DAA 101: A Flexible Approach to Better, Faster Cable Networks
This month, we’d like to share information about Distributed Access Architecture (DAA) and how cable operators are using it to build the 10G networks of the future. In our previous posts about DOCSIS® and Coherent Optics technologies, we touched on some of the components of the cable hybrid fiber-coax (HFC) network, such as the headend and fiber nodes, but of course, there’s much more to it. Today, we’ll take a closer look at the functionality of the cable access network and how it can be distributed between various components to optimize network performance.
What Is Distributed Access Architecture?
DAA isn’t a single technology but rather an umbrella term that describes the network architecture cable operators use to future-proof their access networks. This network evolution involves moving various key network functions that are traditionally located at the cable operator’s hub site (or headend) closer to customers’ homes—while also leveraging signal-quality improvements inherent with digital optics and the ubiquity of Ethernet. In addition, closer is better because it reduces the amount of hardware at the headend and creates efficiencies in network speed, reliability, latency and security.
In a nutshell, CableLabs’ DAA technology solutions give cable operators the ability to cost-efficiently redesign their access networks in stages, when and how they see fit. Because all providers’ business objectives are different, CableLabs has designed several DAA approaches they can leverage. Ultimately, it’s all about building a robust 10G network that not only supports the needs of today’s gig consumers but also anticipates tomorrow’s high-rate applications such as holodecks, artificial intelligence (AI), virtual reality (VR) and more.
Let’s take a look at one particular embodiment of DAA, known as Distributed CCAP Architecture (DCA).
How Does Distributed CCAP Architecture Work?
In a traditional HFC network architecture, the operator’s hub—or headend—is connected via fiber to the fiber node in your geographical region. In the fiber node, the optical signal is converted to a radio frequency (RF) signal that travels via a coaxial cable to the cable modem in your home. The key functions responsible for the transmission of data and device access are placed at either end of the operator’s access network—the hub and the modem—like bookends.
In 2015, CableLabs figured out how to split the key DOCSIS network functions into two components: a Media Access Control (MAC) layer that’s responsible for how devices in a network gain access to the network, and a Physical (PHY) layer, a physical component that’s responsible for the transmission and reception of data. Decoupled, these components can now be partially or fully moved from the headend into a fiber node closer to subscribers’ homes, resulting in increased network capacity, greater speeds, lower latency and so on. That’s the basis for DCA.
How Can Distributed CCAP Architecture Help Build Better Networks?
Distributing key DOCSIS network functions out of the headend and closer to subscribers’ homes comes with many benefits. Primarily, it allows operators to:
- Maximize Their Network’s Potential
DCA allows cable operators to take full advantage of the gigabit capabilities of Coherent Optics and DOCSIS 3.1 technology, including Full Duplex DOCSIS and Low Latency DOCSIS. This means their networks will have more than enough bandwidth to support the latest-generation products for years to come.
- Achieve a Better-Quality RF Signal
With distributed architecture, the RF signal that usually originates in the regional hub can now originate in the optical node, closer to the subscriber’s home, thus reducing distortion and creating a more seamless user experience.
- Increase Network Reliability
Because the main functions of the network no longer need to be housed at the headend, the access network can be redesigned so that fewer homes are connected to any single optical node (where the fiber and coax portions of the network meet). This means that if there’s an outage, it will affect fewer customers, ultimately increasing the reliability of the overall network.
- Expand RF Spectrum in the Future
Because DCA solutions are easily customizable and budget-friendly, they provide new opportunities for cable operators to expand their RF spectrum (basically maximizing the capacity of the coax portion of the HFC network) to support future services.
How Does This Technology Affect Me and My Future?
Widespread adoption of DCA, and importantly the superset of capabilities provided by DAA, is essential to creating the 10G future that we’re all looking forward to. And although it might seem that DAA only provides cost-effective solutions for cable companies, ultimately the real beneficiary is you, the customer. By reimagining and reinventing cable access infrastructure, we’re finding greater efficiencies that translate into more powerful networks. These networks will enable a wave of new, innovative services that will transform the way we live, learn, work and play.
Just like DOCSIS technology, Coherent Optics and other technologies that we’ll be covering in our 101 series, DAA is another piece of the puzzle responsible for propelling cable’s HFC networks into the new decade and beyond. Stay tuned for another installment—coming soon!
10G: Enhancing the Power of Human Connection
If 2020 has taught us anything, it’s that connectivity is essential to our wellbeing and happiness. It fosters a sense of belonging—whether it’s to our family, our school, our company or just a random group of like-minded souls. And it’s not so much about the internet or the devices we use—it’s about experiences and staying connected to what matters most. That’s the ultimate goal of 10G.
