Satellites & Non-terrestrial networks (NTN) in 5G

Satellites has been an area of interest of mine for a while as some of you know that I used to work as Satellite Applications & Services Programme manager at techUK. I have written about how I see satellites complementing the mobile networks here and here.

Pic Source: The Role of Satellite in 5G - SES

Its good to see that there is some activity in 3GPP going on about satellites & Non-terrestrial networks (NTN) in 5G. While there are some obvious roles that satellites can play (see pic above), the 5G work is looking to cover a lot more topics in details.

Pic Source: Nomor - Overview 3GPP 5G Satellite Activities, Oct 2017

3GPP TR 38.913: Study on scenarios and requirements for next generation access technologies looks at 12 different scenarios, the ones relevant to this topic ate Air to ground, Light aircraft and Satellite to terrestrial.

3GPP TR 38.811: Study on New Radio (NR) to support non terrestrial networks (Release 15) covers this topic a bit more in detail. From looking at how satellites and other aerial networks work in general, it looks at the different NTN architecture options as can be seen above.

People looking to study this area in detail should probably start looking at this TR first.

3GPP also released a news item on this topic last week. It also refers to the above TR and a new one for Release 16. The following from 3GPP news:

The roles and benefits of satellites in 5G have been studied in 3GPP Release 14, leading to the specific requirement to support satellite access being captured in TS 22.261 - “Service requirements for next generation new services and markets; Stage 1”, recognizing the added value that satellite coverage brings, as part of the mix of access technologies for 5G, especially for mission critical and industrial applications where ubiquitous coverage is crucial.

Satellites refer to Spaceborne vehicles in Low Earth Orbits (LEO), Medium Earth Orbits (MEO), Geostationary Earth Orbit (GEO) or in Highly Elliptical Orbits (HEO).

Beyond satellites, Non-terrestrial networks (NTN) refer to networks, or segments of networks, using an airborne or spaceborne vehicle for transmission. Airborne vehicles refer to High Altitude Platforms (HAPs) encompassing Unmanned Aircraft Systems (UAS) - including tethered UAS, Lighter than Air UAS and Heavier than Air UAS - all operating at altitude; typically between 8 and 50 km, quasi-stationary.

These Non-terrestrial networks feature in TSG RAN’s TR 38.811 “Study on NR to support non-terrestrial networks”. They will:

• Help foster the 5G service roll out in un-served or underserved areas to upgrade the performance of terrestrial networks
• Reinforce service reliability by providing service continuity for user equipment or for moving platforms (e.g. passenger vehicles-aircraft, ships, high speed trains, buses)
• Increase service availability everywhere; especially for critical communications, future railway/maritime/aeronautical communications
• Enable 5G network scalability through the provision of efficient multicast/broadcast resources for data delivery towards the network edges or even directly to the user equipment

The objective of TR 38.811 is to study channel models, to define the deployment scenarios as well as the related system parameters and to identify and assess potential key impact areas on the NR. In a second phase, solutions for the identified key impacts on RAN protocols/architecture will be evaluated and defined.

A second study item, the “Study on using Satellite Access in 5G” is being addressed in Working Group SA1.  It shall lead to the delivery of the corresponding Technical Report TR 22.822 as part of Release 16.

This study will identify use cases for the provision of services when considering the integration of 5G satellite-based access components in the 5G system. When addressing the integration of (a) satellite component(s), use cases will identify new potential requirements for 5G systems addressing:

• The associated identification of existing / planned services and the corresponding modified or new requirements
• The associated identification of new services and the corresponding requirements
• The requirements on set-up / configuration / maintenance of the features of UE’s when using satellite components related features as well for other components from the 5G system
• Regulatory requirements when moving to (or from) satellite from (or to) terrestrial networks

Related Posts:

• An Introduction to Non-Terrestrial Networks (NTN)
• Connectivity on Planes
• Connectivity Technology Blog: TIP has launched 'Non-Terrestrial Connectivity Solutions' Group
• 3G4G Small Cells Blog: Flying Small Cells are here...

Top 10 posts for 2017 and some other 3G4G info

Here are the top 10 3G4G blog posts (in descending order of popularity) for 2017:

1. 5G Network Architecture and Design Update - Jan 2017
2. 5G: Architecture, QoS, gNB, Specifications - April 2017 Update
3. Self-backhauling: Integrated access and backhaul links for 5G
4. 5G Core Network, System Architecture & Registration Procedure
5. High Power / Performance User Equipment (#HPUE)
6. IMT-2020 (5G) Requirements
7. 5G – Beyond the Hype
8. Variety of 3GPP IoT technologies and Market Status - May 2017
9. 2G / 3G Switch Off: A Tale of Two Worlds
10. 5G Research Presentation on URLLC

As you can see, 7/10 were on 5G which is probably not a surprise 😉.

