Coherent Optics 101: Coming at You at 0.69c
Welcome back to the CableLabs 101 series! In our previous post, we discussed the basic components of a typical hybrid fiber-coax (HFC) cable network infrastructure and the role of DOCSIS® technology in data transmission over the coaxial portion of the network. Today, we’ll focus on the fiber portion of the HFC network, as well as the coherent optics technology that’s widely considered to be the hyper-capacity future of internet connectivity.
What Is Coherent Optics Technology?
Cable’s HFC networks are “fiber-rich,” which means they’re composed mostly of fiber—a bundle of very thin, hair-like strands of glass or plastic wire. Fiber is light, durable, and most importantly, capable of transmitting a lot of data over very long distances incredibly quickly. Light travels through a vacuum at 186,282 miles per second, a universal constant that scientists denote as “c.” Although light traveling through fiber optic cable moves a little slower than that (69 percent of the speed of light in a vacuum, or 0.69c), it’s still incredibly fast at over 128,000 miles per second. That’s fast enough for a single burst of light to circle the earth more than five times in a single second.
Until recently, signals in a typical HFC network were transmitted over fiber using analog technologies: an electrical radio frequency signal would be converted to an analog optical signal, transmitted over fiber optic cables, and then converted back to an electrical signal at the fiber node. With the advent of Distributed Access Architecture technologies, which will help cable operators cost-effectively add more capacity to their networks, that same fiber is being re-used to carry digital signals rather than analog ones.
The digital fiber technology being deployed today in access networks uses an “on-off keying” approach, in which a transmitter rapidly turns the laser on and off to send a signal; each pulse can signal a single bit of digital information (a 1 or a 0). Coherent optics adds further dimensions to the optical signal to carry more information simultaneously: rather than just pulsing the light on and off, it uses other properties of light (e.g., amplitude, phase and polarization) to carry multiple bits with each burst of information rather than just one bit. That can increase the data-carrying capacity of a single fiber by as much as 70 times, compared with non-coherent technology.
How Has This Technology Evolved?
Coherent optics technology is not new. It’s been used for over 10 years in long-haul fiber networks that span thousands of miles between cities and countries. More recently, as the cost of coherent optics technology has come down and speeds have gone up (from forty to now hundreds of gigabits per second) it has seen growing deployment in metropolitan or regional networks. The one remaining frontier has been the access network—such as in a cable HFC network, which has a large number of relatively short links, requiring a very low-cost solution.
It was for this reason that CableLabs embarked on an effort to define the use of coherent optics for cable access networks: to define requirements specific to access networks, thereby promoting interoperability, scale and competition. All this reduces the cost of this technology to the point at which it could be used widely to grow the capacity of cable operator fiber networks.
This vision was realized with the publication of our initial Point-to-Point (P2P) Coherent Optics specifications (released in June 2018), which defined how to send 100 Gigabits per second (Gbps) on a single wavelength, and how to send up to 48 wavelengths on a single fiber. That was followed by our version 2 specifications (released in March 2019), which defined interoperable operations at 200 Gbps per wavelength, doubling the capacity of the network. And both specifications included support for another key technology called Full Duplex Coherent Optics, which doubles the capacity of each fiber yet again while enabling the cost-effective use of a single fiber rather than the normal fiber pair.
How Does This Technology Affect Me and My Future?
When you think about current technology trends and predictions for the future, you’ll notice a common thread. Future innovations—like holograms, 360° virtual reality (VR), artificial intelligence and so on—will all require super high-capacity, low-latency networks that can transmit a ton of data very, very quickly. We’re not talking about just long-haul networks between cities and countries, but everywhere.
This is why cable companies started investing in the expansion of their fiber infrastructure and fiber optic technology decades ago. By focusing on “fiber deep” architectures—a fancy term for bringing fiber closer to subscribers’ homes—and using technologies such as coherent optics to mine even more bandwidth out of the fiber that we already have in the ground today, we can ensure that our cable networks continue meeting the requirements of current and future innovations. Thanks to those efforts, you’ll be able to one day enjoy your VR chats in “Paris,” work in a “holo-room” and much, much more.
