Comments
Security

IoT Security – Insight on Trends, Challenges and the Road Ahead

Ann Finnie
Global Communications Manager

Aug 17, 2017

The Internet of Things (IoT) industry isn’t part of the “Near Future” - it’s already here and growing rapidly. The Wall Street Journal hails IoT as the next Industrial Revolution and, according to Cisco, there are currently 4.9 billion connected devices today with an expected 12 billion by 2020. The fully matured result of this rapid growth is a $6 trillion industry.

AT&T's Cybersecurity Insights Report surveyed more than 5,000 enterprises around the world and found that 85% of enterprises are in the process of or intend to deploy IoT devices. Yet a mere 10% of those surveyed feel confident that they could secure those devices against cyber attacks.

The big question that emerges as individuals think deeper about the the implications of almost every device being connected is: “How do we keep our devices secure?”

To further our discussion on IoT Security from our Insight paper, we talked to Kyrio’s Director of Business Development, Security Services, Ron Ih, to get expert insight into one of the most pressing questions in tech today...

  1. What is the most important IoT security trend we are seeing this year?

As consumers and businesses adopt more IoT devices and threats continue to multiply, securing those devices easily and at scale has become a daunting task. We are seeing more specialized security tools and processes specifically for IoT devices this year, specifically the use of digital certificates and public key infrastructure (PKI’s) to enable a more secure onboarding process.

“‘Onboarding’ is the process by which a new device is connected and added to the network and the local IoT ecosystem. Onboarding includes the process for authentication, authorization, and accountability of that new device.” -- A Vision for Secure IoT

Digital certificates are issued and signed by a reputable source, often referred to as a Certificate Authority or Root of Trust. Like a digital identity card, devices exchange digital certificates to cryptographically authenticate each other’s identity and origin. In other words, authentication credentials allow you to prove you are what you say you are. As the IoT Security Informed Insight explains, “not only do digital certificates increase security, they enable a better customer experience (e.g. no PIN to enter.)”

The cryptographic signatures within the certificates cannot feasibly be forged or re-created unless you have the proper private key at the source. You can read more about the authentication process, digital certificates and PKI’s here.

  1. What are the main challenges facing the IoT industry today?

The challenges are multifaceted, but the three most common I see are:

  • While many companies are beginning to explore solutions, most device makers do not have security experts and are unprepared to manage security complexities

Device manufacturers and security companies have traditionally operated in two quite separate worlds.

Device manufacturers operate in a world of physical devices, often on the scale of hundreds of thousands, even millions of devices the manufactured each year. Tightly managing inventory, bill of material costs, and just in time delivery are essential to remaining competitive.  Device manufacturers work with firmware and small footprint applications, often with limited compute power and storage. Security can be limited to that which is only essential, in order to keep costs down and delivery times short. This market is generally characterized by tens of thousands of small to medium sized companies that individually might not drive very high volumes, but in aggregate ship billions of devices.

Security companies have traditionally operated in the world of enterprise computing, networking, and web servers and web applications. These accounts are typically characterized by large corporations with IT groups and staff or consultants that specializes in security. Generally, these are large companies, banks, data centers, health care providers, etc. where there may not be a physical product, but valuable data that is stored in vast database servers. The data enables services and usually involves personal and/or financial information that must be protected.

As you can see, this can result in a large mismatch between what a device maker needs, and what a security company is equipped to provide, resulting in the two parties talking past each other. As a result, device security often doesn’t get implemented properly. This is not because the device maker doesn’t want to do it, but because they are not effectively guided on HOW to do it.

  • In the pressure to meet product schedules and quarterly earnings, device security is often omitted or left as an afterthought because it currently takes too much effort and cost to understand and implement it

People often hear that cost is the reason for not implementing security, but misinterpret where that cost lies. There is indeed strong pressure to lower BOM costs, but the larger cost is often in the staff a company needs just to understand security itself. Whether it is allocating brain cycles from existing staff or new hires, headcount is generally one of the largest costs a company incurs. Understanding takes brain cycles. Brain cycles = time. Time = money, big money.

If we are to address the IoT security issue effectively, we need to address the time aspect of implementing security.

