Showing posts with label Network Slicing. Show all posts
Showing posts with label Network Slicing. Show all posts

Friday, 20 November 2020

Business Role Models for Network Slicing and iRAT Mobility for Cellular Internet of Things (CIoT) in Release 16

 3GPP Release 16 describes business role models for network slicing and in TR 21.916 I found the figures below that I have pimped a little bit to illustrate an asset tracking use case for goods transported with a truck from Factory A to Factory B. 

Factory B is equipped with a 5G Non-Public Network (NPN) that broadcasts an NPN-ID or - if the network infrastructure is deployed by an operator - a Cell Access Group ID (CAG ID).

I would like to assume that in case of the scenario shown in 3GPP Figure 2-2 the asset tracking CIoT devices are able to access any necessary PLMN, Network Slice and NPN. This can be achieved e.g. by using an eSIM. 

So while the truck is at the location of Factory A the asset tracking "things" will connect to the private slice of Factory A provided by the operator of PLMN 1. Factory A is a tenant of this operator. This means: Factory A rented a virtual part of PLMN1 for private use and technically this rented virtual network part is realized by a NW slice. 

When the truck leaves Factory A and drives on the road (maybe a long distance) to Factory B the asset tracking data must be transmitted over public mobile network infrastructure. Depending on rural coverage this service can be offered by PLMN 2 (as in case of 3GPP figure 2-2) or by PLMN 1 (as in case of 3GPP figure 2-3).

In case of 3GPP figure 2-4 the operator of PLMN 1 is even able to provide the private slice along the road, which allows Factory A to stretch the coverage of their virtual private network (slice) over a very long distance.

Looking further into the Cellular IoT enhancements defined by 3GPP in Release 16 it turns out that actually there is no need for a nation-wide 5G coverage to realize at least the role models shown in the 3GPP figures 2-2 and 2-3.

Because Release 16 also defines co-existence and inter-RAT mobility between 5G CIoT traffic and 4G NB-IoT the operators of PLMN 1 and PLMN 2 may offer NB-IoT coverage along the road while the factories are covered with 5G NR frequency cells - as shown in my second figure below.  

It illustrates the great improved flexibility that Release 16 standards are offering for customized business solutions and monitoring the service quality is not a trivial task under these circumstances.  

Related Posts:

Tuesday, 10 November 2020

Network Slicing Tutorials and Other Resources

I have received quite a few requests to do a 5G Network Slicing tutorial but have still not got around to doing it. Luckily there are so many public resources available that I can get away with not doing one on this topic. 

This Award Solutions webinar by Paul Shepherd (embedded below) provides good insights into network slicing, what it is, how it efficiently enables different services in 5G networks, and the architectural changes in 5G required to support it.

Then there is also this myth about 3 slices in the network. The GSMA slice template is a good starting point for an operator looking to do network slicing in their 5G networks. The latest version is 3.0, available here.

As this picture (courtesy of Phil Kendall) shows, it's not a straightforward task.  

Alistair URIE from Nokia Bell Labs points out some common misconceptions people have with Network Slicing:

  1. Multiple slices may share the same cell and the same RU in each slice
  2. Single UE may have up to 8 active slices but must have a single CU-CP instance to terminate the common RRC 
  3. Slicing supports more than 3 slices 

Back in March, China Mobile, Huawei, Tencent, China Electric Power Research Institute, and Digital Domain have jointly released the Categories and Service Levels of Network Slice White Paper to introduce the industry’s first classification of network slice levels. The new white paper dives into the definitions, solutions, typical scenarios, and evolution that make up the five levels of network slices. It serves as an excellent reference to provide guidance in promoting and commercializing network slicing, and lays a theoretical foundation for the industry-wide application of network slicing.

