Blockchain For ICT Supply Chain Security Part 3: Securing The National Wireless Infrastructure

January 17, 2021

This is Part 3 of a 3 Part Series on the Enhanced Mobile Equipment Identifier (E-MEID) and how it can be used to improve ICT Supply Chain Security. The E-MEID is a tokenized MEID that creates a globally unique, auditable, and verifiable data repository for any physical or virtual asset connected to the wireless network. Part 2, “IoT and NFT Management Use Cases“, describes how the E-MEID can be used to enhanced Internet-of-Things (IoT) security and prevent unlicensed access to Non-Fungible Token (NFT) based digital art. Part 3, “Securing The National Wireless Infrastructure“, describes how ComSovereign is investigating how the E-MEID could be used to secure the US national wireless infrastructure.

On June 9, 2021, the President of the United States signed an Executive Order to elaborate upon measures to address the national emergency for the information and communications technology and services supply chain declared by Executive Order 13873 of May 15, 2019 (Securing the Information and Communications Technology and Services Supply Chain). More than a year ago, Congress approved $1.9B to “rip-and-replace” insecure networking devices across the country. In July 2021, the Federal Communications Commission finalized the $1.9 billion plan that will help smaller, rural telecommunications carriers pay to rip out and replace technology from listed Chinese providers.

ComSovereign: Wireless device deployment and management across US government, military, and commercial networks.

In response to the clear national cybersecurity threat to the United States, ComSovereign has combined a wide range of companies in the wireless industry, building a US-based, full-service 5G equipment provider. Their goal is to wean American companies off foreign suppliers, and provide a bulwark against China’s Huawei, accused of creating a conduit for Chinese Government spying with its 5G equipment.

As part of the SCS 9001 pilot activity, TNS and ComSovereign plan to demonstrate how E-MEID can be used to document:

  • % of information assets having an impact on supply chain security with a NIST NVD CVSS v3.0 score of 9 or more with the issue date for each
  • % of information assets having an impact on supply chain security with a NIST NVD CVSS v3.0 score of equal to or greater than 7 but less than 9 with the date issued for each
  • % of vulnerabilities remediated within the time frames threshold timeline specified in SCS9001
  • % of vulnerabilities mitigated within the time frame threshold timeline set in SCS9001
  • % of applications updated within the time frame threshold timeline set in SCS9001
  • % of vulnerabilities attributable to each supplier

ComSovereign/VirtualNetCom/Saguna Networks: Edge computing solutions within the Computer industry sector

The global edge computing market should grow from $3.6 billion in 2020 to $15.7 billion by 2025, at a CAGR of 34.1% during the forecast period. Driving factors include the growing adoption of the Internet of Things (IoT) across industries, rising demand for low-latency processing and real-time, automated decision-making solutions, and a need for surmounting increasing data volumes and network traffic.

By implementing mobile edge computing infrastructures, telecom companies can leverage many of the computing resources they already possess while delivering faster service with reduced latency. Keeping more data near the network’s edge and closer to end users reduces the strain on their bandwidth. It makes it possible to deliver innovative mobile edge computing applications and services without compromising performance.

Hewlett Packard Enterprise (HPE) selected Saguna Networks to deploy its Multi-Access Edge Computing platform to the Globe Edge Incubation Lab as part of the Globe Telecom Network 5G rollout. Globe Telecom is the largest mobile network operator in the Philippines and one of the largest fixed-line and broadband networks. As of May 2021, Globe’s total mobile subscriber base reached 79.8 million.

As part of the SCS 9001 pilot activity, TNS and ComSovereign plan to demonstrate how E-MEID can be used to document:

  • % of information assets having an impact on supply chain security with a NIST NVD CVSS v3.0 score of 9 or more with the issue date for each
  • % of information assets having an impact on supply chain security with a NIST NVD CVSS v3.0 score of equal to or greater than 7 but less than 9 with the date issued for each
  • % of vulnerabilities remediated within the time frames threshold timeline specified in SCS9001
  • % of vulnerabilities mitigated within the time frame threshold timeline set in SCS9001
  • % of applications updated within the time frame threshold timeline set in SCS9001
  • % of vulnerabilities attributable to each supplier

If you are interested in learning more about the Enhanced MEID or the associated SCS 9001 Pilot demonstrations, please contact Kevin L. Jackson, SVP, TNS Corporation, via email at Kevin@TNSCorp.io.

TIA does not endorse TNS or the solutions it proposes.  TIA is technology and vendor neutral.  The MEID is managed by TIA and the “enhanced” aspects proposed by TNS are products and services that utilize the MEID but are not standardized by TIA engineering committees nor approved or marketed by TIA.