HFC Network

How Reliable Is Cable Internet? Here’s How Our Networks Are Performing

Mark Walker
Vice President, Technology Policy

Jul 13, 2020

Starting in mid-March, the world experienced a sudden surge in internet usage driven by the widespread COVID-19 stay-at-home orders that caused many of us to switch to working and studying at home in a matter of days. Cable broadband networks not only withstood this sudden surge in internet usage; they excelled. For example, for the week of June 27–July 4, 99.9 percent of U.S. cable broadband users saw no material impact on customer experience. Looking to the future, cable networks are also well-positioned to remain ahead of sustained increases in consumer demand. Although internet usage appears to have plateaued recently, CableLabs and the broader cable industry continue to develop further network advancements to ensure that internet performance stays well ahead of even the most demanding home users’ needs for years to come.

Internet Usage During COVID-19 and Cable Broadband Services 

Network monitoring provider OpenVault reveals just how much home internet usage jumped over the past few months:

  • In the United States, average daily downstream consumption from 9 a.m. to 5 p.m. in the first week of April totaled about 6.35 GB per household, up 42 percent from 4.46 GB in January. Upstream average usage during business hours rose to 0.39 GB, up 83 percent compared with 0.22 GB in January.
  • Worldwide, looking at a sample of 500 fixed, mobile and Wi-Fi network providers, networking equipment provider Sandvine found that overall traffic increased 40 percent between February 1 and April 19. It also found that upstream traffic rose 121 percent during this period.

Even considering these dramatic increases, home internet use remains heavily asymmetrical. The amount of data transmitted to the home (downstream) vastly outweighs the amount of data transmitted from the home (upstream). This is driven by the continued use of video streaming services (e.g., Netflix, YouTube) that require substantial amounts of data to be transmitted to the home to enable the user to view a movie, TV show or other video. These applications require very little data transmitted from the home.

Two-way video collaboration tools (e.g., Zoom, Microsoft Teams) do require more data to be transmitted from the home (upstream) in comparison with video streaming services due to two-way audio and video functionality. Even with the increased use of these collaboration tools, upstream data transmissions remain well below a tenth of total data transmitted over home internet connections.

The predominance of downstream use is further confirmed in the detailed examination of broadband use from a top-tier North American cable broadband operator, as set forth in Figures 1 and 2 below. Over the past 8 years, the proportion of downstream traffic has increased and plateaued at roughly 92–94 percent of total traffic at peak. Looking more closely at the most recent 5 months illustrates the rapid increase in internet use due to COVID-19. Even with upstream increasing at a faster rate than downstream, upstream use at peak maxed out at only 9 percent of total traffic, as illustrated in Figure 2. Additional metrics, trends and observations on cable internet usage can be found on NCTA’s COVID-19 Dashboard.

How Reliable Is Cable Internet? Here’s How Our Networks Are Performing, Figure 1

Figure 1: 2012 through June 2020, Average Downstream and Upstream Peak Use (kbps and %) per Subscriber from a Top-Tier North American Cable Broadband Operator

How Reliable Is Cable Internet? Here’s How Our Networks Are Performing, Figure 2

Figure 2: Mid-February 2020 through June 2020, Average Downstream and Upstream Peak Use (kbps and %) per Subscriber from a Top-Tier North American Cable Broadband Operator

Cable Broadband’s Outlook Is Healthy

The asymmetric design of cable’s internet service tiers accurately matches how consumers have been using the internet, even with the increased use during stay-at-home orders. This is important both to ensure a high-quality user experience and to efficiently allocate available network capacity. Cable operators continually monitor their networks and engineer them to accommodate significant fluctuations. There are indications that these increased levels of usage will be foundational as new use cases emerge and as a significant segment of the population continues to work and learn from home. For example, many companies have found that their remote workers maintained or even improved productivity—so much so that they may make the arrangement permanent.

Cable network technology, more formally known as Data Over Cable Service Interface Specification (DOCSIS®), has the flexibility and performance capabilities to handle further increases in consumer demand in both downstream and upstream data transmissions. With DOCSIS 3.1 technology, the current widely deployed version of cable network technology, cable operators are making gigabit services broadly available. For example, cable gigabit services are now available to 80 percent of U.S. housing units.

And there are more performance enhancements on the horizon with the recently released DOCSIS 4.0 specification, which will readily enable multi-gigabit internet services. In addition, the 10G platform provides increased reliability, enhanced security and reduced latency.