  • Although IoT has existed for some time now, the market pressure to go wireless leaves devices more vulnerable to attacks

Autonomous networked devices have existed for quite some time already, but have primarily been implemented on wired networks on a relatively limited scale, using general purpose computers. However, with the relentless march of Moore’s Law, microcontrollers have advanced to the point where even a very small, inexpensive chip can operate a full TCP/UDP network stack in addition to managing a wireless radio. This high integration and lower cost have driven the market towards the adoption of small, wirelessly connected autonomous devices. In addition, the convenience of wireless connectivity has increased the scale of adoption to levels that are orders of magnitude greater than we have ever seen before.

Every device that is connected to your network is effectively a user on that network. Would you let a human user onto your network without verifying their identity? If you wouldn’t do that, why would you let a “device” do it? I put “device” in quotes because, in a network environment, you can’t always be sure if something claiming to be a device actually is what it says it is.

The justification for omitting security I often hear is “there is nothing important on that device”. That is the data center way of thinking about it where you are protecting what is directly on the system where security is implemented. My response is usually this, “You are absolutely correct. No one cares about what’s on the device. They care about the network it’s connected to.” That usually gets them to rethink their position. Insecure devices provide a foothold on the network to attack higher value devices or capture sensitive data.

  1. How can companies work to ensure better security in their IoT products?

  • Businesses need to stop looking at security as a burden

Instead, businesses should leverage security as an opportunity to improve customer experience and revenues. Consumers don’t buy security for security's sake, they buy products that make their lives easier and more convenient. If a product is secure, it improves the customer experience.

  • A holistic approach to security must be addressed at the design stage of a device

To bring products to market faster, it’s easy to fall into the trap of a “sell now and we’ll patch it later” mentality. It’s nearly impossible to predict every security issue that may arise, so manufacturers need to consistently ask themselves: “How would this feature play out over time?” and “How do we do this in a way that’s scalable and secure over time”. Retrofitting security midway through the product lifecycle generally doesn’t work nearly as well and often sets you up for failure.

  • Businesses must understand what “security” actually means and look for solutions that are easily digestible if they don’t employ security experts

Device makers need to understand what security actually means and what it is. Just because you use encryption, doesn’t mean your device is secure. The biggest element of security is not encryption, but authentication: identify who you are communicating with and be able to verify it.

--

As IoT devices gather more information about us and our daily lives, consumers and businesses must pay more attention to the security risks and vulnerabilities. As Chris Connors, the General Manager of Internet of Things Offerings at IBM, states: “This means that device manufacturers, application developers, consumers, operators, integrators and enterprise businesses all have their part to play to follow best practices.”

You can find more information on IoT security here. Don’t forget to subscribe to our blog for more information on IoT in future blog posts.

Comments
Events

12 Things We Learned at Summer Conference 2017

Aug 15, 2017

Last week, at our annual Summer Conference in the picturesque Rocky Mountains, 350 cable operators representing North America, South America, Europe, Asia and Australia gathered together to explore cutting edge technology products. From VR to AI to autonomous vehicles, President and CEO Phil McKinney introduced several ways CableLabs is set to enhance our quality of life through broadband networks and wireless connectivity.

Not only did we witness the world premiere of our groundbreaking vision video The Near Future. A Better Place, we made some new connections and learned plenty along the way. So, without further ado, here are some of our biggest takeaways from our best Summer Conference yet...

  1. Innovation requires dedication every day.
  2. Creativity is important. Making time to think creatively can pay large dividends. Just as a person would strengthen their physical muscles, we must also tone our creativity “muscles”. We do this by abandoning the status-quo and pushing ourselves out of our comfort zones.
  3. Make a fool of yourself, work with the unexpected, give things away, realize you can't do it alone and ask the unasked.
  4. Don't be afraid to fail. Perfection is overrated and often holds you back from innovating something truly amazing.
  5. Share your innovation early. You will inspire others and they will inspire you to improve in unusual and meaningful ways.
  6. Try to be conscious of your biases. They might keep you from listening to someone with a good idea (or a critical warning).
  7. Artificial intelligence will soon power everything in our home from robots to mobile devices to holograms. AI will know everything when it comes to the details of a patient’s treatments so that people can remain in the comfort of their own home.
  8. There's been nearly 100 years of history with wireless technology starting in 1918 with Germany's wireless telephony experiments on military trains.
  9. Not all innovation comes from Silicon Valley. UpRamp announced 4 new fiterator companies featuring technology in AI, IoT, P2P CDN, and Cybersecurity from places including Pittsburgh, Pennsylvania, Alexandria, Virginia and Madrid, Spain.
  10. AI capabilities should not be outsourced and should live close to the business units. It's not simply a problem of the technology stack, but how AI can be paired with intuition to make better business and product decisions.
  11. It's an amazing time to rethink wireless. The Internet of Things will force us to reimagine what a wireless network could and should be.
  12. Rain doesn't stop a Kyrio BBQ!

