Internet of Things
Auto Added by WPeMatico
Auto Added by WPeMatico
At its annual Ignite event in Orlando, Fla., Microsoft today announced that Azure FarmBeats, a project that until now was mostly a research effort, will be available as a public preview and in the Azure Marketplace, starting today. FarmBeats is Microsoft’s project that combines IoT sensors, data analysis and machine learning.
“The goal of FarmBeats is to augment farmers’ knowledge and intuition about their own farm with data and data-driven insights,” Microsoft explained in today’s announcement. The idea behind FarmBeats is to take in data from a wide variety of sources, including sensors, satellites, drones and weather stations, and then turn that into actionable intelligence for farmers, using AI and machine learning.
In addition, FarmBeats also wants to be somewhat of a platform for developers who can then build their own applications on top of this data that the platform aggregates and evaluates.
As Microsoft noted during the development process, having satellite imagery is one thing, but that can’t capture all of the data on a farm. For that, you need in-field sensors and other data — yet all of this heterogeneous data then has to be merged and analyzed somehow. Farms also often don’t have great internet connectivity. Because of this, the FarmBeats team was among the first to leverage Microsoft’s efforts in using TV white space for connectivity and, of course, Azure IoT Edge for collecting all of the data.
Powered by WPeMatico
Kepler Communications, the Toronto-based startup that’s focused on developing and deploying shoebox-sized satellites to provide telecommunications services, is opening up registration for those interested in getting their first developer kits. These developer kits, designed to help potential commercial customers take advantage of its Internet of Things (IoT) narrowband connectivity deploying next year, will then be made available to purchase for elect partners next year.
This kind of early access is designed to give a head start on testing and integration to companies interested in using the kind of connectivity Kepler intends on providing. Kepler‘s service is designed to provide global coverage using a single network for IoT operators, at low costs relative to the market, for applications including tracking shipping containers, railway networks, livestock and crops and much more. Kepler says that its IoT network, which will be made up of nanosatellites designed specifically for this purpose it plans to launch throughout next year and beyond, is aimed at industries where you don’t need high bandwidth, as you would for say HD consumer video streaming, but where coverage across large, often remote areas on a consistent basis is key.
IoT connectivity provided by constellations of orbital satellites is an increasing area of focus and investment, as large industries look to modernize their monitoring and tracking operations. Startup Swarm recently got permission from the FCC to launch its 150-small satellite constellation, for instance, to establish a service to address similar needs.
Kepler, founded in 2015, has raised more than $20 million in funding, and has launched two small satellites thus far, including one in January and one in November of 2018. The company announced a contract with ISK and GK Launch Services to deploy two more sometime in the middle of next year aboard a Soyuz rocket.
Powered by WPeMatico
Particle, a platform for Internet of Things devices, has raised $40 million in its latest round of funding.
Qualcomm Ventures and Energy Impact Partners led the Series C raise, with backing from existing investors including Root Ventures, Bonfire Ventures, Industry Ventures, Spark Capital, Green D Ventures, Counterpart Ventures and SOSV.
With its latest round of funding, Particle has raised $81 million to date.
The San Francisco-based startup provides the back-end for its customers to bring Internet of Things devices to market without having to shell out for their own software infrastructure. The platform aims to be the all-in-one solution for IoT devices, with encryption and security, as well as data autonomy and scalability.
That means more traditional businesses can buy a fleet of sensors and other monitoring devices, hook them up to their own machines and use Particle’s infrastructure for monitoring.
That’s a common theme that Particle sees, according to Zach Supalla, the company’s chief executive.
“More and more of our customers are in old-fashioned, even unglamorous, businesses like stormwater management, industrial equipment, shipping or monitoring any number of compressors, pumps and valves,” he said in remarks. “These businesses are diverse, but the common thread is that they need to monitor and control mission-critical machines, and we see it as our mission to help bring their machines, vehicles and devices into the 21st century.”
Particle said the funding round follows “significant growth” for its enterprise platform, seeing 150% year-over-year growth in revenue.
The company currently has 100 staff working to support 85 enterprise clients across agriculture, automotive, smart city and other industries.
Powered by WPeMatico
European Union Member States have published a joint risk assessment report into 5G technology which highlights increased security risks that will require a new approach to securing telecoms infrastructure.