The whitepaper describes the different phases as:

Phase 1 (ready): As mentioned above, the 5G transport network and 5G core network support different software-based and hardware-based isolation solutions. On the 5G NR side, 5QIs (QoS scheduling mechanism) are mainly used to achieve software-based isolation in WAN scenarios. Alternatively, campus-specific 5G NR (including micro base stations and indoor distributed base stations) is used to implement hardware-based isolation in LAN scenarios. In terms of service experience assurance, 5QIs are used to implement differentiated SLA assurance between slices. In terms of slice OAM capabilities, E2E KPIs can be managed in a visualized manner. This means that from 2020 on, Huawei is ready to deliver commercial use of E2E slicing for common customers and VIP customers of the public network and common customer of general industries (such as UHD live broadcast and AR advertisement).

Phase 2 (to be ready in 2021): In terms of isolation, the 5G NR side supports the wireless RB resource reservation technology (including the static reservation and dynamic reservation modes) to implement E2E network resource isolation and slicing in WAN scenarios. In terms of service experience assurance, features such as 5G LAN and 5G TSN are enhanced to implement differentiated and deterministic SLA assurance between different slices. In terms of slice OAM, on the basis of tenant-level KPI visualization, the limited self-service of the industry for rented slices can be further supported. In this phase, operators can serve VIP customers in common industries (such as AR/VR cloud games and drone inspection), dedicated industry customers (such as electric power management information region, medical hospital campus, and industrial campus), and dedicated industry customers (such as electric power production control region and public security).

Phase 3 (to be ready after 2022): In this phase, 5G network slicing supports real dynamic closed-loop SLAs based on AI and negative feedback mechanism, implementing network self-optimization and better serving industries (such as 5G V2X) with high requirements on mobility, roaming, and service continuity. In addition, industry-oriented comprehensive service capabilities will be further enhanced and evolved.

A more technical presentation from Nokia is available here. The video below shows how innovations in IP routing and SDN work together to implement network slicing in the transport domain.

If you know some other good resources and tutorials worth sharing, add them in the comments below.

Related Posts:

Saturday, 1 August 2020

Artificial Intelligence (AI) / Machine Learning (ML) in 5G Challenge by ITU

ITU is conducting a global ITU AI/ML 5G Challenge on the theme “How to apply ITU's ML architecture in 5G networks". If you don't know the difference between AI & ML, this picture from the old blog post may help.

The ITU website says:

Artificial Intelligence (AI) will be the dominant technology of the future and will impact every corner of society. In particular, AI / ML (machine learning) will shape how communication networks, a lifeline of our society, will be run. Many companies in the ICT sector are exploring how to make best use of AI/ML. ITU has been at the forefront of this endeavour exploring how to best apply AI/ML in future networks including 5G networks. The time is therefore right to bring together the technical community and stakeholders to brainstorm, innovate and solve relevant problems in 5G using AI/ML. Building on its standards work, ITU is conducting a global ITU AI/ML 5G Challenge on the theme “How to apply ITU's ML architecture in 5G networks". 

Participants will be able to solve real world problems, based on standardized technologies developed for ML in 5G networks. Teams will be required to enable, create, train and deploy ML models (such that participants will acquire hands-on experience in AI/ML in areas relevant to 5G). Participation is open to ITU Member States, Sector Members, Associates and Aca​demic Institutions and to any individual from a country that is a member of ITU. ​

There are also some cash prizes, etc. There are various topics with presentation slides & recordings freely available. 

I found the slides from ITU AI/ML in 5G Challenge —”Machine Learning for Wireless LANs + Japan Challenge Introduction” (link) very interesting. There are many other topics including AR / VR / XR, etc, as well.

Have a look at the ITU website here.

Related Posts:

Wednesday, 12 February 2020

AI your Slice to 5G Perfection

Back in November, The Enhanced Mobile Broadband Group in CW (Cambridge Wireless) held an event on 'Is automation essential in 5G?'. There were some thought provoking presentations and discussions but the one that stood out for me was by Dan Warren from Samsung

The slides are embedded below but I want to highlight these points:
  • Some Network Functions will be per slice whereas others will be multi-slice, the split may not be the same for every slice
  • Two slices that have the same 'per slice vs multi-slice' functional split may be different network hardware topologies
  • Enterprise customers will likely want a 'service' contract that has to be manifested as multiple slices of different types. 
  • Physical infrastructure is common to all slices
The last point is very important as people forget that there is a physical infrastructure that will generally be common across all slices.

