Showing posts with label 5G. Show all posts
Showing posts with label 5G. Show all posts

Tuesday 12 December 2017

5G Patents Progress

More than 23,500 patents have been declared essential to the GSM & 3G as shown in the picture above. I am assuming this includes 4G as well. Anyway, its been a while I looked into this subject. The last time I was looking, 4G patent pools were beginning to form.

For LTE, indeed there is no one-stop shop for licensing. The only company that has tried is VIA Licensing, with their patent pool, but they don’t have licenses for the big players like Ericsson, Qualcomm, Huawei, ZTE, Samsung, etc. The same will probably apply for 5G.


This old picture and article from Telecom TV (link) is an interesting read on this topic.



This official WIPO list shows ZTE, Huawei, and Qualcomm at the top of the list for international patent filers worldwide in 2016 [PDF].

Back in 2015, NGMN alliance was also looking for creation of some kind of patent pool but it probably didn't go anywhere (link)

(Can't recall the source for this one) In March, Ericsson announced plans to license 5G for $5 per device and possibly as low as $2.50 in emerging markets. In November, Qualcomm announced plans to license 5G IP at the same rates established by the NDRC for 4G/LTE phones sold into China: 2.275% for single mode essential patents / 4.0% for the entire portfolio or 3.25% for multimode essential patents / 5.0% for the entire portfolio. All rates are based on the wholesale price of the phone.

Qualcomm also announced that the previously undisclosed $500 price cap will apply to all phones. Qualcomm also announce a rate of less than $5 for 5G for automotive applications and $0.50 for NB-IoT based IoT applications.

Ericsson has filed patent application for its end-to- end 5G technology. Ericsson has incorporated its numerous 5G and related inventions into a complete architecture for the 5G network standard. The patent application filed by the leading telecom vendor combines the work of 130 Ericsson inventors.

Dr. Stefan Parkvall, Principal Researcher at Ericsson, said, “The patent application contains Ericsson’s complementary suite of 5G inventions.” Stefan added, “It contains everything you need to build a complete 5G network. From devices, the overall network architecture, the nodes in the network, methods and algorithms, but also shows how to connect all this together into one fully functioning network. The inventions in this application will have a huge impact on industry and society: they will provide low latency with high performance and capacity.

This will enable new use cases like the Internet of Things, connected factories and self-driving cars.” Ericsson is involved with leading mobile operators across the world for 5G and Pre-5G research and trials. The patent application is likely to further strengthen its position in the 5G race.

More details on E/// 5G patents on their official website here.

Mobile world live has some good details on Qualcomm 5G NR royalty terms.

Smartphone vendors will have to pay as much as $16.25 per device to use Qualcomm’s 5G New Radio (NR) technology under new royalty guidelines released by the company.

Qualcomm said it will implement a royalty rate of 2.275 per cent of the selling price for single-mode 5G handsets and a higher rate of 3.25 per cent for multi-mode smartphones with 3G, 4G and 5G capabilities.

So for a $200 multi-mode device, for instance, Qualcomm noted a vendor would have to pay $6.50 in royalties per device. Royalties are capped at a $500 device value, meaning the maximum amount a smartphone vendor would have to pay would be $16.25 per handset.

The company added it will also offer access to its portfolio of both cellular standard essential patents and non-essential patents at a rate of 4 per cent of the selling price for single-mode devices and 5 per cent for multi-mode devices.

Qualcomm’s rates are notably higher than those announced by Ericsson in March. The Swedish company said it would charge a flat royalty fee of $5 per 5G NR multimode handset, but noted its fee could go as low as $2.50 per device for handsets with low average selling prices.

The official Qualcomm 5G royalty terms [PDF] are available here.

Further reading:


Thanks to Mike Saji for providing inputs on 4G patent landscape. Thanks to Keith Dyer for interesting tweets on this topic.

Monday 27 November 2017

5G and CBRS Hype?

The dissenting voices on 5G and CBRS are getting louder. While there are many analysts & operators who have been cautioning against 5G, its still moving ahead with a rapid pace. In the recent Huawei Mobile Broadband forum for example, BT's boss admitted that making case for 5G is hard. Bruno Jacobfeuerborn, CTO of Deutsche Telekom on the other hand is sitting on the fence. Dean Bubley's LinkedIn post is interesting too.



Anyway, we have storified most of the tweets from Huawei Mobile Broadband Forum here.


Signals Research Group recently published their Signals Flash report, which is different from the more detailed Signals Ahead reports looking at 5G and CBRS, in addition to other topics. I have embedded the report below (with permission - thanks Mike) but you can download your own copy from here.

