On the Path to 10G: CableLabs Publishes Flexible MAC Architecture Specification
Today we are pleased to announce the release of the Flexible MAC Architecture (FMA) library of specifications. Along with the FMA System specification, we are also releasing the FMA MAC Manager Interface (MMI) and the FMA PacketCable Aggregator Interface (PAI) specs. This is the culmination of thousands of hours of work across the cable industry, on a global scale.
The FMA project is a part of the larger Distributed Access Architecture program at CableLabs. This program includes Remote PHY (R-PHY) as well as other projects like DOCSIS 4.0, Coherent Optics and others. FMA defines the standardization of the complete disaggregation of the CCAP management, control and data planes. The specification provides standard interfaces between OSS/NMS/Orchestration and the FMA management and control planes as well as a standard interface abstraction layer to cable access equipment. All of this allows for vendor independence and equipment interoperability.
As a part of the suite of technologies that support the 10G platform, FMA is a key disaggregated access network architecture that supports DOCSIS 4.0 requirements to achieve downstream speeds up to 10 Gbps and upstream speeds up to 6 Gbps. The FMA technology is complementary to the R-PHY technology and together complete a toolset of disaggregated technologies to support an operator’s next-generation data services.
FMA specification work started in late 2017 and was described in a February, 2018 video blog post. When this project kicked off at the behest of the cable industry, CableLabs and its partner vendors worked with an operator steering committee to define the scope of the project that set the wheels in motion for the development of the specification and issued release today.
What’s Next For FMA
The issuance of the specification is the initial step in a comprehensive process in order for CableLabs vendor partners to develop products and ultimately for operators to deploy those products and provide 10G services. We will continue to develop the specifications and it is our plan to begin FMA in-depth interoperability events in 2021.
If you would like to participate in the FMA working group activities, please make your request via firstname.lastname@example.org.
Welcome to the Smart Home of the Future, Powered by 10G
Today, we’re very excited to announce another successful milestone on the road to 10G. We’ve partnered with Mediacom Communications—one of the first cable operators to roll out gigabit service to all of its customers—and the NCTA-The Internet & Television Association to bring you a real-life demonstration of how 10G will power the smart home of the future. This demonstration is part of the first-ever 10G field trial conducted by Mediacom in Ames, Iowa.
Introduced in early 2019 as cable’s next great leap forward for broadband, the 10G platform will power a new wave of innovation that will be able to take full advantage of its ultra-fast, multi-gigabit symmetrical download and upload speeds, imperceptible latency and enhanced security and reliability. We’ve talked a lot about 10G over the past year and have even made a few videos to help you visualize what this new world might look like in the near future, but this is the first time we’re participating in a demonstration that brings the 10G vision to life.
What Is Mediacom’s 10G Smart Home?
In simple terms, Mediacom’s 10G Smart Home is a lab. It’s a working technology laboratory wired for ultrafast speeds that allows Mediacom to test cutting-edge consumer applications in a real-world environment. What might look like an ordinary home is anything but! From the kitchen to the laundry room, every living area of this home has been outfitted with smart home technologies that will help the “future you” live your best life. The showcase includes:
- Kitchen devices that blend IoT technology to create wholesome food
- Telemedicine connections to improve patient engagement and care
- Home automation technology that allows control of the environment with one tap or command
- High-energy egaming played with low latency and seamless engagement and interactivity
- Immersive entertainment experiences
- Virtual and augment reality applications powered by the body’s own electricity to de-stress and quiet the mind
- A variety of other technologies that can help with pet care, working from home, distance learning and even window washing
This demonstration is a thrilling glimpse into the ways 10G can transform and enhance every aspect of your life.
Inside the home, CableLabs showcases the next generation of display technologies for entertainment, research and education. As you can imagine, holographic video requires an enormous amount of data, but we’ll soon see holographic 3D images and video that won’t require glasses or heavy headwear. These are the types of experiences that our 10G platform will make possible.
Launched on September 17, 2020, Mediacom’s 10G Smart Home launch event included welcome messages from former FCC Chairman and NCTA CEO Michael Powell, CableLabs CEO Phil McKinney as well as high-profile attendees such as representatives from state and local government, the press and tech influencers.
A True Tech Paradise
In a tech world, innovation faithfully follows the classic “if you build it, they will come” philosophy, which means that as internet speeds increase, new inventions come to light. Think about holodecks, video walls, immersive cord-free VR experiences and many other technologies that we haven’t even imagined that will help us live, learn, work and play in the future. Cable’s 10G platform will give innovators the flexibility they need to dream up big ideas that aren’t constrained by data limits and pave the way for a new hyperconnected future. That’s why demonstrations like Mediacom’s 10G Smart Home are so important.