Again, when you apply Artificial Intelligence (AI) to optimize the network functions, does it do it individually first and then end-to-end and if this is applied across all slices, each of which may have a different functionality, requirement, etc. How would it work in practice?

As Dan says in his tweet, "It is hard to implement AI to optimise a point solution without potentially degrading the things around it.  Constantly being pushed to a bigger picture view => more data => more complexity"

Let me know what you think.

Related Posts:

Wednesday, 16 January 2019

5G Slicing Templates

We looked at slicing not long back in this post here, shared by ITU, from Huawei. The other day I read a discussion on how do you define slicing. Here is my definition:

Network slicing allows sharing of the physical network infrastructure resources into independent virtual networks thereby giving an illusion of multiple logically seperate end-to-end networks, each bound by their own SLAs, service quality and peformance guarantees to meet the desired set of requirements. While it is being officially defined for 5G, there is no reason that a proprietary implementation for earlier generations (2G, 3G or 4G)  or Wi-Fi cannot be created.

The picture above from a China Mobile presentation, explain the slice creation process nicely:

  1. Industry customers order network slices from operators and provide the network requirements, including network slice type, capacity, performance, and related coverage. Operators generate network slices according to their needs. Provide the network service requirement as General Service Template (GST).
  2. Transfer GST to NST (Network Slice Template)
  3. Trigger Network Instantiation Process
  4. Allocate the necessary resources and create the slice.
  5. Expose slice management information. Industry customers obtain management information of ordered slices through open interfaces (such as number of access users, etc.).

For each specific requirement, a slicing template is generated that is translated to an actual slice. Let's look at some examples:

Let's take an example of Power Grid. The picture below shows the scenario, requirement and the network slicing template.
As can be seen, the RAN requirement is timing and low latency while the QoS requirement in the core would be 5 ms latency with guaranteed 2 Mbps throughout. There are other requirements as well. The main transport requirement would be hard isolation.

The Network requirement for AR Gaming is high reliability, low latency and high density of devices. This translates to main RAN requirement of low jitter and latency; Transport requirement of Isolation between TICs (telecom integrated cloud) and finally Core QoS requirement of 80 ms latency and 2 Mbps guaranteed bit rate.

More resources on Network Slicing:

Friday, 14 September 2018

End-to-end Network Slicing in 5G

I recently realised that I have never written a post just on Network slicing. So here is one on the topic. So the first question asked is, why do we even need Network Slicing? Alan Carlton from Interdigital wrote a good article on this topic. Below is what I think is interesting:

Network slicing is a specific form of virtualization that allows multiple logical networks to run on top of a shared physical network infrastructure. The key benefit of the network slicing concept is that it provides an end-to-end virtual network encompassing not just networking but compute and storage functions too. The objective is to allow a physical mobile network operator to partition its network resources to allow for very different users, so-called tenants, to multiplex over a single physical infrastructure. The most commonly cited example in 5G discussions is sharing of a given physical network to simultaneously run Internet of Things (IoT), Mobile Broadband (MBB), and very low-latency (e.g. vehicular communications) applications. These applications obviously have very different transmission characteristics. For example, IoT will typically have a very large number of devices, but each device may have very low throughput. MBB has nearly the opposite properties since it will have a much smaller number of devices, but each one will be transmitting or receiving very high bandwidth content. The intent of network slicing is to be able to partition the physical network at an end-to-end level to allow optimum grouping of traffic, isolation from other tenants, and configuring of resources at a macro level.

