We are, as usual, on the verge of another technological revolution (I'm already confused about the number ...). The IoT or Internet of Things will bring new business models, new use cases and will lead to another redistribution of the entire telecom market.
As in any business, there are a bunch of areas, competing solutions, technologies - in short, it's still a mess. And what will come of this is difficult to say with complete certainty.
There are several system areas of development, as it were, a kind of matrix of needs, where solutions are ranked by data transfer rate and by data transfer distance. There is NFC and BLE for payments. There is LoRa and ZigBee for sensors, and there are 4G & 5G cellular solutions such as LTE-M and NB-IoT.
In my opinion (since I work with cellular communication) the simplest and most ready-to-deploy IoT segment is the Internet of Things based on the cellular network using eSIM. That's what I'll tell you about from the point of view of hardware and software, but at the "interesting to know" level.
A SIM card has its own certified GSMA OS, a profile is rolled over it for a specific TK from a cellular operator. All sorts of buns, keys, OTA and other SIM menus.
The technology is proven, everyone is happy with everything.
For a mobile operator, there is only one drawback - the price. Manufacturing a SIM card and its logistics to the point of issue costs money. Moreover, the logistics from the manufacturer to the consumer in a circle is, probably, an order of magnitude more expensive than the SIM card itself.
For a human client - its own minus. Time. You need to go get it, break something out there, shove it in. You can solve this by a courier from the operator, but then the cost of logistics will increase even more.
But this is all childish talk, compared to the problems of an integrator client with a large fleet of equipment connected to the network. Here's what he faces:
Many people are mistaken when they think that eSIM was made for people. Even the RSP (Remote Sim Provisioning) subscription management system itself was originally designed for centralized downloading and centralized administration. B2B only, M2M only, hardcore only. It was only then that the GSMA issued an additional specification for the B2C market.
In fact, there are two different but standardized GSMA eSIM systems - one for m2m and b2b, the second for b2c, ie for human clients.
The picture below clearly shows both the differences and the continuity of a more complex custom solution.
Quite simply, M2M eSIM uses a "push model" and B2C eSIM uses a "pool model". Those. in the case of M2M, the administrator loads the profile by force, and in the case of B2C, the subscriber decides what and when to load.
Further, there are a few abbreviations that I could not do without.
eUICC is the SIM itself. A chip module with an OS system, most often in the form of an smd component, although nothing prevents it from being made in the form of a regular SIM card. For example, to connect the equipment already in use to the network. An interesting point - the crystal belongs to the equipment manufacturer, but the profiles that can be loaded there belong to the cellular operator, since they contain its comm. secret (IMSI, ICCID, security algorithms, etc.). Technically, eUICC with a working profile is similar to a regular SIM card, the components must be GSMA certified.
LPA is a service (part of the software in the eUICC). Made specifically for B2C consumers. Includes Local Profile Download (LPD), Local Discovery Service (LDS), and Local User Interface (LUI) functionality. Responsible for managing profiles on the device itself (phone), for example, loading, enabling, disabling or deleting profiles.
There is a whole bunch of necessary servers and services.
I'll start with a simpler M2M architecture.
SM-DP (Subscription Manager Data Preparation) is responsible for generating, storing and protecting operator profiles (just eSIM). It also downloads and installs profiles on the eUICC.
Well, it issues data to the SM-SR server.
SM-SR (Subscription Manager - Secure Routing) - responsible for managing the status of profiles in the eUICC (enable, disable, delete). It also protects the communication channel between the eUICC and SM-DP for delivery of profiles (eSIM).
Let's move on to B2C.
SM-DP + (Subscription Manager Data Preparation +) is responsible for creating, loading, remote management (enable, disable, update, delete) and protect operator credentials (profile). The + sign is placed because SM-DP + includes both SM-DP and SM-SR features from the M2M solution.
SM-DS (Subscription Manager Discovery Server) The Subscription Manager Discovery Server provides SM-DP + with the ability to communicate with the eUICC without knowing which network the device is connected to. This feature is important because devices can be connected via different access networks with different addresses. SM-DS addresses this challenge by allowing SM-DP + to send alerts to a secure whiteboard and devices to receive those alerts. Used to alert the LPA when profile data is available for upload to the eUICC. Notifications are sent from SM-DP + to SM-DS. The LPA service asks SM-DS for notifications as needed (supporting a pull model). The frequency of the request is determined by the state of the eUICC and the actions of the end user.