Taking a peek into the future, cable broadband networks have not only excelled in the initial surge in internet usage caused by the COVID-19 pandemic, but they will be ready for the potential long-term changes in consumer behavior that will drive increased internet usage. To learn more about the technologies that power cable’s broadband internet services today and into the future, click the button below.

Learn More About CableLabs' Technologies

Policy

Driving Increased Security in All IoT Devices

Mark Walker
Vice President, Technology Policy

Sep 18, 2019

CableLabs engages with the IoT industry and the broader stakeholder community, including governments, to help drive increased IoT device security.  The rapid proliferation of IoT devices has the potential to transform and enrich our lives and to drive significant productivity gains in the broader economy. However, the lack of sufficient security in a meaningful number of these newly connected devices creates significant risk to consumers and to the basic functionality of the Internet. Insecure IoT devices often serve as building blocks for botnets and other distributed threats that in turn perform DDoS attacks, steal personal and sensitive data, send spam, propagate ransomware, and more generally, provide the attacker access to the compromised devices and their connections.   

To help address the challenge of insecure IoT, CableLabs along with 19 other industry organizations came together to develop “The C2 Consensus on IoT Device Security Baseline Capabilities” released earlier this week.  The broad industry consensus identifies cybersecurity baseline capabilities that all new IoT devices should have, as well additional capabilities that should be phased in over time.  The development kicked off in March with a workshop hosted by the Consumer Technology Association (CTA). Over the past months, the group has coalesced around the identified cybersecurity capabilities.  These include capabilities in the areas of device identity, secured access, data protection and patchability, among others.   

CableLabs has also engaged with the National Institute of Standards and Technology (NIST) as it develops its recently released draft report, “Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers.” Both industry and governments largely agree on the capabilities that must be included to increase device security. Like the C2 Consensus, NIST focuses on foundational cybersecurity capabilities, including device identity, secure access, patchability of firmware and software, protection of device configuration and device data, and cybersecurity event logging.    

The cybersecurity capabilities identified in the C2 Consensus and NIST will help prevent and minimize the potential for exploitation of IoT devices.  Both documents provide a strong foundation and help point IoT manufacturers in the right direction on how to increase device security. However, cybersecurity is an ongoing journey, not a destination. Security practices must evolve and continue to improve to address new and emerging threats and changes in technology. This foundation must continue to be built on overtime.   

CableLabs has long been a leader in the development of security technologiesFor decades, CableLabs has helped guide the cable industry in incorporating many of the identified security capabilities into cable devices and has ensured the maintenance and advancement of these capabilities over time. For instance, since the first DOCSIS specification in 1997, CableLabs has helped ensure the protection of data: All traffic flows between each cable modem and the CMTS are encrypted to protect the confidentiality and integrity of those transmissions. This is not a once-and-done process; CableLabs has and must continue to advance the cryptography used in cable devices to protect against new and more powerful brute force attacks and other potential threats. Similarly, nearly 20 years ago, CableLabs adopted PKI-based digital certificates to support strong device identity and authentication for devices connecting directly to the cable network (e.g., cable modems, Internet gateways, set-top boxes). Since the initial implementation, CableLabs has continued to advance its PKI implementation to address new and emerging threats.   

 CableLabs has leveraged its experience and success in developing and implementing cybersecurity technologies in cable devices to help drive increased security in IoT devices.  The underlying fundamentals, as well as many of the approaches to implementing, are transferable to IoT, as detailed in our white paper, “A Vision for Secure IoT”. We’ve not only engaged with the C2 Consensus and NIST’s IoT security efforts, but also in industry specification organizations, specifically the Open Connectivity Foundation (OCF)—to develop secure interoperability for IoT devices. OCF has implemented nearly all of the identified capabilities in its specification, tests for the capabilities in its certification regime, and provides the capabilities, free of charge, in its open source reference implementation – IoTivity.         

 Since publishing “A Vision for Secure IoT” in the summer of 2017, industry and the broader stakeholder community, including governments, recognize and have begun to address the challenge of insecure IoT.

Download the C2 Document

Events

CableLabs Sponsors FCBA/IAPP “Data Is King”

Mark Walker
Vice President, Technology Policy

Kelton Shockey
Technology Policy Associate

Apr 29, 2019

Many of today’s most popular consumer products and services are powered by the exponential growth in the generation, collection and use of personal data, enabled by ever-increasing broadband capacity, processing power and storage. These products and services provide consumers with unparalleled personalization, efficiency and convenience. However, the technologies and practices surrounding personal data also create new dimensions of risk to individuals, institutions and society alike.

