varies significantly based on network configuration. Understanding these variations is essential for optimizing frame efficiency.

948.4.1 Addressing Modes

802.15.4 supports three addressing modes:

Mode	Code	Size	Use Case
No Address	00	0 bytes	ACK frames
Short Address	10	2 bytes	Network-local addressing
Extended Address	11	8 bytes	Globally unique addressing

948.4.2 Addressing Overhead Comparison

Scenario	Dest PAN	Dest Addr	Src PAN	Src Addr	Total Overhead
Intra-PAN Short	2 bytes	2 bytes	Omitted	2 bytes	6 bytes
Intra-PAN Extended	2 bytes	8 bytes	Omitted	8 bytes	18 bytes
Inter-PAN Short	2 bytes	2 bytes	2 bytes	2 bytes	8 bytes
Inter-PAN Extended	2 bytes	8 bytes	2 bytes	8 bytes	20 bytes
ACK Frame	0	0	0	0	0 bytes

948.4.3 PAN ID Compression

When bit 6 (PAN ID Compression) is set to 1:

Both source and destination are within the same PAN
Source PAN ID is omitted from the frame
Saves 2 bytes per frame

When to use:

Always use within a single PAN
Disable only for inter-PAN communication or border routers

948.4.4 Efficiency Calculation

Understanding frame efficiency helps with capacity planning:

Configuration	Fixed Overhead	Max Payload	Efficiency
Minimum (ACK)	5 bytes	0 bytes	N/A
Short addr, no security	11 bytes	116 bytes	91.3%
Short addr, max security	32 bytes	95 bytes	74.8%
Extended addr, no security	23 bytes	104 bytes	81.9%
Extended addr, max security	44 bytes	83 bytes	65.4%

Formula:

Available Payload = 127 - FC(2) - Seq(1) - AddrFields - SecHeader - FCS(2)
Efficiency = Payload / 127 * 100%

948.5 Security Architecture

IEEE 802.15.4 provides link-layer security using AES-128 encryption. Security is optional but highly recommended for most IoT deployments.

948.5.1 Security Header Format

When security is enabled, additional overhead is added:

Field	Size	Purpose
Security Control	1 byte	Security level and key identifier mode
Frame Counter	4 bytes	Replay attack prevention
Key Identifier	0-9 bytes	Which key to use (variable)
Message Integrity Code (MIC)	0, 4, 8, or 16 bytes	Authentication tag

948.5.2 Security Control Byte

Bits	Field	Description
0-2	Security Level	0-7, determines encryption and MIC
3-4	Key Identifier Mode	0-3, determines key lookup method
5-7	Reserved	Future use

948.5.3 Security Levels

IEEE 802.15.4 defines 8 security levels:

Level	Name	Encryption	MIC Size	Security Properties
0	None	No	0	None
1	MIC-32	No	4 bytes	Auth only
2	MIC-64	No	8 bytes	Auth only
3	MIC-128	No	16 bytes	Auth only
4	ENC	Yes	0	Confidentiality only
5	ENC-MIC-32	Yes	4 bytes	Auth + Confidentiality
6	ENC-MIC-64	Yes	8 bytes	Auth + Confidentiality
7	ENC-MIC-128	Yes	16 bytes	Maximum security

948.5.4 Security Level Selection Guide

%%{init: {'theme': 'base', 'themeVariables': {'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#16A085', 'secondaryColor': '#E67E22', 'tertiaryColor': '#7F8C8D'}}}%%
flowchart TD
    START["Security Required?"] --> Q1{"Need<br/>confidentiality?"}

    Q1 -->|"No"| Q2{"Need<br/>authentication?"}
    Q1 -->|"Yes"| Q3{"Need<br/>authentication?"}

    Q2 -->|"No"| L0["Level 0<br/>No Security"]
    Q2 -->|"Yes"| Q4{"Overhead<br/>budget?"}

    Q3 -->|"No"| L4["Level 4<br/>ENC only"]
    Q3 -->|"Yes"| Q5{"Security<br/>strength?"}

    Q4 -->|"Minimal"| L1["Level 1<br/>MIC-32 (4 bytes)"]
    Q4 -->|"Standard"| L2["Level 2<br/>MIC-64 (8 bytes)"]
    Q4 -->|"Maximum"| L3["Level 3<br/>MIC-128 (16 bytes)"]

    Q5 -->|"Standard"| L5["Level 5<br/>ENC-MIC-32"]
    Q5 -->|"High"| L6["Level 6<br/>ENC-MIC-64"]
    Q5 -->|"Maximum"| L7["Level 7<br/>ENC-MIC-128"]

    style START fill:#2C3E50,stroke:#16A085,color:#fff
    style L0 fill:#c0392b,stroke:#2C3E50,color:#fff
    style L5 fill:#27ae60,stroke:#2C3E50,color:#fff
    style L7 fill:#16A085,stroke:#2C3E50,color:#fff