A Fiber-Rich Cable Network: What Does It Really Mean?
Cable networks are fiber-rich, and cable operators have long invested in deploying more fiber deeper into their networks. A fiber-rich environment enables greater capacity, increased speeds and more flexibility to support a range of access technologies. Although cable broadband networks are typically composed of both fiber optic and coaxial cables, most cable customers are surprised to learn that the vast majority of the distance that an internet packet travels is over fiber.
In simple terms, a cable network is composed mostly of fiber that connects the interconnection border gateways to the regional hubs to the optical nodes. The remaining short distance—from the optical node to the customer’s home and then to each individual device in the home—is where the internet packet travels over coaxial cable and home Wi-Fi.
Let’s take a look at a simple real-life example, illustrated below. When a cable customer in Vancouver, Canada, makes a video call to a cable customer in Ames, Iowa, the data starts its journey over Wi-Fi to the home router and then travels about a quarter of a mile from the router to the nearest optical node via a coaxial cable. From that point, the data is converted to a fiber-optic signal that carries it for about 2,499 miles—or 99.96 percent of the total journey—to another neighborhood optical node in Ames. The remaining half-mile or less from the node to the other customer’s home is again transmitted over coax and Wi-Fi. As you can see, less than 1 mile (1.5 kilometers) of the data’s 2,500-mile (3,200-kilometer) journey between Vancouver and Ames is transmitted over coax and Wi-Fi—the rest is all fiber!
You can download the infographic here. Interested in learning more about cable networks in the future? Subscribe to our blog.
CableLabs Member, Telia Norge, Launches the Fastest Broadband Service in Norway
There’s more great news from across the pond! Just a month after Vodafone Germany surpassed the 21 million gigabit homes passed milestone, another European telecommunications company and CableLabs® member, Telia Norge (Telia Norway), is launching the fastest broadband service in Norway for its customers, operating under the GET brand it acquired in 2018.
Now, Telia Norway’s GET customers have access to as much as 1,250 Mbps download speed and either 500 Mbps or 50 Mbps upload speed, depending on the package they choose. Either option gives them unprecedented freedom to surf, stream and share on multiple devices at the same time. In addition to much higher speeds, customers will also enjoy the benefits of a significant increase in network capacity and reliability. These improvements are a direct outcome of Telia Norway’s ongoing commitment to modernize and future-proof its hybrid fiber-coax (HFC) network in preparation for the next generation of high-speed digital products and services. By upgrading its network to CableLabs DOCSIS® 3.1 technology, Telia Norway will be able to not only greatly improve the broadband experience for its current customers but also ensure that it stays ahead of their broadband needs for years to come.
“This is a large and important program for us, where we will invest a lot in the years ahead,” said Pål Rune Kaalen, Telia Norway Director of the Private Market. “Through the program, we are greatly expanding the speed, capacity and stability of today's network—something our new broadband product is a good example of. For us, this technology represents the broadband of the future.”
As part of this large-scale modernization push, Telia Norway plans to continue investing in its HFC infrastructure with a goal of upgrading more than 300,000 homeowners to the new DOCSIS technology by 2023. The inherent flexibility of the DOCSIS technology will allow for a cost-effective upgrade without digging new trenches and negatively impacting the environment—or the bottom line. And that’s what the broadband of the future is all about.
Check out the full press release on Telia's news site (Norwegian).
The Cable Security Experience
We’ve all adjusted the ways we work and play and socialize in response to COVID. This has increased awareness that our broadband networks are critical – and they need to be secure. The cable industry has long focused on delivering best-in-class network security and we continue to innovate as we move on towards a 10G experience for subscribers.
CableLabs® participates in both hybrid fiber coaxial (HFC) and passive optical network (PON) technology development. This includes the development and maintenance of the Data Over Cable Service Interface Specification (DOCSIS®) technology that enables broadband internet service over HFC networks. We work closely with network operators and network equipment vendors to ensure the security of both types of networks. Let’s review these two network architectures and then discuss the threats that HFC and PON networks face. We’ll see that the physical media (fiber or coax) doesn’t matter much to the security of the wired network. We’ll discuss the two architectures and conclude by briefly discussing the security of the DOCSIS HFC networks.