In response, governments both in the United States and around the world are under increasing pressure to develop new legislation and regulatory models to address these growing concerns. In the past year alone, we have seen the implementation of the European Union’s sweeping General Data Protection Regulation (GDPR), the passing of the California Consumer Privacy Act, and multiple hearings in the U.S. Congress stemming from numerous data breaches and other scandals involving the potential misuse of consumers’ personal data. Here at CableLabs, we recognize the interplay and potential impact of emerging privacy regulations on the direction of next-generation Internet applications.

In that spirit, CableLabs sponsored “Data Is King” – U.S. Privacy Developments and Implications for Global Markets and Technology Development, a recent event co-hosted by the Federal Communications Bar Association (FCBA) Rocky Mountain Chapter and the IAPP Denver/Boulder KnowledgeNet Chapter. The event gathered luminaries from across the policy and technology spectrum to explore trends and recent developments in privacy law and regulation, as well as the potential impact that these policies will have on the products and services of tomorrow.

The event was kicked off by Martin Katz (Chief Innovation Officer and Senior Advisor for Academic Innovation and Design at the University of Denver and the Executive Director at Project X-ITE). Katz discussed the existing gaps and fragmentation in today’s U.S. privacy regime and highlighted the drawbacks of the EU’s approach to comprehensive personal data protection legislation (GDPR). In Katz’s view, such an approach creates a significant and costly compliance regime that can stifle new startups and small businesses, and more generally, innovative new products and services. He emphasized that any comprehensive U.S. federal regime should recognize and seek to minimize compliance costs and ensure room for innovation while protecting consumer choice, trust and accountability.

Tracy L. Lechner (Attorney and Founder at the Law Offices of Tracy L. Lechner) moderated the first panel session, focused on trends and recent developments in privacy regulations domestically and internationally, with the following panelists: Beth Magnuson (Senior Legal Editor of Privacy and Data Security at Thomson Reuters Practical Law); Dale Skivington (Compliance and Privacy Consultant, Adjunct Professor at the University of Colorado, and Former Chief Privacy Officer at Dell); Erik Jones (Partner at Wilkinson, Barker, Knauer); and Scott Cunningham (Owner at Cunningham Tech Consulting and Founder of IAB Tech Lab).

The panelists agreed that the general position of industry has evolved from a preference for best practices with agency oversight to a recognized need for U.S. federal legislation. This shift has been spurred by a desire for a common compliance framework in light of developing differences in state laws and diverging international privacy regimes. The panelists emphasized that changing privacy regulatory requirements has forced organizations to make frequent and costly IT overhauls to ensure compliance that arguably create little to no value for consumers. For instance, GDPR’s expansive definition of “personal data” created a herculean project for large organizations to take the foundational step of identifying and classifying all the potentially covered data. The panelists agreed that state attorneys general could have a valuable and thoughtful role in enforcement, but they also believe that specific requirements should be standardized at the federal level and be based on an outcome- or risk-based approach, unlike GDPR’s highly prescriptive approach.

Mark Walker (Director of Technology Policy at CableLabs) led a second-panel discussion, focused on the interplay of privacy regulation and technology development. The panel featured Walter Knapp (CEO at Sovrn), Scott Cunningham and Danny Yuxing Huang (Postdoctoral Research Fellow at the Center for Information Technology Policy at Princeton University). Walker framed the panel discussion in historic terms, highlighting the privacy concerns generated through the widespread availability of the portable camera in the late 1800s, through the emergence of electronic eavesdropping capabilities in the 1960s and, more recently, through the broad adoption of RFID technology. For each of these examples, public concern drove legal and regulatory changes, but more fundamentally, the privacy “panic” subsided for each technology as society became more familiar and comfortable with each technology’s balance of benefits and drawbacks.

Through that lens, the panelists examined GDPR and highlighted the high associated compliance costs, from both a technical implementation and revenue perspective. Faced with these costs, many smaller publishers are choosing to cut off access to their content from covered geographies rather than trying to comply. In comparison, large Internet firms have the resources to ensure compliance even in a costly and highly fragmented regulatory environment. Until recently, the Internet has largely matured without defined geographic borders and has nearly eliminated global distribution costs for smaller publishers. However, this trend may be reversed in the face of an emerging fragmented and highly regulated environment, reducing the viability of smaller publishers and driving unintended market concentration.