Well, the rest of the abbreviations:
CI (Certificate Issuer) is a certification center that issues certificates for authentication of system objects.
EUM (eUICC Manufacturer) is a manufacturer of eUICC electronic chips.
The security of the eUICC is confirmed by the Common Criteria EAL4 + certificate (for B2C, it seems still in development, but here ...)
The production environment and process safety is ensured by the GSMA requirements: SAS-UP for eUICC and SAS-SM for server side (RSP).
Functional testing and certification program based on GSMA SGP test rules. 23. These programs were created by GlobalPlatform in collaboration with GSMA (for eUICC), Global Certification Forum and PTCRB (for custom solution devices).
Only eUICC manufacturers and RSP platform holders accredited by the GSMA SAS can apply for GSMA certification issuer certification. Certificates are required to participate in the GSMA approved eSIM ecosystem.
For those who are very interested. PKI
To become an MVNO (virtual operator) is becoming easier and easier, and most importantly - cheaper. We are still talking about millions, but already rubles. Even medium-sized companies, not to mention giants, can create their own virtual operator with a pool of numbers to manage their distributed network of IoT devices: ATMs, POS terminals, sensors and utility meters and other host of equipment for the Internet of Things ...
MNO operators in the Russian Federation have already adopted the rules of the game. Remote authentication of new subscribers is being tested with might and main. And not against MVNO operators. Traffic is traffic. Moreover, the majority of people are tied to MNO not with a physical SIM card, but with a phone number. Many are simply too lazy to bother with the change of operator.
Work is already underway to localize RSP platforms in Russia. After their launch and certification, we can talk about large state. projects. Russian Railways, power grids and other smart cities.
Besides:
And all this will lead to the emergence of new services and interaction scenarios. New opportunities in the transition to IoT have already been described a hundred times, so I will not write them here. But it will be fun.
eSIM for B2C
For the B2C segment, eSIM will bring new marketing wars, new scenarios for distribution, search and customer retention. Fashionable lead generation and other tools from the related segment of promoting banking products. First of all, we will talk about communication in travel and other promotional services. A new round in corporate communications.
** How eSIM works for people - down with myths **
Energy consumption, space requirements, etc. will be significantly reduced. iSIM will be even easier to shove anywhere. More precisely, it will already be present simply by default. And it would be foolish not to use it. So the amount of IoT equipment will only grow, and the price will only fall.
Hurray for cyberpunk!
As in any business, there are a bunch of areas, competing solutions, technologies - in short, it's still a mess. And what will come of this is difficult to say with complete certainty.
There are several system areas of development, as it were, a kind of matrix of needs, where solutions are ranked by data transfer rate and by data transfer distance. There is NFC and BLE for payments. There is LoRa and ZigBee for sensors, and there are 4G & 5G cellular solutions such as LTE-M and NB-IoT.
In my opinion (since I work with cellular communication) the simplest and most ready-to-deploy IoT segment is the Internet of Things based on the cellular network using eSIM. That's what I'll tell you about from the point of view of hardware and software, but at the "interesting to know" level.
SIM, why is it obsolete
The architecture of today's cellular networks is characterized by the presence of a SIM card. Without going into the technical jungle - this is a classic black box. A certain security element that allows you to identify the subscriber with 100% accuracy ( yes, I know that SIM cards are hacked ).A SIM card has its own certified GSMA OS, a profile is rolled over it for a specific TK from a cellular operator. All sorts of buns, keys, OTA and other SIM menus.
The technology is proven, everyone is happy with everything.
For a mobile operator, there is only one drawback - the price. Manufacturing a SIM card and its logistics to the point of issue costs money. Moreover, the logistics from the manufacturer to the consumer in a circle is, probably, an order of magnitude more expensive than the SIM card itself.
For a human client - its own minus. Time. You need to go get it, break something out there, shove it in. You can solve this by a courier from the operator, but then the cost of logistics will increase even more.
But this is all childish talk, compared to the problems of an integrator client with a large fleet of equipment connected to the network. Here's what he faces:
- M2M SIM cards are more expensive due to the requirements for thermal and vibration loads. Instead of abs plastic - polycarbonate, other glue and more.
- Installing SIM cards into equipment is labor intensive. Moreover, if you install a SIM card at the factory, it is still okay, then the price and labor costs of changing a SIM card in the field on hundreds and thousands of pieces of equipment looks daunting.
- From this it turns out that the manufacturer, having chosen an operator, once and for all sits on his needle. The operator can dictate the price. Yes, there is a multisym with 2.3 different profiles of the main players, but this is a crutch that only partially solves the problem.
- Logistics problems. You have collected 100 devices for Voronezh, and they must be sent to Kamchatka. Or even to Uzbekistan. We'll have to manually rearrange everything on the current SIM cards. And the used nano-sim must somehow be taken into account, etc. etc.
- Roaming problems. Let's imagine a truck with a GPS tracker traveling from Kazakhstan to England. Either pay dearly, or change your SIM card to one of the travel cards from a number of MVNO operators. But the tracker is usually protected, primarily from the driver, and hidden quite deep. Yes, and a truck today carries local goods, and tomorrow it will leave for 5000 km. Again, the cost of service comes out.
eSIM - a tool for integrators
Many people are mistaken when they think that eSIM was made for people. Even the RSP (Remote Sim Provisioning) subscription management system itself was originally designed for centralized downloading and centralized administration. B2B only, M2M only, hardcore only. It was only then that the GSMA issued an additional specification for the B2C market.
In fact, there are two different but standardized GSMA eSIM systems - one for m2m and b2b, the second for b2c, ie for human clients.
The picture below clearly shows both the differences and the continuity of a more complex custom solution.
Quite simply, M2M eSIM uses a "push model" and B2C eSIM uses a "pool model". Those. in the case of M2M, the administrator loads the profile by force, and in the case of B2C, the subscriber decides what and when to load.
Further, there are a few abbreviations that I could not do without.
Device side
eUICC is the SIM itself. A chip module with an OS system, most often in the form of an smd component, although nothing prevents it from being made in the form of a regular SIM card. For example, to connect the equipment already in use to the network. An interesting point - the crystal belongs to the equipment manufacturer, but the profiles that can be loaded there belong to the cellular operator, since they contain its comm. secret (IMSI, ICCID, security algorithms, etc.). Technically, eUICC with a working profile is similar to a regular SIM card, the components must be GSMA certified.
LPA is a service (part of the software in the eUICC). Made specifically for B2C consumers. Includes Local Profile Download (LPD), Local Discovery Service (LDS), and Local User Interface (LUI) functionality. Responsible for managing profiles on the device itself (phone), for example, loading, enabling, disabling or deleting profiles.
Server part
There is a whole bunch of necessary servers and services.
I'll start with a simpler M2M architecture.
SM-DP (Subscription Manager Data Preparation) is responsible for generating, storing and protecting operator profiles (just eSIM). It also downloads and installs profiles on the eUICC.
Well, it issues data to the SM-SR server.
SM-SR (Subscription Manager - Secure Routing) - responsible for managing the status of profiles in the eUICC (enable, disable, delete). It also protects the communication channel between the eUICC and SM-DP for delivery of profiles (eSIM).
Let's move on to B2C.
SM-DP + (Subscription Manager Data Preparation +) is responsible for creating, loading, remote management (enable, disable, update, delete) and protect operator credentials (profile). The + sign is placed because SM-DP + includes both SM-DP and SM-SR features from the M2M solution.
SM-DS (Subscription Manager Discovery Server) The Subscription Manager Discovery Server provides SM-DP + with the ability to communicate with the eUICC without knowing which network the device is connected to. This feature is important because devices can be connected via different access networks with different addresses. SM-DS addresses this challenge by allowing SM-DP + to send alerts to a secure whiteboard and devices to receive those alerts. Used to alert the LPA when profile data is available for upload to the eUICC. Notifications are sent from SM-DP + to SM-DS. The LPA service asks SM-DS for notifications as needed (supporting a pull model). The frequency of the request is determined by the state of the eUICC and the actions of the end user.
Well, the rest of the abbreviations:
CI (Certificate Issuer) is a certification center that issues certificates for authentication of system objects.
EUM (eUICC Manufacturer) is a manufacturer of eUICC electronic chips.
Now about safety
The security of the eUICC is confirmed by the Common Criteria EAL4 + certificate (for B2C, it seems still in development, but here ...)
The production environment and process safety is ensured by the GSMA requirements: SAS-UP for eUICC and SAS-SM for server side (RSP).
Functional testing and certification program based on GSMA SGP test rules. 23. These programs were created by GlobalPlatform in collaboration with GSMA (for eUICC), Global Certification Forum and PTCRB (for custom solution devices).
Only eUICC manufacturers and RSP platform holders accredited by the GSMA SAS can apply for GSMA certification issuer certification. Certificates are required to participate in the GSMA approved eSIM ecosystem.
For those who are very interested. PKI
What awaits us already tonight?
To become an MVNO (virtual operator) is becoming easier and easier, and most importantly - cheaper. We are still talking about millions, but already rubles. Even medium-sized companies, not to mention giants, can create their own virtual operator with a pool of numbers to manage their distributed network of IoT devices: ATMs, POS terminals, sensors and utility meters and other host of equipment for the Internet of Things ...
MNO operators in the Russian Federation have already adopted the rules of the game. Remote authentication of new subscribers is being tested with might and main. And not against MVNO operators. Traffic is traffic. Moreover, the majority of people are tied to MNO not with a physical SIM card, but with a phone number. Many are simply too lazy to bother with the change of operator.
Work is already underway to localize RSP platforms in Russia. After their launch and certification, we can talk about large state. projects. Russian Railways, power grids and other smart cities.
What can eSIM bring to the IoT?
The eUICC module in the smd version takes up less space and is more reliable than a conventional SIM card, even in the M2M version. The issue of thermal and vibration loading has been successfully resolved. Finally, the eUICC is more energy efficient.Besides:
- ESIM solutions are ready for widespread adoption. Unlike alternative technologies, mobile networks are already deployed and have the widest coverage, approaching 100% of the area of interest (settlements).
- Competition in the mobile communications market, which guarantees that there will be no problems with monopolizing the communications market and raising prices.
- The device starts working out of the box, right after the first start.
- Easy-to-implement connection to a common network of detached buildings.
- Centralized administration of all devices.
- The ability to change settings on the fly. As with all equipment, and selectively.
- The manufacturer himself chooses a profitable communication channel without concluding an additional. agreements with wire providers. Communication does not depend on local small network operators.
- Convenient and cheap equipment logistics. All equipment leaves the factory the same. Region-specific settings are written over the air. A batch of equipment can be easily reconfigured from one region to another in a couple of clicks by one employee.
- Hello Big-data! Collection and analysis of information in real time with any sampling accuracy. Various leaks, peak consumption, average consumption, consumption pattern, fraud, total score and other data.
And all this will lead to the emergence of new services and interaction scenarios. New opportunities in the transition to IoT have already been described a hundred times, so I will not write them here. But it will be fun.
eSIM for B2C
For the B2C segment, eSIM will bring new marketing wars, new scenarios for distribution, search and customer retention. Fashionable lead generation and other tools from the related segment of promoting banking products. First of all, we will talk about communication in travel and other promotional services. A new round in corporate communications.
** How eSIM works for people - down with myths **
Tomorrow?
I won't tell you for the whole future, but with SIMs everything is more or less clear. ARM announced iSIM. That was an embedded SIM, and now there will be an integrated SIM. Simka will simply be shoved into the architecture of new SoC chips along with a modem directly to the main processor, RAM, video accelerators and so on ... Instead of a 4 mm2 smd component, there will be less than 1 mm2 directly on the common chip.Energy consumption, space requirements, etc. will be significantly reduced. iSIM will be even easier to shove anywhere. More precisely, it will already be present simply by default. And it would be foolish not to use it. So the amount of IoT equipment will only grow, and the price will only fall.
Hurray for cyberpunk!