In the last three decades, cable connection speeds increased from 9600 bps to 1 gig—now available to over 80% of U.S. homes! This has transformed our lives, giving us unparalleled access to the information we need, restructuring the way we conduct our businesses and communicate with others, anytime, anywhere around the world. And still, we’re nowhere near maximizing our networks’ potential. In the near future, 10G networks that are up to 100 times faster than what we have today will open doors to a whole new era of innovation, including autonomous vehicle fleets, holographic media, in-home telehealth solutions, immersive entertainment experiences and much more.
What will that mean for us? Will the seamless inner workings of our networks and smart devices help us lead healthier, happier and more fulfilling lives? Will this technology be able to take care of mundane and time-consuming tasks so we can focus on ourselves and our loved ones? We bet it will! We are now standing on the brink of an exciting new frontier, powered by super-fast, reliable and secure HFC networks.
To see more about what this means for changing people’s connected lives, check out this video:
Latency 101: Getting From There to Here
Welcome back, once again, to the CableLabs 101 series! In our most recent post, we discussed the fiber portion of the hybrid fiber-coax (HFC) network, as well as the coherent optics technology that’s widely considered to be the hyper-capacity future of internet connectivity. Today, we’ll focus on a topic of growing importance for many of the new applications in development—a topic that significantly impacts the user experience even if it’s not well known. That topic is latency.
What Is Latency?
Simply put, latency means delay.
In our post about coherent optics technology, we pointed out how quickly light can travel through a piece of fiber-optic cable: an astonishing 128,000 miles per second. However, as incredibly fast as that is, it still takes time for light to carry information from one point to another.
Imagine for a moment that you’re reading this blog post on a computer in New York City. That would mean you’re about 1,600 miles away from the CableLabs offices here in Colorado. If we assume that the entire network between you and our offices is made of fiber (which is close enough to true for our purposes), it would take a minimum of 0.0125 seconds—or 12.5 milliseconds (12.5 ms)—for the text to travel from our server to your computer.
That’s not a lot of time, but distance is not the only source of delay—and those delays can add up.
For example, to read this post, you had to click a link to view it. When you clicked that link, your computer sent a request to our server asking for the article. That request had to travel all the way to Colorado, which also took the same minimum of 12.5 ms. If you put the two times together, you get a round-trip time (the time it takes to go somewhere and back), which in our case would be a minimum of 25 ms. That’s a longer amount of time, but it’s still pretty small.
Of course, the server can’t respond instantly to your request. It takes a moment for it to respond and provide the correct information. That adds delay as well.
In addition, these messages have to traverse the internet, which is made up of an immense number of network links. Those network links are connected by a router, which routes traffic between those links. Each message has to hop from router to router, using the Internet Protocol to find its way to the correct destination. Some of those network links will be very busy, and others won’t; some will be very fast, and some might be slower. But each hop adds a bit more delay, which can ultimately add up and become noticeable—something you might refer to as lag.
Let’s try a little experiment to illustrate what we’re talking about.
If you’re on a Windows computer, select Start, Programs, Accessories, Command Prompt. Doing so will open up a window in which you can type commands.
First, try typing the following: ping www.google.com
After you hit Enter, you should see some lines of text. At the end of each line will be a “time” in milliseconds (ms). That’s the amount of time it took for a ping request to get from your computer to Google’s server and for a response to come back, or the round-trip latency. Each value is likely different. That’s because each time a ping (or any message) is sent, it has to wait a small but variable amount of time in each router before it’s sent to the next router. This “queuing delay” accumulates hop-by-hop and is caused by your ping message waiting in line with messages from other users that are traversing that same part of the internet.
Next, try typing the following: tracert www.google.com
You should see more lines of text. The first column will show a hop number (the number of hops away that point is), the next three will show times in milliseconds (since it checks the latency three times) and the final column will show the name or the address of the router that’s sending you the message. That will show you the path your request took to get from you to the Google server. You’ll notice that even as close as it is (and as low as your latency might be), it had to hop across a number of routers to get to its destination. That’s how the internet works.
(Note that you might have some fields show up as an asterisk [*]. That’s not a problem. It simply means that the specific device is configured not to respond to those messages.)
If you’re on a Mac, you can do the same thing without needing a command prompt: Just search for an application on your computer called Network Utility. To send a ping in that app, click on the Ping tab, type in www.google.com and click the Ping button. Similarly, to check the route, click on the Traceroute tab, type in the same website name and click the Trace button.
What Is Low Latency?
A term you might have heard is low latency. This term has been getting more and more attention lately. In fact, the mobile industry is touting it as an essential aspect of 5G. But what exactly is low latency, and how does it relate to our definition of latency?