In other news, this year I have done a lot more activities on 3G4G sites (thanks to support and encouragement from my current employer, Parallel Wireless). You can see links to all different 3G4G channels on top of the blog. I was also interviewed by TechPlayon and TechTrained (the similarity of name is just a coincidence). I was also named a key 5G influencer for 2017.

Back in 2011, I wrote the 1000th post and asked for your feedback. Here again, I would like to ask for your feedback, either on this post or on any posts. There are check-boxes for you to give instant feedback or you can add your comments in any of the posts.

I also mentioned in 2011 that the 3G4G blog will be touching 1.5 million page view mark, now in 2017 (10 years after the start of this blog), we have crossed over 9.5 million official page views (page views for first 3 years were not counted). Here is a snapshot of the stats for this and the small cells blog.

This has all been possible because of contributions from many individuals who share their presentations, knowledge and support my activities in many different ways. Thank you!

Finally, I can make mistakes too so please feel free to correct me anytime you spot me saying something wrong. I don't mind 😊


Related posts:

• Telecoms Infrastructure Blog: Top 5 posts for 2017 
• The 3G4G Blog: Top 10 posts for 2016
• The 3G4G Blog: Top 10 posts for 2015
• The 3G4G Blog: Top 10 posts for 2014

The small detail about 5G you may have missed...

While going through the latest issue of CW Journal, I came across this article from Moray Rumney, Lead Technologist, Keysight. It highlights an interesting point that I missed out earlier that 5G also includes all LTE specifications from Release 15 onwards.

I reached out to our CW resident 3GPP standards expert Sylvia Lu to clarify and received more details.

There is a whole lot of detail available in RP-172789.zip. Here RIT stands for Radio Interface Technology and SRIT for Set of RIT.

Indeed, NB-IoT and Cat-M will also be part of the initial IMT-2020 submissions early next year.. watch the space

— Sylvia Lu (@SylviaLuUk) December 22, 2017

In fact at Sylvia clarified, NB-IoT and Cat-M will also be part of the initial IMT-2020 submissions early next year. Thanks Sylvia.

There is also this nice presentation by Huawei in ITU (here) that describes Requirements, Evaluation Criteria and Submission Templates for the development of IMT-2020. It is very helpful in understanding the process.

Coming back to the question I have often asked (see here for example),
1. What features are needed for operator to say they have deployed 5G, and
2. How many sites / coverage area needed to claim 5G rollout

With LTE Release-15 being part of 5G, I think it has just become easy for operators to claim they have 5G.

What do you think?

5G Patents Progress

More than 23,500 patents have been declared essential to the GSM & 3G as shown in the picture above. I am assuming this includes 4G as well. Anyway, its been a while I looked into this subject. The last time I was looking, 4G patent pools were beginning to form.

For LTE, indeed there is no one-stop shop for licensing. The only company that has tried is VIA Licensing, with their patent pool, but they don’t have licenses for the big players like Ericsson, Qualcomm, Huawei, ZTE, Samsung, etc. The same will probably apply for 5G.

This old picture and article from Telecom TV (link) is an interesting read on this topic.

This official WIPO list shows ZTE, Huawei, and Qualcomm at the top of the list for international patent filers worldwide in 2016 [PDF].

Back in 2015, NGMN alliance was also looking for creation of some kind of patent pool but it probably didn't go anywhere (link)

(Can't recall the source for this one) In March, Ericsson announced plans to license 5G for $5 per device and possibly as low as $2.50 in emerging markets. In November, Qualcomm announced plans to license 5G IP at the same rates established by the NDRC for 4G/LTE phones sold into China: 2.275% for single mode essential patents / 4.0% for the entire portfolio or 3.25% for multimode essential patents / 5.0% for the entire portfolio. All rates are based on the wholesale price of the phone.

Qualcomm also announced that the previously undisclosed $500 price cap will apply to all phones. Qualcomm also announce a rate of less than $5 for 5G for automotive applications and $0.50 for NB-IoT based IoT applications.

Ericsson has filed patent application for its end-to- end 5G technology. Ericsson has incorporated its numerous 5G and related inventions into a complete architecture for the 5G network standard. The patent application filed by the leading telecom vendor combines the work of 130 Ericsson inventors.

Dr. Stefan Parkvall, Principal Researcher at Ericsson, said, “The patent application contains Ericsson’s complementary suite of 5G inventions.” Stefan added, “It contains everything you need to build a complete 5G network. From devices, the overall network architecture, the nodes in the network, methods and algorithms, but also shows how to connect all this together into one fully functioning network. The inventions in this application will have a huge impact on industry and society: they will provide low latency with high performance and capacity.

