& cplSiteName &

Kontron Capitalizes on Security Jitters

Carolyn Mathas
News Analysis
Carolyn Mathas
2/20/2014
50%
50%

Is it true that telecom equipment companies are basing their purchasing decisions on where the design and development of components and modules takes place?

According to embedded computing platform developer Kontron AG , which undertakes its design and R&D processes in Montreal, Canada, it's already happening: The company, best known for its AdvancedTCA (ATCA) range of modules, claims it's wrestling business away from (unidentified) competitors that have design and development exposure in Asia/Pacific, particularly China.

And if that's more than just a one-off, the implications could be huge for telecom systems vendors and their suppliers.

Sven Freudenfeld, Business Development, Telecom for North America at Kontron, says that, increasingly, customers initiate discussion on where engineering takes place. "As we go further into cloud computing, trust is necessary to build platforms that will be deployed in the cloud. Moving the central office to the cloud where carriers no longer have access to hardware, they're forced to rely on what they don’t control," says Freudenfeld.

"When carriers owned their network hardware, they could handle situations as they arose -- they could see and identify an actual breach," adds Freudenfeld. "Now, with discovery left to third parties, reaction time is stretched out substantially. Carriers are demanding all network platforms -- interfaces, software, firmware, hardware -- be secure."

And for some (many?), China is regarded as posing a security threat, either directly or indirectly. Huawei Technologies Co. Ltd. and ZTE Corp. (Shenzhen: 000063; Hong Kong: 0763) know all about that: They are on the 'not trusted' list in the US, preventing them from supplying telecom equipment to the federal government or US companies. The main concern is that technology developed in China might include hidden back doors that would be used to either eavesdrop or disrupt networks, though no concrete evidence has been forthcoming. (See Nearly Everyone Trusts Us – Huawei CEO, US vs Huawei/ZTE: The Verdict and China Lashes Out at 'Cold War Mentality'.)

Customer concerns are not limited to just steering clear of China, though. Systems vendors are delving deeper into basic design methodology -- how network products are developed. Freudenfeld says there's a need for greater focus on: the design and creation of platforms with security as a central element; regulatory compliance; and the ability to identify weak points in a network.

There are many such weak points, he claims, and these will become more obvious with the introduction of virtualization, for example, or machine-to-machine (M2M) implementations, as each layer and each machine becomes a potential weakness.

And virtualization is going to happen: Indeed, Kontron is embracing it. (See Kontron Integrates OpenStack.)

There's reason to believe that virtualization is a major security concern. At the 2013 RSA Conference in San Francisco, the Cloud Security Alliance identified the Notorious Nine -- the top nine cloud computing threats for 2013. Of the top three concerns, number one is data breaches. In this case, a virtual machine, for example, could use side-channel timing data to extract private cryptographic keys in use by other virtual machines on the same server. The report indicated that one single client application flaw could allow a hacker access to all of the data -- not just that one client's.

The second top concern is data loss -- the kind where data is here and, then, well, it's not. Finally, account or service traffic hijacking. Once a hacker accesses credentials, eavesdropping on transactions and activities, data manipulation, information falsification, and moving clients to illegitimate sites, are all possible.

What cloud computing has done by concentrating a wealth of assets is magnify the consequences of breaches. On one hand, it's a bastion of data sharing -- on the other, a potential nightmare.

"Regulation will be especially important with telecom equipment and delivering the cloud. While there's great potential for software-defined anything --infrastructure, radio, networks -- there’s always a security element," Freudenfeld explained. While working groups and regulatory bodies exist, more progress will be necessary over the near and long term.

The security threat perception isn't limited to China, though, especially amid the NSA headlines and the FBI’s request for Facebook and Google to enable access for US government surveillance. (See Obama Weighs In on NSA Data Collection, Euronews: Merkel's Mad as Hell at NSA and NSA Humor Tops Congressional Hubris.)

Actually implementing back doors, or deliberately compromised telecom equipment, is very rare. It's the accidental vulnerabilities that are more common. But it's not that difficult to believe that Kontron customers are indeed citing security fears for a shift in procurement processes, especially as technology developments move faster than security advances and implementations can keep up with. Technical defenses may still be inadequate or not sufficiently implemented -- and that may leave non-technical ones, such as specifying that design and development take place in a more trusted environment, as the only immediate way to begin to alleviate fears.