The summary from their website will give a good idea of what that is about:

CBRS – Much Ado About Not Very Much.  The FCC is heading in the right direction with how it might regulate the spectrum. However, unless you are a WISP or a private entity looking to deploy a localized BWA service, we don’t see too many reasons to get excited.

Handicapping the 5G Race.  Millimeter wave networks will be geographically challenged, 600 MHz won’t scale or differentiate from LTE, Band 41 may be the most promising, but this isn’t saying much. Can network virtualization make a winner?

It makes no Cents! Contrary to widespread belief,  5G won’t be a new revenue opportunity for operators – at least in the near term. The vertical markets need to get on board while URLLC will lag eMBB and prove far more difficult to deploy.

This Fierce Wireless article summarises the issues with CBRS well.

“While (some) issues are being addressed, the FCC can’t solve how to carve up 150 MHz of spectrum between everyone that wants a piece of the pie, while also ensuring that everyone gets a sufficient amount of spectrum,” the market research firm said in a report. “The 150 MHz is already carved up into 7- MHz for PAL (Priority Access License) and 80 MHz for GAA (General Authorized Access). The pecking order for the spectrum is incumbents, followed by PAL, and then by GAA…. 40 MHz sounds like a lot of spectrum, but when it comes to 5G and eMBB, it is only somewhat interesting, in our opinion. Further, if there are multiple bidders going after the PAL licenses then even achieving 40 MHz could be challenging.”

Signals said that device compatibility will also be a significant speed bump for those looking to leverage CBRS. Manufacturers won’t invest heavily to build CBRS-compatible phones until operators deploy infrastructure “in a meaningful way,” but those operators will need handsets that support the spectrum for those network investments to pay dividends. So while CBRS should prove valuable for network operators, it may not hold as much value for those who don’t own wireless infrastructure.

“The device ecosystem will develop but it is likely the initial CBRS deployments will target the more mundane applications, like fixed wireless access and industrial IoT applications,” the firm said. “We believe infrastructure and devices will be able to span the entire range of frequencies—CBRS and C-Band—and the total amount of available spectrum, combined with the global interest in the C-Band for 5G services, will make CBRS more interesting and value to operators. Operators will just have to act now, and then wait patiently for everything to fall into place.”

While many parts of the world are focusing on using frequencies around and above 3.5GHz for 5G, USA would be the only country using it for 4G. I suspect that many popular devices may not support CBRS but could be good for Fixed Wireless Access (FWA). It remains to be seen if economy of scale would be achieved.


Thursday 23 November 2017

5G NR Radio Protocols and Tight Inter-working with LTE


Osman Yilmaz, Team Leader & Senior Researcher at Ericsson Research in Finland gave a good summary of 5G NR at URLLC 2017 Conference (see summary here). His presentation is embedded below:



Osman, along with Oumer Teyeb, Senior Researcher at Ericsson Research & member of the Ericsson 5G standardization delegation has also published a blog post LTE-NR tight-interworking on Ericsson Research blog.

The post talks about how how signalling and data will work in LTE & New Radio (NR) dual connected devices. In control plane it looks at RRC signalling applicable for this DC devices whereas in user plane it looks at direct and split DRB options.


Further details here.

Thursday 16 November 2017

Ultra Reliable Low Latency Communications (URLLC) 2017 Conference summary

Picture Source: Martin Geddes

It was a pleasure to attend this conference this week. Not only was the topic of interest but I am always impressed by how well EIE organizes their events. Instead of writing my own summary, here is a story created from tweets, 'The Mobile Network' live blog and a summary write-up from Martin Geddes. I have my takeaways below.




My takeaway from the conference is that:
  • URLLC is going to be challenging but its achievable.
  • Ultra-reliable (UR) may have different use cases then low latency communication (LLC). Lumping them together in URLLC is not helpful.
  • Extremely low latency may not be achievable in every scenario. In some cases it would make more sense to continue with existing or proprietary solutions.
  • URLLC may not happen when 5G is rolled out initially but will happen not long after that. 
  • There are many verticals who may be able to take advantage of both the higher data rates that would come as part of eMBB and the low latency and high reliability as part of URLLC. 
  • The operators would have to foot the bill for upgrading the networks as there is a relucatnce from the verticals to invest in something they cant see or play with
  • There are verticals who invest heavily in alternative solutions that 5G may be able to solve. Some operators believe that this will bring new revenue to the mobile operators
  • Slicing has a lot of open questions including Security and SLAs - nobody has a clear cut answer at the moment
  • The industry is in a learning phase, figuring things out as they go along. There should be much more clarity next year.
  • #URLLC2018 is on 13 & 14 Nov. 2018 in London. Plenty of time to find all the answers ðŸ˜‰

Further reading:

Wednesday 15 November 2017

Couple of quick interviews from URLLC 2017 Conference

I tried the Facebook Live feature yesterday at the URLLC 2017 conference and recorded a couple of quick interviews with Martin Geddes and Prof. Andy Sutton. Hope you find them useful.

           

Further Reading:

Friday 10 November 2017

5G Research Presentation on URLLC


Dr.Mehdi Bennis from Centre for Wireless Communications, University of Oulu, Finland recently did a keynote at The International Conference on Wireless Networks and Mobile Communications (WINCOM'17), November 01-04, 2017, Rabat, Morocco. He has shared his presentation with us. Its embedded below and available to download from Slideshare.

Picture Source: Ericsson

For those who may not be aware, there are 3 main use cases defined for 5G. As shown in the picture above, they are enhanced Mobile BroadBand (eMBB), Ultra-Reliable Low Latency Communications (URLLC) and massive Machine Type Communications (mMTC). You can read the requirements here.



Further Reading:



Sunday 5 November 2017

RRC states in 5G

Looking back at my old post about UMTS & LTE (re)selection/handovers, I wonder how many different kinds of handovers and (re)selection options may be needed now.

In another earlier post, I talked about the 5G specifications. This can also be seen in the picture above and may be easy to remember. The 25 series for UMTS mapped the same way to 36 series for LTE. Now the same mapping will be applied to 38 series for 5G. RRC specs would thus be 38.331.

A simple comparison of 5G and LTE RRC states can be seen in the picture above. As can be seen, a new state 'RRC Inactive' has been introduced. The main aim is to maintain the RRC connection while at the same time minimize signalling and power consumption.

Looking at the RRC specs you can see how 5G RRC states will work with 4G RRC states. There are still for further studies (FFS) items. Hopefully we will get more details soon.

3GPP TS 22.261, Service requirements for the 5G system; Stage 1 suggests the following with regards to inter-working with 2G & 3G

5.1.2.2 Legacy service support
The 5G system shall support all EPS capabilities (e.g., from TSs 22.011, 22.101, 22.278, 22.185, 22.071, 22.115, 22.153, 22.173) with the following exceptions:
- CS voice service continuity and/or fallback to GERAN or UTRAN,
- seamless handover between NG-RAN and GERAN,
- seamless handover between NG-RAN and UTRAN, and
- access to a 5G core network via GERAN or UTRAN.

Sunday 29 October 2017

5G Forecasts and 5G Deployed Claim

Source: GSA

5G forecasts have been arriving steadily with many different figures. Here are some numbers:

Date Predicted by Number of Connections Year Any other comments
23-Aug-16 Strategy Analytics 690 million 2025 "690M Connections and 300M Handset Shipments"
15-Nov-16 Ericsson 500 million 2022 "North America will lead the way in uptake of 5G subscriptions, where a quarter of all mobile subscriptions are forecast to be for 5G in 2022."
30-Nov-16 ABI Research 500 million 2026 "500 Million 5G cmWave and mmWave Subscribers Will Bring $200 Billion in Service Revenue through 2026" - what about non mmWave/cmWave 5G subs?
12-Apr-17 CCS Insight 100 million 2021 "Smartphones sales will rise to 1.90 billion in 2021, when smartphones will account for 92 percent of the total mobile phone market."
26-Apr-17 GSMA 1.1 billion 2025 "5G connections are set to reach 1.1 billion by 2025, accounting for approximately one in eight mobile connections worldwide by this time."
16-May-17 Ovum 389 million 2022 "Ovum now forecasts that there will be 111 million 5G mobile broadband subscriptions at end-2021, up more than fourfold from Ovum’s previous forecast of 25 million 5G subscriptions at end-2021"
14-Aug-17 Juniper Research 1.4 billion 2025 "an increase from just 1 million in 2019, the anticipated first year of commercial launch. This will represent an average annual growth of 232%."
17-Oct-17 GSMA 214 million in Europe 2025 "30 per cent of Europe’s mobile connections will be running on 5G networks by 2025"
23-Oct-17 CCS Insight 2.6 billion 2025 "1 Billion Users of 5G by 2023, with More Than Half in China", "broadly similar path to 4G LTE technology...more than one in every five mobile connections."

If we just look at 2025/2026, the estimates vary from 500 million to 2.6 billion. I guess we will have to wait and see which of these figures comes true.

I wrote a post earlier titled '4G / LTE by stealth'. Here I talked about the operators who still had 3G networks while most people had 4G phones. The day the operator switched on the 4G network, suddenly all these users were considered to be on 4G, even if they didn't have 4G coverage just yet.

I have a few questions about what 5G features are necessary for the initial rollout and when can an operator claim they have 5G? In fact I asked this question on twitter and I got some interesting answers.

Just having a few 5G NR (new radio) sites enough for an operator to claim that they have deployed 5G? Would all the handsets with 5G compatibility then be considered to be on 5G? What features would be required in the initial rollouts? In case of LTE, operators initially only had Carrier Aggregation deployed, which was enough to claim they supported LTE-A. Would 100MHz bandwidth support be enough as initial 5G feature?

Please let me know what you think.

Monday 23 October 2017

5G Architecture Options for Deployments?

I have blogged earlier about the multiple 5G Architecture options that are available (see Deutsche Telekom's presentation & 3G4G video). So I have been wondering what options will be deployed in real networks and when.
The 3GPP webinar highlighted that Option-3 would be the initial focus, followed by Option 2.


Last year AT&T had proposed the following 4 approaches as in the picture above. Recall that Option 1 is the current LTE radio connected to EPC.

ZTE favours Deployment option 2 as can be seen in the slide above

Huawei is favoring Option 3, followed by Option 7 or 2 (& 5)

Going back to the original KDDI presentation, they prefer Option 3, followed by Option 7.

If you are an operator, vendor, analyst, researcher, or anyone with an opinion, what options do you prefer?

Saturday 7 October 2017

2G / 3G Switch Off: A Tale of Two Worlds

Source: Wikipedia

2G/3G switch off is always a topic of discussion in most conferences. While many companies are putting their eggs in 4G & 5G baskets, 2G & 3G is not going away anytime soon.

Based on my observations and many discussions that I have had over the past few months, I see a pattern emerging.

In most developed nations, 2G will be switched off (or some operators may leave a very thin layer) followed by re-farming of 3G. Operators will switch off 3G at earliest possible opportunity as most users would have moved to 4G. Users that would not have moved to 4G would be forced to move operators or upgrade their devices. This scenario is still probably 6 - 10 years out.



As we all know that 5G will need capacity (and coverage) layer in sub-6GHz, the 3G frequencies will either be re-farmed to 4G or 5G as 2G is already being re-farmed to 4G. Some operators may choose to re-balance the usage with some lower frequencies exchanged to be used for 5G (subject to enough bandwidth being available).


On the other hand, in the developing and less-developed nations, 3G will generally be switched off before 2G. The main reason being that there are still a lot of feature phone users that rely on 2G technologies. Most, if not all, 3G phones support 2G so the existing 3G users will be forced onto 2G. Those who can afford, will upgrade to newer smartphones while those who cant will have to grudgingly use 2G or change operators (not all operators in a country will do this at the same time).

Many operators in the developing countries believe that GSM will be around until 2030. While it may be difficult to predict that far in advance, I am inclined to believe this.

For anyone interested, here is a document listing 2G/3G switch off dates that have been publicly announced by the operators.



Let me know what you think.

Further reading:

Tuesday 26 September 2017

5G Dual Connectivity, Webinar and Architecture Overview

One of the things that will come as a result of NSA (Non-StandAlone) architecture will be the option for Dual Connectivity (DC). In fact, DC was first introduced in LTE as part of 3GPP Release 12 (see 3G4G Small Cells blog entry here). WWRF (Wireless World Research Forum) has a good whitepaper on this topic here and NTT Docomo also has an excellent article on this here.

A simple way to understand the difference between Carrier Aggregation (CA) and Dual Connectivity (DC) is that in CA different carriers are served by the same backhaul (same eNB), while in DC they are served by different backhauls (different eNB or eNB & gNB).


We have produced a short video showing different 5G architectures, looking mainly at StandAlone (SA) and Non-StandAlone (NSA) architectures, both LTE-Assisted and NR-Assisted. The video is embedded below:



Finally, 3GPP has done a short webinar with the 3GPP RAN Chairman Balazs Bertenyi explaining the outcomes from RAN#77. Its available on BrightTalk here. If you are interested in the slides, they are available here.

Related posts:

Sunday 3 September 2017

5G Core Network, System Architecture & Registration Procedure

The 5G System architecture (based on 3GPP TS 23.501: System Architecture for the 5G System; Stage 2) consists of the following network functions (NF). The functional description of these network functions is specified in clause 6.
- Authentication Server Function (AUSF)
- Core Access and Mobility Management Function (AMF)
- Data network (DN), e.g. operator services, Internet access or 3rd party services
- Structured Data Storage network function (SDSF)
- Unstructured Data Storage network function (UDSF)
- Network Exposure Function (NEF)
- NF Repository Function (NRF)
- Network Slice Selection Function (NSSF)
- Policy Control function (PCF)
- Session Management Function (SMF)
- Unified Data Management (UDM)
- Unified Data Repository (UDR)
- User plane Function (UPF)
- Application Function (AF)
- User Equipment (UE)
- (Radio) Access Network ((R)AN)

As you can see, this is slightly more complex than the 2G/3G/4G Core Network Architecture.

Alan Carlton, Vice President, InterDigital and Head of InterDigital International Labs Organization spanning Europe and Asia provided a concise summary of the changes in 5G core network in ComputerWorld:

Session management is all about the establishment, maintenance and tear down of data connections. In 2G and 3G this manifested as the standalone General Packet Radio Service (GPRS). 4G introduced a fully integrated data only system optimized for mobile broadband inside which basic telephony is supported as just one profile.

Mobility management as the name suggests deals with everything that needs doing to support the movement of users in a mobile network. This encompasses such functions as system registration, location tracking and handover. The principles of these functions have changed relatively little through the generations beyond optimizations to reduce the heavy signaling load they impose on the system.

The 4G core network’s main function today is to deliver an efficient data pipe. The existence of the service management function as a dedicated entity has been largely surrendered to the “applications” new world order. Session management and mobility management are now the two main functions that provide the raison d’etre for the core network.

Session management in 4G is all about enabling data connectivity and opening up a tunnel to the world of applications in the internet as quickly as possible. This is enabled by two core network functions, the Serving Gateway (SGW) and Packet Data Gateway (PGW). Mobility management ensures that these data sessions can be maintained as the user moves about the network. Mobility management functions are centralized within a network node referred to as Mobility Management Entity (MME). Services, including voice, are provided as an “app” running on top of this 4G data pipe. The keyword in this mix, however, is “function”. It is useful to highlight that the distinctive nature of the session and mobility management functions enables modularization of these software functions in a manner that they can be easily deployed on any Commercial-Off-The-Shelf (COTS) hardware.

The biggest change in 5G is perhaps that services will actually be making a bit of a return...the plan is now to deliver the whole Network as a Service. The approach to this being taken in 3GPP is to re-architect the whole core based on a service-oriented architecture approach. This entails breaking everything down into even more detailed functions and sub-functions. The MME is gone but not forgotten. Its former functionality has been redistributed into precise families of mobility and session management network functions. As such, registration, reachability, mobility management and connection management are all now new services offered by a new general network function dubbed Access and Mobility Management Function (AMF). Session establishment and session management, also formerly part of the MME, will now be new services offered by a new network function called the Session Management Function (SMF). Furthermore, packet routing and forwarding functions, currently performed by the SGW and PGW in 4G, will now be realized as services rendered through a new network function called the User Plane Function (UPF).

The whole point of this new architectural approach is to enable a flexible Network as a Service solution. By standardizing a modularized set of services, this enables deployment on the fly in centralized, distributed or mixed configurations to enable target network configurations for different users. This very act of dynamically chaining together different services is what lies at the very heart of creating the magical network slices that will be so important in 5G to satisfy the diverse user demands expected. The bottom line in all this is that the emphasis is now entirely on software. The physical boxes where these software services are instantiated could be in the cloud or on any targeted COTS hardware in the system. It is this intangibility of physicality that is behind the notion that the core network might disappear in 5G.


3GPP TS 23.502: Procedures for the 5G System; Stage 2, provides examples of signalling for different scenarios. The MSC above shows the example of registration procedure. If you want a quick refresher of LTE registration procedure, see here.

I dont plan to expand on this procedure here. Checkout section "4.2.2 Registration Management procedures" in 23.502 for details. There are still a lot of FFS (For further studies 😉) in the specs that will get updated in the coming months.


Further Reading:

Sunday 20 August 2017

Enhanced 5G Security via IMSI Encryption


IMSI Catchers can be a real threat. It doesn't generally affect anyone unless someone is out to get them. Nevertheless its a security flaw that is even present in LTE. This presentation here is a good starting point on learning about IMSI Catcher and the one here about privacy and availability attacks.


This article by Ericsson is a good starting point on how 5G will enhance security by IMSI encryption. From the article:
The concept we propose builds on an old idea that the mobile device encrypts its IMSI using home network’s asymmetric key before it is transmitted over the air-interface. By using probabilistic asymmetric encryption scheme – one that uses randomness – the same IMSI encrypted multiple times results in different values of encrypted IMSIs. This makes it infeasible for an active or passive attacker over the air-interface to identify the subscriber. Above is a simplified illustration of how a mobile device encrypts its IMSI. 
Each mobile operator (called the ‘home network’ here) has a public/private pair of asymmetric keys. The home network’s private asymmetric key is kept secret by the home network, while the home network’s public asymmetric key is pre-provisioned in mobile devices along with subscriber-specific IMSIs (Step 0). Note that the home network’s public asymmetric key is not subscriber-specific. 
For every encryption, the mobile device generates a fresh pair of its own public/private asymmetric keys (Step 1). This key pair is used only once, hence called ephemeral, and therefore provide probabilistic property to the encryption scheme. As shown in the figure, the mobile device then generates a new key (Step 2), e.g., using Diffie–Hellman key exchange. This new key is also ephemeral and is used only once to encrypt the mobile device’s IMSI (Step 3) using symmetric algorithm like AES. The use of asymmetric and symmetric crypto primitives as described above is commonly known as integrated/hybrid encryption scheme. The Elliptic Curve Integrated Encryption Scheme (ECIES) is a popular scheme of such kind and is very suitable to the use case of IMSI encryption because of low impact on radio bandwidth and mobile device’s battery. 
The nicest thing about the described concept is that no public key infrastructure is necessary, which significantly reduces deployment complexity, meaning that mobile operators can start deploying IMSI encryption for their subscribers without having to rely on any external party or other mobile operators.

'3GPP TR 33.899: Study on the security aspects of the next generation system' lists one such approach.


The Key steps are as follows:

  1. UE is configured with 5G (e)UICC with ‘K’ key, the Home Network ID, and its associated public key.
  2. SEAF send Identity Request message to NG-UE. NG-UE considers this as an indication to initiate Initial Authentication.
  3. NG-UE performs the following:
    1. Request the (e)UICC application to generate required security material for initial authentication, RANDUE, , COUNTER, KIARenc, and KIARInt.
    2. NG-UE builds IAR as per MASA. In this step NG-UE includes NG-UE Security Capabilities inside the IAR message. It also may include its IMEI. 
    3. NG-UE encrypts the whole IAR including the MAC with the home network public key.
    4. NG-UE sends IAR to SEAF.
  4. Optionally, gNB-CP node adds its Security Capabilities to the transposrt message between the gNB-CP and the SEAF (e.g., inside S1AP message as per 4G).
  5. gNB-CP sends the respective S1AP message that carries the NG-UE IAR message to the SEAF.
  6. SEAF acquirs the gNB-CP security capabilities as per the listed options in clause 5.2.4.12.4.3and save them as part of the temporary context for the NG-UE.
  7. SEAF follows MASA and forward the Authentication and Data Request message to the AUSF/ARPF.
  8. When AUSF/ARPF receives the Authentication and Data Request message, authenticates the NG-UE as per MASA and generates the IAS respective keys. AUSF/ARPF may recover the NG-UE IMSI and validate the NG-UE security capabilities.
  9. AUSF/ARPF sends Authentication and Data Response to the SEAF as per MASA with NG-UE Security Capabilities included.
  10. SEAF recovers the Subscriber IMSI, UE security Capabilities, IAS keys, RANDHN, COUNTER and does the following:
    1. Examine the UE Security Capabilities and decides on the Security parameters.
    2. SEAF may acquire the UP-GW security capabilities at this point after receiving the UP-GW identity from AUSF/ARPF or allocate it dynamically through provisioning and load balancing.
  11. SEAF builds IAS and send to the NG-UE following MASA. In addition, SEAF include the gNB-CP protocol agreed upon security parameters in the S1AP message being sent to the gNB-CP node.
  12. gNB-CP recovers gNB-CP protocol agreed upon security parameters and save it as part of the NG-UE current context.
  13. gNB-CP forwards the IAS message to the NG-UE.
  14. NG-UE validates the authenticity of the IAS and authenticates the network as per MASA. In addition, the UE saves all protocols agreed upon security parameters as part of its context. NG-UE sends the Security and Authentication Complete message to the SEAF.
  15. SEAF communicates the agreed upon UP-GW security parameters to the UP-GW during the NG-UE bearer setup.

ARPF - Authentication Credential Repository and Processing Function 
AUSF - Authentication Server Function 
SCMF - Security Context Management Function
SEAF - Security Anchor Function
NG-UE - NG UE
UP - User Plane 
CP - Control Plane
IAR - Initial Authentication Request 
IAS - Initial Authentication Response
gNB - Next Generation NodeB

You may also want to refer to the 5G Network Architecture presentation by Andy Sutton for details.

See also:

Tuesday 25 July 2017

5G Security Updates - July 2017


Its been nearly 2 years since I last blogged about ETSI Security workshop. A lot has changed since then, especially as 5G is already in the process of being standardised. This is in addition to NFV / SDN that also applied to 4G networks.

ETSI Security Week (12 - 16 June) covered lot more than 5G, NFV, SDN, etc. Security specialists can follow the link to get all the details (if they were not already aware of).

I want to quickly provide 3 links so people can find all the useful information:

NFV Security Tutorialdesigned to educate attendees on security concerns facing operators and providers as they move forward with implementing NFV. While the topics are focused on security and are technical in nature we believe any individual responsible for designing, implementing or operating a NFV system in an organization will benefit from this session. Slides here.

NFV Security: Network Functions Virtualization (NFV), leveraging cloud computing, is set to radically change the architecture, security, and implementation of telecommunications networks globally. The NFV Security day will have a sharp focus on the NFV security and will bring together the world-wide community of the NFV security leaders from the industry, academia, and regulators. If you want to meet the movers and shakers in this field, get a clear understanding of the NFV security problems, challenges, opportunities, and the state of the art development of security solutions, this day is for you. Slides here.



5G Security: The objectives of this event are to:
  • Gather different actors involved in the development of 5G, not only telecom, and discuss together how all their views will shape together in order to understand the challenges, threats and the security requirements that the 5G scenarios will be bringing.
  • Give an update of what is happening in:
    • 5G security research: Lot of research is on-going on 5G security and several projects exist on the topic.
    • 5G security standards: Standardization bodies have already started working 5G security and their work progress will be reviewed. Also any gap or additional standardization requirements will be discussed.
    • Verticals and business (non-technical) 5G security requirements: 5G is playground where different verticals besides the telecom industry is playing a role and their requirements will be key for the design of 5G security. In addition 5G is where "security" will become the business driver.
  • Debate about hot topics such as: IoT security, Advances in lightweight cryptography, Slicing security. Privacy. Secure storage and processing. Security of the interconnection network (DIAMETER security). Relevance of Quantum Safe Cryptography for 5G, Authorization concepts....
Slides for 5G Security here.

In addition, Jaya Baloo, CISO, KPN Telecom talks about 5G network security at TechXLR8 2017. Embedded is a video of that:


Monday 19 June 2017

Network Sharing is becoming more relevant with 5G

5G is becoming a case of 'damned if you do damned if you don't'. Behind the headlines of new achievements and faster speeds lies the reality that many operators are struggling to keep afloat. Indian and Nigerian operators are struggling with heavy debt and it wont be a surprise if some of the operators fold in due course.

With increasing costs and decreasing revenues, its no surprise that operators are looking at ways of keeping costs down. Some operators are postponing their 5G plans in favour of Gigabit LTE. Other die hard operators are pushing ahead with 5G but looking at ways to keep the costs down. In Japan for example, NTT DOCOMO has suggested sharing 5G base stations with its two rivals to trim costs, particularly focusing efforts in urban areas.


In this post, I am looking to summarise an old but brilliant post by Dr. Kim Larsen here. While it is a very well written and in-depth post, I have a feeling that many readers may not have the patience to go through all of it. All pictures in this post are from the original post by Dr. Kim Larsen.


Before embarking on any Network sharing mission, its worthwhile asking the 5W's (Who, Why, What, Where, When) and 2H's (How, How much).

  • Why do you want to share?
  • Who to share with? (your equal, your better or your worse).
  • What to share? (sites, passives, active, frequencies, new sites, old sites, towers, rooftops, organization, ,…).
  • Where to share? (rural, sub-urban, urban, regional, all, etc..).
  • When is a good time to start sharing? During rollout phase, steady phase or modernisation phase. See picture below. For 5G, it would make much more sense that network sharing is done from the beginning, i.e., Rollout Phase


  • How to do sharing?. This may sound like a simple question but it should take account of regulatory complexity in a country. The picture below explains this well:



  • How much will it cost and how much savings can be attained in the long term? This is in-fact a very important question because the end result after a lot of hard work and laying off many people may result in an insignificant amount of cost savings. Dr. Kim provides detailed insight on this topic that I find it difficult to summarise. Best option is to read it on his blog.


An alternative approach to network sharing is national roaming. Many European operators are dead against national roaming as this means the network loses its differentiation compared to rival operators. Having said that, its always worthwhile working out the savings and seeing if this can actually help.

National Roaming can be attractive for relative low traffic scenarios or in case were product of traffic units and national roaming unit cost remains manageable and lower than the Shared Network Cost.

The termination cost or restructuring cost, including write-off of existing telecom assets (i.e., radio nodes, passive site solutions, transmission, aggregation nodes, etc….) is likely to be a substantially financial burden to National Roaming Business Case in an area with existing telecom infrastructure. Certainly above and beyond that of a Network Sharing scenario where assets are being re-used and restructuring cost might be partially shared between the sharing partners.

Obviously, if National Roaming is established in an area that has no network coverage, restructuring and termination cost is not an issue and Network TCO will clearly be avoided, Albeit the above economical logic and P&L trade-offs on cost still applies.

If this has been useful to understand some of the basics of network sharing, I encourage you to read the original blog post as that contains many more details.

Futher Reading:



Friday 12 May 2017

5G – Beyond the Hype

Dan Warren, former GSMA Technology Director who created VoLTE and coined the term 'Phablet' has been busy with his new role as Head of 5G Research at Samsung R&D in UK. In a presentation delivered couple of days back at Wi-Fi Global Congress he set out a realistic vision of 5G really means.

A brief summary of the presentation in his own words below, followed by the actual presentation:
"I started with a comment I have made before – I really hate the term 5G.  It doesn’t allow us to have a proper discussion about the multiplicity of technologies that have been throw under the common umbrella of the term, and hence blurs the rationale for one why each technology is important in its own right.  What I have tried to do in these slides is talk more about the technology, then look at the 5G requirements, and consider how each technology helps or hinders the drive to meet those requirements, and then to consider what that enables in practical terms.

The session was titled ‘5G – beyond the hype’ so in the first three slides I cut straight to the technology that is being brought in to 5G.  Building from the Air Interface enhancements, then the changes in topology in the RAN and then looking at the ‘softwarisation’ on the Core Network.  This last group of technologies sets up the friction in the network between the desire to change the CapEx model of network build by placing functions in a Cloud (both C-RAN and an NFV-based Core, as well as the virtualisation of transport network functions) and the need to push functions to the network edge by employing MEC to reduce latency.  You end up with every function existing everywhere, data breaking out of the network at many different points and some really hard management issues.

On slide 5 I then look at how these technologies line up to meeting 5G requirements.  It becomes clear that the RAN innovations are all about performance enhancement, but the core changes are about enabling new business models from flexibility in topology and network slicing.  There is also a hidden part of the equation that I call out, which is that while technology enables the central five requirements to be met, they also require massive investment by the Operator.  For example you won’t reach 100% coverage if you don’t build a network that has total coverage, so you need to put base stations in all the places that they don’t exist today.

On the next slide I look at how network slicing will be sold.  There are three ways in which a network might be sliced – by SLA or topology, by enterprise customer and by MVNO.  The SLA or topology option is key to allowing the co-existence of MEC and Cloud based CN.  The enterprise or sector based option is important for operators to address large vertical industry players, but each enterprise may want a range of SLA’s for different applications and devices, so you end up with an enterprise slice being made up of sub-slices of differing SLA and topology.  Then, an MVNO may take a slice of the network, but will have it’s own enterprise customers that will take a sub-slice of the MVNO slice, which may in turn be made of sub-sub-slices of differing SLAs.  Somewhere all of this has be stitched back together, so my suggestion is that ‘Network Splicing’ will be as important as network slicing.

Slide illustrates all of this again and notes that there will also be other networks that have been sliced as well, be that 2G, 3G, 4G, WiFi, fixed, LPWA or anything else.  There is also going to be an overarching orchestration requirement both within a network and in the Enterprise customer (or more likely in System Integrator networks who take on the ‘Splicing’ role).  The red flags are showing that Orchestration is both really difficult and expensive, but the challenge for the MNO will also exist in the RAN.  The RRC will be a pinch point that has to sort out all of these device sitting in disparate network topologies with varying demands on the sliced RAN.

Then, in the next four slides I look at the business model around this.  Operators will need to deal with the realities of B2B or B2B2C business models, where they are the first B. The first ‘B’s price is the second ‘B’s cost, so the operator should expect considerable pressure on what it charges, and to be held contractually accountable for the performance of the network.  If 5G is going to claim 100% coverage, 5 9’s reliability, 50Mbps everywhere and be sold to enterprise customers on that basis, it is going to have to deliver it else there will be penalties to pay.  On the flip side to this, if all operators do meet the 5G targets, then they will become very much the same so the only true differentiation option will be on price.  With the focus on large scale B2B contracts, this has all the hallmarks of a race downwards and commoditisation of connectivity, which will also lead to disintermediation of operators from the value chain on applications.

So to conclude I pondered on what the real 5G justification is.  Maybe operators shouldn’t be promising everything, since there will be healthy competition on speed, coverage and reliability while those remain as differentiators.  Equally, it could just be that operators will fight out the consumer market share on 5G, but then that doesn’t offer any real uplift in market size, certainly not in mature developed world markets.  The one thing that is sure is that there is a lot of money to be spent getting there."



Let me know what do you think?