The EU has so far resisted pressure from the U.S. to boycott Chinese tech giant Huawei as a 5G supplier on national security grounds, with individual Member States such as the UK also taking their time to chew over the issue.
But the report flags risks to 5G from what it couches as “non-EU state or state-backed actors” — which can be read as diplomatic code for Huawei. Though, as some industry watchers have been quick to point out, the label could be applied rather closer to home in the near future, should Brexit comes to pass…
Some parts of the 5G report on risk of non-EU cyberattacks may accidentally gain a new unexpected meaning after #Brexit (https://t.co/o7gyV0hqCv) https://t.co/VgU30kRz4p
— Lukasz Olejnik (@lukOlejnik) October 9, 2019
Back in March, as European telecom industry concern swirled about how to respond to US pressure to block Huawei, the Commission stepped in to issue a series of recommendations — urging Member States to step up individual and collective attention to mitigate potential security risks as they roll out 5G networks.
Today’s risk assessment report follows on from that.
It identifies a number of “security challenges” that the report suggests are “likely to appear or become more prominent in 5G networks” vs current mobile networks — linked to the expanded use of software to run 5G networks; and software and apps that will be enabled by and run on the next-gen networks.
The role of suppliers in building and operating 5G networks is also noted as a security challenge, with the report warning of a “degree of dependency on individual suppliers”, and also of too many eggs being placed in the basket of a single 5G supplier.
Summing up the effects expected to follow 5G rollouts, per the report, it predicts:
The high level report is a compilation of Member States’ national risk assessments, working with the Commission and the European Agency for Cybersecurity. It’s couched as just a first step in developing a European response to securing 5G networks.
“It highlights the elements that are of particular strategic relevance for the EU,” the report says in self-summary. “As such, it does not aim at presenting an exhaustive analysis of all relevant aspects or types of individual cybersecurity risks related to 5G networks.”
The next step will be the development, by December 31, of a toolbox of mitigating measures, agreed by the Network and Information Systems Cooperation Group, which will be aimed at addressing identified risks at national and Union level.
“By 1 October 2020, Member States – in cooperation with the Commission – should assess the effects of the Recommendation in order to determine whether there is a need for further action. This assessment should take into account the outcome of the coordinated European risk assessment and of the effectiveness of the measures,” the Commission adds.
For the toolbox a variety of measures are likely to be considered, per the report — consisting of existing security requirements for previous generations of mobile networks with “contingency approaches” that have been defined through standardisation by the mobile telephony standards body, 3GPP, especially for core and access levels of 5G networks.
But it also warns that “fundamental differences in how 5G operates also means that the current security measures as deployed on 4G networks might not be wholly effective or sufficiently comprehensive to mitigate the identified security risks”, adding that: “Furthermore, the nature and characteristics of some of these risks makes it necessary to determine if they may be addressed through technical measures alone.
“The assessment of these measures will be undertaken in the subsequent phase of the implementation of the Commission Recommendation. This will lead to the identification of a toolbox of appropriate, effective and proportionate possible risk management measures to mitigate cybersecurity risks identified by Member States within this process.”
The report concludes with a final line saying that “consideration should also be given to the development of the European industrial capacity in terms of software development, equipment manufacturing, laboratory testing, conformity evaluation, etc” — packing an awful lot into a single sentence.
The implication is that the business of 5G security will need to get commensurately large to scale to meet the multi-dimensional security challenge that goes hand in glove with the next-gen tech. Just banning a single supplier isn’t going to cut it.
Powered by WPeMatico
At its annual TechCon event in San Jose, Arm today announced Custom Instructions, a new feature of its Armv8-M architecture for embedded CPUs that, as the name implies, enables its customers to write their own custom instructions to accelerate their specific use cases for embedded and IoT applications.
“We already have ways to add acceleration, but not as deep and down to the heart of the CPU. What we’re giving [our customers] here is the flexibility to program your own instructions, to define your own instructions — and have them executed by the CPU,” ARM senior director for its automotive and IoT business, Thomas Ensergueix, told me ahead of today’s announcement.