Source: ITU presentation, see below

The key differentiator of the network slicing approach is that it provides a holistic end-to-end virtual network for a given tenant. No existing QoS-based solution can offer anything like this. For example, DiffServ, which is the most widely deployed QoS solution, can discriminate VoIP traffic from other types of traffic such as HD video and web browsing. However, DiffServ cannot discriminate and differentially treat the same type of traffic (e.g. VoIP traffic) coming from different tenants.

Also, DiffServ does not have the ability to perform traffic isolation at all. For example, IoT traffic from a health monitoring network (e.g. connecting hospitals and outpatients) typically have strict privacy and security requirements including where the data can be stored and who can access it. This cannot be accomplished by DiffServ as it does not have any features dealing with the compute and storage aspects of the network. All these identified shortfalls of DiffServ will be handled by the features being developed for network slicing.

I came across this presentation by Peter Ashwood-Smith from Huawei Technologies who presented '5G End to-end network slicing Demo' at ITU-T Focus Group IMT-2020 Workshop and Demo Day on 7 December 2016. Its a great presentation, I wish a video of this was available as well. Anyway, the presentation is embedded below and the PPT can be downloaded from here.

The European Telecommunications Standards Institute (ETSI) has established a new Industry Specification Group (ISG) on Zero touch network and Service Management (ZSM) that is working to produce a set of technical specifications on fully automated network and service management with, ideally, zero human intervention. ZSM is targeted for 5G, particularly in network slice deployment. NTT Technical review article on this is available here.

Finally, here is a presentation by Sridhar Bhaskaran of Cellular Insights blog on this topic. Unfortunately, not available for download.

Related Posts:

Friday, 22 June 2018

5G and IoT Security Update from ETSI Security Week 2018

ETSI Security Week 2018 (link) was held at ETSI's Headquarters in Sophia Antipolis, South of France last week. It covered wide variety of topics including 5G, IoT, Cybersecurity, Middlebox, Distributed Ledger Technology (DLT), etc. As 5G and IoT is of interest to the readers of this blog, I am providing links to the presentations so anyone interested can check them out at leisure.

Before we look at the presentations, what exactly was the point of looking at 5G Security? Here is an explanation from ETSI:

5G phase 1 specifications are now done, and the world is preparing for the arrival of 5G networks. A major design goal of 5G is a high degree of flexibility to better cater for specific needs of actors from outside the telecom sector (e.g. automotive industry, mission-critical organisations). During this workshop, we will review how well 5G networks can provide security for different trust models, security policies, and deployment scenarios – not least for ongoing threats in the IoT world. 5G provides higher flexibility than legacy networks by network slicing and virtualization of functions. The workshop aims to discuss how network slicing could help in fulfilling needs for different users of 5G networks.

5G will allow the use of different authentication methods. This raises many interesting questions. How are these authentication methods supported in devices via the new secure element defined in ETSI SCP, or vendor-specific concepts? How can mission-critical and low-cost IoT use cases coexist side-by-side on the same network?

The 5G promise of higher flexibility is also delivered via its Service-Based Architecture (SBA). SBA provides open 3rd party interfaces to support new business models which allow direct impact on network functions. Another consequence of SBA is a paradigm shift for inter-operator networks: modern APIs will replace legacy signaling protocols between networks. What are the relevant security measures to protect the SBA and all parties involved? What is the role of international carrier networks like IPX in 5G?

Event Objectives
The workshop intends to:

  • Gather different actors involved in the development of 5G, not only telecom, and discuss together how all their views have shaped phase 1 of 5G, to understand how security requirements were met, and what challenges remain;
  • Discuss slicing as a means to implement separate security policies and compartments for independent tenants on the same infrastructure;
  • Give an update of what is happening in 3GPP 5G security;
  • Explain to IoT players what 5G security can (and cannot) do for them, including risks and opportunities related to alternative access credentials;
  • Understand stakeholders' (PMNs, carriers, GSMA, vendors) needs to make SBA both secure and successful. How can SBA tackle existing issues in interconnect networks like fraud, tracking, privacy breaches;
  • Allow vendors to present interesting proposals for open security questions in 5G: secure credential store, firewalling SBA's RESTful APIs;
  • Debate about hot topics such as: IoT security, Slicing security, Privacy, Secure storage and processing and Security of the interconnection network.