A Review of HFC and PON Architectures
The following diagram illustrates the similarities and differences between HFC and PON.
Both HFC and PON-based FTTH are point-to-multipoint network architectures, which means that in both architectures the total capacity of the network is shared among all subscribers on the network. Most critically, from a security perspective, all downlink subscriber communications in both architectures are present at the terminating network element at the subscriber – the cable modem (CM) or optical network unit (ONU). This necessitates protections for these communications to ensure confidentiality.
In an HFC network, the fiber portion is between a hub or headend that serves a metro area (or portion thereof) and a fiber node that serves a neighborhood. The fiber node converts the optical signal to radio frequency, and the signal is then sent on to each home in the neighborhood over coaxial cable. This hybrid architecture enables continued broadband performance improvements to support higher user bandwidths without the need to replace the coaxial cable throughout the neighborhood. It’s important to note that the communication channels to end users in the DOCSIS HFC network are protected, through encryption, on both the coaxial (radio) and fiber portions of the network.
FTTH is most commonly deployed using a passive optical networking (PON) architecture, which uses a shared fiber down to a point in the access network where the optical signal is split using one or more passive optical splitters and transmitted over fiber to each home. The network element on the network side of this connection is an Optical Line Terminal (OLT) and at the subscriber side is an ONU. There are many standards for PON. The two most common are Gigabit Passive Optical Networks (GPON) and Ethernet Passive Optical Networks (EPON). An interesting architecture option to note is that CableLabs developed a mechanism that allows cable operators to manage EPON technology the same way they manage services over the DOCSIS HFC network – DOCSIS Provisioning of EPON.
In both HFC and PON architectures, encryption is used to ensure the confidentiality of the downlink communications. In DOCSIS HFC networks, encryption is used bi-directionally by encrypting both the communications to the subscriber’s cable modem (downlink) and communications from the subscriber’s cable modem (uplink). In PON, bi-directional encryption is also available.
How might an adversary (a hacker) look at these networks? There are four attack vectors available to adversaries in exploiting access networks:
- Adversaries can directly attack the access network (e.g., tapping the coax or fiber cable).
- They may attack a customer premises equipment (CPE) device from the network side of the service, typically referred to as the wide area network (WAN) side.
- They may attack the CPE device from the home network side, or the local area network (LAN) side.
- And they may attack the network operator’s infrastructure.
Tapping fiber or coaxial cables are both practical. In fact, tools to allow legitimate troubleshooting and management by authorized technicians abound for both fiber and coaxial cables. An incorrect assumption is to believe that fiber tapping is difficult or highly technical, relative to tapping a coaxial cable. You can easily find several examples on the internet of how this is simply done. Depending where the media is accessed, all user communications may be available on both the uplink and downlink side. However, both HFC and PON networks support having those communications encrypted, as highlighted above. Of course, that doesn’t mean adversaries can’t disrupt the communications. They can do so in both cases. Doing so, however, is relegated only to houses passed on that specific fiber or coaxial cable; the attack is local and doesn’t scale.
For the other attack vectors, the risks to HFC or PON networks are equivalent. CPE and network infrastructure (such as OLTs or CMTSs) must be hardened against both local and remote attacks regardless of transport media (e.g., fiber, coax).
Security Tools Available to Operators
In both HFC and PON architectures, the network operator can provide the subscriber with an equivalent level of network security. The three primary tools to secure both architectures rely on cryptography. These tools are authentication, encryption, and message hashing.
- Authentication is conducted using a secret of some sort. In the case of HFC, challenge and response are used based on asymmetric cryptography as supported by public key infrastructure (PKI). In FTTH deployments, mechanisms may rely on pre-shared keys, PKI, EAP-TLS (IETF RFC 5216) or some other scheme. The authentication of endpoints should be repeated regularly, which is supported in the CableLabs DOCSIS specification. Regular re-authentication increases the assurance that all endpoints attached to the network are legitimate and known to the network operator.