He noted that Arm always had a continuum of options for acceleration, starting with its memory-mapped architecture for connecting over a bus GPUs and today’s neural processor units. This allows the CPU and the accelerator to run in parallel, but with the bus being the bottleneck. Customers also can opt for a co-processor that’s directly connected to the CPU, but today’s news essentially allows Arm customers to create their own accelerated algorithms that then run directly on the CPU. That means the latency is low, but it’s not running in parallel, as with the memory-mapped solution.
As Arm argues, this setup allows for the lowest-cost (and risk) path for integrating customer workload acceleration, as there are no disruptions to the existing CPU features and it still allows its customers to use the existing standard tools with which they are already familiar.
For now, custom instructions will only be available to be implemented in the Arm Cortex-M33 CPUs, starting in the first half of 2020. By default, it’ll also be available for all future Cortex-M processors. There are no additional costs or new licenses to buy for Arm’s customers.
Ensergueix noted that as we’re moving to a world with more and more connected devices, more of Arm’s customers will want to optimize their processors for their often very specific use cases — and often they’ll want to do so because by creating custom instructions, they can get a bit more battery life out of these devices, for example.
Arm has already lined up a number of partners to support Custom Instructions, including IAR Systems, NXP, Silicon Labs and STMicroelectronics .
“Arm’s new Custom Instructions capabilities allow silicon suppliers like NXP to offer their customers a new degree of application-specific instruction optimizations to improve performance, power dissipation and static code size for new and emerging embedded applications,” writes NXP’s Geoff Lees, SVP and GM of Microcontrollers. “Additionally, all these improvements are enabled within the extensive Cortex-M ecosystem, so customers’ existing software investments are maximized.”
In related embedded news, Arm also today announced that it is setting up a governance model for Mbed OS, its open-source operating system for embedded devices that run an Arm Cortex-M chip. Mbed OS has always been open source, but the Mbed OS Partner Governance model will allow Arm’s Mbed silicon partners to have more of a say in how the OS is developed through tools like a monthly Product Working Group meeting. Partners like Analog Devices, Cypress, Nuvoton, NXP, Renesas, Realtek,
Samsung and u-blox are already participating in this group.
Powered by WPeMatico
Speaking today at the Microsoft Government Leaders Summit in Washington, DC, Microsoft CEO Satya Nadella made the case for edge computing, even while pushing the Azure cloud as what he called “the world’s computer.”
While Amazon, Google and other competitors may have something to say about that, marketing hype aside, many companies are still in the midst of transitioning to the cloud. Nadella says the future of computing could actually be at the edge, where computing is done locally before data is then transferred to the cloud for AI and machine learning purposes. What goes around, comes around.
But as Nadella sees it, this is not going to be about either edge or cloud. It’s going to be the two technologies working in tandem. “Now, all this is being driven by this new tech paradigm that we describe as the intelligent cloud and the intelligent edge,” he said today.
He said that to truly understand the impact the edge is going to have on computing, you have to look at research, which predicts there will be 50 billion connected devices in the world by 2030, a number even he finds astonishing. “I mean this is pretty stunning. We think about a billion Windows machines or a couple of billion smartphones. This is 50 billion [devices], and that’s the scope,” he said.
The key here is that these 50 billion devices, whether you call them edge devices or the Internet of Things, will be generating tons of data. That means you will have to develop entirely new ways of thinking about how all this flows together. “The capacity at the edge, that ubiquity is going to be transformative in how we think about computation in any business process of ours,” he said. As we generate ever-increasing amounts of data, whether we are talking about public sector kinds of use case, or any business need, it’s going to be the fuel for artificial intelligence, and he sees the sheer amount of that data driving new AI use cases.
“Of course when you have that rich computational fabric, one of the things that you can do is create this new asset, which is data and AI. There is not going to be a single application, a single experience that you are going to build, that is not going to be driven by AI, and that means you have to really have the ability to reason over large amounts of data to create that AI,” he said.
Nadella would be more than happy to have his audience take care of all that using Microsoft products, whether Azure compute, database, AI tools or edge computers like the Data Box Edge it introduced in 2018. While Nadella is probably right about the future of computing, all of this could apply to any cloud, not just Microsoft.
As computing shifts to the edge, it’s going to have a profound impact on the way we think about technology in general, but it’s probably not going to involve being tied to a single vendor, regardless of how comprehensive their offerings may be.
