Beware Systems Integrator Lock-In, Open Source Dependency

AMSTERDAM -- Broadband World Forum 2019 -- Kings can be tyrants, but at least they give you an easy target to punch when something goes wrong and revolution follows. Telcos in a perpetual huff about the ruling trio of Ericsson, Huawei and Nokia could be in for a more slippery autocracy with the emergence of systems integrators, a cabal of tiny vendors and some unwieldy open source platforms.

Operators are worried, too. "Yes," said BT's Simon Fisher when asked during a panel session here if there is a danger of going from one form of lock-in to another. "You are squeezing complexity and cost into the software side of the business."

Fear has grown as operators lurch toward their vision of a more open network built and managed by a multitude of hardware and software companies -- rather than one big player. This dramatic shift is designed partly to ensure telcos investing in new technologies are less reliant on a small number of industry giants. The trouble is that piecing together components provided by so many different suppliers is like trying to build a Tesla with random parts, using a team of ageing mechanics.

Challenged on the skills front, many operators are dumping the hard work on systems integrators. India's Tech Mahindra, a familiar face in this market, has a unifying role in the project by Japan's Rakuten to build a "greenfield" mobile network based on the latest cloud and software-based technologies. More unfamiliar names are also popping up. Reply, an Italian company, has the honor of being the systems integrator for Deutsche Telekom's Access 4.0 initiative, which aims to replace the proprietary boxes used in central offices with commodity gear and open source code.

The danger BT's Fisher evidently sees is that one overlord replaces another, as the mighty systems integrator usurps the vendor. Instead of Nokia, the operator could find itself bound to a Tech Mahindra or Reply. Worse, this systems integrator, by definition, would be managing a collection of tools that did not come from its own workshop. At least in today's networks, Ericsson or Huawei are directly responsible for any problems.

Equally bad might be the emergence of colossal open source platforms promising magic solutions. While Fisher and his peers were deliberating the systems integrator lock-in, Mansoor Hanif, the chief technology officer of UK regulatory authority Ofcom (and a former telco executive), was issuing a similar warning about "over dependency on any single automation platform" in a clear reference to ONAP, the open source management platform backed by the increasingly powerful Linux Foundation.

Speaking on a panel during the SDN NFV World Congress, just down the road in The Hague, Hanif urged caution for security reasons. "If you can actually get control of the whole network and reconfigure it, obviously that's the danger of a programmable network that's non-secure," he said, according to Heavy Reading Senior Analyst James Crawshaw, who posted comments about the event on his LinkedIn page.

"I guess the fear is that because ONAP is open source it will be easier for bad actors to explore (than a commercial solution) and, if widely adopted, worthwhile trying to hack," noted Crawshaw.

Want to know more about 5G? Check out our dedicated 5G content channel here on
Light Reading.

For operators, the alternative is to get their hands dirty and do more of the systems integration and technology development themselves. But many, including some of the biggest players, lack the requisite skills. "I think we can [succeed] but when you have to take a big legacy network with you and legacy behavior, that is a complex challenge," said BT's Fisher.

Indeed, France's Orange last year estimated that around 50,000 employees, equaling about one third of its entire global workforce, would need "reskilling" to prevent the company from dropping far behind cloud providers such as Amazon Web Services and Microsoft Azure. Spain's Telefónica recently announced plans to retrain about 6,000 employees in areas such as security, robotization, analytics, web development, IT and -- believe it or not -- "agile methodology capabilities."

None of it will come cheap. Telefónica has estimated that staff training, and a related early retirement initiative, will cost about €1.6 billion ($1.8 billion). And even if it can shrink the bill for capital expenditure, the shift to open source technologies and multivendor networks could bring all manner of other expenses, too. "We should not forget about looking at operational expenditure and energy consumption and update management and TCO [total cost of ownership] considerations," said Gerhard Kadel, a senior architect at Germany's Deutsche Telekom, speaking here in Amsterdam. "In that environment, it really is a challenge."

Related posts:

— Iain Morris, International Editor, Light Reading

ajwdct1 10/18/2019 | 8:06:03 PM
Tech Support is the key issue for open source software and hardware In addition to systems integration and security, tech support in an open source multi-vendor environment is a crucial issue.  Only the hyper scale cloud service providers and some tier one telcos have (re-) trained their IT Depts to provide that kind of tech support/trouble shooting.  Otherwise the proverbial finger pointing problem does not easily get resolved when a hardware or software problem arises.

Having said that, this is a spot on article which clearly shows the need for both systems integrators and commercial open source service companies.

For a recent assessment of open source networking please refer to:

Assessment of Open Networking, Bare Metal Switches, White Boxes, and NFVi



deaclarke2019 10/16/2019 | 8:13:26 PM
Open Source Has its Limitations The weaknesses (and strengths) of open source are well understood by BT and others. Open Source is an open implementation vulnerable to security threats just as a proprietary implementation is vulnerable, except that there is typically a diversity of proprietary implementations which reduces the likelihood that multiple networks will be taken down due to a common vulnerability. This is (in part) why I and others, believe that standards continue to be essential in telecommunications. The security architecture can be standardized but there will be a diversity of vendor implementations making it much less likely that all networks will be vulnerable to the same flaw. Yes I know proprietary implementations may embed the same open source code, but network operators can incentivize suppliers to avoid that.
jmohacsi 10/16/2019 | 2:13:06 PM
not new observation The described problem is well know for decade. If you are switching from  one solution to another solution zou need expertise inside your companz and outside/hired from integrators' market. You have to build up necessary levels of expertise your company which will cost money. This is not different if you are switching to an open-source solutions. The possible advantage can be of the open-source solutions, that you might look at yourself if you have enough expertise and time.

Regarding the security of open-source solutions, Iit is common understanding, that you can more easily peer-review the open-source code, which can lead to better quality code and more secure code. Security should no rely on obscurity of he system.
Sign In