- Encryption provides the primary tool for keeping communications private. User communications in HFC are encrypted using cryptographic keys negotiated during the authentication step, using the DOCSIS Baseline Privacy Interface Plus (BPI+) specifications. Encryption implementation for FTTH varies. In both HFC and PON, the most common encryption algorithm used today is AES-128.
- Message hashing ensures the integrity of messages in the system, meaning that a message cannot be changed without detection once it has been sent. Sometimes this capability is built into the encryption algorithm. In DOCSIS networks, all subscriber communications to and from the cable modem are hashed to ensure integrity, and some network control messages receive additional hashing.
It is important to understand where in the network these cryptography tools are applied. In DOCSIS HFC networks, user communications are protected between the cable modem and the CMTS. If the CMTS functionality is provided by another device such as a Remote PHY Device (RPD) or Remote MACPHY Device (RMD), DOCSIS terminates there. However, the DOCSIS HFC architecture provides authentication and encryption capabilities to secure the link to the hub as well. In FTTH, the cryptographic tools provide protection between the ONU and the OLT. If the OLT is deployed remotely as may be the case with RPDs or RMDs, the backhaul link should also be secured in a similar manner.
The Reality – Security in Cable
The specifications and standards that outline how HFC and PON should be deployed provide good cryptography-based tools to authenticate network access and keep both network and subscriber information confidential. The security of the components of the architecture at the management layer may vary per operator. However, operators are very adept at securing both cable modems and ONUs. And, as our adversaries innovate new attacks, we work on incorporating new capabilities to address those attacks – cybersecurity innovation is a cultural necessity of security engineering!
Building on more than two-decades of experience, CableLabs continues to advance the security features available in the DOCSIS specification, soon enabling new or updated HFC deployments to be even more secure and ready for 10G. The DOCSIS 4.0 specification has introduced several advanced security controls, including mutual authentication, perfect forward secrecy, and improved security for network credentials such as private keys. Given our strong interest in both optical and HFC network technologies, CableLabs will ensure its own specifications for PON architectures adopt these new security capabilities and will continue to work with other standards bodies to do the same.
How Reliable Is Cable Internet? Here’s How Our Networks Are Performing
Starting in mid-March, the world experienced a sudden surge in internet usage driven by the widespread COVID-19 stay-at-home orders that caused many of us to switch to working and studying at home in a matter of days. Cable broadband networks not only withstood this sudden surge in internet usage; they excelled. For example, for the week of June 27–July 4, 99.9 percent of U.S. cable broadband users saw no material impact on customer experience. Looking to the future, cable networks are also well-positioned to remain ahead of sustained increases in consumer demand. Although internet usage appears to have plateaued recently, CableLabs and the broader cable industry continue to develop further network advancements to ensure that internet performance stays well ahead of even the most demanding home users’ needs for years to come.
Internet Usage During COVID-19 and Cable Broadband Services
Network monitoring provider OpenVault reveals just how much home internet usage jumped over the past few months:
- In the United States, average daily downstream consumption from 9 a.m. to 5 p.m. in the first week of April totaled about 6.35 GB per household, up 42 percent from 4.46 GB in January. Upstream average usage during business hours rose to 0.39 GB, up 83 percent compared with 0.22 GB in January.
- Worldwide, looking at a sample of 500 fixed, mobile and Wi-Fi network providers, networking equipment provider Sandvine found that overall traffic increased 40 percent between February 1 and April 19. It also found that upstream traffic rose 121 percent during this period.
Even considering these dramatic increases, home internet use remains heavily asymmetrical. The amount of data transmitted to the home (downstream) vastly outweighs the amount of data transmitted from the home (upstream). This is driven by the continued use of video streaming services (e.g., Netflix, YouTube) that require substantial amounts of data to be transmitted to the home to enable the user to view a movie, TV show or other video. These applications require very little data transmitted from the home.
Two-way video collaboration tools (e.g., Zoom, Microsoft Teams) do require more data to be transmitted from the home (upstream) in comparison with video streaming services due to two-way audio and video functionality. Even with the increased use of these collaboration tools, upstream data transmissions remain well below a tenth of total data transmitted over home internet connections.