Turning to emerging technologies, Huang described his research into the security and privacy implications of consumer Internet of Things (IoT). He provided an overview of a newly released research tool, Princeton IoT Inspector, that consumers can easily use to gain detailed insights into the network behaviors of their smart home IoT devices. Through this tool, consumers can gain a better understanding of how IoT devices share their personal information. He illustrated how IoT Inspector was able to identify the numerous ad networks and other domains a streaming video device communicated with while streaming a single television program; surprisingly, the streaming device communicated with more than 15 separate domains during that single streaming program.

The event closed with Phil Weiser, Colorado’s Attorney General, providing keynote remarks that outlined the current state of legislative efforts, explained potential approaches that address key privacy challenges and highlighted the role of state attorneys general in developing regulatory approaches and enforcing them. Attorney General Weiser recognized that although curbing a patchwork of state laws in favor of a single federal one would be the ideal outcome, it is unlikely to happen in a reasonable timeframe, saying:

A first best solution would be a comprehensive federal law that protected consumer privacy. Such a law, like the Dodd-Frank law, should authorize State AGs to protect consumers. When Congress starts working on such a law, I will be eager and willing to support such an effort. After all, differing laws and reporting requirements designed to protect privacy creates a range of challenges for companies and those working to comply with different—and not necessarily consistent—laws.

In today’s second-best world, I believe that States have an obligation to move forward. We should do so with a recognition that we need to collaborate with one another and develop approaches that recognize the challenges around compliance. We can use your help and engagement and we work towards just this end.

As CableLabs continues to focus on developing new and innovative network technologies, we must continue to ensure that we have a sound understanding of the rapidly evolving privacy landscape, both here and abroad. But, just as importantly, policymakers should have a sound understanding of how the various regulatory approaches may impact current and developing technologies. Events like this help bridge those gaps in understanding.


SUBSCRIBE TO OUR BLOG

Policy

The Gigabit Internet Dream Continues to Expand

Mark Walker
Vice President, Technology Policy

Nov 1, 2018

Cable gigabit service availability continues to expand – as of June 2018, 63% of U.S. housing units – 74% of the cable broadband footprint – had gigabit service or better available from their local cable operator. This is up seven percentage points in just three months and has expanded by 16X in 18 months. Cable is making the gigabit Internet dream a reality. Coincident with this update of the cable industry’s gigabit deployment data, we are also releasing a new installment in our Inform[ED] Insights series that explains the technology that enables these gigabit networks.

 

Gigabit Speeds Q2 Data

Cable’s deployment of high-capacity broadband networks is enabling the gigabit services of today and the symmetric multi-gigabit services of tomorrow. With the wide availability of gigabit service and beyond, the broadband infrastructure is in place to power emerging technologies that will transform and enhance our lives through immersive entertainment, next-generation healthcare and a reimagination of education and work.

CableLabs and the cable industry are continuing to advance the capacity and performance in each segment of the cable broadband network to remain well-ahead of consumer demand. We are focused on developing innovative network technologies in the areas of coax (e.g., DOCSIS 3.1 and full duplex DOCSIS), fiber (e.g., coherent optics in the access network), and wireless (e.g., Wi-Fi and 5G), as well as defining optimal network architectures to provide the necessary capacity and performance in each segment of the network for today’s gigabit services and those anticipated in the future.

Ready to see how the cable industry is driving gigabit speeds from the lab to the consumer? Click on the link below to download our new Inform[ED] Insights white paper.


Driving Gigabit Speed: From Lab to Consumer

Innovation

Living the Gigabit Internet Dream

Mark Walker
Vice President, Technology Policy

Sep 20, 2018

“Gigabit” is the Internet dream. It means connectivity at blazing-fast speeds, with enough bandwidth for any device imaginable, where the online world is your oyster. Cable is rapidly making this dream a reality by making gigabit Internet service available to consumers.

Looking back just a couple of years, the prospect of widely available gigabit service was unimaginable. As of December 2016, only 4% of US housing units had cable gigabit available. In just fifteen months, cable operators in the US have increased that number by 14X. CableLabs regularly surveys our members, and we know that as of March 2018, 56% of US housing units – 66% of the cable broadband footprint – had gigabit service or better available from their local cable operator. That number is poised to climb higher as DOCSIS 3.1 technology is deployed across cable networks.