This will enable new use cases like the Internet of Things, connected factories and self-driving cars.” Ericsson is involved with leading mobile operators across the world for 5G and Pre-5G research and trials. The patent application is likely to further strengthen its position in the 5G race.

More details on E/// 5G patents on their official website here.

Mobile world live has some good details on Qualcomm 5G NR royalty terms.

Smartphone vendors will have to pay as much as $16.25 per device to use Qualcomm’s 5G New Radio (NR) technology under new royalty guidelines released by the company.

Qualcomm said it will implement a royalty rate of 2.275 per cent of the selling price for single-mode 5G handsets and a higher rate of 3.25 per cent for multi-mode smartphones with 3G, 4G and 5G capabilities.

So for a $200 multi-mode device, for instance, Qualcomm noted a vendor would have to pay $6.50 in royalties per device. Royalties are capped at a $500 device value, meaning the maximum amount a smartphone vendor would have to pay would be $16.25 per handset.

The company added it will also offer access to its portfolio of both cellular standard essential patents and non-essential patents at a rate of 4 per cent of the selling price for single-mode devices and 5 per cent for multi-mode devices.

Qualcomm’s rates are notably higher than those announced by Ericsson in March. The Swedish company said it would charge a flat royalty fee of $5 per 5G NR multimode handset, but noted its fee could go as low as $2.50 per device for handsets with low average selling prices.

The official Qualcomm 5G royalty terms [PDF] are available here.

Further reading:

• Ericsson Tries to Avoid Patent War by Publishing Rates for 5G - Bloomberg
• Qualcomm to charge up to $16.25 in royalties for every 5G phone, more than Ericsson’s $5/phone - Fierce Wireless

Thanks to Mike Saji for providing inputs on 4G patent landscape. Thanks to Keith Dyer for interesting tweets on this topic.

5G and CBRS Hype?

The dissenting voices on 5G and CBRS are getting louder. While there are many analysts & operators who have been cautioning against 5G, its still moving ahead with a rapid pace. In the recent Huawei Mobile Broadband forum for example, BT's boss admitted that making case for 5G is hard. Bruno Jacobfeuerborn, CTO of Deutsche Telekom on the other hand is sitting on the fence. Dean Bubley's LinkedIn post is interesting too.

Vodafone CTO asked yesterday: "Will 5G be like 2G and 4G, or like 3G?". Now, it's like 3G, designing use cases and apps that nobody knows if they will be successful (e.g. 3G video calling).
2G and 4G were all about letting users/developers create their own. #HWMBBF

— Dimitris Mavrakis (@dmavrakis) November 16, 2017

. @BJacobfeuerborn says the forthcoming glut of sporting events in Asia (three Olympics, winter and summer, in next five years) will give them a 5G headstart. "If you want to do massive infrastructure investment, you need events." #HWMBBF

— Mobile Europe (@mobileeurope) November 16, 2017

Anyway, we have storified most of the tweets from Huawei Mobile Broadband Forum here.

Signals Research Group recently published their Signals Flash report, which is different from the more detailed Signals Ahead reports looking at 5G and CBRS, in addition to other topics. I have embedded the report below (with permission - thanks Mike) but you can download your own copy from here.

The summary from their website will give a good idea of what that is about:

CBRS – Much Ado About Not Very Much.  The FCC is heading in the right direction with how it might regulate the spectrum. However, unless you are a WISP or a private entity looking to deploy a localized BWA service, we don’t see too many reasons to get excited.

Handicapping the 5G Race.  Millimeter wave networks will be geographically challenged, 600 MHz won’t scale or differentiate from LTE, Band 41 may be the most promising, but this isn’t saying much. Can network virtualization make a winner?

It makes no Cents! Contrary to widespread belief,  5G won’t be a new revenue opportunity for operators – at least in the near term. The vertical markets need to get on board while URLLC will lag eMBB and prove far more difficult to deploy.

This Fierce Wireless article summarises the issues with CBRS well.

“While (some) issues are being addressed, the FCC can’t solve how to carve up 150 MHz of spectrum between everyone that wants a piece of the pie, while also ensuring that everyone gets a sufficient amount of spectrum,” the market research firm said in a report. “The 150 MHz is already carved up into 7- MHz for PAL (Priority Access License) and 80 MHz for GAA (General Authorized Access). The pecking order for the spectrum is incumbents, followed by PAL, and then by GAA…. 40 MHz sounds like a lot of spectrum, but when it comes to 5G and eMBB, it is only somewhat interesting, in our opinion. Further, if there are multiple bidders going after the PAL licenses then even achieving 40 MHz could be challenging.”

