Showing posts with label Network Slicing. Show all posts
Showing posts with label Network Slicing. Show all posts

Monday 19 September 2022

Is there a compelling Business Case for 5G Network Slicing in Public Networks?

Since the industry realised how the 5G Network Architecture will look like, Network Slicing has been touted as the killer business case that will allow the mobile operators to generate revenue from new sources.

Last month ABI Research said in a press release:

According to global technology intelligence firm ABI Research, 5G slicing revenue is expected to grow from US$309 million in 2022 to approximately US$24 billion in 2028, at a Compound Annual Growth Rate (CAGR) of 106%. 

“5G slicing adoption falls into two main categories. One, there is no connectivity available. Two, there is connectivity, but there is not sufficient capacity, coverage, performance, or security. For the former, both private and public organizations are deploying private network slices on a permanent and ad hoc basis,” highlights Don Alusha, 5G Core and Edge Networks Senior Analyst at ABI Research. The second scenario is mostly catered by private networks today, a market that ABI Research expects to grow from US$3.6 billion to US$109 billion by 2023, at a CAGR of 45.8%. Alusha continues, “A sizable part of this market can be converted to 5G slicing. But first, the industry should address challenges associated with technology and commercial models. On the latter, consumers’ and enterprises’ appetite to pay premium connectivity prices for deterministic and tailored connectivity services remains to be determined. Furthermore, there are ongoing industry discussions on whether the value that comes from 5G slicing can exceed the cost required to put together the underlying slicing ecosystem.”

Earlier this year, Daryl Schoolar - Research Director at IDC tackled this topic in his blog post:

5G network slicing, part of the 3GPP standards developed for 5G, allows for the creation of multiple virtual networks across a single network infrastructure, allowing enterprises to connect with guaranteed low latency. Using principles behind software-defined network and network virtualization, slicing allows the mobile operator to provide differentiated network experience for different sets of end users. For example, one network slice could be configured to support low latency, while another slice is configured for high download speeds. Both slices would run across the same underlying network infrastructure, including base stations, transport network, and core network.

Network slicing differs from private mobile networks, in that network slicing runs on the public wide area network. Private mobile networks, even when offered by the mobile operator, use infrastructure and spectrum dedicated to the end user to isolate the customer’s traffic from other users.

5G network slicing is a perfect candidate for future business connectivity needs. Slicing provides a differentiated network experience that can better match the customers performance requirements than traditional mobile broadband. Until now, there has been limited mobile network performance customization outside of speeds. 5G network slicing is a good example of telco service offerings that meet future of connectivity requirements. However, 5G network slicing also highlights the challenges mobile operators face with transformation in their pursuit of remaining relevant.

For 5G slicing to have broad commercial availability, and to provide a variety of performance options, several things need to happen first.

  • Operators need to deploy 5G Standalone (SA) using the new 5G mobile core network. Currently most operators use the 5G non-standalone (NSA) architecture that relies on the LTE mobile core. It might be the end of 2023 before the majority of commercial 5G networks are using the SA mode.
  • Spectrum is another hurdle that must be overcome. Operators still make most of their revenue from consumers, and do not want to compromise the consumer experience when they start offering network slicing. This means operators need more spectrum. In the U.S., among the three major mobile operators, only T-Mobile currently has a nationwide 5G mid-band spectrum deployment. AT&T and Verizon are currently deploying in mid-band, but that will not be completed until 2023.
  • 5G slicing also requires changes to the operator’s business and operational support systems (BSS/OSS). Current BSS/OSS solutions were not designed to support the increased parameters those systems were designed to support.
  • And finally, mobile operators still need to create the business propositions around commercial slicing services. Mobile operators need to educate businesses on the benefits of slicing and how slicing supports their different connectivity requirements. This could involve mobile operators developing industry specific partnerships to reach different business segments. All these things take time to be put into place.

Because of the enormity of the tasks needed to make 5G network slicing a commercial success, IDC currently has a very conservative outlook for this service through 2026. IDC believes it will be 2023 until there is general commercial availability of 5G network slicing. The exception is China, which is expected to have some commercial offerings in 2022 as it has the most mature 5G market. Even then, it will take until 2025 before global revenues from slicing exceeds a billion U.S. dollars. In 2026 IDC forecasts slicing revenues will be approximately $3.2 billion. However, over 80% of those revenues will come out of China.