 

Gigabit Internet Speeds

But, This is Only the Beginning of the Story

CableLabs and the cable industry are investing in further network innovations to enable broadband technology to stay well ahead of customer demand for years to come.

Over the past 35 years, available consumer Internet speeds have followed what is known as Nielsen’s Law, increasing at roughly a 50% compound annual growth rate. Gigabit service is just the latest step in the history of ever-increasing speeds. If past is prologue, we can expect to see the availability of 10-gigabit service offerings around 2024, enabling experiences that are difficult to imagine today.

gigabit internet

Pushing the Gigabit Internet Envelope

The cable industry is preparing for our ever-faster future. We’re examining each segment of the network and developing new technologies to advance the performance of cable networks. The main elements of our work to drive further capacity and performance are:

  • DOCSIS: CableLabs is currently working to commercialize the next generation of DOCSIS technology. Full Duplex DOCSIS 3.1 will enable cable operators to provide symmetric gigabit service to customers – eliminating the upstream constraint and fully unleashing the power of cable.
  • Fiber: To ensure sufficient capacity in the fiber portion of the cable network, CableLabs has focused on adapting coherent optics. Coherent optic technologies have the potential to increase the per-strand capacity in cable networks by orders of magnitude over currently available digital optics technologies. This is an essential element in cable’s fiber-rich networks to deliver greater performance for consumers.
  • Wireless: We all experience our broadband service through our Wi-Fi connection. So, our ability to take full advantage of cable network advancements depends on the performance of that Wi-Fi connection. To ensure the reliability and improve the overall performance of Wi-Fi, CableLabs has developed protocols for Wi-Fi proactive network maintenance (Wi-Fi PNM) to quickly solve connectivity problems, advanced global standards for Wi-Fi to usher in next-generation technologies, and increased wireless bandwidth through spectrum policy engagement.

The continued innovations of CableLabs and the cable industry have enabled cable operators to provide broadband service that is well ahead of consumer demand. Cable networks are high-capacity, efficient, and future-ready to meet ever-increasing consumer demand for broadband performance.

For more information on how the cable industry is driving gigabit speeds from the lab to the consumer, please click below. 


Learn How We Are Driving Gigabit Speeds

Events

CableLabs Hosts “Cyber Risks in an IoT World”

Mark Walker
Vice President, Technology Policy

Kelton Shockey
Technology Policy Associate

Apr 10, 2018

Security provides the fundamental trust that enables the growth of broadband, and as the number of connected devices grows rapidly, all actors must make it a priority. The cable industry’s security expertise and investment positions it to play a constructive role in this rapidly evolving, global challenge. Here at CableLabs, we continue to focus on cybersecurity in our innovation and R&D work, and we recognize the interdependence of public policy and technology developments in this area.

In that spirit, we recently hosted an event at our facilities in Colorado entitled Cyber Risks in an IoT World, which was co-presented by the Rocky Mountain Chapter of the Federal Communications Bar Association (FCBA) and Silicon Flatirons. Our primary goal was to shine a spotlight on key elements of federal cybersecurity policy and the evolving risk faced by enterprises in light of the rapid proliferation of Internet of Things (IoT) devices. The event featured Evelyn Remaley, Deputy Associate Administrator at the Office of Policy Analysis and Development of the National Telecommunications and Information Administration, U.S. Department of Commerce, among other notable speakers and attracted over 60 attendees from the local and regional technology policy and legal communities.

CableLabs’ Rob Alderfer kicked off the event by laying out the broader context, including the trends that are driving increased risk to consumers and the basic functionality of the Internet.  With the constant barrage of new cyber incidents, often driven by IoT devices vulnerable to exploitation, governments at all levels are taking notice and grappling with the rapidly evolving threat. Cybersecurity is no longer the domain of the IT department, but rather a key area of governance for all enterprises. You can read more about our vision for improving IoT cybersecurity here.

Clete Johnson (Wilkinson Barker Knauer, LLP) provided a primer on federal cybersecurity policy that cast the Internet and enterprise networks as the battlefields, espionage platforms, and crime scenes of the 21st century. The current regulatory landscape can be subdivided into several broad areas: the threat environment, the policy environment, government activities, and the developing policy consensus across government and industry. The threat environment is characterized by the increasing number of more and more severe attacks. These attacks originate from both non-state actors (organized crime groups, proxies for nation-states, hacktivists, and, potentially, terrorists) as well as state actors (Tier I intelligence services and their allies and partners). However, the line between non-state and state actors often blurs and these groups often overlap. Johnson also detailed the developing policy consensus that centers around dynamic, flexible risk management; a shared responsibility across all stakeholders; mutually beneficial public-private partnerships; and a move beyond the “punish the victim” enforcement. This developing consensus is largely embodied in the Cybersecurity Executive Order and its implementation.