Rise of Cloud Gaming – Meeting the Challenges for ISPs
Light Reading recently posted an article titled "Operators need to prepare for the game-streaming tsunami" which talks about a new wave of game streaming services (aka cloud gaming services) that are on the way. The article points out that the network demands these services require are completely different from anything cable operators have had to deal with before: cable operators cannot simply assume the work that was done previously in order to better support video streaming will be sufficient to effectively support game streaming. They warn that ISPs should get ahead of the network demands of the new game streaming services or replay the pain of the past. We are all familiar with the exasperation of watching the spinning loading “ball” in the middle of our favorite movie scene; imagine the frustration when things suddenly lock up or lag in the middle of an intense game.
Here at CableLabs, we agree with Light Reading’s assessment of the importance of readying operator networks for the impact of game streaming services. Although cloud gaming is still in its early adoption phase, Sandvine’s May 2020 Phenomena Report shows NVidia’s GeForce Now game streaming service in the top 10 gaming traffic generators.
The good news is that CableLabs has been building and testing latency and congestion management solutions for some time, including one that is well-tailored to game streaming. The suite of features developed by CableLabs and our industry partners, known as Low Latency DOCSIS® (LLD), can provide better customer experiences for both current multiplayer online gaming and emerging cloud gaming performance services.
An early observation of the low latency team at CableLabs was that different applications have different traffic patterns and needs, which ultimately require different solutions for reducing and managing latency. This is true even between seemingly related applications like online gaming and game streaming:
- Multiplayer online gaming uses very low data rates (~150kbps) but can be very sensitive to latency and jitter (variations in latency).
- Game Streaming – running the game on a remote server and streaming it to an end device – is also very sensitive to latency and jitter, but also requires high data rates on the order of tens of megabits per second, and cannot be buffered since it’s played in real-time.
Latency for online gaming comes not from a lack of capacity – since the data rates are very low – but rather from gaming traffic getting caught behind other types of traffic that aren’t latency sensitive. Therefore, LLD employs tools to keep that gaming traffic from getting stuck without impacting other traffic negatively.
Game streaming, because of the high data rates involved, requires the addition of something more: the ability to be able to sense and adapt to changing capacity along the network path at any bottleneck. This is why support for Low Latency, Low Loss, Scalable Throughput (L4S) is a part of LLD technology. L4S technology builds on the mechanisms developed for online gaming by enabling the network to provide precise feedback to applications about impending congestion. If implemented by an application at both ends of a network connection as well as any bottleneck points in between, it permits the application to send at high data rates while maintaining consistent low latency.
Therefore, by deploying DOCSIS equipment that supports the LLD feature set – including L4S support – cable operators will be able to provide the very best game streaming experience as soon as those services incorporate L4S support.
While gamers will be thrilled with this, LLD technology doesn't just apply to gaming: when implemented by application developers, it will also enable improved service for work-from-home applications like video conferencing, making DOCSIS based cable systems the platform of choice for these demanding applications. That’s why latency is one of the pillars of the cable industry’s 10G Platform.
Even better, availability of DOCSIS equipment that supports LLD is just around the corner. CableLabs has been actively working jointly with equipment suppliers to bring these features to market as soon as possible via software updates to their existing DOCSIS 3.1 equipment. We’ve seen support for these features rapidly evolve, and we will continue to support the industry in getting these features deployed in live networks. We’re always interested in working with more partners on testing and validation of these emerging technologies and applications, so please reach out to us here at CableLabs if you’d like to get involved or learn more.
There is a tsunami coming, but with preparation, it will be a tsunami of awesome.
10G Integrity: The DOCSIS® 4.0 Specification and Its New Authentication and Authorization Framework
One of the pillars of the 10G platform is security. Simplicity, integrity, confidentiality and availability are all different aspects of Cable’s 10G security platform. In this work, we want to talk about the integrity (authentication) enhancements, that have been developing for the next generation of DOCSIS® networks, and how they update the security profiles of cable broadband services.
DOCSIS (Data Over Cable Service Interface Specifications) defines how networks and devices are created to provide broadband for the cable industry and its customers. Specifically, DOCSIS comprises a set of technical documents that are at the core of the cable broadband services. CableLabs manufacturers for the cable industry, and cable broadband operators continuously collaborate to improve their efficiency, reliability and security.
With regards to security, DOCSIS networks have pioneered the use of public key cryptography on a mass scale – the DOCSIS Public Key Infrastructure (PKIs) are among the largest PKIs in the world with half billion active certificates issued and actively used every day around the world.