The 'Outspoken Industry Analyst' Dean Bubley believes that Network Slicing is one of the worst strategic errors made by the mobile industry, since the catastrophic choice of IMS for communications applications. In a LinkedIn post he explains:

At best, slicing is an internal toolset that might allow telco operations or product teams (or their vendors) to manage their network resources. For instance, it could be used to separate part of a cell's capacity for FWA, and dynamically adjust that according to demand. It might be used as an "ingredient" to create a higher class of service for enterprise customers, for instance for trucks on a highway, or as part of an "IoT service" sold by MNOs. Public safety users might have an expensive, artisanal "hand-carved" slice which is almost a separate network. Maybe next-gen MVNOs.

(I'm talking proper 3GPP slicing here - not rebranded QoS QCI classes, private APNs, or something that looks like a VLAN, which will probably get marketed as "slices")

But the idea that slicing is itself a *product*, or that application developers or enterprises will "buy a slice" is delusional.

Firstly, slices will be dependent on [good] coverage and network control. A URLLC slice likely won't work reliably indoors, underground, in remote areas, on a train, on a neutral-host network, or while roaming. This has been a basic failure of every differentiated-QoS monetisation concept for many years, and 5G's often-higher frequencies make it worse, not better.

Secondly, there is no mature machinery for buying, selling, testing, supporting. price, monitoring slices. No, the 5G Network Exposure Function won't do it all. I haven't met a Slice salesperson yet, or a Slice-procurement team.

Thirdly, a "local slice" of a national 5G network will run headlong into a battle with the desire for separate private/dedicated local 5G networks, which may well be cheaper and easier. It also won't work well with the enterprise's IT/OT/IP domains, out of the box.

Also there's many challenges getting multi-operator slices, device OS links to slice APIs, slice "boundary controllers" between operators, aligning RAN and core slices, regulatory questionmarks and much more.

There are lots of discussion in the comments section that may be of interest to you, here.

My belief is that we will see lots of interesting use cases with slicing in public networks but it will be difficult to monetise. The best networks will manage to do it to create some plans with guaranteed rates and low latency. It would remain to be see whether they can successfully monetise it well enough. 

For technical people and newbies, there are lots of Network Slicing resources on this blog (see related posts 👇). Here is another recent video from Mpirical:

Related Posts

Tuesday 15 March 2022

5G Network Slicing for Beginners

Network Slicing is a hot topic on our blogs and it looks like people can't get enough of it. So here is a short introductory tutorial from Wray Castle.

The video embedded below explores what Network Slicing is, how it is used, and how it is deployed in the 5G network, as well as (briefly) the role of MEC (Multi Access Edge Computing) in support of specific use cases and potential slice deployments.

Related Posts

Thursday 11 November 2021

Network Slicing using User Equipment Route Selection Policy (URSP)

Google announced that its latest smartphone OS will include support for 5G network slicing. Last week Telecom TV brought this news to my attention. The article explains:

It's a move designed to leverage its expertise in devices in order to give it the edge over its rival hyperscalers.

It comes in two flavours. The first is for enterprise-owned handsets, and routes all data sent and received by a device over the network slices provided by that company's mobile operator. Android 12 gives operators the ability to manage slices using a new dynamic policy control mechanism called User Equipment Route Selection Policy (URSP). URSP enables devices to automatically switch between different network slices according to which application they are using. For example, someone working for a financial institution might require a highly-secure network slice for sending and receiving sensitive corporate data, but will then require a reliable, high-throughput, low-latency slice so they can participate in a video meeting.

The second flavour is implemented in the work profile. For years, enterprises have had the option of creating work profiles on Android devices – irrespective of whether they are owned by the organisation or the individual – to use as a separate repository for enterprise apps and data. When Android 12 comes out next year, enterprises will be able to route data to and from that repository over a network slice.

Google said it has already carried out network slicing tests with both Ericsson and Nokia using test versions of its recently released Pixel 6 smartphone running on the as-yet-unreleased Android 12 OS.

Last week Taiwanese operator Far EasTone (FET) and Ericsson announced they have completed the world’s first proof of concept (PoC) for simultaneously connecting multiple network slices per device running on Android 12 commercial release. The press release said:

The trial, carried out on FET’s 5G standalone (SA) infrastructure built on Ericsson’s radio access network and cloud-native Core network, successfully demonstrated the 5G user equipment slicing policy feature (User Equipment Route Selection Policy, or URSP) on multiple Android devices. This marks a breakthrough in network slicing capabilities on a 5G standalone network and paves the way for further ecosystem development in this important area.

With more 5G networks evolving to standalone architecture around the globe, end-to-end network slicing, which includes Ericsson RAN Slicing to secure Quality of Service (QoS) differentiation, plays a key role in enabling new services for end users, with which multiple virtual 5G networks are created on top of one physical network. The 5G trial, in collaboration with FET, Ericsson and Android, went even further in network slicing capabilities by introducing and demonstrating 5G user equipment (UE) slicing policy (URSP) features that allow devices to simultaneously operate on dynamic policy control and selection between multiple 5G network slices. This enables the steering of applications and services with specific requirements to defined slices without switching devices.