Evelyn Remaley (NTIA) delivered the keynote presentation on the Cybersecurity Executive Order, the developing Botnet Report required by the Order, and, more broadly, the NTIA’s work in cybersecurity through the multi-stakeholder process. Remaley emphasized that NTIA recognizes the complexity of the ecosystem and sees it as a multi-textured and evolving global system that requires an agile, inclusive cyber policy approach. Two truths underlay that perspective:

  1. To protect innovation, there must be stakeholder-driven policy outcomes that are flexible enough to adapt quickly to changes in technology
  2. No single industry sector or the government will be able to solve the challenges facing the Internet ecosystem, because while the Internet is largely managed by the private sector, governments, civil society, and individuals all have key roles. Successfully addressing cyber threats requires collaborative efforts from across the Internet ecosystem. The ongoing effort to produce the Botnet Report is an example of this collaborative approach in action.

Panel Discussion with Evelyn Remaley

The panel discussion following Remaley’s presentation tackled both baseline questions around the incentives at play in the current IoT ecosystem and the upcoming Botnet Report’s role in addressing the risk of distributed threats, as well as practical questions about where the policy development process goes after the final report is released. Mark Walker moderated the panel discussion between Evelyn Remaley (NTIA), Michael Bergman (Consumer Technology Association), and Tracy L. Lechner (Brownstein Hyatt Farber Schreck, LLP). The panelists discussed the incentives misalignment that keeps a significant number of IoT providers from investing in better device security, including the perception that consumers do not place a significant value on security and that increased security comes at a significant cost (time and/or money). They also discussed the availability of effective security controls and the various industry efforts to drive increased adoption of those controls.

Panel Discussion on Risk Landscape for Enterprises

The final session entitled The Risk Landscape for Enterprises: Attacks, Recovery, Liability, and Compliance covered the cybersecurity threat landscape from the enterprise perspective. This panel was moderated by Blake Reid (University of Colorado Law School; Silicon Flatirons) who lead the discussion with Paul Diamond (CenturyLink), John Diana (LogRhythm, Inc.), Ryan Howe (Webroot, Inc.), and Deborah Shinbein Howitt (Lewis, Bess, Williams & Weese, P.C.). The discussion focused on the challenges enterprises of all sizes face when tackling the rapidly changing cybersecurity risk landscape, including limitations on resources and talent, as well as the task of understanding and complying with the numerous legal obligations coming onto the scene. Much like developing a cybersecurity program, building up the required legal policies begins with identifying the most critical data a business handles (e.g., healthcare information, social security numbers, credit card information) and then creating incident response plans that meet the most stringent obligations in those areas first. The NIST Cybersecurity Framework was highlighted as providing an enterprise with a structured approach to assessing cybersecurity risks and developing a robust cybersecurity program that matches its unique needs.

As CableLabs continues to focus on developing new and innovative security technologies, we must continue to ensure we have a sound understanding of the rapidly evolving cybersecurity policy landscape, both here and abroad. But, just as importantly, policymakers should have a sound understanding of current and developing technologies. Events like this help bridge those gaps in understanding.

Find out more about our Events

Security

Cable’s Role in Cybersecurity

Mark Walker
Vice President, Technology Policy

Oct 19, 2017

The cable industry does more than just provide internet connectivity for millions of customers: it also plays an active role in driving security in the broader internet ecosystem. Cable operators have a long history of successfully defending against attackers seeking to steal service, customer data and video content. The cable industry has been protecting the delivery of high-value video content for over 30 years through technology that has never been breached in a successful, scalable manner. Moreover, the industry has been setting fundamental broadband security features through cable internet access standards for over 20 years to ensure the confidentiality, integrity and availability of cable broadband services globally. As the details and motivations of attacks continue to evolve, so does the security incorporated by cable operators.

