& cplSiteName &

Kontron Capitalizes on Security Jitters

Carolyn Mathas
News Analysis
Carolyn Mathas
2/20/2014
50%
50%

Is it true that telecom equipment companies are basing their purchasing decisions on where the design and development of components and modules takes place?

According to embedded computing platform developer Kontron AG , which undertakes its design and R&D processes in Montreal, Canada, it's already happening: The company, best known for its AdvancedTCA (ATCA) range of modules, claims it's wrestling business away from (unidentified) competitors that have design and development exposure in Asia/Pacific, particularly China.

And if that's more than just a one-off, the implications could be huge for telecom systems vendors and their suppliers.

Sven Freudenfeld, Business Development, Telecom for North America at Kontron, says that, increasingly, customers initiate discussion on where engineering takes place. "As we go further into cloud computing, trust is necessary to build platforms that will be deployed in the cloud. Moving the central office to the cloud where carriers no longer have access to hardware, they're forced to rely on what they don’t control," says Freudenfeld.

"When carriers owned their network hardware, they could handle situations as they arose -- they could see and identify an actual breach," adds Freudenfeld. "Now, with discovery left to third parties, reaction time is stretched out substantially. Carriers are demanding all network platforms -- interfaces, software, firmware, hardware -- be secure."

And for some (many?), China is regarded as posing a security threat, either directly or indirectly. Huawei Technologies Co. Ltd. and ZTE Corp. (Shenzhen: 000063; Hong Kong: 0763) know all about that: They are on the 'not trusted' list in the US, preventing them from supplying telecom equipment to the federal government or US companies. The main concern is that technology developed in China might include hidden back doors that would be used to either eavesdrop or disrupt networks, though no concrete evidence has been forthcoming. (See Nearly Everyone Trusts Us – Huawei CEO, US vs Huawei/ZTE: The Verdict and China Lashes Out at 'Cold War Mentality'.)

Customer concerns are not limited to just steering clear of China, though. Systems vendors are delving deeper into basic design methodology -- how network products are developed. Freudenfeld says there's a need for greater focus on: the design and creation of platforms with security as a central element; regulatory compliance; and the ability to identify weak points in a network.

There are many such weak points, he claims, and these will become more obvious with the introduction of virtualization, for example, or machine-to-machine (M2M) implementations, as each layer and each machine becomes a potential weakness.

And virtualization is going to happen: Indeed, Kontron is embracing it. (See Kontron Integrates OpenStack.)

There's reason to believe that virtualization is a major security concern. At the 2013 RSA Conference in San Francisco, the Cloud Security Alliance identified the Notorious Nine -- the top nine cloud computing threats for 2013. Of the top three concerns, number one is data breaches. In this case, a virtual machine, for example, could use side-channel timing data to extract private cryptographic keys in use by other virtual machines on the same server. The report indicated that one single client application flaw could allow a hacker access to all of the data -- not just that one client's.

The second top concern is data loss -- the kind where data is here and, then, well, it's not. Finally, account or service traffic hijacking. Once a hacker accesses credentials, eavesdropping on transactions and activities, data manipulation, information falsification, and moving clients to illegitimate sites, are all possible.

What cloud computing has done by concentrating a wealth of assets is magnify the consequences of breaches. On one hand, it's a bastion of data sharing -- on the other, a potential nightmare.

"Regulation will be especially important with telecom equipment and delivering the cloud. While there's great potential for software-defined anything --infrastructure, radio, networks -- there’s always a security element," Freudenfeld explained. While working groups and regulatory bodies exist, more progress will be necessary over the near and long term.

The security threat perception isn't limited to China, though, especially amid the NSA headlines and the FBI’s request for Facebook and Google to enable access for US government surveillance. (See Obama Weighs In on NSA Data Collection, Euronews: Merkel's Mad as Hell at NSA and NSA Humor Tops Congressional Hubris.)

Actually implementing back doors, or deliberately compromised telecom equipment, is very rare. It's the accidental vulnerabilities that are more common. But it's not that difficult to believe that Kontron customers are indeed citing security fears for a shift in procurement processes, especially as technology developments move faster than security advances and implementations can keep up with. Technical defenses may still be inadequate or not sufficiently implemented -- and that may leave non-technical ones, such as specifying that design and development take place in a more trusted environment, as the only immediate way to begin to alleviate fears.