Signals said that device compatibility will also be a significant speed bump for those looking to leverage CBRS. Manufacturers won’t invest heavily to build CBRS-compatible phones until operators deploy infrastructure “in a meaningful way,” but those operators will need handsets that support the spectrum for those network investments to pay dividends. So while CBRS should prove valuable for network operators, it may not hold as much value for those who don’t own wireless infrastructure.

“The device ecosystem will develop but it is likely the initial CBRS deployments will target the more mundane applications, like fixed wireless access and industrial IoT applications,” the firm said. “We believe infrastructure and devices will be able to span the entire range of frequencies—CBRS and C-Band—and the total amount of available spectrum, combined with the global interest in the C-Band for 5G services, will make CBRS more interesting and value to operators. Operators will just have to act now, and then wait patiently for everything to fall into place.”

While many parts of the world are focusing on using frequencies around and above 3.5GHz for 5G, USA would be the only country using it for 4G. I suspect that many popular devices may not support CBRS but could be good for Fixed Wireless Access (FWA). It remains to be seen if economy of scale would be achieved.

Signals Flash Nov 2017: 5G in Americas | Signals Research Group from 3G4G

5G NR Radio Protocols and Tight Inter-working with LTE

Osman Yilmaz, Team Leader & Senior Researcher at Ericsson Research in Finland gave a good summary of 5G NR at URLLC 2017 Conference (see summary here). His presentation is embedded below:

5G NR radio protocols to support URLLC from 3G4G

Osman, along with Oumer Teyeb, Senior Researcher at Ericsson Research & member of the Ericsson 5G standardization delegation has also published a blog post LTE-NR tight-interworking on Ericsson Research blog.

The post talks about how how signalling and data will work in LTE & New Radio (NR) dual connected devices. In control plane it looks at RRC signalling applicable for this DC devices whereas in user plane it looks at direct and split DRB options.

Further details here.

Ultra Reliable Low Latency Communications (URLLC) 2017 Conference summary

Picture Source: Martin Geddes

It was a pleasure to attend this conference this week. Not only was the topic of interest but I am always impressed by how well EIE organizes their events. Instead of writing my own summary, here is a story created from tweets, 'The Mobile Network' live blog and a summary write-up from Martin Geddes. I have my takeaways below.

URLLC 2017 (#URLLC2017) conference summary from 3G4G

My takeaway from the conference is that:

• URLLC is going to be challenging but its achievable.
• Ultra-reliable (UR) may have different use cases then low latency communication (LLC). Lumping them together in URLLC is not helpful.
• Extremely low latency may not be achievable in every scenario. In some cases it would make more sense to continue with existing or proprietary solutions.
• URLLC may not happen when 5G is rolled out initially but will happen not long after that. 
• There are many verticals who may be able to take advantage of both the higher data rates that would come as part of eMBB and the low latency and high reliability as part of URLLC. 
• The operators would have to foot the bill for upgrading the networks as there is a relucatnce from the verticals to invest in something they cant see or play with
• There are verticals who invest heavily in alternative solutions that 5G may be able to solve. Some operators believe that this will bring new revenue to the mobile operators
• Slicing has a lot of open questions including Security and SLAs - nobody has a clear cut answer at the moment
• The industry is in a learning phase, figuring things out as they go along. There should be much more clarity next year.
• #URLLC2018 is on 13 & 14 Nov. 2018 in London. Plenty of time to find all the answers 😉

Further reading:

• Conference report: Ultra Reliable Low Latency Communications 2017 - Martin Geddes
• URLLC 2017 LiveBlog: The Mobile Network
• Couple of quick interviews from URLLC 2017 Conference
• 5G Research Presentation on URLLC - Mehdi Bennis

Couple of quick interviews from URLLC 2017 Conference

I tried the Facebook Live feature yesterday at the URLLC 2017 conference and recorded a couple of quick interviews with Martin Geddes and Prof. Andy Sutton. Hope you find them useful.

           

Further Reading:

• Ultra Reliable Low Latency Communications (URLLC) 2017 Conference summary

5G Research Presentation on URLLC

Dr.Mehdi Bennis from Centre for Wireless Communications, University of Oulu, Finland recently did a keynote at The International Conference on Wireless Networks and Mobile Communications (WINCOM'17), November 01-04, 2017, Rabat, Morocco. He has shared his presentation with us. Its embedded below and available to download from Slideshare.

Picture Source: Ericsson

For those who may not be aware, there are 3 main use cases defined for 5G. As shown in the picture above, they are enhanced Mobile BroadBand (eMBB), Ultra-Reliable Low Latency Communications (URLLC) and massive Machine Type Communications (mMTC). You can read the requirements here.