Powered by WPeMatico
On September 17, HTC announced that cofounder Cher Wang would be stepping down as CEO. In her place, Yves Maitre stepped into the role of Chief Executive, after more than a decade at French telecom giant, Orange.
It’s a tough job at an even tougher time. The move comes on the tail of five consecutive quarterly losses and major layoffs, including a quarter of the company’s staff, which were let go in July of last year.
It’s a far fall for a company that comprised roughly 11 percent of global smartphone sales, some eight years ago. These days, HTC is routinely relegated to the “other” column when these figures are published.
All of this is not to say that the company doesn’t have some interesting irons in the fire. With Vive, HTC has demonstrated its ability to offer a cutting edge VR platform, while Exodus has tapped into an interest in exploring the use of blockchain technologies for mobile devices.
Of course, neither of these examples show any sign of displacing HTC’s once-booming mobile device sales. And this January’s $1.1 billion sale of a significant portion of its hardware division to Google has left many wondering whether it has much gas left in the mobile tank.
With Wang initially scheduled to appear on stage at Disrupt this week, the company ultimately opted to have Maitre sit in on the panel instead. In preparation for the conversation, we sat down with the executive to discuss his new role and future of the struggling Taiwanese hardware company.
Powered by WPeMatico
Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns.
However, it continues to hold off on setting an official position on whether to allow or ban Huawei from supplying the country’s next-gen networks — as the U.S. has been pressurizing its allies to do.
Giving a statement in parliament this afternoon, the U.K.’s digital minister, Jeremy Wright, said the government is releasing the conclusions of the report ahead of a decision on Huawei so that domestic carriers can prepare for the tougher standards it plans to bring in to apply to all their vendors.
“The Review has concluded that the current level of protections put in place by industry are unlikely to be adequate to address the identified security risks and deliver the desired security outcomes,” he said. “So, to improve cyber security risk management, policy and enforcement, the Review recommends the establishment of a new security framework for the UK telecoms sector. This will be a much stronger, security based regime than at present.
“The foundation for the framework will be a new set of Telecoms Security Requirements for telecoms operators, overseen by Ofcom and government. These new requirements will be underpinned by a robust legislative framework.”
Wright said the government plans to legislate “at the earliest opportunity” — to provide the regulator with stronger powers to to enforcement the incoming Telecoms Security Requirements, and to establish “stronger national security backstop powers for government.”
The review suggests the government is considering introducing GDPR-level penalties for carriers that fail to meet the strict security standards it will also be bringing in.
First policy response will be ‘soft’, common cybersecurity standards. Then regulations, with strict standards and #GDPR like fines. New powers allowing to compel telecoms to do something. And work to increase diversity. pic.twitter.com/nBLWneFUDK
— Lukasz Olejnik (@lukOlejnik) July 22, 2019
“Until the new legislation is put in place, government and Ofcom will work with all telecoms operators to secure adherence to the new requirements on a voluntary basis,” Wright told parliament today. “Operators will be required to subject vendors to rigorous oversight through procurement and contract management. This will involve operators requiring all their vendors to adhere to the new Telecoms Security Requirements.
“They will also be required to work closely with vendors, supported by government, to ensure effective assurance testing for equipment, systems and software, and to support ongoing verification arrangements.”
The review also calls for competition and diversity within the supply chain — which Wright said will be needed “if we are to drive innovation and reduce the risk of dependency on individual suppliers.”
The government will therefore pursue “a targeted diversification strategy, supporting the growth of new players in the parts of the network that pose security and resilience risks,” he added.
“We will promote policies that support new entrants and the growth of smaller firms,” he also said, sounding a call for security startups to turn their attention to 5G.
Government would “seek to attract trusted and established firms to the UK market,” he added — dubbing a “vibrant and diverse telecoms market” as both good for consumers and for national security.
“The Review I commissioned was not designed to deal only with one specific company and its conclusions have much wider application. And the need for them is urgent. The first 5G consumer services are launching this year,” he said. “The equally vital diversification of the supply chain will take time. We should get on with it.”
Last week two U.K. parliamentary committees espoused a view that there’s no technical reason to ban Huawei from all 5G supply — while recognizing there may be other considerations, such as geopolitics and human rights, which impact the decision.
