Satellite, 5G, Cyber Security for a ‘Global Digital Ecosystem’

London, UK, November 4, 2019--Last month I spoke at an event for information technology security professionals in Riga, Latvia.  The theme of my presentation was a little off the mainstream of topics addressed during the several tracks of the program – unsurprisingly heavily focused on cyber security, but also covering the continuing evolution of 5G, the upcoming generation of terrestrial mobile broadband communications. 
 
However, the organizer’s annual invitation to GVF to contribute to the program has, at least in recent years, had a contextual parallel as the role of satellite as an essential and integral part of the future 5G “network of networks” has increasingly been defined and been recognized beyond the standards-setting environment of the 3GPP and, also, more widely than in the satellite industry itself.
 
My choice of title?  A “Network of Networks” for Digitally Driven Sustainability: A Cyber Secure Satellite-5G World.  An alternative title might have been “Triangles”.  What follows will explain the rather cryptic nature of this alternative.
 
The train of thought which led to my choice of the actual title was initially influenced by the inter-relationships between the vertices of a number of conceptual “triangles”, the first of which features – satellite, 5G, and cyber security.
 
Issues pertaining to the satellite-cyber security relationship have been well-addressed by the satellite industry through GVF (jointly with two if its sister industry associations), with the initial promulgation in 2017 (updated in 2018) of the Joint Statement on the Satellite Industry’s Commitment to Cyber Security and a Secure Supply Chain which set-out a series of core principles to which industry organizations should adhere on a voluntary and collaborative basis, without mandating regulation being externally imposed.  The essence of these principles is as follows:
 
• Security and risk management should be part of an organization’s overall corporate culture;
• Organizations should, implement and maintain best practices to protect against evolving threats, including by leveraging industry-driven resources to inform their own development of voluntary, proactive, risk-based approaches to risk mitigation;
• Collaboration, not regulation, is the best way for organizations to manage cyber risks;
• Voluntary information-sharing among the private sector, between the private sector and government, and between the private sector and end users is vital.
 
European Space Agency (ESA) engagement in the satellite-cyber security environment is most recently evidenced by their call for proposed solutions to determine the viability of satellite-based services in support of cyber security and to assess technical feasibility and commercial viability for diverse, current and future, vertical sector users of satellite, the most vulnerable having been identified as being maritime, aeronautical, smart vehicles, financial services, energy infrastructure and emergency services.  Potential solutions, which should include contributions from innovative technologies – Artificial Intelligence, Machine Learning, Big Data analytics – will be enabled by space as a means to mitigate the cyber security risks and to enhance cyber resistance and the resilience of existing infrastructures, services and operations, and contribute to enhancing the end-to-end cyber security of space-based applications.
 
As for the satellite-5G inter-relationship in my conceptual “triangle”, the 3GPP – the 3rd Generation Partnership Project uniting seven telecommunications standard development organizations (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC), providing their members with an environment to produce the Reports and Specifications that define 3GPP technologies, including 5G – has said the incorporation of satellite networks will help enable 5G service rollouts in unserved and under-served areas, enhance reliability and increase service availability everywhere to the benefit of critical communications and transportation applications.
 
A wide range of 5G Satellite Use Cases have been identified and the NetWorld 2020 Satellite Working Group European Technology Platform has noted that “Satellites will integrate with other networks rather than be a standalone network to provide 5G and this integration forms the core of the vision.”  Release 17 of the series of 5G standards enhancements releases from the 3GPP, which is due to be published in 2021, will further reinforce the satellite element of the “network of networks” and will reflect the focus of GVF Members, from across the industry value-chain, that are directly engaged in the development of solutions that are geared to be fully 5G ready.
Due to limitations to the word count of this column I will not address in detail the third side of my conceptual “triangle”, the 5G-cyber security inter-relationship, here, with the exception of noting that governments, telecoms network companies and technology groups are working on heightened security standards for 5G and the Internet of Things.  Whilst there are apparent flaws in 5G security – such as the use of fake mobile base stations to steal information – 5G data encryption and network user verification mechanisms have improved on 4G, but the 5G weak link is in communication of IoT devices connected to 5G networks, particularly when manufacturing default passwords on such devices are not upgraded.
 
My second conceptual “triangle” is that of the characterization of 5G itself, divided between the three major use cases (the vertices?) of: [1] enhanced Mobile Broadband (eMBB); [2] massive M2M Communications (mMTC); and, [3] Ultra Reliable Low Latency Communications (URLLC).  In combination, the major use cases encompass:
 
[1] Web browsing, video streaming and virtual reality, together generating 10,000 times more traffic than over 4G networks, with greater than 10 Gbps peak data rates and providing 100 Mbps whenever needed.  New applications will include fixed wireless internet access for homes, outdoor broadcast applications without the need for broadcast vans, and greater connectivity for people on the move;
 
[2] Narrowband Internet access for sensing, metering, and monitoring devices.  The Internet of Things (IoT) connecting billions of devices without human intervention at a scale not seen before.  Has the potential to revolutionize modern industrial processes and applications including agriculture, manufacturing and business communications;
 
[3] Services for latency sensitive devices requiring sub-millisecond latency with error rates that are lower than 1 packet loss in 10⁵ packets.  Mission critical including real-time control of devices, industrial robotics, vehicle to vehicle communications and safety systems, together with remote medical care, procedures, and treatment. 
 
The third conceptual “triangle” I have employed was prompted by a United Nations paper – a product of the Development and Environment programs, UNDP and UNEP, authored by Jillian Campbell and David E. Jensen – which discussed the building of a “Global Digital Ecosystem”.  The three vertices of this, the third of my conceptual “triangles”, are Socio-Economy, Development, and Environment, elements of the United Nations Sustainable Development Goals.
 
In 2015, the UN adopted 17 SDGs as part of the Agenda 2030 to achieve a better future for all humanity.  Radio communications, including satellites – and, therefore the related areas of the forthcoming “network of networks” with integrated satellite and 5G, and of cyber security – have a key supporting role in achieving the 17 SDGs.
 
This is all the more evident when noting, as does the UNDP, that 68 per cent of the 93 environmental SDG indicators cannot currently be measured due to lack of data.  This other “digital (gap) divide” must be bridged, enabling us to acquire and deploy data sets to build a digital ecosystem for the entire planet which will allow data flows to be eventually transformed into insights for sustainable decision-making.  This will require various “frontier technologies” – cloud & edge computing; AI & machine learning; IoT; social media platforms; blockchain & distributed databases; software; mobile apps; ACR & VR; and, with reference to the recent news from Google, quantum computing – but also satellite and related communications technologies.
 
All this must happen with a much elevated and broader understanding of the long-term models and incentives that will sustain these efforts. What is needed is to determine how such efforts can protect data security, achieve interoperability, and maintain high standards, whilst answering the question “Will governance be voluntary and collaborative or regulated and mandated?”
----------------------
Martin Jarrold is Vice-President of International Program Development of GVF. He can be reached at: martin.jarold@gvf.org