Figure 948.2: Security level selection decision tree for IEEE 802.15.4 {fig-alt=“Flowchart showing security level selection based on confidentiality and authentication requirements. Level 5 (ENC-MIC-32) recommended for most applications, Level 7 (ENC-MIC-128) for maximum security.”}

948.5.5 Recommended Security Configurations

Application	Recommended Level	Reasoning
Non-critical monitoring	Level 0 or 1	Low value data
Home automation	Level 5	Balance of security and overhead
Industrial control	Level 6 or 7	High-value operations
Healthcare/medical	Level 7	Regulatory compliance
Financial/metering	Level 7	High security requirements

948.5.6 Key Identifier Modes

Mode	Size	Key Source	Use Case
0	0 bytes	Implicit (from sender address)	Simple networks
1	1 byte	Key index (0-255)	Small key sets
2	5 bytes	Key source (4) + index (1)	Larger networks
3	9 bytes	Full key source (8) + index (1)	Cross-network

948.5.7 Security Overhead Summary

Security Level	MIC Size	Min Security Header	Total Overhead
Level 0	0	0 bytes	0 bytes
Level 1	4 bytes	5 bytes	9 bytes
Level 5	4 bytes	5 bytes	9 bytes
Level 7	16 bytes	5 bytes	21 bytes
Level 7 + Key ID Mode 3	16 bytes	14 bytes	30 bytes

948.6 Frame Efficiency Examples

948.6.1 Example 1: Temperature Sensor (Optimized)

A temperature sensor sending 2-byte readings:

Component	Size	Notes
Frame Control	2 bytes	Data frame, short addresses
Sequence Number	1 byte
Dest PAN ID	2 bytes
Dest Short Address	2 bytes	Coordinator
Source Short Address	2 bytes	PAN ID compression
Payload	2 bytes	Temperature reading
FCS	2 bytes
Total	13 bytes	15.4% payload efficiency

948.6.2 Example 2: With Security (Level 5)

Same sensor with ENC-MIC-32 security:

Component	Size	Notes
Frame Control	2 bytes	Security enabled
Sequence Number	1 byte
Addressing	6 bytes	Intra-PAN short
Security Control	1 byte	Level 5, mode 0
Frame Counter	4 bytes	Anti-replay
Payload (encrypted)	2 bytes	Temperature
MIC	4 bytes	Authentication
FCS	2 bytes
Total	22 bytes	9.1% payload efficiency

948.6.3 Example 3: Maximum Payload

Maximizing data transfer per frame:

Configuration	Available Payload
Short addr, no security	116 bytes
Short addr, Level 5	107 bytes
Extended addr, no security	104 bytes
Extended addr, Level 7	83 bytes

948.7 Visual Reference Gallery

Visual: IEEE 802.15.4 Frame Format

Modern diagram of IEEE 802.15.4 MAC frame format with frame control, sequence number, variable addressing fields, optional security header, payload, and FCS

802.15.4 MAC frame structure

The flexible frame format supports various addressing modes and optional security, with overhead ranging from 6 to 25 bytes.

948.8 Summary

This chapter covered the frame structure and security mechanisms of IEEE 802.15.4:

Frame Structure: Maximum 127 bytes with variable overhead (5-44 bytes) depending on addressing and security
Addressing Modes: Short (2 bytes), Extended (8 bytes), or None; PAN ID compression saves 2 bytes for intra-PAN
Security Levels: Eight levels (0-7) providing various combinations of encryption and authentication
AES-128: All encryption uses AES-128 in CCM mode for authenticated encryption
Overhead Trade-offs: Security Level 5 (ENC-MIC-32) offers good balance for most applications
Frame Counter: 4-byte counter prevents replay attacks but limits to ~4 billion frames per key

948.9 Knowledge Check

Quick Check

Question: What is the maximum MAC frame size in IEEE 802.15.4?

Explanation: C. 802.15.4 MAC frames are capped at 127 bytes total (header + payload + FCS), so headers/security can significantly reduce usable payload.

Question: How many addressing modes does IEEE 802.15.4 support?

Explanation: C. Frames can carry no address (e.g., ACK), short (16-bit) addresses, or extended (64-bit) addresses.

Question: What encryption algorithm does IEEE 802.15.4 specify for securing frames?

Explanation: B. IEEE 802.15.4 specifies AES-128 for frame encryption and authentication, providing confidentiality and integrity for transmitted data.

Question: Using security level 7 (ENC-MIC-128), how much overhead is added to the frame?

Explanation: D. Minimum is 21 bytes (1 byte control + 4 bytes counter + 0 bytes key ID + 16 bytes MIC-128), but can be up to 30 bytes if a 9-byte key identifier is included, depending on the key identifier mode.

What’s Next

Continue to Network Operations to understand device types (FFD vs RFD), network modes, and the CSMA-CA channel access mechanism.