The Intelligence and Security Committee also warned that what it dubbed the “unnecessarily protracted” delay in the government taking a decision about 5G suppliers is damaging U.K. relations abroad.
Despite being urged to get a move on the specific issue of Huawei, it’s notable that the government continues to hold off. Albeit, a new prime minister will be appointed later this week, after votes of Conservative Party members are counted — which may be contributing to ongoing delay.
“Since the US government’s announcement [on May 16, adding Huawei and 68 affiliates to its Entity List on national security grounds] we have sought clarity on the extent and implications but the position is not yet entirely clear. Until it is, we have concluded it would be wrong to make specific decisions in relation to Huawei,” Wright said, adding: “We will do so as soon as possible.”
In a press release accompanying the telecoms supply chain review the government said decisions would be taken about high risk vendors “in due course.”
Earlier this year a leak from a meeting of the U.K.’s National Security Council suggested the government was preparing to give an amber light to Huawei to continue supplying 5G — though limiting its participation to non-core portions of networks.
The Science & Technology Committee also recommended the government mandate the exclusion of Huawei from the core of 5G networks.
Wright’s statement appears to hint that that position remains the preferred one — barring a radical change of policy under a new PM — with, in addition to talk of encouraging diversity in the supply chain, the minister also flagging the review’s conclusion that there should be “additional controls on the presence in the supply chain of certain types of vendor which pose significantly greater security and resilience risks to UK telecoms.”
“Additional controls” doesn’t sound like a euphemism for an out-and-out ban.
In a statement responding to the review, Huawei expressed confidence that it’s days of supplying U.K. 5G are not drawing to a close — writing:
The UK Government’s Supply Chain Review gives us confidence that we can continue to work with network operators to rollout 5G across the UK. The findings are an important step forward for 5G and full fibre broadband networks in the UK and we welcome the Government’s commitment to “a diverse telecoms supply chain” and “new legislation to enforce stronger security requirements in the telecoms sector”. After 18 years of operating in the UK, we remain committed to supporting BT, EE, Vodafone and other partners build secure, reliable networks.”
The evidence shows excluding Huawei would cost the UK economy £7 billion and result in more expensive 5G networks, raising prices for anyone with a mobile device. On Friday, Parliament’s Intelligence & Security Committee said limiting the market to just two telecoms suppliers would reduce competition, resulting in less resilience and lower security standards. They also confirmed that Huawei’s inclusion in British networks would not affect the channels used for intelligence sharing.
A spokesman for the company told us it already supplies non-core elements of U.K. carriers’ EE and Vodafone’s network, adding that it’s viewing Wright’s statement as an endorsement of that status quo.
While the official position remains to be confirmed, all the signals suggest the U.K.’s 5G security strategy will be tied to tightened regulation and oversight, rather than follow a U.S. path of seeking to shut out Chinese tech giants.
Commenting on the government’s telecoms supply chain review in a statement, Ciaran Martin, CEO of the U.K.’s National Cyber Security Centre, said: “As the UK’s lead technical authority, we have worked closely with DCMS [the Department for Digital, Culture, Media and Sport] on this review, providing comprehensive analysis and cyber security advice. These new measures represent a tougher security regime for our telecoms infrastructure, and will lead to higher standards, much greater resilience and incentives for the sector to take cyber security seriously.
“This is a significant overhaul of how we do telecoms security, helping to keep the UK the safest place to live and work online by ensuring that cyber security is embedded into future networks from inception.”
Although, tougher security standards for telecoms combined with updated regulations that bake in major fines for failure suggest Huawei will have its work cut out not to be excluded by the market, as carriers will be careful about vendors as they work to shrink their risk.
Earlier this year a report by an oversight body that evaluates its approach to security was withering — finding “serious and systematic defects” in its software engineering and cybersecurity competence.
Powered by WPeMatico
The U.K.’s next prime minister must prioritize a decision on whether or not to allow Chinese tech giant Huawei to be a 5G supplier, a parliamentary committee has urged — warning that the country’s international relations are being “seriously damaged” by ongoing delay.
In a statement on 5G suppliers, the Intelligence and Security committee (ISC) writes that the government must take a decision “as a matter of urgency.”