Multiple slices allow devices to have multiple profiles to secure different levels of experience, security, and privacy requirements, based on the needs of the different applications and in correspondence with the user profile.  For instance, a device can have a personal profile with private data from apps or off-work entertainment, and a work profile with enterprises productivity apps. With URSP features, employers can customize the work profile with increased security and enable better use of RAN Slicing with QoS so that enterprise-related apps can work even during network congestion.

Some security-sensitive apps, such as mobile banking, can also benefit from different routing mechanisms of the traffic enabled by URSP. For instance, the banking app would not need to send its traffic to the internet and then to the app server as it does today. Instead, it could go straight to the app server and avoid the routing through internet. With the shortest route by connecting to a defined slice, users could reduce the risk of being attacked by hackers.

In their technical whitepaper on Network Slicing, Samsung explains: 

Along with the concept of network slicing and features in the RAN and Core network, UE Route Selection Policy (URSP) is introduced as a way to manage network slice information for the UE. URSP is a network slice feature enabled by the PCF which informs the network slice status to the UE via the AMF. In 4G network systems, it was near impossible to install new services in the network for a UE. But through the URSP feature, 5G network operators can easily configure new service for a UE. Figure 12 (top of this blog post) shows the difference in network slice selection in 4G and 5G Network. In 5G network, slice selection policy can be configured dynamically through URSP, while slice selection policy is pre-defined and cannot be changed dynamically in 4G network.

URSP contains OSId, AppId, IP descriptors to define the application and Single-Network Slice Selection Assistance Information (S-NSSAI), Data Network Name (DNN), Session and Service Continuity (SSC) mode information for the application and network slice mapping.

The S-NSSAI identifies each network slice service and provides information to properly assign network slice/functions. An S-NSSAI is comprised of:

  • A Slice/Service type (SST), which refers to the expected network slice behavior in terms of features and services;
  • A Slice Differentiator (SD), which is an optional information that complements the Slice/Service type(s) to differentiate amongst multiple network slices of the same Slice/Service type.

3GPP allows the use of the Slice Differentiator (SD) field that can build customized network slices. The SD field can be used to describe services, customer information and priority.

Here is a short video from Mpirical explaining 5G UE Route Selection.

It it worth reminding here that this feature, like many of the other 5G features, is dependent on 5G Core. We hope that the transition to 5G Standalone Networks happens as soon as possible.

Related Posts:

Tuesday 12 October 2021

Friday 5 March 2021

How to Identify Network Slices in NG RAN

In my last post I described how NG RAN resources can be divided into network slices. 

Now I would like to show how these network slices and the traffic they carry can be identified. 

The key to this is a parameter from the NG Application Protocol (NGAP) called the Single Network Slice Selection Assistance Information (S-NSSAI). When configuring virtual network functions in NG RAN there are lists of S-NSSAI exchanged, e.g. between gNB-CU CP and AMF during NGAP Setup procedure, to negotiate which network slices have to be supported in general. 

When it comes to connection establishment starting with NGAP Initial Context Setup for each PDU session that is established its individual S-NSSAI is signaled. 

The S-NSSAI - as show in the figure below - consists of two parameters, the Slice/Service Type (SST - 8 bit) and the optional Slice Differentiator (SD - 24 bit). The exact format and numbering ranges are defined in 3GPP 23.003.

3GPP 23.501 defines a set of default values for SST as listed in the following table:

Slice/Service type

SST value

Characteristics

eMBB

 

1

Slice suitable for the handling of 5G enhanced Mobile Broadband.

URLLC

2

Slice suitable for the handling of ultra- reliable low latency communications.

MIoT

3

Slice suitable for the handling of massive IoT.

V2X

4

Slice suitable for the handling of V2X services.

So when looking back at the figure it emerges that for each subscriber represented by an IMSI the SST allows to identify which services are running. 

On the other hand allows to see if in which virtual network the subscriber is active. In my example I have defined that the resources are shared among a Public MNO that I consider the owner of the network hardware and two different private (campus) networks. While IMSI 1 and IMSI 2 are not allowed to use any other network slice the IMSI 3 is allowed to "roam" betweent the public slice and the two private network slices. This explains why a slice-specific authentication functionality as defined in Rel. 16 is necessary. 

Related Posts:

Friday 26 February 2021

Network Slicing in NG RAN

I have been asked to explain in a nutshell how network slicing works in NG RAN. The most important facts you will find in the infographic below.