Building the foundations of Ultra-RELIABLE and Low-LATENCY Wireless Communication from 3G4G

Further Reading:

• Couple of quick interviews from URLLC 2017 Conference
• Ultra Reliable Low Latency Communications (URLLC) 2017 Conference summary
• 5G on 3G4G Blog

RRC states in 5G

Looking back at my old post about UMTS & LTE (re)selection/handovers, I wonder how many different kinds of handovers and (re)selection options may be needed now.

In another earlier post, I talked about the 5G specifications. This can also be seen in the picture above and may be easy to remember. The 25 series for UMTS mapped the same way to 36 series for LTE. Now the same mapping will be applied to 38 series for 5G. RRC specs would thus be 38.331.

A simple comparison of 5G and LTE RRC states can be seen in the picture above. As can be seen, a new state 'RRC Inactive' has been introduced. The main aim is to maintain the RRC connection while at the same time minimize signalling and power consumption.

Looking at the RRC specs you can see how 5G RRC states will work with 4G RRC states. There are still for further studies (FFS) items. Hopefully we will get more details soon.

3GPP TS 22.261, Service requirements for the 5G system; Stage 1 suggests the following with regards to inter-working with 2G & 3G

5.1.2.2 Legacy service support
The 5G system shall support all EPS capabilities (e.g., from TSs 22.011, 22.101, 22.278, 22.185, 22.071, 22.115, 22.153, 22.173) with the following exceptions:
- CS voice service continuity and/or fallback to GERAN or UTRAN,
- seamless handover between NG-RAN and GERAN,
- seamless handover between NG-RAN and UTRAN, and
- access to a 5G core network via GERAN or UTRAN.

5G Forecasts and 5G Deployed Claim

Source: GSA

5G forecasts have been arriving steadily with many different figures. Here are some numbers:

Date	Predicted by	Number of Connections	Year	Any other comments
23-Aug-16	Strategy Analytics	690 million	2025	"690M Connections and 300M Handset Shipments"
15-Nov-16	Ericsson	500 million	2022	"North America will lead the way in uptake of 5G subscriptions, where a quarter of all mobile subscriptions are forecast to be for 5G in 2022."
30-Nov-16	ABI Research	500 million	2026	"500 Million 5G cmWave and mmWave Subscribers Will Bring $200 Billion in Service Revenue through 2026" - what about non mmWave/cmWave 5G subs?
12-Apr-17	CCS Insight	100 million	2021	"Smartphones sales will rise to 1.90 billion in 2021, when smartphones will account for 92 percent of the total mobile phone market."
26-Apr-17	GSMA	1.1 billion	2025	"5G connections are set to reach 1.1 billion by 2025, accounting for approximately one in eight mobile connections worldwide by this time."
16-May-17	Ovum	389 million	2022	"Ovum now forecasts that there will be 111 million 5G mobile broadband subscriptions at end-2021, up more than fourfold from Ovum’s previous forecast of 25 million 5G subscriptions at end-2021"
14-Aug-17	Juniper Research	1.4 billion	2025	"an increase from just 1 million in 2019, the anticipated first year of commercial launch. This will represent an average annual growth of 232%."
17-Oct-17	GSMA	214 million in Europe	2025	"30 per cent of Europe’s mobile connections will be running on 5G networks by 2025"
23-Oct-17	CCS Insight	2.6 billion	2025	"1 Billion Users of 5G by 2023, with More Than Half in China", "broadly similar path to 4G LTE technology...more than one in every five mobile connections."

If we just look at 2025/2026, the estimates vary from 500 million to 2.6 billion. I guess we will have to wait and see which of these figures comes true.

I wrote a post earlier titled '4G / LTE by stealth'. Here I talked about the operators who still had 3G networks while most people had 4G phones. The day the operator switched on the 4G network, suddenly all these users were considered to be on 4G, even if they didn't have 4G coverage just yet.

I have a few questions about what 5G features are necessary for the initial rollout and when can an operator claim they have 5G? In fact I asked this question on twitter and I got some interesting answers.

Question: How many 5G sites does an operator have to deploy so that they can say they have 5G?

— Zahid Ghadialy (@zahidtg) October 18, 2017

Just having a few 5G NR (new radio) sites enough for an operator to claim that they have deployed 5G? Would all the handsets with 5G compatibility then be considered to be on 5G? What features would be required in the initial rollouts? In case of LTE, operators initially only had Carrier Aggregation deployed, which was enough to claim they supported LTE-A. Would 100MHz bandwidth support be enough as initial 5G feature?

Please let me know what you think.