The predominance of downstream use is further confirmed in the detailed examination of broadband use from a top-tier North American cable broadband operator, as set forth in Figures 1 and 2 below. Over the past 8 years, the proportion of downstream traffic has increased and plateaued at roughly 92–94 percent of total traffic at peak. Looking more closely at the most recent 5 months illustrates the rapid increase in internet use due to COVID-19. Even with upstream increasing at a faster rate than downstream, upstream use at peak maxed out at only 9 percent of total traffic, as illustrated in Figure 2. Additional metrics, trends and observations on cable internet usage can be found on NCTA’s COVID-19 Dashboard.
Cable Broadband’s Outlook Is Healthy
The asymmetric design of cable’s internet service tiers accurately matches how consumers have been using the internet, even with the increased use during stay-at-home orders. This is important both to ensure a high-quality user experience and to efficiently allocate available network capacity. Cable operators continually monitor their networks and engineer them to accommodate significant fluctuations. There are indications that these increased levels of usage will be foundational as new use cases emerge and as a significant segment of the population continues to work and learn from home. For example, many companies have found that their remote workers maintained or even improved productivity—so much so that they may make the arrangement permanent.
Cable network technology, more formally known as Data Over Cable Service Interface Specification (DOCSIS®), has the flexibility and performance capabilities to handle further increases in consumer demand in both downstream and upstream data transmissions. With DOCSIS 3.1 technology, the current widely deployed version of cable network technology, cable operators are making gigabit services broadly available. For example, cable gigabit services are now available to 80 percent of U.S. housing units.
And there are more performance enhancements on the horizon with the recently released DOCSIS 4.0 specification, which will readily enable multi-gigabit internet services. In addition, the 10G platform provides increased reliability, enhanced security and reduced latency.
Taking a peek into the future, cable broadband networks have not only excelled in the initial surge in internet usage caused by the COVID-19 pandemic, but they will be ready for the potential long-term changes in consumer behavior that will drive increased internet usage. To learn more about the technologies that power cable’s broadband internet services today and into the future, click the button below.
CableLabs Goes Down Under
In a bit of alright, CableLabs recently welcomed Australia’s National Broadband Network (nbn) – as our 56th member — and our first in Australia. CableLabs now has members across five continents — adding Australia to Asia, Europe, North America and South America.
Established by the Australian government in 2009 to design, build and operate Australia's new broadband network, nbn is unique among CableLabs members as a Layer 2 network which wholesales access to Retail Service Providers (RSPs). With the nbn network currently passing 4.6 million premises, approximately 50 RSPs are providing service to 2 million end user customers. nbn plans to extend its network to 12 million premises by 2020 – and will serve 8 million end user customers through its RSPs.
nbn is unique in another fundamental way. It is comprised of several heterogeneous network technologies, including fixed networks employing HFC, DSL and fiber (FTTx), together with wireless networks (fixed and satellite). Through a strategy titled “Multi Technology Mix,” nbn is a “network of networks” which integrates and optimizes these technologies to maximize speed of rollout, optimize economic return and enhance flexibility. This flexibility is at the heart of nbn’s strategy to provide access to fast broadband to all Australians as soon as possible.
By the end of 2018, nbn will deploy DOCSIS 3.1 in its HFC network, joining a growing number of CableLabs’ members across Canada, Europe and the U.S. who are deploying DOCSIS 3.1 multi-gigabit technology. These deployments will help deliver new customer experiences that are faster and more efficient. Examples of the improved experience include:
- 10Gbps downstream and up to 1Gbps upstream network capacity
- Improved responsiveness for applications such as online gaming and video streaming
- Ability to transmit up to 50 percent more data over the same spectrum, on existing HFC networks
- Increased cable modem energy efficiency through advanced energy management protocols
For more information about nbn, please visit http://www.nbnco.com.au/corporate-information/about-nbn-co.html.