A network slice is virtual part of a network that offers full end-to-end connectivity for particular services and - optionally - for tenants. A tenant is a 3rd-party company that rents a virtual part of a public mobile operator's network. This allows the tenant to run its own private nation-wide mobile network without owning any hardware.

The network slicing is enabled by virtualization and all network functions can be divided into different slices as well. Thus, you can find in the figure the User Plane Function (UPF), gNB Central Unit for User Plane (gNB-CU UP) and gNB Distributed Unit (gNB-DU) all sliced.

It is also possible that a network function is dedicated for a particular network slice as in case of (gNB-) CU UP 2. 

In general - and this is the benefit of the cloudification - the NG RAN is a highly dynamic environment in which additional NW functions can be added (and later released) whenever this is necessary. Mostly this will be triggered by the load on CPU and memory resources. Here comes the automation into the games that deals in large parts with load balancing. Ideally automation enables a zero-touch network management. 

(click to enlarge)

However, the most precious of all RAN resources, the radio resources, cannot be administrated so flexibly and easily. Indeed, there are several automation instances that deal with radio resource management. Open RAN Alliance has defined the RAN Intelligent Controller (RIC) that is split into the Near-Realtime-RIC (RT RIC) that shall operate with a latency between 10 and 500 ms while the Non-Realtime RIC (NRT RIC) deals with non-time critical task, e.g. typical SON functions like Automatic Neighbor Reporting (ANR).

While the RIC can deal with a lot of problems there is one thing it cannot do: adding physical layer radio resources on demand. The physical resources are limited by the number of remote radio heads/antennas and as long as we have only static beamforming the physical resources covering a geographical sector are also limited by hardware and their distribution must be carefully planned. Thus, I think it is fair to say that the RIC (or a similar proprietary automation function) has to deal with the most complex situations in the RAN.

Radio resources can also be sliced in different ways. My figure illustrates a kind of slicing on the physical layer where different physical resource blocks (PRB) are allocated to different network slices. 

However, this is not the only way how the resources of a cell or a beam can be sliced. Beside a split of PRBs it is also possible to slice on the MAC layer where logical channels (slice-specific radio bearers) are mapped onto transport channels or on PDPC layer as it was described and demonstrated by the 5G NORMA project (Chapter 2.1, page 17 ff.).

What in the end will be implemented by the RAN equipment manufacturers is a question I that cannot answer today. 

Friday 20 November 2020

Business Role Models for Network Slicing and iRAT Mobility for Cellular Internet of Things (CIoT) in Release 16

 3GPP Release 16 describes business role models for network slicing and in TR 21.916 I found the figures below that I have pimped a little bit to illustrate an asset tracking use case for goods transported with a truck from Factory A to Factory B. 

Factory B is equipped with a 5G Non-Public Network (NPN) that broadcasts an NPN-ID or - if the network infrastructure is deployed by an operator - a Cell Access Group ID (CAG ID).

I would like to assume that in case of the scenario shown in 3GPP Figure 2-2 the asset tracking CIoT devices are able to access any necessary PLMN, Network Slice and NPN. This can be achieved e.g. by using an eSIM. 

So while the truck is at the location of Factory A the asset tracking "things" will connect to the private slice of Factory A provided by the operator of PLMN 1. Factory A is a tenant of this operator. This means: Factory A rented a virtual part of PLMN1 for private use and technically this rented virtual network part is realized by a NW slice. 

When the truck leaves Factory A and drives on the road (maybe a long distance) to Factory B the asset tracking data must be transmitted over public mobile network infrastructure. Depending on rural coverage this service can be offered by PLMN 2 (as in case of 3GPP figure 2-2) or by PLMN 1 (as in case of 3GPP figure 2-3).

In case of 3GPP figure 2-4 the operator of PLMN 1 is even able to provide the private slice along the road, which allows Factory A to stretch the coverage of their virtual private network (slice) over a very long distance.

Looking further into the Cellular IoT enhancements defined by 3GPP in Release 16 it turns out that actually there is no need for a nation-wide 5G coverage to realize at least the role models shown in the 3GPP figures 2-2 and 2-3.

Because Release 16 also defines co-existence and inter-RAT mobility between 5G CIoT traffic and 4G NB-IoT the operators of PLMN 1 and PLMN 2 may offer NB-IoT coverage along the road while the factories are covered with 5G NR frequency cells - as shown in my second figure below.  

It illustrates the great improved flexibility that Release 16 standards are offering for customized business solutions and monitoring the service quality is not a trivial task under these circumstances.  


Related Posts:

Tuesday 10 November 2020

Network Slicing Tutorials and Other Resources

I have received quite a few requests to do a 5G Network Slicing tutorial but have still not got around to doing it. Luckily there are so many public resources available that I can get away with not doing one on this topic. 