12 Things we learned from Summer Conference 2017

CableLabs is the innovation lab for the global cable industry focused on innovation with purpose. Watch our video here and check out our Buzzfeed article “10 Ways Tech will Change your Life in the Near Future” to learn more.

Leave a comment below to let us know how the technology of the future inspires you and what you learned from our 2017 Summer Conference.

Comments
Innovation

10 Fun Facts about The Near Future. A Better Place.

Eric Klassen
Innovation Project Lead

Aug 10, 2017

“Innovate with Purpose” – CableLabs President and CEO Phil McKinney

This week at our Summer Conference we released a short a film titled The Near Future. A Better Place. The second in our Near Future series focusing on virtual reality and AI, the film highlights how our broadband networks and increased connectivity in the home play a crucial role in the innovations of the future of healthcare and telemedicine.

10 Fun facts about The Near Future. A Better Place.

Exclusive from the team that created The Near Future. A Better Place, here are 10 fun facts about our film that will both inspire you and blow your mind:

  1. The star of the film, Rance Howard. He has been acting for over 70 years and has appeared in over 250 films and tv shows.
  2. Rance had never cast a fishing lure before this film.
  3. To create Cookie the robot an art director designed and 3D printed the head and body. A robotics expert programmed the wheels and head motors, two operators remote controlled Cookie’s performance on set, two animators designed and created the performance of the eyes, a voice actor read for the voice, and a sound engineer synthesized the voice.
  4. The Ollie bus is a real autonomous car created by Local Motors and is mostly 3D printed. Multiple Olli’s were not available, so a special effects technique was used to create the shot with three Olli’s.
  5. All photos with Rance are his personal photos with an actress standing in for his wife, except for one where his real wife appears.
  6. A medical technologist expert from the Mayo Clinic was consulted to ensure the nanobots technology was realistic and not too sci-fi.
  7. The hospital was created in the office space of an architecture company in downtown Oakland, CA.
  8. The producer’s dog was hired to work with Cookie on set and she gave a stellar performance.
  9. To create the video wall in the living room, a separate wall was built, painted, and designed over an existing wall in the house and removed after shooting.
  10. The Super8 remembering-wife shot was created by bringing in hundreds of flowers that were placed in the existing foliage and then removed after shooting.

Now, grab a coffee and watch out for these in our video below:

--

You can learn more about the integral role the cable industry is playing in the innovations of the future here.

 

Comments
Innovation

CableLabs Unveils its Vision of the Future of Healthcare

Aug 7, 2017

Independence. It’s one of the most important elements of our lives. But with age comes the struggle to maintain our independence and this is one of the greatest fears amongst those who are aging.

One of the greatest fears of ‘adult kids’ relates to letting their parents continue to live independently. Our parents want to be cared about, but fear being cared for. It‘s an age-old dilemma.

  • There are more than 75 million baby boomers in the U.S.
  • The number of Americans over 80 will double, from 6 million to 12 million, in the next two decades. 
  • 97% of people would prefer to live the rest of their lives at home, rather than move into residential care.
  • By the age of 80, 3 out of 5 American households consist of a single person.
-Harvard Joint Center for Housing Studies

 

CableLabs‘ vision of the near future merges technology with connectivity to enhance the living experience of those who deserve it most- our elderly. The secure delivery of high-speed data, video, voice and next-generation services enable seamless connectivity and the platform for building a better experience. A better place.

Take a peek into our vision of the Near Future...

Comments
News

CableLabs Extends its Global Reach with the Addition of Four New Member Companies

Chris Lammers
Chief Operating Officer

Jul 26, 2017

In its continued commitment to the international cable community, CableLabs welcomes four new companies to its membership: GCable and Henan Cable (both situated in China), together with Nowo (Portugal) and Stofa (Denmark).