The reality is that there’s no formal definition of what qualifies as low latency. In essence, it simply means that latency is lower than it used to be, or that it’s low enough for a particular application. For example, if you’re watching a streaming video, low latency might mean having the video start in less than a second rather than multiple seconds.
However, if you’re playing an online game (or perhaps using a cloud gaming service), you need the latency to be low enough so that you don’t notice a delay between moving your controller and seeing the resulting movement on your screen. Experiments have shown that anything above about 40ms is easily noticeable, so low latency, in this case, might mean something even lower than that.
How Do We Achieve Low Latency?
Reducing latency requires us to look at the sources of latency and try to figure out ways to reduce it. This can include smarter ways to manage congestion (which can reduce the “queuing delay”) and even changing the way today’s network protocols work.
Reducing latency on cable networks is something CableLabs has been working on for many years—long before it became a talking point for 5G—and we’re always coming up with new innovations to reduce latency and improve network performance. The most recent of these efforts are Low Latency DOCSIS, which can reduce latency for real-time applications such as online gaming and video conferencing, and Low Latency Xhaul, which reduces latency when a DOCSIS network is used to carry mobile traffic.
How Does Low Latency Affect Me and My Future?
Achieving low latency opens the door to do things in near real-time: to talk to friends and family as if they were close by, to interact in online worlds without delays and to simply make online experiences quicker and better. In the long term, when combined with the higher-capacity networks currently in development, low latency opens the door to new technologies like immersive interactive VR experiences and other applications that have not been invented yet.
The future looks fast and fun.
Coherent Optics 101: Coming at You at 0.69c
Welcome back to the CableLabs 101 series! In our previous post, we discussed the basic components of a typical hybrid fiber-coax (HFC) cable network infrastructure and the role of DOCSIS® technology in data transmission over the coaxial portion of the network. Today, we’ll focus on the fiber portion of the HFC network, as well as the coherent optics technology that’s widely considered to be the hyper-capacity future of internet connectivity.
What Is Coherent Optics Technology?
Cable’s HFC networks are “fiber-rich,” which means they’re composed mostly of fiber—a bundle of very thin, hair-like strands of glass or plastic wire. Fiber is light, durable, and most importantly, capable of transmitting a lot of data over very long distances incredibly quickly. Light travels through a vacuum at 186,282 miles per second, a universal constant that scientists denote as “c.” Although light traveling through fiber optic cable moves a little slower than that (69 percent of the speed of light in a vacuum, or 0.69c), it’s still incredibly fast at over 128,000 miles per second. That’s fast enough for a single burst of light to circle the earth more than five times in a single second.
Until recently, signals in a typical HFC network were transmitted over fiber using analog technologies: an electrical radio frequency signal would be converted to an analog optical signal, transmitted over fiber optic cables, and then converted back to an electrical signal at the fiber node. With the advent of Distributed Access Architecture technologies, which will help cable operators cost-effectively add more capacity to their networks, that same fiber is being re-used to carry digital signals rather than analog ones.
The digital fiber technology being deployed today in access networks uses an “on-off keying” approach, in which a transmitter rapidly turns the laser on and off to send a signal; each pulse can signal a single bit of digital information (a 1 or a 0). Coherent optics adds further dimensions to the optical signal to carry more information simultaneously: rather than just pulsing the light on and off, it uses other properties of light (e.g., amplitude, phase and polarization) to carry multiple bits with each burst of information rather than just one bit. That can increase the data-carrying capacity of a single fiber by as much as 70 times, compared with non-coherent technology.
How Has This Technology Evolved?
Coherent optics technology is not new. It’s been used for over 10 years in long-haul fiber networks that span thousands of miles between cities and countries. More recently, as the cost of coherent optics technology has come down and speeds have gone up (from forty to now hundreds of gigabits per second) it has seen growing deployment in metropolitan or regional networks. The one remaining frontier has been the access network—such as in a cable HFC network, which has a large number of relatively short links, requiring a very low-cost solution.
It was for this reason that CableLabs embarked on an effort to define the use of coherent optics for cable access networks: to define requirements specific to access networks, thereby promoting interoperability, scale and competition. All this reduces the cost of this technology to the point at which it could be used widely to grow the capacity of cable operator fiber networks.
This vision was realized with the publication of our initial Point-to-Point (P2P) Coherent Optics specifications (released in June 2018), which defined how to send 100 Gigabits per second (Gbps) on a single wavelength, and how to send up to 48 wavelengths on a single fiber. That was followed by our version 2 specifications (released in March 2019), which defined interoperable operations at 200 Gbps per wavelength, doubling the capacity of the network. And both specifications included support for another key technology called Full Duplex Coherent Optics, which doubles the capacity of each fiber yet again while enabling the cost-effective use of a single fiber rather than the normal fiber pair.