Of particular focus for CableLabs is the urgent need to address the risks associated with insecure internet-connected devices (“Internet of Things” or “IoT”). IoT represents the next major axis of growth for the internet. But, without a significant change in how IoT providers approach security, the explosion of connected devices increases the risk to consumers and to the basic functionality of the internet. The consensus forecast has the number of devices connected to the internet doubling (or more) between 2016 and 2020. To the extent these devices do not contain sufficient security, the number of potential attack vectors will multiply rapidly as IoT proliferates.

A Comprehensive Approach to Addressing Insecure IoT

A combination of mitigation and prevention is necessary to fully address the current and emerging threats posed by insecure IoT. The cable industry recognizes that addressing these security risks (e.g., botnets) is a shared responsibility across the entire internet ecosystem. To this end, cable operators have invested substantially in developing and deploying measures to reduce the risks associated with insecure IoT, including DDoS and other botnet attacks, with a primary focus on protecting networks to ensure the availability of broadband service.

Mitigation

Cable industry efforts to improve measures that seek to mitigate attacks against their networks and their customers include both individual and collaborative measures:

  • The development and advancement of compromised-device detection and identification systems
  • Customer notification and remediation programs
  • Distributed denial of service (DDoS) monitoring and mitigation systems
  • IP-address spoofing prevention technologies and cybersecurity information sharing systems

In addition to maintaining and expanding these existing techniques, CableLabs and cable operators are also working on next-generation networking technologies to help reduce these risks.

Prevention

Although Internet Service Providers (ISPs), including cable operators, have been working on mitigating the effects of compromised and insecure devices for more than 15 years, these efforts ultimately only address the symptoms and not the root cause of the problem. The challenge of this task has already begun to outpace current and anticipated techniques. Unfortunately, IoT providers have not generally incorporated the needed security measures or committed to maintaining the security of their IoT devices. To fully address the risks posed by insecure IoT devices, IoT providers must drive increased security into future connected devices. Preventing compromised devices must be a substantial part of the industry’s shared responsibility in addressing the risks posed by insecure IoT to consumers and the internet.

Increasing IoT Security through an Industry-Led, Standards-Based Approach

Industry-led standards represent the most promising approach to increase IoT security. Given the global and constantly evolving nature of threats, the industry must utilize its expertise with a goal to develop, adopt and enforce fundamental IoT security measures. To achieve the needed level of security, an IoT security standard must address:

  1. Device identity
  2. Authentication, authorization, and accountability (onboarding)
  3. Confidentiality
  4. Integrity
  5. Availability
  6. Lifecycle management
  7. Future (upgradable) security

A robust technical standard is necessary, but not sufficient. To establish value and credibility in the marketplace, an open and balanced development organization must be established to ensure due process and consensus, drive widespread adoption of the standard, address the intellectual property rights of participants and ensure conformity through strong certification testing and enforcement of the standard.

To this end, CableLabs and a number of cable operators are actively engaged in the Open Connectivity Foundation (OCF). The OCF is an industry effort to develop an open specification to enable connected devices to securely communicate with one another regardless of manufacturer, operating system, chipset or physical transport. OCF membership is broad-based with over 300 members, including leading companies at all levels of the IoT space – silicon, software, platform and finished-goods. CableLabs and Comcast hold board seats and CableLabs chairs the Security Work Group of OCF. In addition, CableLabs contributes to IoTivity, a Linux Foundation Collaborative Project sponsored by OCF, which provides an open source reference implementation of the OCF specification that will further enable broad adoption.

Engaging with the Broader Internet Ecosystem

CableLabs and the cable industry have enabled cable-based security technologies to be leveraged in the wider internet ecosystem, including in Wi-Fi hotspots, smart grid devices and medical communications, through CableLabs’ subsidiary, Kyrio. The cable industry also provides broad-based technology thought leadership on security through substantial contributions to the Internet Engineering Task Force (IETF), the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), Wi-Fi Alliance and the Broadband Internet Technical Advisory Group (BITAG), among other leading technical bodies.

Broadband service continues to become more integral to economic activity and social connectivity. The number of connected people and devices continues to grow, as does broadband network capacity and performance. Security provides the fundamental trust that enables these trends, and as the internet ecosystem grows, all actors must make it a priority.

You can find more information about CableLabs' role in securing the future in our Inform[ED] Insight papers "A Vision for Secure IoT" and "Securing Networks in the Broadband Age."

Education

Enabling the Transformation of Education

Mark Walker
Vice President, Technology Policy

Aug 30, 2016

Education, like every other part of life, is being fundamentally transformed by the ubiquity of connectivity and inexpensive computing and storage. Technology is enabling this transformation, but it is driven by the much broader trend in the economy — the transition of the workforce from a manufacturing economy to a knowledge economy.