This Award Solutions webinar by Paul Shepherd (embedded below) provides good insights into network slicing, what it is, how it efficiently enables different services in 5G networks, and the architectural changes in 5G required to support it.

Then there is also this myth about 3 slices in the network. The GSMA slice template is a good starting point for an operator looking to do network slicing in their 5G networks. The latest version is 3.0, available here.


As this picture (courtesy of Phil Kendall) shows, it's not a straightforward task.  

Alistair URIE from Nokia Bell Labs points out some common misconceptions people have with Network Slicing:

  1. Multiple slices may share the same cell and the same RU in each slice
  2. Single UE may have up to 8 active slices but must have a single CU-CP instance to terminate the common RRC 
  3. Slicing supports more than 3 slices 

Back in March, China Mobile, Huawei, Tencent, China Electric Power Research Institute, and Digital Domain have jointly released the Categories and Service Levels of Network Slice White Paper to introduce the industry’s first classification of network slice levels. The new white paper dives into the definitions, solutions, typical scenarios, and evolution that make up the five levels of network slices. It serves as an excellent reference to provide guidance in promoting and commercializing network slicing, and lays a theoretical foundation for the industry-wide application of network slicing.

The whitepaper describes the different phases as:

Phase 1 (ready): As mentioned above, the 5G transport network and 5G core network support different software-based and hardware-based isolation solutions. On the 5G NR side, 5QIs (QoS scheduling mechanism) are mainly used to achieve software-based isolation in WAN scenarios. Alternatively, campus-specific 5G NR (including micro base stations and indoor distributed base stations) is used to implement hardware-based isolation in LAN scenarios. In terms of service experience assurance, 5QIs are used to implement differentiated SLA assurance between slices. In terms of slice OAM capabilities, E2E KPIs can be managed in a visualized manner. This means that from 2020 on, Huawei is ready to deliver commercial use of E2E slicing for common customers and VIP customers of the public network and common customer of general industries (such as UHD live broadcast and AR advertisement).

Phase 2 (to be ready in 2021): In terms of isolation, the 5G NR side supports the wireless RB resource reservation technology (including the static reservation and dynamic reservation modes) to implement E2E network resource isolation and slicing in WAN scenarios. In terms of service experience assurance, features such as 5G LAN and 5G TSN are enhanced to implement differentiated and deterministic SLA assurance between different slices. In terms of slice OAM, on the basis of tenant-level KPI visualization, the limited self-service of the industry for rented slices can be further supported. In this phase, operators can serve VIP customers in common industries (such as AR/VR cloud games and drone inspection), dedicated industry customers (such as electric power management information region, medical hospital campus, and industrial campus), and dedicated industry customers (such as electric power production control region and public security).

Phase 3 (to be ready after 2022): In this phase, 5G network slicing supports real dynamic closed-loop SLAs based on AI and negative feedback mechanism, implementing network self-optimization and better serving industries (such as 5G V2X) with high requirements on mobility, roaming, and service continuity. In addition, industry-oriented comprehensive service capabilities will be further enhanced and evolved.

A more technical presentation from Nokia is available here. The video below shows how innovations in IP routing and SDN work together to implement network slicing in the transport domain.

If you know some other good resources and tutorials worth sharing, add them in the comments below.

Related Posts:

Saturday 1 August 2020

Artificial Intelligence (AI) / Machine Learning (ML) in 5G Challenge by ITU


ITU is conducting a global ITU AI/ML 5G Challenge on the theme “How to apply ITU's ML architecture in 5G networks". If you don't know the difference between AI & ML, this picture from the old blog post may help.


The ITU website says:

Artificial Intelligence (AI) will be the dominant technology of the future and will impact every corner of society. In particular, AI / ML (machine learning) will shape how communication networks, a lifeline of our society, will be run. Many companies in the ICT sector are exploring how to make best use of AI/ML. ITU has been at the forefront of this endeavour exploring how to best apply AI/ML in future networks including 5G networks. The time is therefore right to bring together the technical community and stakeholders to brainstorm, innovate and solve relevant problems in 5G using AI/ML. Building on its standards work, ITU is conducting a global ITU AI/ML 5G Challenge on the theme “How to apply ITU's ML architecture in 5G networks". 

Participants will be able to solve real world problems, based on standardized technologies developed for ML in 5G networks. Teams will be required to enable, create, train and deploy ML models (such that participants will acquire hands-on experience in AI/ML in areas relevant to 5G). Participation is open to ITU Member States, Sector Members, Associates and Aca​demic Institutions and to any individual from a country that is a member of ITU. ​

There are also some cash prizes, etc. There are various topics with presentation slides & recordings freely available. 