Following, we introduce a brief history of DOCSIS security and look into the limitations of the current authorization framework and subsequently provide a description of the security properties introduced with the new version of the authorization (and authentication) framework which addresses current limitations.
A Journey Through DOCSIS Security
The DOCSIS protocol, which is used in cable’s network to provide connectivity and services to users, has undergone a series of security-related updates in its latest version DOCSIS 4.0, to help meet the 10G platform requirements.
In the first DOCSIS 1.0 specification, the radio frequency (RF) interface included three security specifications: Security System, Removable Security Module and Baseline Privacy Interface. Combined, the Security System plus the Removable Security Module Specification became Full Security (FS).
Soon after the adoption of public key cryptography that occurred in the authorization process, the cable industry realized that a secure way to authenticate devices was needed; a DOCSIS PKI was established for DOCSIS 1.1-3.0 devices to provide cable modems with verifiable identities.
With the DOCSIS 3.0 specification, the major security feature was the ability to perform the authentication and encryption earlier in the device registration process, thus providing protection for important configuration and setup data (e.g., the configuration file for the CM or the DHCP traffic) that was otherwise not protected. The new feature was called Early Authorization and Encryption (EAE), it allows to start Baseline Privacy Interface Plus (BPI) even before the device is provisioned with IP connectivity.
The DOCSIS 3.1 specifications created a new Public Key Infrastructure *(PKI) to handle the authentication needs for the new class of devices. This new PKI introduced several improvements over the original PKI when it comes to cryptography – a newer set of algorithms and increased key sizes were the major changes over the legacy PKI. The same new PKI that is used today to secure DOCSIS 3.1 devices will also provide the certificates for the newer DOCSIS 4.0 ones.
The DOCSIS 4.0 version of the specification introduces, among the numerous innovations, an improved authentication framework (BPI Plus V2) that addresses the current limitations of BPI Plus and implements new security properties such as full algorithm agility, Perfect Forward Secrecy (PFS), Mutual Message Authentication (MMA or MA) and Downgrade Attacks Protection.
Baseline Privacy Plus V1 and Its Limitations
In DOCSIS 1.0-3.1 specifications, when Baseline Privacy Plus (BPI+ V1) is enabled, the CMTS directly authorizes a CM by providing it with an Authorization Key, which is then used to derive all the authorization and encryption key material. These secrets are then used to secure the communication between the CM and the CMTS. In this security model, the CMTS is assumed trusted and its identity is not validated.
The design of BPI+ V1 dates back more than just few years and in this period of time, the security and cryptography landscapes have drastically changed; especially in regards to cryptography. At the time when BPI+ was designed, the crypto community was set on the use of the RSA public key algorithm, while today, the use of elliptic-curve cryptography and ECDSA signing algorithm is predominant because of its efficiency, especially when RSA 3072 or larger keys are required.
A missing feature in BPI+ is the lack of authentication for the authorization messages. In particular, CMs and CMTS-es are not required to authenticate (i.e., sign) their own messages, making them vulnerable to unauthorized manipulation.
In recent years, there has been a lot of discussion around authentication and how to make sure that compromises of long-term credentials (e.g., the private key associated with an X.509 certificate) do not provide access to all the sessions from that user in the clear (i.e., enables the decryption of all recorded sessions by breaking a single key) – because BPI+ V1 directly encrypts the Authorization Key by using the RSA public key that is in the CM’s device certificate, it does not support Perfect Forward Secrecy.
To address these issues, the cable industry worked on a new version of its authorization protocol, namely BPI Plus Version 2. With this update, a protection mechanism was required to prevent downgrade attacks, where attackers to force the use of the older, and possibly weaker, version of the protocol. In order to address this possible issue, the DOCSIS community decided that a specific protection mechanism was needed and introduced the Trust On First Use (TOFU) mechanism to address it.
The New Baseline Privacy Plus V2
The DOCSIS 4.0 specification introduces a new version of the authentication framework, namely Baseline Privacy Plus Version 2, that addresses the limitations of BPI+ V1 by providing support for the identified new security needs. Following is a summary of the new security properties provided by BPI+ V2 and how they address the current limitations:
- Message Authentication. BPI+ V2 Authorization messages are fully authenticated. For CMs this means that they need to digitally sign the Authorization Requests messages, thus eliminating the possibility for an attacker to substitute the CM certificate with another one. For CMTS-es, BPI+ V2 requires them to authenticate their own Authorization Reply messages this change adds an explicit authentication step to the current authorization mechanism. While recognizing the need for deploying mutual message authentication, DOCSIS 4.0 specification allows for a transitioning period where devices are still allowed to use BPI+ V1. The main reason for this choice is related to the new requirements imposed on DOCSIS networks that are now required to procure and renew their DOCSIS credentials when enabling BPI+ V2 (Mutual Authentication).