Guangdong Cable Network (aka Gcable)

Gcable serves Guangdong Province located in southeast China. Guangdong Province is one of the most highly industrialized provinces in China, with major technology centers in Guangzhou (served by Gcable) and Shenzhen (served by Topway, a CableLabs member). Gcable, which is the largest MSO in Guangdong Province, serves 13 million television subscribers and 1.7 million broadband subscribers.

Henan Cable

Henan Cable serves Henan Province. The company is 49% owned by CITIC Limited, China’s largest conglomerate with diverse global businesses focused on financial services, resources and energy, manufacturing, engineering contracting, real estate and telecommunications. CITIC Limited also has similar ownership interests in two other CableLabs members – Chongqing Cable Networks (originally located in Sichuan Province) and JSCN (located in Jiangsu Province). Henan Cable serves 11 million television subscribers and 400 thousand broadband subscribers.

Nowo

Nowo provides cable service in Portugal to 172 thousand television subscribers and 144 thousand broadband subscribers. Nowo is the second largest cable operator in Portugal. Nowo launched in September 2016. with a strategy focused on a disruptive “build your own bundle” which includes mobile voice and data together with fixed line video, broadband and voice services.

Stofa

Stofa is a Danish cable company affiliated with SE Group, a customer-owned, energy and telecommunications group. Stofa, began in 1959 serving antenna, housing and land associations across Denmark, and now provides fixed and mobile services to 344 thousand television subscribers, 323 thousand broadband subscribers, 84 thousand digital voice subscribers and 10 thousand mobile subscribers. Stofa is the second largest cable operator in Denmark.

These four members join 56 other cable operators from 5 continents bringing CableLabs’ total membership to 59 – representing over 180 million video subscribers worldwide.

In its global reach, CableLabs is focused on achieving several objectives:

  • Alignment: Assure alignment with CableLabs technologies across the global cable community.
  • Adoption: Achieve global scale – and therefore low-cost solutions – through the adoption of common technologies by cable operators worldwide.
  • Collaboration: Collaborate with global partners to share experiences, exchange best practices and advance innovation throughout the cable industry.

We look forward to bringing on more members in the future to foster innovation worldwide. You can find more information about CableLabs’ global strategy here. Please contact us to discover the value of membership in CableLabs.

Comments
Innovation

CableLabs Announces an Open Source LoRaWAN Network Solution

Daryl Malas
Principal Architect, Advanced Technology Group

Jul 24, 2017

The Internet of Things (IoT) is a growing industry comprised of a massive number of devices that connect to each other to benefit our lives. Examples of these include the Nest thermostat, security cameras, Amazon’s Alexa, and Apple Watch. Refrigerators can talk with the internet to order milk and Fitbits tell you when to step more to meet your daily exercise goals.

A new area of IoT involves the use of sensors designed to last for years on a single battery transmitting information periodically over long distances. The infrastructure to support all of these connected devices is commonly referred to as a Low Power Wide Area Network (LP-WAN).

LP-WAN networks are designed to cover large geographical areas and minimize the amount of power required for sensors to interact with the network. There are many solutions available to enable this network, including Ingenu, Sigfox, LoRaWAN, 3GPP and Weightless.

CableLabs is pleased to announce an open-source LoRaWAN solution. LoRa is a semi-proprietary solution as it is owned and licensed by Semtech, and a closed consortium (i.e. LoRa Alliance) develops the LoRaWAN specification around the Semtech solution architecture.

Once the consortium concludes a revision of this effort, they make it publicly available. Ingenu and Sigfox are examples of fully proprietary solutions with closed development and ecosystems. In an effort to be more open, they have software development kits available for sensor manufacturers to create sensors for their networks. Of course, these are merely examples of many more solutions emerging in this space. All of them are attempting to create their own advantage and benefits for network providers and consumers. We attempted to highlight some of the more commonly known solutions available, but these are not meant to be preferential or endorsed by CableLabs and are not an exhaustive listing.

LoRaWAN is a long range, low power wireless protocol that is intended for use in building IoT LP-WAN networks. IoT devices send small data packets to any number of “gateways” that may be in the several-kilometer range of a sensor via the LoRaWAN wireless protocol. The gateways then use more traditional communications such as wired Internet connections to forward the messages to a network-server which validates the packets and forwards the application payload to an application-server.

CableLabs chose to develop a LoRaWAN open-source solution because we believe it is a good compromise between proprietary and open solutions, and it provides many of our members an opportunity to compete in the low power wide area (LPWA) space.