Earlier this week another parliamentary committee, which focuses on science and technology, concluded there is no technical reason to exclude Huawei as a 5G supplier, despite security concerns attached to the company’s ties to the Chinese state, though it did recommend it be excluded from core 5G supply.
The delay in the U.K. settling on a 5G-supplier policy can be linked not only to the complexities of trying to weigh and balance security considers with geopolitical pressures but also ongoing turmoil in domestic politics, following the 2016 EU referendum Brexit vote — which continues to suck most of the political oxygen out of Westminster. (And will very soon have despatched two U.K. prime ministers in three years.)
Outgoing PM Theresa May, whose successor is due to be selected by a vote by Conservative Party members next week, appeared to be leaning toward giving Huawei an amber light earlier this year.
A leak to the press from a National Security Council meeting back in April suggested Huawei would be allowed to provide kit, but only for non-core parts of 5G networks — raising questions about how core and non-core are delineated in the next-gen networks.
The leak led to the sacking by May of the then defense minister, Gavin Williamson, after an investigation into confidential information being passed to the media in which she said she had lost confidence in him.
The publication of a government Telecoms Supply Chain Review, whose terms of reference were published last fall, has also been delayed — leading carriers to press the government for greater clarity last month.
But with May herself now on the way out, having agreed in May to step down as PM, the decision on 5G supply is on hold.
It will be down to either Boris Johnson or Jeremy Hunt, the two remaining contenders to take over as PM, to choose whether or not to let the Chinese tech giant supply U.K. 5G networks.
Whichever of the men wins the vote, they will arrive in the top job needing to give their full attention to finding a way out of the Brexit morass — with a mere three months til an October 31 Brexit extension deadline looming. So there’s a risk 5G may not seem as urgent an issue and a decision again be kicked back.
In its statement on 5G supply, the ISC backs the view expressed by the public-facing branch of the U.K.’s intelligence service that network security is not dependent on any one supplier being excluded from building it — writing that: “The National Cyber Security Centre… has been clear that the security of the UK’s telecommunications network is not about one company or one country: the ‘flag of origin’ for telecommunications equipment is not the critical element in determining cyber security.”
The committee argues that “some parts of the network will require greater protection” — writing that “critical functions cannot be put at risk” but also that there are “less sensitive functions where more risk can be carried”, albeit without specifying what those latter functions might be.
“It is this distinction — between the sensitivity of the functions — that must determine security, rather than where in the network those functions are located: notions of ‘core’ and ‘edge’ ate therefore misleading in this context,” it adds. “We should therefore be thinking of different levels of security, rather than a one size fits all approach, within a network that has been built to be resilient to attack, such that no single action could disable the system.”
The committee’s statement also backs the view that the best way to achieve network resilience is to support diversity in the supply chain — i.e. by supporting more competition.
But at the same time it emphasizes that the 5G supply decision “cannot be viewed solely through a technical lens — because it is not simply a decision about telecommunications equipment.”
“This is a geostrategic decision, the ramifications of which may be felt for decades to come,” it warns, raising concerns about the perceptions of U.K. intelligence sharing partners by emphasizing the need for those allies to trust the decisions the government makes.
It also couches a U.K. decision to give Huawei access a risk by suggesting it could be viewed externally as an endorsement of the company, thereby encouraging other countries to follow suit — without paying the full (and it asserts vitally) necessary attention to the security piece.
“The UK is a world leader in cyber security: therefore if we allow Huawei into our 5G network we must be careful that that is not seen as an endorsement for others to follow. Such a decision can only happen where the network itself will be constructed securely and with stringent regulation,” it writes.
The committee’s statement goes on to raise as a matter of concern the U.K.’s general reliance on China as a technology supplier.
“One of the lessons the UK Government must learn from the current debate over 5G is that with the technology sector now monopolised by such a few key players, we are over-reliant on Chinese technology — and we are not alone in this, this is a global issue. We need to consider how we can create greater diversity in the market. This will require us to take a long term view — but we need to start now,” it warns.
It ends by reiterating that the debate about 5G supply has been “unnecessarily protracted” — pressing the next U.K. prime minister to get on and take a decision “so that all concerned can move forward.”
Powered by WPeMatico
A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.
In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”
Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.
If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for the exclusion so that it could be applied to other suppliers in future.