I found the slides from ITU AI/ML in 5G Challenge —”Machine Learning for Wireless LANs + Japan Challenge Introduction” (link) very interesting. There are many other topics including AR / VR / XR, etc, as well.

Have a look at the ITU website here.


Related Posts:

Wednesday 12 February 2020

AI your Slice to 5G Perfection


Back in November, The Enhanced Mobile Broadband Group in CW (Cambridge Wireless) held an event on 'Is automation essential in 5G?'. There were some thought provoking presentations and discussions but the one that stood out for me was by Dan Warren from Samsung


The slides are embedded below but I want to highlight these points:
  • Some Network Functions will be per slice whereas others will be multi-slice, the split may not be the same for every slice
  • Two slices that have the same 'per slice vs multi-slice' functional split may be different network hardware topologies
  • Enterprise customers will likely want a 'service' contract that has to be manifested as multiple slices of different types. 
  • Physical infrastructure is common to all slices
The last point is very important as people forget that there is a physical infrastructure that will generally be common across all slices.

Again, when you apply Artificial Intelligence (AI) to optimize the network functions, does it do it individually first and then end-to-end and if this is applied across all slices, each of which may have a different functionality, requirement, etc. How would it work in practice?




As Dan says in his tweet, "It is hard to implement AI to optimise a point solution without potentially degrading the things around it.  Constantly being pushed to a bigger picture view => more data => more complexity"

Let me know what you think.

Related Posts:

Wednesday 16 January 2019

5G Slicing Templates

We looked at slicing not long back in this post here, shared by ITU, from Huawei. The other day I read a discussion on how do you define slicing. Here is my definition:

Network slicing allows sharing of the physical network infrastructure resources into independent virtual networks thereby giving an illusion of multiple logically seperate end-to-end networks, each bound by their own SLAs, service quality and peformance guarantees to meet the desired set of requirements. While it is being officially defined for 5G, there is no reason that a proprietary implementation for earlier generations (2G, 3G or 4G)  or Wi-Fi cannot be created.

The picture above from a China Mobile presentation, explain the slice creation process nicely:

  1. Industry customers order network slices from operators and provide the network requirements, including network slice type, capacity, performance, and related coverage. Operators generate network slices according to their needs. Provide the network service requirement as General Service Template (GST).
  2. Transfer GST to NST (Network Slice Template)
  3. Trigger Network Instantiation Process
  4. Allocate the necessary resources and create the slice.
  5. Expose slice management information. Industry customers obtain management information of ordered slices through open interfaces (such as number of access users, etc.).

For each specific requirement, a slicing template is generated that is translated to an actual slice. Let's look at some examples:

Let's take an example of Power Grid. The picture below shows the scenario, requirement and the network slicing template.
As can be seen, the RAN requirement is timing and low latency while the QoS requirement in the core would be 5 ms latency with guaranteed 2 Mbps throughout. There are other requirements as well. The main transport requirement would be hard isolation.

The Network requirement for AR Gaming is high reliability, low latency and high density of devices. This translates to main RAN requirement of low jitter and latency; Transport requirement of Isolation between TICs (telecom integrated cloud) and finally Core QoS requirement of 80 ms latency and 2 Mbps guaranteed bit rate.


More resources on Network Slicing:


Friday 14 September 2018

End-to-end Network Slicing in 5G

I recently realised that I have never written a post just on Network slicing. So here is one on the topic. So the first question asked is, why do we even need Network Slicing? Alan Carlton from Interdigital wrote a good article on this topic. Below is what I think is interesting:

Network slicing is a specific form of virtualization that allows multiple logical networks to run on top of a shared physical network infrastructure. The key benefit of the network slicing concept is that it provides an end-to-end virtual network encompassing not just networking but compute and storage functions too. The objective is to allow a physical mobile network operator to partition its network resources to allow for very different users, so-called tenants, to multiplex over a single physical infrastructure. The most commonly cited example in 5G discussions is sharing of a given physical network to simultaneously run Internet of Things (IoT), Mobile Broadband (MBB), and very low-latency (e.g. vehicular communications) applications. These applications obviously have very different transmission characteristics. For example, IoT will typically have a very large number of devices, but each device may have very low throughput. MBB has nearly the opposite properties since it will have a much smaller number of devices, but each one will be transmitting or receiving very high bandwidth content. The intent of network slicing is to be able to partition the physical network at an end-to-end level to allow optimum grouping of traffic, isolation from other tenants, and configuring of resources at a macro level.