Figure 2 - LoRaWAN Example Network Architecture

In the past, CableLabs has often developed solutions specific to the cable industry, but we believe open-source provides consumers a great benefit as it will spur growth in an industry intended to enrich our lives. This enrichment comes through devices intended to inform us of many things. For example, many of us have driven by a city park during a rain storm and noticed the sprinkler system running. This is a waste of water and further impacts our climate. What if we had soil moisture sensors that could communicate with a sprinkler controller to inform it when it requires water? This could save countless gallons of water, which is extremely valuable, especially in drought-stricken regions.

Another example could be to inform a loved one when an aging relative has taken their pills for the day, gets out of bed or sits in a chair too long. All of these are examples of the benefits of sensors enabled by LP-WANs.

In order for us to realize these benefits, LP-WANs need to be deployed broadly across national and international regions. This will enable the use of many sensors across these same regions. As we make use of the sensor data, it will enrich our lives with information to make better choices, ensure higher quality results and guide us towards a better future. By making a portion of this network available for open-source, our goal is to lower the barrier for the cable industry and other industry participants to enable these solutions for consumers and governments. Together we can truly change the world, and it should not be limited by costly barriers.

-

More information on the CableLabs LoRa server, including documentation and code repository, can be found here.

With a strong focus on innovation, CableLabs develops technologies and specifications for the secure delivery of high-speed data, video, voice and next generation services. Don't forget to subscribe to our blog to read more about our innovative technologies in the future.

 

 

Comments
Strategy

CableLabs in Hong Kong: Insights from APOStech 2017

Chris Lammers
Chief Operating Officer

Jul 19, 2017

CableLabs participated in the 2nd Annual APOStech conference in Hong Kong July 4-6, 2017 and it was a huge success!

APOStech is designed to unite executives and key stakeholders from the video and broadband industries across the Asia Pacific region to discuss technology innovation and trends that are defining the future of the connected consumer. Over 180 participants from 88 companies around the globe were in attendance, giving CableLabs the opportunity to speak with current members and establish new relationships with other cable operators in the region.

Aravind Venugopal, Vice President with Media Partners Asia (MPA), set the backdrop for the conference by providing an overview of the explosive growth of broadband, pay tv and mobile services in Asia. MPA just released projections anticipating 30 million new broadband homes in Asia over the five year period from 2017-2022 (excluding China). Nearly half of this growth (45%) will occur in India. Pay tv subscribers will increase nearly 30 million, from 244 million to 271 million over this same period (again, excluding China).  SVOD subscribers will jump from 54 million to 108 million over the course of the 2017-2022 period.

Among the highly informative learnings from APOStech:

  • Only 1 in 10 homes in the Philippines have broadband with an average download speed of 4 Mbps – with the growth of over 2 million additional broadband homes forecast by 2020.
  • 100 million of the 275 million homes in India do not have a television.  Broadband represents an opportunity for these – and all other – homes.  In the Indian economy, prepaid services are dominant, including for broadband and pay tv.  Service providers need to think in terms of monthly, weekly and even daily prepaid services.  National MSOs have 12% of the broadband market – with the incumbent telecom provider (BSNL/MTNL) reaching 66% of the broadband market.
  • In Korea, 58% of pay tv subscribers prefer cable television, this in a country with intense video competition from three national telecom networks (LG, KT and SK Broadband).
  • 4K content is expanding across Asia – particularly in China, Hong Kong, Indonesia, Japan and Singapore.

I delivered an overview of Gigabit Broadband Competition in the U.S. – the technologies innovated by CableLabs and its members by which cable operators are now delivering gigabit speeds globally (Click here to see my slide show presentation). I focused on the impact of collaboration across the global cable community in advancing broadband technologies at scale and the competitive leadership this strategy provides to cable operators and their customers by way of enhancing the user experience in the home and workplace.

Jeff Chen, CableLabs SVP of Global Technology, and I hosted an invitation-only event for cable operators attending the APOStech conference. Representatives from 9 MSOs participated – allowing for an in-depth overview of CableLabs and the opportunities provided for its members. Five MSOs across four countries (China, India, Korea and the Philippines) expressed substantial interest in progressing relationships with and learning more about CableLabs, extending invitations for 1:1 meetings with company executives.