- Perfect Forward Secrecy. Differently from BPI+ V1, the new authentication framework requires both parties to participate in the derivation of the Authorization Key from authenticated public parameters. In particular, the introduction of Message Authentication on both sides of the communication (i.e., the CM and the CMTS) enables BPI+ V2 to use the Elliptic-Curves Diffie-Hellman Ephemeral (ECDHE) algorithm instead of the CMTS directly generating and encrypting the key for the different CMs.Because of the authentication on the Authorization messages, the use of ECDHE is safe against MITM attacks.
- Algorithm Agility. As the advancement in classical and quantum computing provides users with incredible computational power at their fingertips, it also provides the same ever-increasing capabilities to malicious users. BPI+ V2 removes the protocol dependencies on specific public-key algorithms that are present in BPI+ V1. , By introducing the use of the standard CMS format for message authentication (i.e., signatures) combined with the use of ECDHE, DOCSIS 4.0 security protocol effectively decouples the public key algorithm used in the X.509 certificates from the key exchange algorithm. This enables the use of new public key algorithms when needed for security or operational needs.
- Downgrade Attacks Protection. A new Trust On First Use (TOFU) mechanism is introduced to provide protection against downgrade attacks – although the principles behind TOFU mechanisms are not new, its use to protect against downgrade attacks is. It leverages the security parameters used during a first successful authorization as a baseline for future ones, unless indicated otherwise. By establishing the minimum required version of the authentication protocol, DOCSIS 4.0 cable modems actively prevent unauthorized use of a weaker version of the DOCSIS authentication framework (BPI+). During the transitioning period for the adoption of the new version of the protocol, cable operators can allow “planned” downgrades – for example, when a node split occurs or when a faulty equipment is replaced and BPI+ V2 is not enabled there. In other words, a successfully validated CMTS can set, on the CM, the allowed minimum version (and other CM-CMTS binding parameters) to be used for subsequent authentications.
In this work we provided a short history of DOCSIS security and reviewed the limitations of the current authorization framework. As CMTS functionality moves into the untrusted domain, these limitations could potentially be translated into security threats, especially in new distributed architectures like Remote PHY. Although in their final stage of approval, the proposed changes to the DOCSIS 4.0 are currently being addressed in the Security Working Group.
Member organizations and DOCSIS equipment vendors are always encouraged to participate in our DOCSIS working groups – if you qualify, please contact us and participate in our weekly DOCSIS 4.0 security meeting where these, and other security-related topics, are addressed.
Cable’s 10G Platform to Provide Synchronization for 5G
Cable service providers operate an extensive hybrid fiber coax (HFC) infrastructure to serve residential and business fixed broadband. In recent weeks, the world witnessed how cable networks around the globe have withstood the test of a dramatic surge in capacity demand due to the work-from-home (WFH) and other xFH practices induced by COVID-19 pandemic and are holding up extremely well.
As the economy opens again and 5G deployments resume, a large part of the time lost due to the COVID-19 pandemic can be regained by leveraging the extensive wireline networks to transport the mobile 5G traffic, be it fronthaul, midhaul or backhaul (collectively termed “xhaul”) between the radio units (RUs) or Base Stations (BSs) and the RAN Infrastructure. A critical impediment that stood in the way of leveraging the ubiquitous HFC infrastructure was the inability to provide timing and synchronization to the radio units which is crucial to their operation.
For nearly two years, the CableLabs Mobile Xhaul vendor and operator team has been working on equipping the DOCSIS® technology to provide better xhaul for mobile traffic.
Today, we are happy to announce the publication of the first release of the Synchronization Techniques for DOCSIS Technology Specification. When coupled with the Low Latency Xhaul Specification (LLX) standardized last year, which specifies requirements to reduce the latency on the DOCSIS network for mobile traffic, the two together provide the performance needed for DOCSIS network to xhaul mobile traffic. The ubiquity of the HFC plant will greatly assist the economic and timely deployment of these new 5G radios.
Synchronization Over DOCSIS Network
The mobile network is synchronous by design and requires the sharing of a common clock. This is achieved in practice by means of the radios and “their controllers” connecting to the Global Navigation Satellite System (GNSS). This works well for outdoor macro deployments. For small cell deployments, especially indoors, more often than not GPS signals are either not available or not economical. Instead, an equivalent global clock signal is transported over the IP network using precision time protocol (PTP), specified in the IEEE 1588-2008 family of specifications.