How Does This Technology Affect Me and My Future?
When you think about current technology trends and predictions for the future, you’ll notice a common thread. Future innovations—like holograms, 360° virtual reality (VR), artificial intelligence and so on—will all require super high-capacity, low-latency networks that can transmit a ton of data very, very quickly. We’re not talking about just long-haul networks between cities and countries, but everywhere.
This is why cable companies started investing in the expansion of their fiber infrastructure and fiber optic technology decades ago. By focusing on “fiber deep” architectures—a fancy term for bringing fiber closer to subscribers’ homes—and using technologies such as coherent optics to mine even more bandwidth out of the fiber that we already have in the ground today, we can ensure that our cable networks continue meeting the requirements of current and future innovations. Thanks to those efforts, you’ll be able to one day enjoy your VR chats in “Paris,” work in a “holo-room” and much, much more.
Cable Broadband: From DOCSIS 3.1® to DOCSIS 4.0®
In 1997, CableLabs released the very first version of Data Over Cable Service Interface Specification (DOCSIS ® technology) that enabled broadband internet service over Hybrid Fiber-Coaxial (HFC) networks. Ever since, we’ve been making improvements, greatly enhancing network speed, capacity, latency, reliability and security with every new version. Today, cable operators use DOCSIS 3.1 technologies to make 1 Gbps cable broadband services available to 80% of U.S. homes, easily enabling 4K video, seamless multi-player online gaming, video conferencing and much more. Although there is still a significant runway for DOCSIS 3.1, CableLabs has been hard at work developing the next version – DOCSIS 4.0, which was officially released in March of 2020 and further advances the performance of HFC networks. Let’s take a look.
First, let’s talk about upstream speeds. DOCSIS 4.0 technology will quadruple the upstream capacity of HFC network to 6 Gbps—compared to the 1.5 Gbps that is available with DOCSIS 3.1. While current cable customers still download significantly more data than they upload, upstream data usage is on the rise. In the near future, advanced video collaboration tools, VR and more, will require even more upstream capacity. DOCSIS 4.0 also provides more options for operators to increase downstream speeds, with up to 10 Gbps of capacity. It has been designed to support the widespread availability of symmetric multigigabit speed tiers through full-duplex and extended-spectrum technologies that move us closer to our 10G goal.
In addition to faster speeds, DOCSIS 4.0 will also deliver stronger network security through enhanced authentication and encryption capabilities and more reliability due to the Proactive Network Maintenance (PNM) improvements. It is a great leap toward 10G, setting the stage for a series of subsequent enhancements that will all work together to help us build the future that we always dreamed of.
Testing Bandwidth Usage of Popular Video Conferencing Applications
This year we have seen a shift toward working and learning from home and relying more on our broadband connection. Specifically, most of us use video conferencing for work, school and everyday communications. With that in mind, we looked at how much video conferencing a broadband connection can support.
In the U.S., the Federal Communications Commission (FCC) defines broadband to be a minimum of 25 Mbps downstream and 3 Mbps upstream. So, we started there. The investigation looked at how many simultaneous conferencing sessions can be supported on the access network using popular software including Google Meet, GoToMeeting, and Zoom. The data gathering used typical settings and looked at both upstream and downstream bandwidth usage from and to laptops connected by ethernet cable to a modem connected to a wired broadband connection. To avoid any appearance of endorsement of a particular conferencing application, we have not labeled the figures below with the specific apps under test.
Since this is CableLabs, we used DOCSIS® cable broadband technology. A Technicolor TC8305c gateway was used, which is a DOCSIS 3.0 modem supporting 8 downstream channels and 4 upstream channels. Note that this modem is several years old and not the current DOCSIS 3.1 technology. The modem was connected through the cable access network to a CommScope E6000 cable modem termination system (CMTS).
Laptops used ethernet wired connections to the modem to ensure no variables outside the control of the service provider would impact the speeds delivered, and conferences were set up and parameters varied while traffic flow rates were collected over time. Various laptops were used, running Windows, MacOS and Ubuntu – nothing special, just laptops that were around the lab and available for use.
Most broadband providers over-provision the broadband speeds delivered to customers’ homes – this is for assorted reasons including considering protocol overhead and ensuring headroom in the system to handle unexpected loads. For this testing, the 25/3 service was over-provisioned by 25%, a typical configuration for this service tier.
At a high level, we found that all three conferencing solutions could support at least five concurrent sessions on five separate laptops connected to the same cable modem with the above 25/3 broadband service and with all sessions in gallery view. The quality of all five sessions was good and consistent throughout, with no jitter, choppiness, artifacts, or other defects noticed during the sessions.