We met with four of our members at the conference:

We were introduced to senior representatives from seven additional MSOs:

CableLabs’ continued expansion in Asia advances its strategy of world-wide collaboration on technology and innovation for the benefit of the global cable community and the customers they serve.  From one member in Asia five years ago, CableLabs has grown to 12 members across Asia and Australia, including: Beijing Gehua CATV Network, Chongqing Cable Networks, Guangdong Cable Network, Henan Cable Network, J:COM, Jiangsu Broadcasting Cable Information Network, nbn, PT Link Net, Shenzhen Topway Video Communication, StarHub, Taiwan Broadband Communications and WASU Digital TV Media Group.

Coincidence or not, CableLabs gained its 60th member on Monday, July 10 following APOStech, Henan Cable, serving Henan Province in China with 4 million video subscribers and 400,000 broadband subscribers.

--

CableLabs is committed to expanding membership and support across Asia and beyond. With 60 members in 35 countries in Asia, Australia, Latin America, North America and Europe, CableLabs provides the opportunity for operators to collaborate with innovators worldwide. Please contact us to discover the value membership in CableLabs.

 

Comments
Innovation

Innovation – How to Effectively Manage, Scale, and Accelerate your Efforts

Chad Riland
Program Manager, Innovation

Jul 13, 2017

CableLabs is chartered to deliver innovative technologies for our industry. Our ability to do this relies on how effectively we manage, scale, and accelerate how we innovate. “Innovate the way we innovate” is a phrase we often use internally.  It summarizes our core belief that to be successful in the long term as an innovation center we must be innovative about how we innovate.

Building a sustainable innovative organization isn’t easy and requires a long-term, holistic effort. Our workflows and systems need to be integrated and we need to enable the engagement of all our employees and our external partners (e.g. members, vendors, academic institutions, and thought leaders outside our industry). Over the past few years, we’ve continuously tuned our innovation approach, making progress on this goal.

The latest example of this is the deployment of an Innovation Management System (IMS). This tool’s purpose is to enhance the effectiveness of our work by improving our ability to measure, scale, and manage our innovations throughout the life cycle. Below, I’ll explain how we utilize our IMS to decrease risk, improve the success of the ideas we put into development and nurture an innovative culture.

Why and how we measure innovation

Our success is a function of asking the right questions and measuring the results. Peter Drucker, the founder of modern business management once wrote: “What we measure and how we measure determine what will be considered relevant, and determine, thereby, not just what we see, but what we—and others—do.” If we apply this to innovation, there isn’t a one-size-fits-all answer.

The issue for organizations is understanding which elements are important to measure their innovation and how to integrate them into the organizational structure and decision processes. That means looking beyond inputs and outputs and measuring how the business as a whole benefit from innovation.

Our IMS helps us better understand the results of our innovation efforts by clearly showing us the scale and state of our Innovation Funnel (e.g. ideas being considered) and Innovation Portfolio (e.g. innovation projects being pursued), as well as their relevance to our strategic areas of interest.  It also provides insight on how our efforts are progressing, and the level of engagement in developing our ideas and projects. Examples of the types of questions we ask ourselves and measure are:

  • What is our run-rate for generating ideas?
  • How many of the projects we are investing in address areas we believe to have a strategic impact on the industry?
  • What methods of inspiration are the most successful at generating impactful ideas?
  • At what rate are ideas and projects maturing and progressing towards fulfilling our innovation objectives?

Not all measurements are valuable, and not all improvements come from measurement insight

Martial arts masters say that there is no such thing as a white belt form (or kata) because those forms are for all ranks and belt levels and are executed with different skills. Similarly, getting to the basics of measurement and improving execution is a task for organizations of all maturity levels. No matter where one sits on the innovation maturity curve, there is some set of measurements that are valuable to improvement.

However, a focused phrase like “what gets measured gets done in innovation” does come with a certain set of risks to be aware of. If you are innovating the way you innovate, gains coming from a broad set of actions and measurement are only one dimension. For many reasons, access to interesting information doesn’t necessarily mean that sharing that information will be valuable and helpful.  Here’s why:

  • The risk of too much information – low-value data obscuring high-value data.
  • The interpretation gap where various audiences can interpret the information differently depending on context, perspectives, and beliefs.
  • The risk that sharing some information causes unintended consequences of being used in ways that detract from engagement or collaboration.
  • Not all improvements come from measurement alone.