So here are the relevant presentations:

Session 1: Input to 5G: Views from Different Stakeholders
Session Chair: Bengt Sahlin, Ericsson

Hardening a Mission Critical Service Using 5G, Peter Haigh, NCSC

Security in the Automotive Electronics Area, Alexios Lekidis, SecurityMatters

Integrating the SIM (iUICC), Adrian Escott, QUALCOMM

Smart Secure Platform, Klaus Vedder, Giesecke & Devrient, ETSI SCP Chairman

Network Slicing, Anne-Marie Praden, Gemalto

Don't build on Sand: Validating the Security Requirements of NFV Infrastructure to Confidently Run Slices, Nicolas Thomas, Fortinet

5G Enhancements to Non-3GPP Access Security, Andreas Kunz, Lenovo

Security and Privacy of IoT in 5G, Marcus Wong, Huawei Technologies

ITU-T activities and Action Plan on 5G Security, Yang Xiaoya, ITU-T SG17

Wrap up: 5G Overview from 3GPP SA3 Perspective and What is There to Be Done for Phase 2, Sander Kievit, TNO

Session 2: Security in 5G Inter-Network Signalling
Session Chair: Stefan Schroeder, T-Systems

Presentation on SBA: Introduction of the Topic and Current Status in SA3, Stefan Schroeder, T-Systems

5G Inter-PLMN Security: The Trade-off Between Security and the Existing IPX Business Model, Ewout Pronk, KPN on behalf of GSMA Diameter End to End Security Subgroup

Secure Interworking Between Networks in 5G Service Based Architecture, Silke Holtmanns, Nokia Bell Labs

Security Best Practises using RESTful APIs, Sven Walther, CA Technologies

Identifying and Managing the Issues around 5G Interconnect Security, Stephen Buck, Evolved Intelligence

Zero Trust Security Posture in 5G Architecture, Galina Pildush, Palo Alto Networks (Missing)

Session 1 & 2 Workshop Wrap up: 5G Phase 1 Conclusions and Outlook Towards Phase 2 - Stefan Schroeder, T-Systems and Bengt Sahlin, Ericsson

Session 5: Benefits and Challenges of 5G and IoT From a Security Perspective
Session Chair: Arthur van der Wees, Arthur's Legal

Setting the Scene, Franck Boissière, European Commission

ENISA's View on Security Implications of IoT and 5G, Apostolos Malatras, ENISA

Smart City Aspects, Bram Reinders, Institute for Future of Living

The Network Operators Perspective on IoT Security, Ian Smith, GSMA

Related Links:

Sunday, 25 March 2018

5G Security Updates - March 2018

Its been a while since I wrote about 5G security in this fast changing 5G world. If you are new to 3GPP security, you may want to start with my tutorial here.

3GPP SA3 Chairman, Anand R. Prasad recently mentioned in his LinkedIn post:

5G security specification finalized! Paving path for new business & worry less connected technology use.

3GPP SA3 delegates worked long hours diligently to conclude the specification for 5G security standard during 26 Feb.-2 Mar. Several obstacles were overcome by focussed effort of individuals & companies from around the globe. Thanks and congrats to everyone!

All together 1000s of hours of work with millions of miles of travel were spent in 1 week to get the work done. This took 8 meetings (kicked off Feb. 2017) numerous on-line meetings and conference calls.

Excited to declare that this tremendous effort led to timely completion of 5G security specification (TS 33.501) providing secure services to everyone and everything!

The latest version of specs is on 3GPP website here.

ITU also held a workshop on 5G Security in Geneva, Switzerland on 19 March 2018 (link). There were quite a few interesting presentations. Below are some slides that caught my attention.

