Standardize or make first?
While 5G is to be the #1 buzzword of the coming week at the MWC (Mobile World Congress) in Barcelona, not everything is standardized, and we are not anywhere close to reaching a point of maturity where any equipment with a 5G label could plug seamlessly with any other 5G-labeled equipment.
We are still in a period when industrialists are running to push their - not finalized - products and drive mobile network operators to implement them in order to create a precedent and to see their development becoming a standard, without forgetting potential licensing income.
In these troubled times, standardization bodies remain extremely active to drive a more sensible approach, that has many times demonstrated its success, consisting in standardizing first, reaching an industry-wide agreement and, then, introducing products that are certified to comply with standards.
Following this vision, SIMalliance, the association representing the SIM industry, recently published its technical definition of a ‘SIMalliance Recommended 5G SIM’ card, for the 3GPP R15 version of 5G, which essentially covers mobile broadband, while bringing new radio, low latency and high throughput. SIMalliance, aims at pushing the MNOs to adopt their SIM definition when launching their 5G networks. The SIMalliance 5G SIM definition provides not only basic services such as user authentication but also quality of experience services, such as network measurement reports, and subscriber privacy control through the encryption of the end-user digital identity. SIMalliance also defines a Low Power SIM, dedicated to the IoT market using NB-IoT or LTE-M protocols. However, the SIMalliance document never specifies whether the 5G SIM should be removable or embedded.
In the same manner, the ETSI (European Telecoms Standards Institute) Technical Committee on Cybersecurity has just published the ETSI TS 103 645 that includes high-level provisions for the security of consumer devices that are connected to network infrastructure. The standard will provide a base for future certification schemes. Among other provisions, the standard requires that credentials and other security-sensitive data should be stored securely. The standard specifies that “secure, trusted storage mechanisms can be used to secure security-sensitive data, such as those provided by a Trusted Execution Environment (TEE) and associated trusted, secure storage, or the secure storage and processing capabilities of software running on a Universal Integrated Circuit Card UICC/embedded Universal Integrated Circuit Card (eUICC).”
Full standards for 5G are still a remote goal, but one may wonder which approach will be triumphant in the telecoms of tomorrow? The consensus-based approach driven by standardization bodies or the done deal approach used by some leading vendors?