To address these and related risks, begin by developing a communication plan for the metrics which include:

  1. The audience for the metrics
  2. The delivery channel
  3. Frequency of sharing/reporting
  4. A plan to add any additional analysis or commentary as part of the delivery to help with interpretation

Our Innovation Management System is much more than just a measurement tool

Adding measurements to the innovation funnel and portfolio doesn’t just give us insight to answer our questions and improve how we innovate in the future, it also serves as a powerful way to inspire, inform, and boost social engagement. This is because our system provides a centralized home for all ideas and patent invention disclosures. It also automates many of the activities to share and evaluate ideas, communicate related decisions and manage workflows throughout their life-cycle.

Centralized accessibility provides transparency and potential inspiration for new ideas. The system also provides a legal record of IP for any future need. Beyond employees and internal innovation, the system is a channel for engagement and idea sourcing from external partners, members, vendors, customers, thought leaders and the open source community.

If we are serious about innovation, then we need to care about the value of the innovation we create

Thinking through what questions you want to answer about your innovation practices is a good place to start to prioritize your measurements. Improved measurement practices and other ancillary benefits of an Innovation Management System will help you identify the sources, practices, and process by which impactful innovation is occurring and create insights to help you take your innovation game to the next level.

--

Don’t forget to look out for my next post to learn more about how CableLabs has sustained a culture of innovation.

For information and opportunities to build your innovation skills, click here to learn more about our Innovation Boot Camp.

Comments
Strategy

CableLabs is Excited to Participate in APOStech 2017 in Hong Kong

Jul 5, 2017

CableLabs is participating in the 2nd Annual APOStech conference this week (July 4-6, 2017) in Hong Kong. Hosted by Media Partners Asia (MPA) and co-sponsored by CableLabs, APOStech is one of Asia’s premier technology and innovation summits. With over  180 participants from around the globe representing cable, telecom and media sectors, the event unites executives and key stakeholders across the Asia Pacific region to discuss technology innovation and trends that are defining the future of the connected consumer.

APOStech affords CableLabs the opportunity to interact with many of our members in Asia, as well as establish relationships with potential new members from countries including India, Korea, Malaysia and the Philippines. This event will introduce CableLabs to the business, strategies, technologies, operations and competition affecting cable operators in regions not currently served by CableLabs to support an increasing diversity of members across Asia.

With broadband subscribers in the region growing to over 560 million by 2021, one of this year’s objectives for APOStech is to address the driving forces and challenges faced by the networks providing content and services to the connected customer. Sessions include insights from broadband network operators across China, India, Indonesia, Korea, Malaysia and Taiwan discussing how cable operators are designing their networks to keep pace with the massive amounts of video data distributed over them and how they are differentiating and monetizing their network investments.

Chris Lammers, CableLabs’ COO and SVP of International Business Development, is providing an overview of Gigabit Broadband Competition in the U.S. The session will also include the technologies innovated by CableLabs and its members by which cable operators are delivering gigabit speeds globally. Chris will focus on the impact of collaboration across the global cable community in advancing broadband technologies at scale and the competitive leadership this strategy provides to cable operators and their customers by way of enhancing the user experience in the home and workplace.

CableLabs’ continued expansion in Asia advances our strategy of world-wide collaboration on technology and innovation for the benefit of the global cable community and the customers they serve.  From one member in Asia five years ago, CableLabs has grown to 11 members across Asia and Australia, including : Beijing Gehua CATV Network, Chongqing Cable Networks, Guangdong Cable Network, J:COM, Jiangsu Broadcasting Cable Information Network, nbn, PT Link Net, Shenzhen Topway Video Communication, StarHub, Taiwan Broadband Communications and WASU Digital TV Media Group.

--

CableLabs is committed to expanding membership and support across Asia and beyond. With 59 members in 35 countries in Asia, Australia, Latin America, North America and Europe, CableLabs provides the opportunity for operators to collaborate with innovators worldwide. Please contact us to discover the value membership in CableLabs.

 

Comments
Security

ETSI Security Week: Securing Networks Requires a Global Perspective

Steve Goeringer
Principal Security Architect

Jun 22, 2017

Cyber attacks are on the rise and a threat to critical infrastructure around the globe. CableLabs along with other service providers and vendors are collaborating through European Telecommunications Standards Institute (ETSI) to ensure best practices are consistently deployed in regards to these attacks.