This research doesn’t take into account the potential external factors that can affect Internet performance in the home, from the placement of Wi-Fi routers, to building materials, to Wi-Fi interference, to the age and condition of the user’s connected devices, but it does provide a helpful illustration of the baseline capabilities of 25/3 broadband.
The data is presented below where samples were collected every 200 milliseconds using tshark (the Wireshark network analyzer).
Conferencing Application: A
The chart below (Figure 1) shows access network usage for the five concurrent sessions over 300 seconds (five minutes) for one of the above conferencing applications. The blue line is the total downstream usage, and the orange line is total upstream usage. Note that the upstream usage stays below 2 Mbps over the five minutes.
Figure 2 shows the upstream bandwidth usage of the five individual conference sessions where each is below 0.5 Mbps.
Figure 3 shows the downstream bandwidth usage for the five individual conference sessions.
Conferencing Application: B
Figure 4 shows access network usage for five concurrent sessions over 300 seconds (five minutes) for the next conferencing application tested. The blue line is the total downstream usage, and the orange line is total upstream usage. Note that the upstream usage hovers around 3 Mbps as each conference session attempts to use as much upstream bandwidth as possible.
Figure 5 shows the upstream bandwidth usage of the five individual conference sessions where each is below 1 Mbps, though the individual sessions sawtooth up and down as the individual conference sessions compete for more bandwidth. This is normal behavior for applications of this type, and did not have a negative impact on stream quality.
Figure 6 shows the downstream bandwidth usage for the five individual conference sessions.
Conferencing Application: C
Figure 7 shows access network usage for the five concurrent sessions over 300 seconds (five minutes) for the third of the applications tested. The blue line is the total downstream usage, and the orange line is total upstream usage. Note that the total upstream usage hovers around 3 Mbps over the five minutes.
Figure 8 shows the upstream bandwidth usage of the five individual conference sessions where each is below 1 Mbps, though the individual sessions sawtooth up and down as the individual conference sessions compete for more bandwidth. This is normal behavior for applications of this type, and did not have a negative impact on stream quality.
Figure 9 shows the downstream bandwidth usage for the five individual conference sessions. Note the scale of this diagram is different because of higher downstream bandwidth usage.
In summary, each of the video conferencing applications supported at least five concurrent sessions over the 25/3 broadband connection. The focus of this analysis is upstream bandwidth usage, and all three video conferencing technologies manage the upstream usage to fit within the provisioned 3 Mbps broadband speed. For at least two of the conferencing applications, there was also sufficient available downstream speed to run other common applications, such as video streaming and web browsing, concurrently with the five conferencing sessions.
Areas of Future Study
Conferencing services have enhanced modes that allow for higher definition video but that also uses more bandwidth. These modes place additional load on the broadband connection and may reduce the number of simultaneous conferences.
An interesting finding is that upstream bandwidth usage out of a home can depend on how other conference participants choose to view the video. Gallery mode uses lower bit rate thumbnail pictures of participants and is the most efficient for a conference. “Pinning” a speaker’s video can cause higher bandwidth out of a home. In addition, users that purchase add-on cameras that provide higher definition video than the camera included with their laptop may see higher upstream usage.
A “101” on DOCSIS® Technology: The Heart of Cable Broadband
Welcome to the first installment of our CableLabs 101 series about a suite of breakthrough technologies that are instrumental in the path toward the cable industry’s 10G vision—a new era of connectivity that will revolutionize the way we live, work, learn and play. These technologies work together to further expand the capabilities of cable’s hybrid fiber coaxial (HFC) network by increasing connection speeds and capacity, lowering latency and enhancing network reliability and security to meet cable customers’ needs for many years to come.
What Is DOCSIS?
Initially released by CableLabs in 1997, DOCSIS—or Data Over Cable Service Interface Specification—is the technology that enables broadband internet service over an HFC network, now used by hundreds of millions of residential and business customers around the globe. It is essentially the set of specifications that allows different cable industry vendors to design interoperable cable modems (the piece of network equipment that sits in the home) and cable modem termination systems (CMTSs—the network equipment that sits in the cable operator’s hub site). The CMTS is a head-end traffic controller that routes data between the modem in the home and the internet.
DOCSIS technology helped usher in the era of broadband and “always on” internet connections, enabling a wave of innovation that continues to this day. With DOCSIS technology, internet customers were no longer forced to use dial-up solutions that tied up home phone lines and probably caused a significant spike in family feuds. The DOCSIS solution changed everything. Not only did it allow for an “always-on” cable connection (no dial-up required!), it was also significantly faster than dial up. We’ll talk about connection speed—along with capacity, latency and other network performance metrics—and how they affect you a little later in this article.