Source: ITU presentation, see below

The key differentiator of the network slicing approach is that it provides a holistic end-to-end virtual network for a given tenant. No existing QoS-based solution can offer anything like this. For example, DiffServ, which is the most widely deployed QoS solution, can discriminate VoIP traffic from other types of traffic such as HD video and web browsing. However, DiffServ cannot discriminate and differentially treat the same type of traffic (e.g. VoIP traffic) coming from different tenants.

Also, DiffServ does not have the ability to perform traffic isolation at all. For example, IoT traffic from a health monitoring network (e.g. connecting hospitals and outpatients) typically have strict privacy and security requirements including where the data can be stored and who can access it. This cannot be accomplished by DiffServ as it does not have any features dealing with the compute and storage aspects of the network. All these identified shortfalls of DiffServ will be handled by the features being developed for network slicing.

I came across this presentation by Peter Ashwood-Smith from Huawei Technologies who presented '5G End to-end network slicing Demo' at ITU-T Focus Group IMT-2020 Workshop and Demo Day on 7 December 2016. Its a great presentation, I wish a video of this was available as well. Anyway, the presentation is embedded below and the PPT can be downloaded from here.



The European Telecommunications Standards Institute (ETSI) has established a new Industry Specification Group (ISG) on Zero touch network and Service Management (ZSM) that is working to produce a set of technical specifications on fully automated network and service management with, ideally, zero human intervention. ZSM is targeted for 5G, particularly in network slice deployment. NTT Technical review article on this is available here.

Finally, here is a presentation by Sridhar Bhaskaran of Cellular Insights blog on this topic. Unfortunately, not available for download.


Related Posts:

Friday 22 June 2018

5G and IoT Security Update from ETSI Security Week 2018

ETSI Security Week 2018 (link) was held at ETSI's Headquarters in Sophia Antipolis, South of France last week. It covered wide variety of topics including 5G, IoT, Cybersecurity, Middlebox, Distributed Ledger Technology (DLT), etc. As 5G and IoT is of interest to the readers of this blog, I am providing links to the presentations so anyone interested can check them out at leisure.


Before we look at the presentations, what exactly was the point of looking at 5G Security? Here is an explanation from ETSI:

5G phase 1 specifications are now done, and the world is preparing for the arrival of 5G networks. A major design goal of 5G is a high degree of flexibility to better cater for specific needs of actors from outside the telecom sector (e.g. automotive industry, mission-critical organisations). During this workshop, we will review how well 5G networks can provide security for different trust models, security policies, and deployment scenarios – not least for ongoing threats in the IoT world. 5G provides higher flexibility than legacy networks by network slicing and virtualization of functions. The workshop aims to discuss how network slicing could help in fulfilling needs for different users of 5G networks.

5G will allow the use of different authentication methods. This raises many interesting questions. How are these authentication methods supported in devices via the new secure element defined in ETSI SCP, or vendor-specific concepts? How can mission-critical and low-cost IoT use cases coexist side-by-side on the same network?

The 5G promise of higher flexibility is also delivered via its Service-Based Architecture (SBA). SBA provides open 3rd party interfaces to support new business models which allow direct impact on network functions. Another consequence of SBA is a paradigm shift for inter-operator networks: modern APIs will replace legacy signaling protocols between networks. What are the relevant security measures to protect the SBA and all parties involved? What is the role of international carrier networks like IPX in 5G?

Event Objectives
The workshop intends to:

  • Gather different actors involved in the development of 5G, not only telecom, and discuss together how all their views have shaped phase 1 of 5G, to understand how security requirements were met, and what challenges remain;
  • Discuss slicing as a means to implement separate security policies and compartments for independent tenants on the same infrastructure;
  • Give an update of what is happening in 3GPP 5G security;
  • Explain to IoT players what 5G security can (and cannot) do for them, including risks and opportunities related to alternative access credentials;
  • Understand stakeholders' (PMNs, carriers, GSMA, vendors) needs to make SBA both secure and successful. How can SBA tackle existing issues in interconnect networks like fraud, tracking, privacy breaches;
  • Allow vendors to present interesting proposals for open security questions in 5G: secure credential store, firewalling SBA's RESTful APIs;
  • Debate about hot topics such as: IoT security, Slicing security, Privacy, Secure storage and processing and Security of the interconnection network.


