5G futures: Why Huawei when open source may be the new black?
11 Aug 2018|

So, the Australian government has a big decision to make about whether it will allow Huawei to be a provider of Australia’s 5G communications network that will power the internet of things for us. The national security concerns with having the large Chinese firm take on such an important role have been outlined well by ASPI’s cyber policy team and others in a series of recent Strategist posts.

The big question people have asked, though, is, if not Huawei, then what? Ex-head of the UK’s GCHQ signals intelligence organisation Robert Hanigan, for example, has said, ‘The dilemma for western governments is that Chinese technology is no longer derivative or cheap, it’s often world-leading. Do we cut ourselves off from this technology by banning it, or find ways of managing the risk?’ It sounds like there’s an inevitability to embracing the solutions of China’s big tech firms, either now or sometime in the future.

But that may well be just plain wrong. Rather than asking who’s the alternative supplier to Huawei, the better question might be, why would Australia go with an outdated approach to hardware and software provision at a time when new approaches might play to industry strengths and be far more durable and effective over the longer term?

Let’s remember that Huawei offers an end-to-end proprietary 5G solution combining hardware and software. It uses some third-party hardware and software, but it’s all built around a proprietary Huawei model. That’s the attraction and that’s the risk. In a carefully bureaucratically worded report, the UK’s National Cyber Security Centre has advised that ‘it is less confident that the NCSC and HCSEC can provide long term technical assurance of sufficient scope and quality around Huawei in the UK’, adding that there are further medium-term risks associated with shifts in technology like virtualisation and edge computing architectures like 5G. That’s as close to alarm bells and flashing lights as such a report can get.

Huawei’s end-to-end approach is apparently what makes it so attractive as a solution and helps the company undercut competitors’ pricing. But it also means that identifying vulnerabilities, providing updates, doing patches, and designing and distributing upgrades of both hardware and software are in Huawei’s hands. It’s the Microsoft or even IBM model that gave us personal computers and the Microsoft operating system, combined with Bell Telephone’s or AT&T’s approach to building telecommunications networks.

But we’re now living in a world of virtualisation and software-defined hardware. The old way of acquiring and operating systems that makes customers dependent on big end-to-end proprietary solutions is not the only way. Similarly, the internet of things is a world of myriad manufacturers of sensors and devices—control systems, fridges, toasters, TVs, security cameras, machinery, servers, networks, smartphones and computers—that will connect to 5G and its successors, with no single proprietor having a dominant market share.

This means that with 5G (and the next 6, 7 and 10Gs) Huawei may have tried to corner a market that’s about to be disrupted. If that sounds crazy, then it’s worth thinking about some parallels that we know work. The biggest is the Linux operating system—the most famous (and probably the most successful) example of open-source software. It has succeeded in large part because the software is developed by lots of people scattered across the globe. These same people, universities and companies all fix bugs, patch vulnerabilities and improve the Linux operating system’s functionality. It is robust not because it’s a sealed system, but because it’s an open system kept strong by open participation.

Another example from the world of cybersecurity: anti-viral software and vulnerability patching also gains a huge advantage from multiple eyes and actors spotting viruses, malware and vulnerabilities and providing fixes and patches. This type of crowd-sourcing of solutions is not novel in the software industry. And it works. At speed.

In hardware land, though—think electronics, networks and telecommunications systems—open-source design hasn’t been popular. Building big end-to-end proprietary systems has required large investments from big firms that produced large profits—a bit like Big Pharma with drug development.

The hardware world and the electronics industry as a whole, though, knows its future looks like the software industry’s. The move to virtualisation of hardware and rapid configuration of hardware functions through software has begun and is gathering pace in areas like networking and cloud provision. Open-source hardware is becoming real, quickly.

As DARPA’s Bill Chappell said recently about open-source hardware, ‘[T]he parallel is to the software community. The hardware community really hasn’t figured out that ethos of sharing. We’re trying to pull some of that excitement and methodology into hardware design.’ Chappell says that open-source hardware is finally starting to take off because of the increasing abstraction of hardware design. ‘[I]t gets closer to the software community’s mentality.’

DARPA has been placing big bets on an open-source hardware future—its timeframes for real solutions are 2025 and 2030. The goal of its US$1.5 billion, five-year electronic resurgence initiative is to ‘change how everything is done in electronics, top to bottom’. POSH, DARPA’s project on open-source hardware, for example, intends to create a Linux-based platform and ecosystem for designing and verifying open-source hardware internet protocol blocks for next-generation systems on chips.

The world of telecom and networking technology looks far more likely to shift from big single proprietary solutions to more participatory open-source solutions for both hardware and software. That’s in part because it will provide the most rapidly reconfigured and most secure solutions in a world of cyber threats, but also because the internet of things is well suited to an open-source approach given the huge number of individual vendors.

This open approach plays to the strength of countries that see open participatory systems as the path to success, not closed, state-sponsored proprietary solutions. It’s a model that works well when you want to combine the capabilities and strengths of diverse firms and research organisations across national boundaries. It is a great fit for Western political systems that can work as partners, combined with strong market-based policies and practices.

In this already emerging future world, companies like Qualcomm, Intel, Nvidia, IBM, Nokia, Ericsson—and firms like Australia’s Telstra, Atlassian and QuintessenceLabs—can combine to build open-source hardware and software solutions. These will provide far more resilient, rapidly upgradeable and configurable communications backbones than can be achieved by the historical big proprietary model. They’ll have built-in cybersecurity because vulnerabilities can be identified and patched fast.

This future plays to the strengths of US, EU, UK, Japanese, Indian and Australian technologists, and to the market-driven way our tech sectors operate. Australia can help by working with its partners to provide the policies, regulation and drive to accelerate this emerging future. As DARPA’s Bill Chappell has said, where governments stepping in helps is at moments like this when a larger leap is required. Oftentimes, industry isn’t looking too far ahead as it has more immediate pressures and concerns.

So, the solution after having banned Huawei from 5G here in Australia is first a short-term one followed by a medium-term one. In the short term, alternatives from an alliance of existing 5G competitors to Huawei—like Qualcomm, Nokia and Ericsson—could meet the more immediate need. That will give time for the more durable open hardware solutions to arrive in the mid-2020s. It turns out there are alternatives to living in a world dominated by big proprietary tech. That’s good news.