Reached for a response to the recommendations, a government spokesperson told us: “The security and resilience of the UK’s telecoms networks is of paramount importance. We have robust procedures in place to manage risks to national security and are committed to the highest possible security standards.”
The spokesperson for the Department for Digital, Media, Culture and Sport added: “The Telecoms Supply Chain Review will be announced in due course. We have been clear throughout the process that all network operators will need to comply with the Government’s decision.”
In recent years the US administration has been putting pressure on allies around the world to entirely exclude Huawei from 5G networks — claiming the Chinese company poses a national security risk.
Australia announced it was banning Huawei and another Chinese vendor ZTE from providing kit for its 5G networks last year. Though in Europe there has not been a rush to follow the US lead and slam the door on Chinese tech giants.
In April leaked information from a UK Cabinet meeting suggested the government had settled on a policy of granting Huawei access as a supplier for some non-core parts of domestic 5G networks, while requiring they be excluded from supplying components for use in network cores.
On this somewhat fuzzy issue of delineating core vs non-core elements of 5G networks, the committee writes that it “heard unanimously and clearly” from witnesses that there will still be a distinction between the two in the next-gen networks.
It also cites testimony by the technical director of the UK’s National Cyber Security Centre (NCSC), Dr Ian Levy, who told it “geography matters in 5G”, and pointed out Australia and the UK have very different “laydowns” — meaning “we may have exactly the same technical understanding, but come to very different conclusions”.
In a response statement to the committee’s letter, Huawei SVP Victor Zhang welcomed the committee’s “key conclusion” before going on to take a thinly veiled swiped at the US — writing: “We are reassured that the UK, unlike others, is taking an evidence based approach to network security. Huawei complies with the laws and regulations in all the markets where we operate.”
The committee’s assessment is not all comfortable reading for Huawei, though, with the letter also flagging the damning conclusions of the most recent Huawei Oversight Board report which found “serious and systematic defects” in its software engineering and cyber security competence — and urging the government to monitor Huawei’s response to the raised security concerns, and to “be prepared to act to restrict the use of Huawei equipment if progress is unsatisfactory”.
Huawei has previously pledged to spend $2BN addressing security shortcomings related to its UK business — a figure it was forced to qualify as an “initial budget” after that same Oversight Board report.
“It is clear that Huawei must improve the standard of its cybersecurity,” the committee warns.
It also suggests the government consults on whether telecoms regulator Ofcom needs stronger powers to be able to force network suppliers to clean up their security act, writing that: “While it is reassuring to hear that network operators share this point of view and are ready to use commercial pressure to encourage this, there is currently limited regulatory power to enforce this.”
Another committee recommendation is for the NCSC to be consulted on whether similar security evaluation mechanisms should be established for other 5G vendors — such as Ericsson and Nokia: Two European based kit vendors which, unlike Huawei, are expected to be supplying core 5G.
“It is worth noting that an assurance system comparable to the Huawei Cyber Security Evaluation Centre does not exist for other vendors. The shortcomings in Huawei’s cyber security reported by the Centre cannot therefore be directly compared to the cyber security of other vendors,” it notes.
On the issue of 5G security generally the committee dubs this “critical”, adding that “all steps must be taken to ensure that the risks are as low as reasonably possible”.
Where “essential services” that make use of 5G networks are concerned, the committee says witnesses were clear such services must be able to continue to operate safely even if the network connection is disrupted. Government must ensure measures are put in place to safeguard operation in the event of cyber attacks, floods, power cuts and other comparable events, it adds.
While the committee concludes there is no technical reason to limit Huawei’s access to UK 5G, the letter does make a point of highlighting other considerations, most notably human rights abuses, emphasizing its conclusion does not factor them in at all — and pointing out: “There may well be geopolitical or ethical grounds… to enact a ban on Huawei’s equipment”.
It adds that Huawei’s global cyber security and privacy officer, John Suffolk, confirmed that a third party had supplied Huawei services to Xinjiang’s Public Security Bureau, despite Huawei forbidding its own employees from misusing IT and comms tech to carry out surveillance of users.
The committee suggests Huawei technology may therefore be being used to “permit the appalling treatment of Muslims in Western China”.
Powered by WPeMatico