— Carolyn Mathas, contributing editor, special to Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
From The Founder
The independent evaluation of Nokia's key virtual network functions (VNFs) was a defining moment for the Finnish giant.
Flash Poll
Live Streaming Video
Charting the CSP’s Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it’s going from two industry veterans.
LRTV Custom TV
Cisco's Innovations in Cable

5|26|16   |   03:18   |   (0) comments


Marc Aldrich from Cisco discusses the latest in security, the evolution and momentum for CCAP and what the industry will be seeing next from Cisco.
LRTV Documentaries
Leading Lights 2016 Highlights

5|25|16   |   02:26   |   (1) comment


Some of the high points from this year's Leading Lights awards dinner at the Hotel Ella in Austin, Texas.
LRTV Documentaries
Light Reading Hall of Fame 2016

5|23|16   |   05:43   |   (0) comments


Find out who has been welcomed into Light Reading's Hall of Fame this year.
LRTV Custom TV
ZTE TM Forum Highlights

5|23|16   |     |   (0) comments


ZTE showcased its new ICT solutions at TM Forum in Nice.
LRTV Interviews
Gamma's MD on the Emergence of UC2

5|20|16   |     |   (0) comments


Gamma Communications Managing Director David Macfarlane believes the unified communications (UC) market has reached a tipping point.
LRTV Custom TV
The Ultimate 5-Minute Guide to Digital Customer Engagement

5|20|16   |     |   (0) comments


In this short video, you will hear all about how Digital Customer Engagement is the key to meeting customer expectations, keeping them happy, and maximizing revenue. VP Product & Marketing at Pontis, Ofer Razon, breaks down for us the five essential capabilities for successful Digital Customer Engagement. Don’t miss!
LRTV Custom TV
NFV in 2016: Part 1 – NFV Use Cases Get Real

5|19|16   |   05:57   |   (0) comments


Consensus is building around the key use cases for NFV, including managed IP services at the network edge and on customer premises, which can generate new revenues from enterprises/SMBs and consumers; Evolved Packet Core to support LTE migration; and adjacent technologies, such as TAS and IMS, to support VoLTE and next-generation charging and policy control ...
LRTV Custom TV
Nokia's Steve Vogelsang on NFV – Part 3

5|19|16   |     |   (0) comments


Steve Vogelsang discusses the challenges of operational transformation and how Nokia helps its customers. Join Steve at the Big Communications Event in Austin the morning of May 24, on his keynote and optical networking panel.
LRTV Interviews
Level 3: Why UC Is In Demand

5|17|16   |   04:12   |   (1) comment


Andrew Edison, Level 3's senior VP of sales, EMEA region, talks about the drivers of growth in the unified communications services market.
LRTV Custom TV
ARM's OPNFV Action

5|17|16   |     |   (0) comments


At the ARM booth at MWC 2016, Joe Kidder and Bob Monkman speak to Light Reading about OPNFV and their upcoming action.
LRTV Custom TV
Nokia's Steve Vogelsang on NFV – Part 2

5|16|16   |     |   (0) comments


Steve Vogelsang gives advice to service providers on how to move to NFV. Join Steve at the Big Communications Event in Austin the morning of May 24, on his keynote and optical networking panel.
LRTV Interviews
Interoute CTO on NFV's Maturity

5|13|16   |   06:46   |   (1) comment


Matt Finnie, CTO at international operator Interoute, explains how NFV has made life easier in terms of logistics and how Interoute can now enable a 'software-defined moment' for its customers.
Upcoming Live Events
September 13-14, 2016, The Curtis Hotel, Denver, CO
December 6-8, 2016,
June 16-18, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
A new survey conducted by Heavy Reading and TM Forum shows that CSPs around the world see the move to digital operations as a necessary part of their overall virtualization strategies.
Hot Topics
DT: Telcos Must Escape Vendor Prison
Iain Morris, News Editor, 5/24/2016
AT&T to Start 5G 'Friendly' Trial by 2016 End
Dan Jones, Mobile Editor, 5/24/2016
WiCipedia: Short Skirts & Back-Up Plans
Eryn Leavens, Special Features & Copy Editor, 5/20/2016
Eurobites: Be More European, EU Tells Streaming Services
Paul Rainford, Assistant Editor, Europe, 5/20/2016
Cable Is Eyeing Its Retail Options
Mari Silbey, Senior Editor, Cable/Video, 5/25/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
In this latest installment of the CEO Chat series, Craig Labovitz, co-founder and CEO of Deepfield, sits down with Light Reading's Steve Saunders in Light Reading's New York City office to discuss how Deepfield fits in with the big data trend and more.
Grant van Rooyen, president and CEO of Cologix, sits down with Steve Saunders, founder and CEO of Light Reading, in the vendor's New Jersey facility to offer an inside look at the company's success story and discuss the importance of security in the telecom industry.
Animals with Phones
Live Digital Audio

Our world has evolved through innovation from the Industrial Revolution of the 1740s to the information age, and it is now entering the Fourth Industrial Revolution, driven by technology. Technology is driving a paradigm shift in the way digital solutions deliver a connected world, changing the way we live, communicate and provide solutions. It can have a powerful impact on how we tackle some of the world’s most pressing problems. In this radio show, Caroline Dowling, President of Communications Infrastructure & Enterprise Computing at Flex, will join Women in Comms Director Sarah Thomas to discuss the impact technology has on society and how it can be a game-changer across the globe; improving lives and creating a smarter world. Dowling, a Cork, Ireland, native and graduate of Harvard Business School's Advanced Management Program, will also discuss her experience managing an international team focused on innovation in an age of high-speed change.