The picture in the tweet above from China Mobile summarises the major 5G security issues very well. 5G security is going to be far more challenging than previous generations.

The presentation by Haiguang Wang, Huawei contained a lot of good technical information. The picture at the top is from that presentation and highlights the difference between 4G & 5G Security Architecture.

New entities have been introduced to make 5G more open.

EPS-AKA vs 5G-AKA (AKA = Authentication and Key Agreement) for trusted nodes

EAP-AKA' for untrusted nodes.

Slice security is an important topic that multiple speakers touched upon and I think it would continue to be discussed for a foreseeable future.

Dr. Stan Wing S. Wong from King’s College London has some good slides on 5G security issues arising out of Multi-Tenancy and Multi-Network Slicing.

Peter Schneider from Nokia-Bell Labs had good slides on 5G Security Overview for Programmable Cloud-Based Mobile Networks

Sander Kievit from TNO, a regular participant of working group SA3 of 3GPP on behalf of the Dutch operator KPN presented a view from 3GPP SA3 on the Security work item progress (slides). The slide above highlights the changes in 5G key hierarchy.

The ITU 5G Security Workshop Outcomes is available here.

ETSI Security Week 2018 will be held 11-15 June 2018. 5G security/privacy is one of the topics.

There is also 5GPPP Workshop on 5G Networks Security (5G-NS 2018), being held in Hamburg, Germany on August 27-30, 2018.

In the meantime, please feel free to add your comments & suggestions below.

Related Posts & Further Reading:

Saturday, 28 November 2015

5G, NFV and Network Slicing

5G networks have multifaceted requirements where the network needs to be optimised for data rate, delay and connection numbers. While some industry analysts suspect that these requirements cannot be met by a single network, vendors suggest that Network Slicing will allow all these requirements to be met by a single network.

Ericsson's whitepaper provides a good definition of what network slicing means:

A logical instantiation of a network is often called a network slice. Network slices are possible to create with both legacy platforms and network functions, but virtualization technologies substantially lower barriers to using the technology, for example through increased flexibility and decreased costs.
Another aspect of management and network slicing is setting up separate management domains for different network slices. This may allow for completely separate management of different parts of the network that are used for different purposes. Examples of use cases include mobile virtual network operators (MVNOs) and enterprise solutions. This kind of network slice would, in current Evolved Packet Core (EPC) networks, only cover the PDN gateway (PGW) and the policy control resource function (PCRF). However, for machine type communication (MTC) and machine-tomachine (M2M) solutions, it is likely that it would also cover the Mobile Management Entities (MMEs) and Serving Gateways (SGWs).

NGMN came out with the 5G whitepaper which touched on this subject too: 

Figure above illustrates an example of multiple 5G slices concurrently operated on the same infrastructure. For example, a 5G slice for typical smartphone use can be realized by setting fully-fledged functions distributed across the network. Security, reliability and latency will be critical for a 5G slice supporting automotive use case. For such a slice, all the necessary (and potentially dedicated) functions can be instantiated at the cloud edge node, including the necessary vertical application due to latency constraints. To allow on-boarding of such a vertical application on a cloud node, sufficient open interfaces should be defined. For a 5G slice supporting massive machine type devices (e.g., sensors), some basic C-plane functions can be configured, omitting e.g., any mobility functions, with contentionbased resources for the access. There could be other dedicated slices operating in parallel, as well as a generic slice providing basic best-effort connectivity, to cope with unknown use cases and traffic. Irrespective of the slices to be supported by the network, the 5G network should contain functionality that ensures controlled and secure operation of the network end-to-end and at any circumstance.

Netmanias has a detailed article on this topic which is quite interesting too, its available here.

Recently, South Korean operator SK Telecom and Ericsson concluded a successful trial of this technology, see here. Ericsson is also working with NTT Docomo on 5G including network slicing, see here.