So here are the relevant presentations:

Session 1: Input to 5G: Views from Different Stakeholders
Session Chair: Bengt Sahlin, Ericsson

Hardening a Mission Critical Service Using 5G, Peter Haigh, NCSC

Security in the Automotive Electronics Area, Alexios Lekidis, SecurityMatters

Integrating the SIM (iUICC), Adrian Escott, QUALCOMM

Smart Secure Platform, Klaus Vedder, Giesecke & Devrient, ETSI SCP Chairman

Network Slicing, Anne-Marie Praden, Gemalto

Don't build on Sand: Validating the Security Requirements of NFV Infrastructure to Confidently Run Slices, Nicolas Thomas, Fortinet

5G Enhancements to Non-3GPP Access Security, Andreas Kunz, Lenovo

Security and Privacy of IoT in 5G, Marcus Wong, Huawei Technologies

ITU-T activities and Action Plan on 5G Security, Yang Xiaoya, ITU-T SG17

Wrap up: 5G Overview from 3GPP SA3 Perspective and What is There to Be Done for Phase 2, Sander Kievit, TNO


Session 2: Security in 5G Inter-Network Signalling
Session Chair: Stefan Schroeder, T-Systems

Presentation on SBA: Introduction of the Topic and Current Status in SA3, Stefan Schroeder, T-Systems

5G Inter-PLMN Security: The Trade-off Between Security and the Existing IPX Business Model, Ewout Pronk, KPN on behalf of GSMA Diameter End to End Security Subgroup

Secure Interworking Between Networks in 5G Service Based Architecture, Silke Holtmanns, Nokia Bell Labs

Security Best Practises using RESTful APIs, Sven Walther, CA Technologies

Identifying and Managing the Issues around 5G Interconnect Security, Stephen Buck, Evolved Intelligence

Zero Trust Security Posture in 5G Architecture, Galina Pildush, Palo Alto Networks (Missing)


Session 1 & 2 Workshop Wrap up: 5G Phase 1 Conclusions and Outlook Towards Phase 2 - Stefan Schroeder, T-Systems and Bengt Sahlin, Ericsson


Session 5: Benefits and Challenges of 5G and IoT From a Security Perspective
Session Chair: Arthur van der Wees, Arthur's Legal

Setting the Scene, Franck Boissière, European Commission

ENISA's View on Security Implications of IoT and 5G, Apostolos Malatras, ENISA

Smart City Aspects, Bram Reinders, Institute for Future of Living

The Network Operators Perspective on IoT Security, Ian Smith, GSMA


Related Links:

Sunday 25 March 2018

5G Security Updates - March 2018


Its been a while since I wrote about 5G security in this fast changing 5G world. If you are new to 3GPP security, you may want to start with my tutorial here.

3GPP SA3 Chairman, Anand R. Prasad recently mentioned in his LinkedIn post:

5G security specification finalized! Paving path for new business & worry less connected technology use.

3GPP SA3 delegates worked long hours diligently to conclude the specification for 5G security standard during 26 Feb.-2 Mar. Several obstacles were overcome by focussed effort of individuals & companies from around the globe. Thanks and congrats to everyone!

All together 1000s of hours of work with millions of miles of travel were spent in 1 week to get the work done. This took 8 meetings (kicked off Feb. 2017) numerous on-line meetings and conference calls.

Excited to declare that this tremendous effort led to timely completion of 5G security specification (TS 33.501) providing secure services to everyone and everything!

The latest version of specs is on 3GPP website here.

ITU also held a workshop on 5G Security in Geneva, Switzerland on 19 March 2018 (link). There were quite a few interesting presentations. Below are some slides that caught my attention.

The picture in the tweet above from China Mobile summarises the major 5G security issues very well. 5G security is going to be far more challenging than previous generations.

The presentation by Haiguang Wang, Huawei contained a lot of good technical information. The picture at the top is from that presentation and highlights the difference between 4G & 5G Security Architecture.


New entities have been introduced to make 5G more open.


EPS-AKA vs 5G-AKA (AKA = Authentication and Key Agreement) for trusted nodes


EAP-AKA' for untrusted nodes.


Slice security is an important topic that multiple speakers touched upon and I think it would continue to be discussed for a foreseeable future.

Dr. Stan Wing S. Wong from King’s College London has some good slides on 5G security issues arising out of Multi-Tenancy and Multi-Network Slicing.

Peter Schneider from Nokia-Bell Labs had good slides on 5G Security Overview for Programmable Cloud-Based Mobile Networks

Sander Kievit from TNO, a regular participant of working group SA3 of 3GPP on behalf of the Dutch operator KPN presented a view from 3GPP SA3 on the Security work item progress (slides). The slide above highlights the changes in 5G key hierarchy.

The ITU 5G Security Workshop Outcomes is available here.

ETSI Security Week 2018 will be held 11-15 June 2018. 5G security/privacy is one of the topics.

There is also 5GPPP Workshop on 5G Networks Security (5G-NS 2018), being held in Hamburg, Germany on August 27-30, 2018.

In the meantime, please feel free to add your comments & suggestions below.


Related Posts & Further Reading: