ETSI - Experts & Thought Leaders

ETSI is pleased to announce the 4th Release of TeraFlowSDN, the Software-Defined Networking (SDN) controller developed by Software Development Group TFS. Release 4 brings a large suite of new features designed to provide Quantum Key Distribution (QKD) integration, end-to-end Network Automation and Monitoring, and significant improvements in Network Management, Optical Networks, Security and Blockchain Integration, among others. Quantum key distribution South Bound Interface has grown to manage quantum network devices, facilitating dynamic configuration In response to the growing need for secure communication in the quantum era, TeraFlowSDN Release 4 includes support for quantum key distribution (QKD). This introduces a new network topology model within the controller to accommodate quantum links and nodes, enabling efficient routeing and resource allocation for QKD. The South Bound Interface has been extended to manage quantum network devices, facilitating dynamic configuration of QKD systems. Additionally, control protocols and specific management features for QKD operations have been implemented, along with a user-friendly interface for QKD management. Finally, a dedicated QKD Application Register has been included. End-to-end network automation and monitoring TeraFlowSDN has significantly improved its network automation and monitoring capabilities by aligning with the ETSI Zero-touch network and Service Management (ZSM) architecture. The Monitoring component has been replaced by three new components: KPI Manager, Telemetry and Analytics: The KPI Manager focuses on managing the KPI descriptors that detail the observation points in the network together with the samples type they manage. The Telemetry component focuses on interfacing with the network equipment and collecting the monitoring data. The Analytics component performs data analysis ranging from simple data aggregation and threshold-based alarms to complex statistical analysis and future machine learning algorithms.  Network and automation framework A new automation component enhances the controller's abilities, completing the KPI Manager In addition, a new automation component further enhances the controller's capabilities, complementing the KPI Manager, Telemetry, Analytics and Policy components to enable advanced automation within the network. This new network and automation framework has been designed using auto-scalable components and front-end/back-end architectures to cope with stringent monitoring requirements imposed by 5G/6G infrastructures. Network management TeraFlowSDN Release 4 includes functionality to retrieve logical inventory from network devices, including detailed information such as ACLs, interfaces, routing policies, and VRFs using NETCONF and OpenConfig data models via the device driver. The interface information is saved in network instance configuration rules, providing a more comprehensive view of the network topology. The North Bound Interface supports the IETF Inventory data model to allow exporting device inventory items using, facilitating integration with external systems. TeraFlowSDN now also supports the IETF network slice format, allowing IETF-formatted slices to be uploaded and processed through the WebUI component. Optical networks TeraFlowSDN Controller supports the complete life cycle management of both optical band configuration The TeraFlowSDN Controller now supports the complete life cycle management of both optical band and media-channel configurations with emulated NETCONF devices.  Automatic discovery of OpenConfig Multi-Granular Optical Nodes (MG-ONs) is now possible, including interfaces and capabilities for wavelength-based, waveband-based, and fiber-based interfaces. TeraFlowSDN context To synchronise the link status among the optical controller module and the TeraFlowSDN context, link spectrum occupation is maintained in the database, optimising storage by representing multi-band slots efficiently. Topology synchronisation between the optical controller and the TeraFlowSDN context eliminates the need for dedicated topology files during bootstrap.  The WebUI displays the current configuration of OpenConfig devices, with information gathered via NETCONF and synchronised with the context database. Security and blockchain integration DLT Gateway functionality has been replaced with a new open-source component-compliant The existing Distributed Ledger Technology (DLT) Gateway functionality has been replaced with a new open-source component compliant with Hyperledger Fabric v2.4+.  This new implementation retains the core functionality of enabling TeraFlowSDN to communicate with the blockchain and facilitates operations such as updating, adding, deleting, and fetching assets, handles various asset types in JSON format, and includes automation scripts for its deployment as a Kubernetes service. Other notable improvements A new NBI connector based on IETF RFC 8519 has been implemented, enabling the management of network Access Control Lists (ACLs) through standardised YANG data models. A QoSProfile component supports the translation of Quality of Service (QoS) profiles into service and slice constraints, integrating with the LF CAMARA Quality on Demand API via the TeraFlowSDN NBI. The North Bound Interface has been extended to include Create, Update, and Delete methods for entities such as context, topology, device, link, service, and slice. Service database management has been generalised by optimising CockroachDB secret management and generalising database handling classes, improving consistency and efficiency across components. Release of TeraFlowSDN "We are excited to deliver this new Release of TeraFlowSDN, incorporating advanced features that meet the evolving needs of modern networks," said Ricard Vilalta, Chair of ETSI SDG TeraFlowSDN. "The integration of quantum key distribution capabilities, enhanced automation, and improved network inventory management positions TeraFlowSDN the most competitive Network Automation and Security Framework in the Open-Source community. These enhancements provide our users with the tools they need to build secure, efficient, and future-proof networks." Discover TeraFlowSDN Release 4 at the ETSI SNS4SNS event TeraFlowSDN Release 4 was shown during the ETSI Software and Standards for Smart Networks  TeraFlowSDN Release 4 will be extensively demonstrated during the ETSI Software and Standards for Smart Networks and Services event, that will take place in ETSI premises, in Sophia Antipolis, France 12-14 November 2024. The event will bring together experts and decision makers from industry standardisation, open source communities and research initiatives, for a 1.5 days of conference and several Hackfests, including the 5th TeraFlowSDN Hackfest. Participation is free and open to all, but seats are limited. Register to the TeraFlowSDN Release 4 overview webinar The TeraFlowSDN Release 4 Webinar will take place on 10th December 2024, 14:00 CET, to provide an extended overview of this latest release, where TeraFlowSDN becomes a Network Automation and Security Framework that is redefining the future of network management. The webinar will showcase new features such as Quantum Key Distribution (QKD) control, enhancements to network automation, and improvements on inventory management.

In response to the growing uptake of GlobalPlatform’s Security Evaluation Standard for IoT Platforms (SESIP) methodology, the organisation has introduced several initiatives to further accelerate adoption. These include the launch of new certification stamps, expanding the number of labs and certification bodies (CB), new partnerships and the creation of an adopter program. Together, this raises the bar for IoT security by enabling the adoption of the methodology across new sectors, use cases and markets. Relevant security requirements “We are at an inflection point in SESIP adoption,” commented Gil Bernabeu, CTO of GlobalPlatform. “SESIP is getting recognised for eliminating the complexity and fragmentation surrounding security evaluation, making IoT device security economically viable for the entire value chain." "It helps the market identify and align relevant security requirements, implement appropriate security in devices, and demonstrate compliancy across markets, while minimising costs, effort, and time-to-market. The recent ratification of SESIP as a European Standard (EN 17927) serves as both a vote of confidence and a trigger for further adoption.” A rapidly growing ecosystem The longstanding diploma body TrustCB has already issued 47 SESIP diplomae to firms SESIP has rapidly become an internationally recognised standard for security evaluation, supported by a large community of security providers, industry bodies, security laboratories, and other stakeholders. The longstanding certification body TrustCB has already issued 47 SESIP certificates to companies including NXP Semiconductors, STMicroelectronics and Winbond Electronics Corporation. These products were evaluated by a growing group of GlobalPlatform licenced security laboratories. Currently, these labs are Applus+, Riscure, SERMA, SGS Brightsight, and Thales ITSEF with more expected to join this list in the coming year. Two additional certification bodies are currently working to become GlobalPlatform SESIP CBs to bring even more capacity and reach to the ecosystem. SESIP-certified software   The methodology is also already used or referenced by bodies including the CCC, ETSI, FiRa Consortium   Importantly, the methodology is also already used or referenced by bodies including the Car Connectivity Consortium (CCC), ETSI, FiRa Consortium, National Institute of Standards & Technology (NIST), PSA Certified and Wireless Power Consortium. This adoption first demonstrates the value of the methodology to strengthen IoT security across diverse vertical markets and use cases.  It also helps device manufacturers using these technologies to compose their final device based on SESIP-certified software or hardware components, while quickly and easily ensuring compliance with relevant regulations. Collaborating to expedite adoption The GlobalPlatform community is responsible for maintaining the methodology, enforcing a governance model with an associated quality brand between CBs, product vendors and laboratories. The support and expedite growth, GlobalPlatform has delivered several important initiatives and resources: SESIP Committee & Working Groups – A dedicated Committee and Working Groups have been established to drive GlobalPlatform’s strategy for SESIP ecosystem development, initiate new technical projects, facilitate adoption efforts, and oversee governance. A primary focus is to engage with regulators and the security evaluation ecosystem to identify requirements and demonstrate SESIP’s applicability for different regions and vertical markets.  New SESIP Product, Lab and Certification Body Marks – A suite of branded logos have been made available for certified products, and accredited laboratories and certification bodies, to promote and bring trust to their offerings. SESIP Profiles and Mappings – GlobalPlatform develops and maintains a growing suite of SESIP Profiles and Mapping documents to facilitate the adoption and use of the methodology. SESIP Profiles are used in the security evaluation of a component or device, while SESIP Mappings bridge the security requirements defined in the methodology with those of global cybersecurity regulations. SESIP Adopters Community – As the methodology is now being used by a diverse range of different stakeholders, GlobalPlatform has created the ‘SESIP Adopters’ community. This program informs non-members about the latest GlobalPlatform SESIP developments, provides access to relevant technical documents, and allows them to showcase their certified products and/or support for SESIP. Development of SESIP “SESIP leverages the expertise of the GlobalPlatform ecosystem to incorporate better cybersecurity in IoT devices, at the right cost and aligned with market regulation,” added Bernabeu. “By giving stakeholders a single point of reference for IoT cybersecurity, regardless of their security expertise, we can collectively raise the bar for security. But we need to reach beyond this GlobalPlatform community. These programs, partnerships and resources will extend our ecosystem, enabling anyone to join us in driving the development of SESIP for the benefit of the growing IoT industry.”

Speakers at the 10th ETSI/IQC Quantum Safe Cryptography Conference have called on organisations to prepare their cybersecurity infrastructures to address the challenges of a post-quantum world. Organised by ETSI and the Institute for Quantum Computing, this year’s conference was hosted from 14-16 May by the Centre for Quantum Technologies (CQT), National University of Singapore (NUS), in partnership with the Infocomm Media Development Authority (IMDA) and the Cyber Security Agency (CSA) of Singapore. The event attracted an impressive 235 onsite delegates from 27 countries, reflecting fast-growing interest worldwide in the critical importance of quantum-safe cryptography in cybersecurity strategies. Quantum threats and risk management Addressing business, industry, government and research communities with a stake in cryptographic standardisation, the three-day event provided a platform for knowledge exchange and collaboration as organisations transition their cyber infrastructures and business practices to ensure security in the imminent quantum era. The three-day event provided a forum for facts talk and union as organisations The executive track on the conference’s opening day (14 May) outlined the current state of quantum threats and quantum risk management. Delegates were welcomed by Chuen Hong Lew, Chief Executive of the Infocomm Media Development Authority (IMDA) of Singapore, who stressed the importance of harnessing the opportunities of quantum computing for the greater good, while ensuring that the digital infrastructure remains secure and quantum-safe. Worldwide practical deployments Other keynote speeches by Artur Ekert, Professorial Fellow in Quantum Physics and Cryptography at the University of Oxford and the National University of Singapore, and Michele Mosca, co-founder and Professor of the Institute for Quantum Computing at the University of Waterloo and Programme Committee Chair for the conference, explored how quantum computers are poised to disrupt the current technology landscape. Panel discussions – including a dedicated session on the financial sector’s specific requirements – explored approaches being taken by businesses and governments to manage the quantum risk to information assets, cyber systems and business continuity, now and in the future. The conference’s technical track (15-16 May) provided a deep dive into cryptographic technologies being developed through various initiatives worldwide to ensure the security of networks and connected devices in a post-quantum era. Sessions focused on topics including current standardisation initiatives and worldwide practical deployments of both post-quantum cryptography and quantum key distribution, as well as migration strategies to quantum-secure ecosystems. The need for standardisation in a post-quantum world Advances in quantum computing pose a challenge to the vigil of many universal cryptographic algorithms Advances in quantum computing present a major challenge to the security of many ubiquitous cryptographic algorithms. Preparation for a transition to quantum secure technologies is increasing, with a corresponding acceleration in efforts to standardise tools to mitigate quantum threats. With the availability of the first quantum-safe cryptographic standards for general use anticipated in the summer of 2024, working groups at ETSI are actively exploring how they will fit into existing protocols, applications, and public-key infrastructures. “In recent years we have seen significant progress in solving the challenges of building real quantum computers” comments ETSI Director-General Luis Jorge Romero who welcomed delegates to the first day of the conference. “When ETSI held the first QSC conference in 2013, there were no standards available for quantum-safe cryptography. Standardisation provides a powerful platform to consolidate fragmented global research efforts in the development of quantum-safe algorithms and associated business practices that will protect the Internet and everyone who relies on it.” Integrity and confidentiality of information “Quantum computers are poised to disrupt the technology landscape” states Michele Mosca, co-founder of the Institute for Quantum Computing at the University of Waterloo. “Building on ten years of continuous dialogue at a global level, this week’s conference highlights the necessity for business pioneers worldwide to prepare for the quantum era by focusing on ‘resilience by design’ of their critical cyber systems, and the integrity and confidentiality of information assets.” "The 10th ETSI/IQC Quantum-Safe Cryptography Conference has highlighted the need for global coordination and sharing on best practices as the world begins an unprecedented overhaul of the crypto foundations of our communication systems,” indicates Alexander Ling, CQT Principal Investigator, NUS. “Hosting this year's conference in Singapore has brought the world's pioneering experts on the matter to our region, and I'm really happy to see all the conversations that are starting new connections and partnerships."