On the other hand, two non-functional requirements that are typical of IoT applications are supported by CoAP: reliability and security.
The former, i.e.,reliability is provided by means of a simple (optional) stop-and-wait protocol that is implemented at message level below the request/response layer.
Using CoAP terminology, messages that are required to be acknowledged by the receiver are called confirmable(CON), whereas the others are non-confirmable(NON).
A random exponential back-off procedure is used to trigger retransmissions, up to a maximum number of tries, to avoid congesting the access network and overloading the smart object. The latter, i.e.,security can be guaranteed through the use of Internet Protocol Security (IPsec) or the Datagram Transport Layer Security (DTLS).
CoAP is also designed to be robust to misconfiguration and anomalies, which are
expected to occur in machine-driven operations.