How Does It Work?
DOCSIS technology governs how data is transmitted over the HFC network. To understand how it works, we need to start with the HFC network—the physical infrastructure that most cable companies use to provide high-speed internet connectivity to their customers. As the name suggests, the HFC network is composed of two parts: the fiber optical network and the coaxial network. HFC networks are predominantly fiber, as illustrated in our recent blog post. The remaining portion of the HFC network is coaxial cable. The coaxial network is connected to the optical fiber network at a “fiber node,” where the (fiber) optical signals are converted to radio frequency electrical signals for transmission over the coaxial network to the subscriber’s home. The HFC network seamlessly transmits data from the CMTS to your cable modem (we call this “downstream” or “download” traffic) or from your modem back to the CMTS (“upstream” or “upload”). In turn, the CMTS is connected to the internet via a set of routers in the service provider’s network.
Think of the HFC network as a “highway” and the data as traffic moving in “lanes” in either direction. In the downstream direction, DOCSIS devices translate the data from the internet into signals carried on the fiber optic portion of the HFC network and then down the coaxial network to your modem. On the upstream, the data that you upload is sent back up the network on a separate upstream “lane.” Traditionally, this “highway” has had more lanes dedicated to the downstream traffic than upstream, which matches current customer traffic patterns. All of this is about to change with the 10G vision, which strives toward symmetrical upstream and downstream service speeds.
How Has This Technology Evolved?
DOCSIS technology has come a long way since 1997. Over the years, it has undergone a few iterations, through versions 1.0, 1.1, 2.0 and 3.0 to 3.1. As DOCSIS has evolved, it has gotten faster by adding more lanes in each direction and it has become more energy-efficient as well. Along the way, several additions to the base technology have been continuously added. These include enabling lower latencies, increased security of the traffic, and tools to make the network more reliable. Today’s cable networks leverage DOCSIS 3.1 technology, which has enabled the widespread availability of 1 Gbps cable broadband services, allowing us to easily enjoy services like 4K video, faster downloads, seamless online gaming and video calls.
DOCSIS 4.0, released in March 2020, is another stepping stone toward that 10G vision. It will quadruple the upstream capacity to 6 Gbps, to match changing data traffic patterns and open doors to even more gigabit services, such as innovative videoconferencing applications and more. DOCSIS 4.0 equipment is still in the process of being developed and is seeing great progress each day toward device certification. Once certification is complete, cable vendors will start mass-producing DOCSIS 4.0-compatible equipment. With the widespread deployment of DOCSIS 4.0 technology, cable operators will have the ability to offer symmetrical multigigabit broadband services over their HFC networks.
How Does This Technology Affect Me and My Future?
All this talk about connection speeds, low latency, reliability and other performance metrics matter to us technologists because it’s how we gauge progress. But it’s so much more than giga-this and giga-that. These metrics will directly impact your future in a real, tangible way.
Over the past two decades, high-speed internet connectivity went from an obscure tech geek novelty to an important part of modern life. We are now streaming in 4K, collaborating on video chat, playing online games with people around the world, driving connected cars and so on. Continuous advancements in DOCSIS technologies are helping make this reality possible by increasing download and upload speeds, lowering latency—or lag—for a more seamless experience, and improving reliability and security to protect our online information.
DOCSIS 4.0 technology will enable symmetrical multigigabit services, ushering in a new wave of innovation across industries and applications, including healthcare, education, entertainment, collaboration technologies, autonomous vehicles and many more. In the near future, we will see advanced health monitoring services, immersive learning and work applications, visually rich VR/AR, holodecks, omnipresent AI assistants and other game-changing innovations that we haven’t even thought of yet. In many ways, the reach and flexibility of cable’s HFC infrastructure is the backbone of our 10G future, and DOCSIS—in combination with other advanced network technologies—is key to helping us reach this Near Future.
Facts You May Not Know About the Cable Industry
The cable industry has been around since 1948, first delivering broadcast TV channels, then cable TV channels starting in the 1970s and finally—cable broadband internet in 1996. The introduction of fast-speed, “always-on” cable internet changed everything. It accelerated innovation across multiple industries and created whole new markets. Just take a moment to think: how many times a day do you do something that requires an internet connection and where would you be without it?
The cable broadband industry now serves over 200 million households—and counting—around the world. Even if yours is one of them, you probably don’t give too much thought to what cable internet is or how it works. Internet has become an important part of modern life enabling us to learn and work from home, watch in 4K, schedule telemedicine appointments, play online multiplayer games, remote control our home security systems and so on. In fact, cable industry is the leader in delivering next-generation broadband services, with cable gigabit services available to over 80% of U.S. homes. Plus, roughly half of global cable operators are also mobile providers, so you can take your modern conveniences on the go.