Transporting PTP over the DOCSIS network is particularly challenging due to the asymmetrical nature of the DOCSIS network. Leveraging the DOCSIS Time Protocol (DTP) to address the asymmetry issue offers a practical solution. A high-level architecture of the solution framework is illustrated in the figure below (technical details can be obtained in this SCTE white paper). DTP was invented back in 2011 and incorporated into the DOCSIS 3.1 specifications in 2013. In the newly issued SYNC specification, the Mobile Xhaul team updated the DTP profiles, defined timing system architectures and specified requirements on the DOCSIS network equipment to make PTP work end-to-end. As a result, the DOCSIS specification when bolstered with the newly issued SYNC spec and the LLX spec, is capable to support the LTE and 5G timing requirements.
The Mobile Xhaul team invites cable and mobile operators as well as vendors to provide input to these latest set of specifications. Several HFC equipment vendors have already demonstrated the feasibility of DTP in various proof of concept (PoC) implementations. In the upcoming months, our team will complete additional requirements and timing architectures.
Soon, cable MSOs will be upgrading their HFC plants to the distributed access architecture (DAA). DAA nodes are already PTP-compatible, as PTP is needed for the R-PHY device and the CMTS core to be on the same timing island. The MSOs and cable equipment vendors are better off designing their new network architectures with mobile requirements in mind and ensure that the DAA nodes can support the 1.5µs of end-to-end timing requirement needed for LTE and majority of the 5G deployments as specified in the SYNC spec.
We are excited to offer the ability of the DOCSIS technology to provide reliable and precision timing services. This will aid the ubiquitous HFC wireline network to become an obvious choice for the mobile operators as a low CAPEX and fast-to-deployment xhaul solution. We are working hard to converge the 10G and the 5G technologies, and SYNC is one of the areas that has come to fruition.
We acknowledge the tremendous efforts of the Mobile Xhaul team in driving these specifications to a timely publication, specifically those who did heavy lifting in the SYNC spec: John Chapman (Cisco), Elias Chavarria Reyes (Cisco), Peter Meyer (Microchip) and Yair Neugeboren (CommScope).
The 10G Converged Optical Network
Those of you who’ve heard me speak on the topic of Point-to-Point (P2P) Coherent Optics have probably noticed that I’ve placed this technology in the context of the cable industry’s move to Distributed Access Architectures, and as a result, the dramatic change in the way networks are architected. It’s a change that I would argue is as dramatic as the move from single-direction all-coax networks to bidirectional hybrid-fiber coax (HFC) networks that occurred a couple of decades ago. And it’s a change that enables a range of new services and business opportunities.
The cable industry’s roadmap to the 10G Platform is making that change—and its implications—clearer.
As most followers of these blogs are likely aware, the majority of today’s cable systems leverage an HFC network with analog optics: RF signals are generated in a hub or headend, converted to optical, then converted back to electrical at a fiber node for distribution over coax to the home. Broadband service over that network is provided via a DOCSIS® cable modem termination system (CMTS) at the hub or headend, working with a DOCSIS cable modem in a customer’s home; the cable modem provides customers with access to high-speed Ethernet network connections via coax. As a result, high-speed data transmissions over a cable operator’s network are generally only accessible via DOCSIS cable modems connected to the coax portion of the network rather than the fiber portion.
However, that’s now changing.
Although it can take many forms, it’s often assumed that the Aggregation Node with a Coherent Termination Device depicted here (which is expected to sit where a Fiber Node resides today) would be an Ethernet switch. This has dramatic implications for how this network can be leveraged: There’s now a fiber-based Ethernet connection point deep in the network with 100 Gbps or more of capacity and very low latency.
In essence, the cable operator’s core Ethernet network has been expanded deep into the field. Just about anything can be attached to it. And with high capacity and low latency, a host of potential new service offerings becomes possible.
Figure 1 makes just this point: Not only does it depict a Distributed CCAP device (such as a Remote PHY or MACPHY device) connected to the network, but also a Remote OLT, a mobile base station, a fixed wireless access point and a direct enterprise connection. And that’s only a sampling of the nearly endless possibilities, because everything is converged onto a single, high-speed, low-latency, high-reliability fiber Ethernet network.
That’s ultimately what the 10G Converged Optical Network is about: not just providing a network that supports today’s or even tomorrow’s known services but also providing the network on which to enable all sorts of innovative new services that no one has even thought of yet. P2P Coherent Optics—and the move to Distributed Access Architectures—is a key enabler of that.