Debunking the Myths of Shared Networks: The Point-to-Multipoint Effect
“I don’t want to have to share a pipe. The problem with ‘cable’ is shared pipes. If my neighbor is doing a bunch of stuff over the network, I get impacted too. With fiber I get speed and no shared pipes.”
--- Entrepreneur in a focus group
The notion that subscribers connected to residential fiber networks do not “share pipes” is often misunderstood. For residential fiber networks, sharing pipes is one of the main reasons fiber to the home (FTTH) is even remotely cost-effective for service providers to deploy. But what is most surprising is the following: deploying shared network solutions has led to a more rapid increase in residential broadband speeds than otherwise would have been the case with non-shared access network solutions. I like to call this the Point-to-Multipoint Effect. In the process, sharing pipes has allowed broadband speed growth to surpass the predicted 50% compounded annual growth rate commonly known as Nielsen’s Law of Internet Bandwidth. Read on to learn more…
First, a couple of definitions:
- A (non-shared) point-to-point (P2P) network topology is one in which there is a single dedicated connection between two endpoints. In the case of access networks, one endpoint is typically located at the hub or central office, or could be located at a remote distribution point. The other endpoint is a digital subscriber line (DSL) modem, for example, or a simple Ethernet switch, located on the customer premise. In P2P networks, the peak capacity of a link is used exclusively by only the two endpoints.
- A (shared) point-to-multipoint (P2MP) network topology is one in which there is a single downstream transmitter and multiple access termination devices that all selectively listen to the same downstream data stream. A key characteristic with P2MP networks is the peak capacity of the network is shared between all connected endpoints. Two examples of P2MP networks are HFC and passive optical networking (PON), shown in the figure below (showing downstream transmission).
Two examples of (shared) point-to-multipoint networks: HFC and PON
The PON solution represents the most prevalent residential fiber solution in the world, primarily due to lower costs compared to P2P fiber solutions. To illustrate the sharing, referring to the diagram above, if 10G-EPON is the technology choice, each optical network unit (ONU) connected to the network transmits upstream at ~10 Gbps, but they don’t transmit simultaneously. Instead, an ONU must be scheduled by the OLT for upstream transmission to avoid collisions with other ONUs. In essence, the scheduling of ONUs results in the sharing of the 10 Gbps peak capacity. Consequently, there is a whole lotta pipe sharing going on in PON solutions.
Do shared networks necessarily perform better or worse than non-shared networks? It depends on how performance is measured, but in one key area, residential broadband speeds, shared networks have significantly outperformed non-shared networks by a substantial amount.
A recent blog discussed Nielsen’s Law of Internet Bandwidth and how the cable industry was preparing to meet future broadband speeds with 100G-EPON. When Mr. Nielsen made his initial prediction in 1998, residential broadband access was dominated by dialup and ISDN connections, which are both P2P solutions. Indeed, for approximately the first 14 years since that initial 300 bits per second dialup connection in 1982/1983, the progression of available peak service tier bit rates followed the 50% annual growth rate prediction.
**various sources compiled by CableLabs
The release of the first DOCSIS® specifications by CableLabs in 1996 essentially represented the dawn of P2MP solutions, i.e. shared, for residential Internet connectivity. According to the data in the chart above, the tremendous rate of technology advancements resulting from the shared DOCSIS/HFC network solution, and later with the development of shared PON technologies, coupled with the relative cost-effectiveness of these solutions, has far exceeded other P2P technologies for residential broadband. While the initial growth prediction in 1998 was a 50% annual growth rate, the Point-to-Multipoint Effect increased the growth rate closer to 70% for residential Internet connectivity. The Point-to-Multipoint Effect indicates that sharing pipes for residential connectivity has provided a solution that has actually allowed residential high speed data rates to increase at a faster pace! This “sharing” trend is expected to continue with the development of Full Duplex DOCSIS and 100G-EPON, making the introduction of new services possible. Thus, just like our parents always told us, it is good to share.
In his role as Vice President Wired Technologies at CableLabs, Curtis Knittle leads the activities which focus on cable operator integration of optical technologies in access networks. Curtis is also Chair of the 100G-EPON (IEEE 802.3ca) Task Force.