While it might seem like an overnight success, building a super-fast and reliable broadband platform for millions of everyday users required a lot of collaboration and around $290 billion dollars in infrastructure and network investments over the past 20 years in the U.S.. Earlier this year, CableLabs released the DOCSIS® 4.0 specification, the latest version of the technology that governs how a broadband internet signal is transmitted over cable. When widely adopted, DOCSIS 4.0 technology will quadruple network upload capacity to up to 6 Gbps, that will support a new wave of innovative experiences and much more. But we’re not stopping here. This is only a stepping stone toward cable’s 10G vision.
Along with speed, capacity, latency and other network performance metrics, the cable industry also improved the energy efficiency of its equipment by reducing energy consumption through voluntary commitments. All these ongoing improvements, together with cable’s expansive network footprint and unwavering commitment to meeting the needs of broadband customers, are the perfect recipe for building the super network of the future. Stay tuned!
A Fiber-Rich Cable Network: What Does It Really Mean?
Cable networks are fiber-rich, and cable operators have long invested in deploying more fiber deeper into their networks. A fiber-rich environment enables greater capacity, increased speeds and more flexibility to support a range of access technologies. Although cable broadband networks are typically composed of both fiber optic and coaxial cables, most cable customers are surprised to learn that the vast majority of the distance that an internet packet travels is over fiber.
In simple terms, a cable network is composed mostly of fiber that connects the interconnection border gateways to the regional hubs to the optical nodes. The remaining short distance—from the optical node to the customer’s home and then to each individual device in the home—is where the internet packet travels over coaxial cable and home Wi-Fi.
Let’s take a look at a simple real-life example, illustrated below. When a cable customer in Vancouver, Canada, makes a video call to a cable customer in Ames, Iowa, the data starts its journey over Wi-Fi to the home router and then travels about a quarter of a mile from the router to the nearest optical node via a coaxial cable. From that point, the data is converted to a fiber-optic signal that carries it for about 2,499 miles—or 99.96 percent of the total journey—to another neighborhood optical node in Ames. The remaining half-mile or less from the node to the other customer’s home is again transmitted over coax and Wi-Fi. As you can see, less than 1 mile (1.5 kilometers) of the data’s 2,500-mile (3,200-kilometer) journey between Vancouver and Ames is transmitted over coax and Wi-Fi—the rest is all fiber!
You can download the infographic here. Interested in learning more about cable networks in the future? Subscribe to our blog.
The Cable Security Experience
We’ve all adjusted the ways we work and play and socialize in response to COVID. This has increased awareness that our broadband networks are critical – and they need to be secure. The cable industry has long focused on delivering best-in-class network security and we continue to innovate as we move on towards a 10G experience for subscribers.
CableLabs® participates in both hybrid fiber coaxial (HFC) and passive optical network (PON) technology development. This includes the development and maintenance of the Data Over Cable Service Interface Specification (DOCSIS®) technology that enables broadband internet service over HFC networks. We work closely with network operators and network equipment vendors to ensure the security of both types of networks. Let’s review these two network architectures and then discuss the threats that HFC and PON networks face. We’ll see that the physical media (fiber or coax) doesn’t matter much to the security of the wired network. We’ll discuss the two architectures and conclude by briefly discussing the security of the DOCSIS HFC networks.
A Review of HFC and PON Architectures
The following diagram illustrates the similarities and differences between HFC and PON.
Both HFC and PON-based FTTH are point-to-multipoint network architectures, which means that in both architectures the total capacity of the network is shared among all subscribers on the network. Most critically, from a security perspective, all downlink subscriber communications in both architectures are present at the terminating network element at the subscriber – the cable modem (CM) or optical network unit (ONU). This necessitates protections for these communications to ensure confidentiality.
In an HFC network, the fiber portion is between a hub or headend that serves a metro area (or portion thereof) and a fiber node that serves a neighborhood. The fiber node converts the optical signal to radio frequency, and the signal is then sent on to each home in the neighborhood over coaxial cable. This hybrid architecture enables continued broadband performance improvements to support higher user bandwidths without the need to replace the coaxial cable throughout the neighborhood. It’s important to note that the communication channels to end users in the DOCSIS HFC network are protected, through encryption, on both the coaxial (radio) and fiber portions of the network.
FTTH is most commonly deployed using a passive optical networking (PON) architecture, which uses a shared fiber down to a point in the access network where the optical signal is split using one or more passive optical splitters and transmitted over fiber to each home. The network element on the network side of this connection is an Optical Line Terminal (OLT) and at the subscriber side is an ONU. There are many standards for PON. The two most common are Gigabit Passive Optical Networks (GPON) and Ethernet Passive Optical Networks (EPON). An interesting architecture option to note is that CableLabs developed a mechanism that allows cable operators to manage EPON technology the same way they manage services over the DOCSIS HFC network – DOCSIS Provisioning of EPON.