The various pieces required to support this new reality are starting to come into place: Remote PHY devices are being deployed, and interoperable P2P Coherent Optics technology has been demonstrated, with new equipment to support outdoor deployments expected in the not-too-distant future. If you have new and innovative ideas for ways in which to leverage this emerging new network, please use the contact form below. We’d love to hear from you. Otherwise, keep watching for these blogs to see how things progress.
The Path to 10G: 2020 Update
The future of connectivity holds technical enhancements that are meant to change the way we live, work, learn and play. A fully realized connected network that enables all the different use cases and provides ubiquitous coverage through a seamless experience will need to rely on multiple access technologies and choices. Seeing this paradigm shift in the future of connectivity, the broadband industry came together to announce the 10G Platform in January 2019, led by CableLabs, SCTE•ISBE, NCTA and GIGAEurope. 10G will enable broadband connectivity with higher connection speeds, lower latency, higher reliability and increased security, and it also will enable and complement other access technologies.
Today, DOCSIS 3.1 technology enables the cable industry to offer 1 Gbps service to 80% of U.S. households. Just one year after the announcement of 10G, we have made some exciting progress towards this milestone in just 12 months.
As we march towards the frontier of 10G, new cable modems already being certified are capable of 5 Gbps capacity, with integrated standard 2.5 Gbps Ethernet ports that make it easier to distribute that capacity throughout the home. With full duplex and extended spectrum capabilities integrated into next-generation DOCSIS 4.0 technology, the industry will be able to deliver on that 10 Gbps promise over hybrid fiber coax networks.
The 10G optical network (Figure 1), is the backbone of the distributed access architecture and will provide the industry with opportunities for true service convergence that leverages the flexibility and tremendous capacity provided by fiber optics.
Figure 1: The 10G converged optical network
This year, CableLabs released an update to the 100 Gbps point-to-point coherent optics specification and released a new 200 Gbps specification – both intended to support the aggregation requirements of the distributed access architecture. While operators currently deploy 10G passive optical network technology (PON) where fiber to the premise is preferred, the IEEE standard for next-generation 25G-PON and 50G-PON technology remains on track for mid-2020 completion.
Lower latency is an important network characteristic that is quickly becoming a key service differentiator for connectivity, especially when considering delivering top cloud gaming or telemedicine experiences. This year, CableLabs and industry partners completed the DOCSIS specification updates to include Low Latency DOCSIS (LLD), a technique allowing traffic that requires low latency to transit the HFC network in just 1-2ms. Implementation of this technology quickly ramped up with seven vendors attending the LLD interoperability events.
Additionally, as part of the convergence of HFC networks with 5G networks, latency becomes critical when looking to use HFC as the transport layer. In 2019, we trialed two new technologies that enable mobile deployments over DOCSIS networks:
- Low Latency Xhaul pipelines DOCSIS bandwidth requests from mobile base stations, and was trialed and showed average DOCSIS network latency below 2ms.
- We also lead a trial of the TIP vRAN Fronthaul project, which is vRAN fronthaul designed to handle DOCSIS network latencies up to 30ms.
Another key pillar of the 10G Platform is security, to which we have dedicated significant efforts over the last year, advancing four leading technologies:
- Transparent Security uses the programmable data plane inside the access network to perform in-band telemetry and traffic processing. This increases protection against distributed denial of service attacks and provides flexibility to the network operator in active defense techniques.
- Device Onboarding makes good on the 10G promise by requiring easy and secure onboarding and provisioning of devices connecting to the platform made possible through strong device identity credentials and lifecycle management.
- Endpoint Identity provides unique, immutable, and attestable identities for networked devices. Strong device identity provides the trust framework to enable all other security controls, making it fundamental for securing the 10G Platform.
- Network Independent Credentialing, an essential part of 10G security, allows for authentication and risk management across access networks. Supporting this vision, Release 2 of the CBRS-A specifications included CableLabs’ work on Extended Credentials Authentication Framework (TS-1003) which extends the possibility to authenticate to CBRS-A Networks with different types of credentials – e.g., X.509 Digital Certificates. Building on that, the work is now focused on providing a common credentials management framework that can be integrated across the 10G platform (EAP-CREDS).
Proactive network maintenance (PNM) has long been a key element to increasing the reliability of the HFC network and providing an excellent quality of experience for cable service subscribers, and it is no different with 10G. This year CableLabs has a more robust portfolio of PNM activities than ever before. By measuring key “health” parameters from millions of cable modems, operators are able to create solutions on the Pro Ops platform to solve problems before customers experience any degradation in service.