Take a look at any cyber attack and consider where the attacks come from and who their victims are. You’ll find that almost all attacks are international in scope, with both attackers and victims found across a transnational field devoid of boundaries. Securing our networks and services requires a global response and our evolving practices and strategies must have an international perspective. CableLabs does this by participating in multiple international organizations working hard to evolve our cyber security defenses. Last week, the ETSI hosted a series of focused workshops on network security at ETSI Security Week. CableLabs helped plan this event, and we contributed our insights in presentations and panels.

This annual event is attended by nearly 300 industry professionals and opens a dialogue to develop a common understanding in the industry of best practices. Workshops included public policy impacts on security practices, Machine to Machine/Internet of Things security challenges, securing Network Function Virtualization (NFV) architectures, and, no event is complete without some discussion of 5G. (For more information on 5G see Tetsuya Nakamura’s blog post here.) I presented our experiences in implementing NFV proof-of-concepts and Brian Scriber participated in a panel discussing operator perspectives. Materials shared at the event are available after registration on the ETSI portal here.

As shared here last fall, as well as introducing new security challenges, NFV also presents opportunities to improve the security of future networks relative to legacy infrastructure. Benefits of a well implemented NFV infrastructure enables:

  • More consistent security processes and controls
  • Easier and more rapid security upgrades and patching as threats evolve
  • Improved support for pervasive encryption
  • More cost-effective security and performance monitoring

With the correct implementation, NFV enhances security operations by enabling pervasive monitoring and more agile and flexible responses as cyber threats evolve.

NFV coupled with Software Defined Networking (SDN) enables the creation of an open and distributed architecture which enables operators to create “network factories”. Network factories are fully automated network architectures that are entire supply chains for exciting new services. We need to secure the network infrastructure, as well as secure the software supply chain from code creation to delivery as running code on the platform. This requires a different orientation from today’s operations. Fortunately, NIST has provided a framework for approaching the cyber security aspects of supply chains and it applies well to open and distributed architectures.

ETSI is a leader in providing foundational standards for NFV and is the single most influential body on NFV security best practices today. The ETSI NFV Architectural Framework sets the stage for what most other standards bodies and open source code projects are attempting to achieve. ETSI’s NFV reference architecture does not currently adequately identify all the supply chain cyber security aspects.  Consequently, we haven’t yet defined a comprehensive approach to establishing security associations between all of the components (which may be hardware or software).

Every connection in the network should be considered as a security association. Certain security functions must be implemented for each security association. Each security association should be:

  • Based on strong identity: This means there needs to be a persistent private key associated with a unique identifier and attested (signed) by a certificate or equivalent
  • Authenticated: Using some form of cryptographic challenge
  • Authorized: For both network and process access control and based on a network-wide policy
  • Isolated: From other sub-networks and workloads on virtualized servers
  • Confidential: Including encryption
  • Attested: The infrastructure and communications links are proven to be untampered

ETSI Security Week

Providing a basis for strong identity is proving to be challenging. CableLabs has used PKI-based certificates for strong identity for DOCSIS network now for 17 years with over 500M certificates issued. Yet, achieving consensus to replicate this success amongst the evolving solutions in NFV, IoT, and medical devices are taking time.

Security identity requires three components:

  1. The first element is a secret, which is usually a private key to support authentication and encryption.
  2. The second element is a unique identifier within the ecosystem. DOCSIS network security uses the MAC address for this purpose, but that is not applicable to all other domains.
  3. Thirdly, the identity must be attestable. This means creating a certificate or profile that is signed, which binds the certificate to the secret.

The path to success in implementing globally effective cyber security is to document best practices through specification or standardization with supporting code bases which actually implement those practices. CableLabs is proud to be a major contributor to ETSI’s NFV project. We lead both the ETSI NFV Operator Council and the Security Working Group and we are collaborating with other industry leaders to address these gaps. Further, we work closely with open source code groups such as OpenStack, OSM, OpenDaylight, OPNFV, and we watch emerging initiatives such as FD.io and ONAP. Through our SNAPSTM initiative, we are reinforcing standards work with practical experience.  If these initiatives mature, we will adapt the practices to cable specific solutions.

--

CableLabs is hosting the next ETSI NFV plenary meeting in Denver,CO from September 11-15, 2017. Participation is open upon signing the ETSI NFV participant agreement. Leave a comment below if you’d like to connect with the CableLabs team. We’d love to meet you there!

Comments