In both HFC and PON architectures, encryption is used to ensure the confidentiality of the downlink communications. In DOCSIS HFC networks, encryption is used bi-directionally by encrypting both the communications to the subscriber’s cable modem (downlink) and communications from the subscriber’s cable modem (uplink). In PON, bi-directional encryption is also available.
How might an adversary (a hacker) look at these networks? There are four attack vectors available to adversaries in exploiting access networks:
- Adversaries can directly attack the access network (e.g., tapping the coax or fiber cable).
- They may attack a customer premises equipment (CPE) device from the network side of the service, typically referred to as the wide area network (WAN) side.
- They may attack the CPE device from the home network side, or the local area network (LAN) side.
- And they may attack the network operator’s infrastructure.
Tapping fiber or coaxial cables are both practical. In fact, tools to allow legitimate troubleshooting and management by authorized technicians abound for both fiber and coaxial cables. An incorrect assumption is to believe that fiber tapping is difficult or highly technical, relative to tapping a coaxial cable. You can easily find several examples on the internet of how this is simply done. Depending where the media is accessed, all user communications may be available on both the uplink and downlink side. However, both HFC and PON networks support having those communications encrypted, as highlighted above. Of course, that doesn’t mean adversaries can’t disrupt the communications. They can do so in both cases. Doing so, however, is relegated only to houses passed on that specific fiber or coaxial cable; the attack is local and doesn’t scale.
For the other attack vectors, the risks to HFC or PON networks are equivalent. CPE and network infrastructure (such as OLTs or CMTSs) must be hardened against both local and remote attacks regardless of transport media (e.g., fiber, coax).
Security Tools Available to Operators
In both HFC and PON architectures, the network operator can provide the subscriber with an equivalent level of network security. The three primary tools to secure both architectures rely on cryptography. These tools are authentication, encryption, and message hashing.
- Authentication is conducted using a secret of some sort. In the case of HFC, challenge and response are used based on asymmetric cryptography as supported by public key infrastructure (PKI). In FTTH deployments, mechanisms may rely on pre-shared keys, PKI, EAP-TLS (IETF RFC 5216) or some other scheme. The authentication of endpoints should be repeated regularly, which is supported in the CableLabs DOCSIS specification. Regular re-authentication increases the assurance that all endpoints attached to the network are legitimate and known to the network operator.
- Encryption provides the primary tool for keeping communications private. User communications in HFC are encrypted using cryptographic keys negotiated during the authentication step, using the DOCSIS Baseline Privacy Interface Plus (BPI+) specifications. Encryption implementation for FTTH varies. In both HFC and PON, the most common encryption algorithm used today is AES-128.
- Message hashing ensures the integrity of messages in the system, meaning that a message cannot be changed without detection once it has been sent. Sometimes this capability is built into the encryption algorithm. In DOCSIS networks, all subscriber communications to and from the cable modem are hashed to ensure integrity, and some network control messages receive additional hashing.
It is important to understand where in the network these cryptography tools are applied. In DOCSIS HFC networks, user communications are protected between the cable modem and the CMTS. If the CMTS functionality is provided by another device such as a Remote PHY Device (RPD) or Remote MACPHY Device (RMD), DOCSIS terminates there. However, the DOCSIS HFC architecture provides authentication and encryption capabilities to secure the link to the hub as well. In FTTH, the cryptographic tools provide protection between the ONU and the OLT. If the OLT is deployed remotely as may be the case with RPDs or RMDs, the backhaul link should also be secured in a similar manner.
The Reality – Security in Cable
The specifications and standards that outline how HFC and PON should be deployed provide good cryptography-based tools to authenticate network access and keep both network and subscriber information confidential. The security of the components of the architecture at the management layer may vary per operator. However, operators are very adept at securing both cable modems and ONUs. And, as our adversaries innovate new attacks, we work on incorporating new capabilities to address those attacks – cybersecurity innovation is a cultural necessity of security engineering!
Building on more than two-decades of experience, CableLabs continues to advance the security features available in the DOCSIS specification, soon enabling new or updated HFC deployments to be even more secure and ready for 10G. The DOCSIS 4.0 specification has introduced several advanced security controls, including mutual authentication, perfect forward secrecy, and improved security for network credentials such as private keys. Given our strong interest in both optical and HFC network technologies, CableLabs will ensure its own specifications for PON architectures adopt these new security capabilities and will continue to work with other standards bodies to do the same.