Our PNM accomplishments extend to Wi-Fi where CableLabs led the pursuit of establishing a standard set of health metrics and their reporting format for Wi-Fi networks – now officially called Wi-Fi CERTIFIED Data Elements– to optimize residential Wi-Fi networks. Soon, PNM for cable industry optical networks will integrate seamlessly with traditional industry network health solutions.
In addition to PNM, we have delivered Dual Channel Wi-Fi™, which enables a 10G reliable Wi-Fi connection by ensuring optimized delivery of data services used in video, gaming, large file downloads, and time-sensitive services like video conferencing. A Dual Channel Wi-Fi reference implementation is currently available to the operators and vendors.
Looking into 2020
The connectivity catalyst of the future needs to occur across many spaces, including cyberspace, geospace, and electromagnetic space and it will all be coming to you in a virtualized cloud-native form. Technologies need to evolve to meet the vision through cost-effective solutions; wired, wireless, fixed, mobile, terrestrial, satellite, HAPS, unlicensed, licensed, low-band, high band, low-speed, high-speed, will all play a role to meet the demand of humans and things.
Over the past year, the industry has worked to create and introduce technologies that bring us one step closer to the promise of a 10G network, and are excited by the progress we have made. At CableLabs, we are excited about 10G and are actively involved with 5G, IEEE, and many other industry forums which are also working on advancing the future of connectivity.
The March to Budget-Friendly vRAN Continues!
As with most of my recent blog posts, I’m here to share some exciting updates on the work that CableLabs has been doing in the Telecom Infra Project (TIP) with virtualized RAN for non-ideal transport networks—for example, DOCSIS networks, passive optical networks (PONs) and really anything not on dedicated fiber. Over the past 6 months or so, we’ve reached some milestones that are worth a blog post blast. I’m going to keep each update brief, but please follow the links to dig in further where you’re interested.
TIP vRAN Fronthaul White Paper #2
On November 13, TIP’s vRAN Fronthaul Project Group is releasing a white paper discussing the results of Phase 1 of the project. The paper covers the combined learnings from the four Community Lab efforts led by Airtel, BT, CableLabs and TIM. We also include some key takeaways with which operators can assess the network assets that can be used in future vRAN deployments. You can find the paper here.
TIP Summit vRAN Fronthaul Demo
Also this week, the vRAN Fronthaul team has assembled a demo for TIP Summit ’19 in Amsterdam. The demo is showing the newly containerized multi-vendor vRAN solution running two remote radios (RUs) from a single CU/DU virtual baseband unit. In the LTE software stack, the Layer 2 and 3 containers come from Altran, and the Layer 1 container comes from Phluido, with RUs from Benetel. The containerized setup increases CPU efficiency by over 80 percent relative to our previous virtual machine–based architecture. If you’re in Amsterdam at TIP Summit, be sure to stop by the vRAN stand on the show floor.
TIP vRAN Fronthaul Trial with Shaw Communications
In July of this year, Shaw Communications, CableLabs and TIP collaborated to trial the vRAN Fronthaul LTE solution from Altran, Benetel, and Phluido over the Shaw commercial grade DOCSIS networks. In a fantastic result, we were able to demonstrate the ability of the Shaw DOCSIS networks to support Option 7-2 split fronthaul traffic for LTE services. In addition, we replicated all of our lab findings over the Shaw DOCSIS networks, validating the ability of our lab results to transfer to real world networks. “The trial demonstrated that Shaw’s hybrid fibre coaxial FibrePlus network is well positioned to support not only existing wireless services but the significant densification coming with the deployment of 5G,” said Damian Poltz, Vice President, Technology Strategy and Networks, Shaw Communications.
O-RAN Specification Includes Non-Ideal Fronthaul
While the team was busy hitting all these milestones in the TIP vRAN Fronthaul project, during the first half of the year CableLabs also led a collaborative effort to bring non-ideal fronthaul support to the O-RAN Alliance CUS plane specification. As of July, the 2.0 version of the CUS plane specification now includes support for non-ideal fronthaul with latencies up to 30ms over a common Option 7-2 interface. In addition, a new appendix was added to provide further detail on the implementation and operational specifics of deploying the lower-layer split over non-ideal transport such as DOCSIS networks, PON or managed Ethernet.
You can find out more by clicking the link below.
A Major Leap Toward 10G: CableLabs to Complete DOCSIS® 4.0 Specification in Early 2020
In a continuing effort to meet the industry’s recently announced 10G goal, CableLabs is wrapping up the first major update to its DOCSIS specification since DOCSIS 3.1. DOCSIS 4.0 technology will enable the next generation of broadband over cable’s existing hybrid fiber coax (HFC) networks, delivering symmetrical multi-gigabit speeds while supporting high reliability, high security and low latency.