— Carolyn Mathas, contributing editor, special to Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
From The Founder
Cisco's Conrad Clemson, recently promoted to head up the company's Service Provider Apps & Platforms developments, talks to Light Reading's Founder and CEO Steve Saunders about how he's bringing cloud video, mobile and virtualization together to empower network operators.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Documentaries
MLBAM: Live Sports Streaming Will Be Big

3|30|17   |     |   (0) comments


MLB Advanced Media EVP and CTO Joe Inzerillo explains why live sports streaming will take off over the next few years despite major technical challenges.
LRTV Custom TV
Xilinx Disruptive Technology Breakthrough for 5G Wireless

3|30|17   |     |   (0) comments


Xilinx has integrated multi-giga-sample RF data converters into its 16nm MPSoCs devices for the industry's first All Programmable RFSoC, eliminating the need for discrete ADCs and DACs.
LRTV Huawei Video Resource Center
Turkcell Challenges Turkey's Current TV Market

3|29|17   |     |   (0) comments


Baris Zavaroglu, TV and rntertainment business director of Turkcell, explains Turkcell's strategy in elevating the small and uncertain TV market in Turkey.
LRTV Huawei Video Resource Center
Altibox’s Infrastructure Synergy Strategy Reduces Deployment Costs

3|29|17   |     |   (0) comments


Thomas Skjelbred, CEO of Altibox, on how to improve efficiency and reduce deployment coast through infrastructure synergy in Norway.
LRTV Huawei Video Resource Center
Ismail Butun on the Changing Role of Turkcell

3|29|17   |     |   (0) comments


Ismail Butun, chief marketing officer of Turkcell, explains the importance of video and mobile services for the future of the company.
LRTV Huawei Video Resource Center
IDC's Emir Halilovic on Trends of Cloudification

3|29|17   |     |   (0) comments


Emir Halilovic of IDC CEMA discusses the future and direction of cloudification. Also, the all-cloud approach taken by Huawei and others in the industry.
LRTV Custom TV
How Intel Is Powering the 5G Era

3|29|17   |     |   (0) comments


Light Reading tours a series of 5G "super demos" so see how Intel envisions the 5G-connected future. We take a look at a prototype connected BMW, a light pole with environmental sensors that provides 5G wireless to a smart home and a fully untethered virtual reality experience.
LRTV Custom TV
Source Photonics CEO Doug Wright Talks About the Future of Source Photonics

3|29|17   |     |   (0) comments


Source Photonics' CEO, Doug Wright, talks to Light Reading about how the company is continuously investing in its operations to meet not only its customers' current technology demands but also to deliver their next-generation technology needs.
LRTV Custom TV
Live Demo: DevOps in Service Chains & 5G Network Slices PoC

3|29|17   |     |   (0) comments


Executives from PoC collaborating companies – Patrick Waldemar, VP and Head of Technology at Telenor Research, John Healy, VP of the Datacenter Network Solutions Group at Intel, Vincent Spinelli, SVP of Global Sales and Marketing at RIFT.io, Mats Eriksson, CEO and co-founder of Arctos Labs, and Mats Nordlund, CEO and co-founder of Netrounds – review ...
LRTV Documentaries
The Year of Fat & Skinny Bundles

3|29|17   |   21:06   |   (0) comments


In this fireside chat, Roku's Andrew Ferrone predicts that 2017 will be the year of multichannel OTT video bundles and spells out other trends in the OTT and pay-TV markets.
LRTV Huawei Video Resource Center
BBWF 2016: Orange Poland's Next-Gen Central Office

3|28|17   |     |   (0) comments


Introduction to Orange Poland's legacy next-generation central office solution.
LRTV Custom TV
Viavi at OFC 2017

3|28|17   |   4:15   |   (0) comments


Light Reading's Editor-in-Chief Craig Matsumoto reports from the Viavi booth at OFC and gets an update on the 400G testing market from Tom Fawcett, VP and GM of LAB & Production. At this year's event, Viavi won three awards from Lightwave magazine and showcased an interoperability demo with Ethernet Alliance and Finisar.
Upcoming Live Events
May 15-17, 2017, Austin Convention Center, Austin, TX
May 15, 2017, Austin Convention Center - Austin, TX
June 6, 2017, The Joule Hotel, Dallas, TX
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
FTTH No Slam Dunk for Cable
Carol Wilson, Editor-at-large, 3/23/2017
Unlocking China's $194B Telecom Market
Robert Clark, 3/27/2017
Ericsson Tightens Focus, Warns of $1.7B Q1 Hit
Iain Morris, News Editor, 3/28/2017
WiCipedia: Supergirls, No More Excuses & Media Monitoring
Eryn Leavens, Special Features & Copy Editor, 3/24/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
TEOCO Founder and CEO Atul Jain talks to Light Reading Founder and CEO Steve Saunders about the challenges around cost control and service monetization in the mobile and IoT sectors.
At MWC 2017, Qualcomm's CTO Matt Grob talks to Light Reading's CEO and Founder Steve Saunders about the progress being made in the development of the technologies and standards that will underpin 5G.
Animals with Phones
Working From Home Doesn't Work for Everyone Click Here
You shouldn't nap on your keyboard, for instance.
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.