5G Architecture Options for Deployments?

I have blogged earlier about the multiple 5G Architecture options that are available (see Deutsche Telekom's presentation & 3G4G video). So I have been wondering what options will be deployed in real networks and when.

The 3GPP webinar highlighted that Option-3 would be the initial focus, followed by Option 2.

Last year AT&T had proposed the following 4 approaches as in the picture above. Recall that Option 1 is the current LTE radio connected to EPC.

ZTE favours Deployment option 2 as can be seen in the slide above

Huawei is favoring Option 3, followed by Option 7 or 2 (& 5)

Going back to the original KDDI presentation, they prefer Option 3, followed by Option 7.

If you are an operator, vendor, analyst, researcher, or anyone with an opinion, what options do you prefer?

2G / 3G Switch Off: A Tale of Two Worlds

Source: Wikipedia

2G/3G switch off is always a topic of discussion in most conferences. While many companies are putting their eggs in 4G & 5G baskets, 2G & 3G is not going away anytime soon.

Based on my observations and many discussions that I have had over the past few months, I see a pattern emerging.

In most developed nations, 2G will be switched off (or some operators may leave a very thin layer) followed by re-farming of 3G. Operators will switch off 3G at earliest possible opportunity as most users would have moved to 4G. Users that would not have moved to 4G would be forced to move operators or upgrade their devices. This scenario is still probably 6 - 10 years out.

As we all know that 5G will need capacity (and coverage) layer in sub-6GHz, the 3G frequencies will either be re-farmed to 4G or 5G as 2G is already being re-farmed to 4G. Some operators may choose to re-balance the usage with some lower frequencies exchanged to be used for 5G (subject to enough bandwidth being available).


On the other hand, in the developing and less-developed nations, 3G will generally be switched off before 2G. The main reason being that there are still a lot of feature phone users that rely on 2G technologies. Most, if not all, 3G phones support 2G so the existing 3G users will be forced onto 2G. Those who can afford, will upgrade to newer smartphones while those who cant will have to grudgingly use 2G or change operators (not all operators in a country will do this at the same time).

Many operators in the developing countries believe that GSM will be around until 2030. While it may be difficult to predict that far in advance, I am inclined to believe this.

For anyone interested, here is a document listing 2G/3G switch off dates that have been publicly announced by the operators.

2G/3G Switch off Dates from 3G4G

Let me know what you think.

Further reading:

• 2G Network Decommissioning, Ready? - Russell Lundberg, Bangkok Beach Telecom

5G Dual Connectivity, Webinar and Architecture Overview

One of the things that will come as a result of NSA (Non-StandAlone) architecture will be the option for Dual Connectivity (DC). In fact, DC was first introduced in LTE as part of 3GPP Release 12 (see 3G4G Small Cells blog entry here). WWRF (Wireless World Research Forum) has a good whitepaper on this topic here and NTT Docomo also has an excellent article on this here.

A simple way to understand the difference between Carrier Aggregation (CA) and Dual Connectivity (DC) is that in CA different carriers are served by the same backhaul (same eNB), while in DC they are served by different backhauls (different eNB or eNB & gNB).


We have produced a short video showing different 5G architectures, looking mainly at StandAlone (SA) and Non-StandAlone (NSA) architectures, both LTE-Assisted and NR-Assisted. The video is embedded below:

Finally, 3GPP has done a short webinar with the 3GPP RAN Chairman Balazs Bertenyi explaining the outcomes from RAN#77. Its available on BrightTalk here. If you are interested in the slides, they are available here.

Related posts:

• 5G Core Network, System Architecture & Registration Procedure
• 5G: Architecture, QoS, gNB, Specifications - April 2017 Update
• 5G Security Updates - July 2017
• Enhanced 5G Security via IMSI Encryption
• 5G – Beyond the Hype
• Network Sharing is becoming more relevant with 5G

Slides from IEEE 5G Webinar: 5G mmWave Revolution & New Radio

Some of you may find this useful.

5G Core Network, System Architecture & Registration Procedure

The 5G System architecture (based on 3GPP TS 23.501: System Architecture for the 5G System; Stage 2) consists of the following network functions (NF). The functional description of these network functions is specified in clause 6.
- Authentication Server Function (AUSF)
- Core Access and Mobility Management Function (AMF)
- Data network (DN), e.g. operator services, Internet access or 3rd party services
- Structured Data Storage network function (SDSF)
- Unstructured Data Storage network function (UDSF)
- Network Exposure Function (NEF)
- NF Repository Function (NRF)
- Network Slice Selection Function (NSSF)
- Policy Control function (PCF)
- Session Management Function (SMF)
- Unified Data Management (UDM)
- Unified Data Repository (UDR)
- User plane Function (UPF)
- Application Function (AF)
- User Equipment (UE)
- (Radio) Access Network ((R)AN)

As you can see, this is slightly more complex than the 2G/3G/4G Core Network Architecture.

Alan Carlton, Vice President, InterDigital and Head of InterDigital International Labs Organization spanning Europe and Asia provided a concise summary of the changes in 5G core network in ComputerWorld:

Session management is all about the establishment, maintenance and tear down of data connections. In 2G and 3G this manifested as the standalone General Packet Radio Service (GPRS). 4G introduced a fully integrated data only system optimized for mobile broadband inside which basic telephony is supported as just one profile.

Mobility management as the name suggests deals with everything that needs doing to support the movement of users in a mobile network. This encompasses such functions as system registration, location tracking and handover. The principles of these functions have changed relatively little through the generations beyond optimizations to reduce the heavy signaling load they impose on the system.

The 4G core network’s main function today is to deliver an efficient data pipe. The existence of the service management function as a dedicated entity has been largely surrendered to the “applications” new world order. Session management and mobility management are now the two main functions that provide the raison d’etre for the core network.

Session management in 4G is all about enabling data connectivity and opening up a tunnel to the world of applications in the internet as quickly as possible. This is enabled by two core network functions, the Serving Gateway (SGW) and Packet Data Gateway (PGW). Mobility management ensures that these data sessions can be maintained as the user moves about the network. Mobility management functions are centralized within a network node referred to as Mobility Management Entity (MME). Services, including voice, are provided as an “app” running on top of this 4G data pipe. The keyword in this mix, however, is “function”. It is useful to highlight that the distinctive nature of the session and mobility management functions enables modularization of these software functions in a manner that they can be easily deployed on any Commercial-Off-The-Shelf (COTS) hardware.

The biggest change in 5G is perhaps that services will actually be making a bit of a return...the plan is now to deliver the whole Network as a Service. The approach to this being taken in 3GPP is to re-architect the whole core based on a service-oriented architecture approach. This entails breaking everything down into even more detailed functions and sub-functions. The MME is gone but not forgotten. Its former functionality has been redistributed into precise families of mobility and session management network functions. As such, registration, reachability, mobility management and connection management are all now new services offered by a new general network function dubbed Access and Mobility Management Function (AMF). Session establishment and session management, also formerly part of the MME, will now be new services offered by a new network function called the Session Management Function (SMF). Furthermore, packet routing and forwarding functions, currently performed by the SGW and PGW in 4G, will now be realized as services rendered through a new network function called the User Plane Function (UPF).

The whole point of this new architectural approach is to enable a flexible Network as a Service solution. By standardizing a modularized set of services, this enables deployment on the fly in centralized, distributed or mixed configurations to enable target network configurations for different users. This very act of dynamically chaining together different services is what lies at the very heart of creating the magical network slices that will be so important in 5G to satisfy the diverse user demands expected. The bottom line in all this is that the emphasis is now entirely on software. The physical boxes where these software services are instantiated could be in the cloud or on any targeted COTS hardware in the system. It is this intangibility of physicality that is behind the notion that the core network might disappear in 5G.

3GPP TS 23.502: Procedures for the 5G System; Stage 2, provides examples of signalling for different scenarios. The MSC above shows the example of registration procedure. If you want a quick refresher of LTE registration procedure, see here.

I dont plan to expand on this procedure here. Checkout section "4.2.2 Registration Management procedures" in 23.502 for details. There are still a lot of FFS (For further studies 😉) in the specs that will get updated in the coming months.


Further Reading:

• 3GPP TR 23.799: Study on Architecture for Next Generation System
• 3GPP TS 23.501: System Architecture for the 5G System; Stage 2
• 3GPP TS 23.502: Procedures for the 5G System; Stage 2

Enhanced 5G Security via IMSI Encryption

Source: North Star Post

IMSI Catchers can be a real threat. It doesn't generally affect anyone unless someone is out to get them. Nevertheless its a security flaw that is even present in LTE. This presentation here is a good starting point on learning about IMSI Catcher and the one here about privacy and availability attacks.

This article by Ericsson is a good starting point on how 5G will enhance security by IMSI encryption. From the article:

The concept we propose builds on an old idea that the mobile device encrypts its IMSI using home network’s asymmetric key before it is transmitted over the air-interface. By using probabilistic asymmetric encryption scheme – one that uses randomness – the same IMSI encrypted multiple times results in different values of encrypted IMSIs. This makes it infeasible for an active or passive attacker over the air-interface to identify the subscriber. Above is a simplified illustration of how a mobile device encrypts its IMSI. 

Each mobile operator (called the ‘home network’ here) has a public/private pair of asymmetric keys. The home network’s private asymmetric key is kept secret by the home network, while the home network’s public asymmetric key is pre-provisioned in mobile devices along with subscriber-specific IMSIs (Step 0). Note that the home network’s public asymmetric key is not subscriber-specific. 

For every encryption, the mobile device generates a fresh pair of its own public/private asymmetric keys (Step 1). This key pair is used only once, hence called ephemeral, and therefore provide probabilistic property to the encryption scheme. As shown in the figure, the mobile device then generates a new key (Step 2), e.g., using Diffie–Hellman key exchange. This new key is also ephemeral and is used only once to encrypt the mobile device’s IMSI (Step 3) using symmetric algorithm like AES. The use of asymmetric and symmetric crypto primitives as described above is commonly known as integrated/hybrid encryption scheme. The Elliptic Curve Integrated Encryption Scheme (ECIES) is a popular scheme of such kind and is very suitable to the use case of IMSI encryption because of low impact on radio bandwidth and mobile device’s battery. 

The nicest thing about the described concept is that no public key infrastructure is necessary, which significantly reduces deployment complexity, meaning that mobile operators can start deploying IMSI encryption for their subscribers without having to rely on any external party or other mobile operators.

'3GPP TR 33.899: Study on the security aspects of the next generation system' lists one such approach.

The Key steps are as follows:

1. UE is configured with 5G (e)UICC with ‘K’ key, the Home Network ID, and its associated public key.
2. SEAF send Identity Request message to NG-UE. NG-UE considers this as an indication to initiate Initial Authentication.
3. NG-UE performs the following:
1. Request the (e)UICC application to generate required security material for initial authentication, RANDUE, , COUNTER, KIARenc, and KIARInt.
2. NG-UE builds IAR as per MASA. In this step NG-UE includes NG-UE Security Capabilities inside the IAR message. It also may include its IMEI. 
3. NG-UE encrypts the whole IAR including the MAC with the home network public key.
4. NG-UE sends IAR to SEAF.
4. Optionally, gNB-CP node adds its Security Capabilities to the transposrt message between the gNB-CP and the SEAF (e.g., inside S1AP message as per 4G).
5. gNB-CP sends the respective S1AP message that carries the NG-UE IAR message to the SEAF.
6. SEAF acquirs the gNB-CP security capabilities as per the listed options in clause 5.2.4.12.4.3and save them as part of the temporary context for the NG-UE.
7. SEAF follows MASA and forward the Authentication and Data Request message to the AUSF/ARPF.
8. When AUSF/ARPF receives the Authentication and Data Request message, authenticates the NG-UE as per MASA and generates the IAS respective keys. AUSF/ARPF may recover the NG-UE IMSI and validate the NG-UE security capabilities.
9. AUSF/ARPF sends Authentication and Data Response to the SEAF as per MASA with NG-UE Security Capabilities included.
10. SEAF recovers the Subscriber IMSI, UE security Capabilities, IAS keys, RANDHN, COUNTER and does the following:
1. Examine the UE Security Capabilities and decides on the Security parameters.
2. SEAF may acquire the UP-GW security capabilities at this point after receiving the UP-GW identity from AUSF/ARPF or allocate it dynamically through provisioning and load balancing.
11. SEAF builds IAS and send to the NG-UE following MASA. In addition, SEAF include the gNB-CP protocol agreed upon security parameters in the S1AP message being sent to the gNB-CP node.
12. gNB-CP recovers gNB-CP protocol agreed upon security parameters and save it as part of the NG-UE current context.
13. gNB-CP forwards the IAS message to the NG-UE.
14. NG-UE validates the authenticity of the IAS and authenticates the network as per MASA. In addition, the UE saves all protocols agreed upon security parameters as part of its context. NG-UE sends the Security and Authentication Complete message to the SEAF.
15. SEAF communicates the agreed upon UP-GW security parameters to the UP-GW during the NG-UE bearer setup.

ARPF - Authentication Credential Repository and Processing Function 
AUSF - Authentication Server Function 
SCMF - Security Context Management Function
SEAF - Security Anchor Function
NG-UE - NG UE
UP - User Plane 
CP - Control Plane
IAR - Initial Authentication Request 
IAS - Initial Authentication Response
gNB - Next Generation NodeB

You may also want to refer to the 5G Network Architecture presentation by Andy Sutton for details.

See also:

• 5G Security Updates - July 2017
• 5G: Architecture, QoS, gNB, Specifications - April 2017 Update
• 5G – Beyond the Hype
• 5G Network Architecture and Design Update - Jan 2017