On July 19-20, CableLabs hosted an Education Summit that brought together thought leaders from across the education sphere and the cable industry to explore the current challenges facing education as well as those of the future. The education system is beginning to see the transformative potential of technology — whether through "one-to-one" initiatives, integration of virtual reality, or gamification. Through the two-day event, three trends stood out in driving a fundamental transformation of education.

Fundamental Shift Toward Experiential and Problem-based Learning

Not surprising to anyone, the need to memorize facts has been largely replaced by Internet search, but unfortunately, the education system is still catching up.  The skills for the jobs of today and tomorrow require problem solving, critical thinking, creativity, communication, and collaboration, all skills that are most readily developed through experiential and problem-based learning.

Experiential and problem-based learning can take many forms — "curriculum built on inquiry, project-based learning, internships, service-learning, and entrepreneurial innovation bring the relevance of academic content and simultaneously develop" the necessary skills for the workforce of tomorrow.  The current emphasis to more broadly include the development of computer programming skills melds well with a project-based focus, whether developing apps, games, or websites, applying computer science to solve a real world problem is the key.   Project-based learning is not limited to the digital world.  Makerspaces enable students to create and solve physical world problems using the latest in prototyping and machining technology — 3D printers, CNCs, laser cutters, etc. The key is enabling students to meaningfully contribute to addressing real world problems in their communities.

One amazing example of community-relevant, problem-based learning is the Global Earthquake Forecasting System, which teamed NASA researchers with Alaska high school students in Ketchikan, Kodiak and Old Harbor — where earthquakes and tsunamis pose a significant risk. "Using new cutting edge sensing instruments, the students collect and analyze data used to detect early signals that occur prior to an actual earthquake event. Their findings are then reported to NASA project managers."  For their earthquake forecasting work, the Kodiak high school team was awarded first place in 2015 NASA World Wind Europa Challenge, “an annual university-level competition that provides an opportunity for the world's 'best and brightest' to deliver sustainable solutions that serve local, regional, national or international interests.” Not only were they the first ever submission from a high-school team, but they won.

Disruption of Institutions and Curriculum Creation

Learning is no longer limited to the classroom and technology is enabling a fundamental shift of the role of the teacher – from that of "lecturer" to that of "coach." This new paradigm takes many forms and is often referred to as personalized learning, blended learning, or flipped classroom and all have a similar theme of turning the traditional education model inside out and putting the student at the center of an individualized experience.

This new paradigm allows variation, innovation, and “student input into (and even control of) the time, pace, path, and place of learning.” Only with advances in technology and widespread access to connectivity will this new paradigm be able to be implemented effectively, affordably, and equitably.

Ubiquitous connectivity, devices, and inexpensive computing and storage along with low-cost and easy to use tools are also enabling a decentralized approach to curriculum and content creation.  Teachers are now able to easily create their own curriculum and content — free from the confines of the traditional text book.  The tools for creating and integrating media rich content are readily available.  Moreover, platforms, like “Teachers Pay Teachers” enable a market for teachers to exchange the lesson plans and other content they create with other teachers.

Transformative Experience - Immersive and Interactive Virtual Agents

Artificial intelligence (AI) and virtual agents also promise to transform the education experience, just as they will transform entertainment and work.  AI and virtual agents will create a platform to preserve and provide history in an engaging format, never before possible.  One example is the natural language AI created based on the holocaust survivor Pinchas Gutter.  His story will now live on forever through an interactive hologram that can respond to questions about the holocaust and ensure this part of history is never lost.

The promise of AI goes well beyond just preserving history.  It will facilitate an individualized and customized interactive experience that has the potential of providing just the right engagement at just the right time to ensure students can successfully achieve the desired education outcome – true personalized learning.  AI will not only be able to react to the words we use, but will also be able to read and react to our emotions to facilitate a more comfortable and conducive environment for learning.  Using facial and other non-verbal data, the virtual agent will be able to detect fear, frustration, and confusion, among other emotions, to better guide the student’s experience.

All of these trends will drive the network and service requirements necessary to serve the education market of tomorrow – a more decentralized, collaborative, and interactive environment.  CableLabs and the cable industry continue to work to develop the technologies required to support a transforming education system — whether that is through increasing network capacity, improving performance, or enhancing network security, to name just a few of our efforts.