What is DOCSIS 4.0 Technology?
Building on the success of DOCSIS 3.1 technology, which the cable industry is leveraging globally to deliver 1 Gbps services to end users, DOCSIS 4.0 technology supports a rich and flexible feature set of capabilities. The technology will enable multiple system operators (MSOs) to deliver on the 10G vision and includes support for Extended Spectrum DOCSIS (ESD) and Full Duplex DOCSIS (FDX) capabilities. These are complementary technologies that jointly or individually represent key elements to deliver on the 10G promise. By supporting these technologies, cable operators can deliver a richer feature set of capabilities and facilitate a cost-effective upgrade to a better, faster and more efficient network.
- Full Duplex DOCSIS Capabilities
FDX DOCSIS technology allows for concurrent use of spectrum for both upstream and downstream traffic, thus doubling the network efficiency by leveraging the HFC network characteristics, self-interference cancellation technology and intelligent scheduling. DOCSIS 4.0 technology is also backwards compatible with previous generations of DOCSIS technologies.
- Extended Spectrum DOCSIS
With ESD, operators can leverage a lot more usable spectrum on their existing HFC networks—up to 1.8GHz. That’s 600MHz more than the 1.2GHz available to them under the current DOCSIS 3.1 standard. The DOCSIS 4.0 working groups are in full swing, focusing on developing and adding the ESD requirements to the DOCSIS 4.0 specifications.
This boost in capacity provided by DOCSIS 4.0 technology will enable MSOs to provide multi-Gbps symmetric services to residential and business customers, and support the next generation of user experiences such as immersive media experiences in addition to serving as a catalyst for a new wave of innovations.
DOCSIS 4.0 technology is a major step toward reaching the industry’s 10G goal. You can learn more about the road to 10G and its technologies here. If you’re near New Orleans or attending the SCTE Cable-Tech Expo next week, register for our vendor forum, Envision, to get the exclusive opportunity to learn about the technologies the industry is working on. At Envision, which will take place on September 30, you can expect to hear updates about DOCSIS 4.0 technology and 10G, including how 10G will enable mobile and wireless networks.
Gearing Up for 10G: Download the Technical Brief on CableLabs’ Low Latency Technologies for DOCSIS Networks
If you’ve been following our blog and our recent 10G announcement, you know that one of the main areas of focus for us is latency. Achieving a near-zero latency on DOCSIS networks is one of the goals of the 10G initiative and is just as important as increasing speed or bandwidth. The success of future 10G networks that can support seamless communication and next-level interactive experiences like holodecks and 360° video is heavily dependent on finding technological solutions that decrease latency to imperceptible levels, delivering consistent, real-time responsiveness that our customers desire.
The good news is we are well on our way to getting there. So far we’ve released a number of specifications, including Low Latency DOCSIS (LLD) and Low Latency Mobile Xhaul (LLX), aimed at reducing latency in the DOCSIS networks that provide residential services and also serve as backhaul, midhaul and fronthaul (collectively known as xhaul) for mobile traffic.
Low Latency DOCSIS (LLD)
In modern households, there are often multiple applications and devices connected to the same network at the same time, sending and receiving a variety of traffic. Some, like streaming video and large file downloads, send repeated large bursts of data and expect the network to buffer and play-out those bursts, while others, like online gaming and voice chat, send traffic smoothly. Ordinarily, the traffic from the smooth senders is subjected to the widely varying buffering latency caused by the bursty senders. LLD technology is optimized for these two different types of traffic behavior, and decreases delays for smooth sending applications (many of which are latency-sensitive) without affecting the other traffic. Low Latency DOCSIS technology can support a consistent sub-1ms latency round-trip for the smooth sending applications, resulting in a much better network performance overall.
Low Latency Mobile Xhaul (LLX)
LLX leverages collaboration between the mobile network scheduler and the DOCSIS scheduler to provide a low latency xhaul solution that achieves a consistent DOCSIS upstream delay of just 1 to 2 milliseconds. LLX also defines a common quality of service framework for both mobile and DOCSIS so that the relative priorities of different traffic streams are maintained across the two systems. In the foreseeable future, deploying LLX technology will help solidify DOCSIS cable networks as the xhaul transport of choice, capable of supporting the latency requirements of 5G and beyond.
For more detail, please download the following member-only technical brief on Low Latency Technologies for DOCSIS Networks which includes information about sources of latency, how we address them, implementation strategies and more.
If you’re not yet a CableLabs member, find out how you can become one here.