Bengaluru, NFAPost: As part of its efforts to further tighten network security across India, the Department of Telecommunications (DoT) has asked all multinational telecom gear makers and service providers to provide source code. Global telecom equipment manufacturers and operators have raised objection to the very move.
Global telecom equipment manufacturers and operators have raised serious concerns on the DoT asking them to share source codes and do the required testing at third-party labs accredited by the DoT.
Telecom gear
As per the usual practice, all component security testing was undertaken by manufacturers internally and operators were allowed to install the telecom gear (imported or made in India) after they received self-certification from vendors)
According to Arvian Research Telecom analyst said vendors are up in arms against the decision of the Depart of Telecom.
“The new decision now makes it mandatory for all manufactureres and suppliers to reveal the source code of every network equipment deployed as a part of security assurance testing. This move come at a time when government is making 4G network strong and started deploying 5G as India is going for digital transition,” said telecom analyst from Arvian Research.
But the analyst also pointed out that India is yet to come up with specialised security testing lab to take on these complex challenges
The department’s security division, according to people aware of the matter has asked its Bengaluru security centre to seek source code from equipment vendors so that it could come under detailed scrutiny within the accredited test labs.
There are security patches that are required as part of a zero-day vulnerability. Software fixes need the least time but bureaucratic approvals would only make the process complex that would only increase time, the person added.
Equipment companies
The equipment companies already comply with license conditions and self-certification as per best contemporary practices in accordance with the Third Generation Partnership Project (3GPP), a global standardisation initiative and GSMA, an industry veteran said countering the new regime.
NFAPost already waiting for comments from leading vendors like Nokia, Huawei and Ericsson. The other leading suppliers to Indian market are Samsung and ZTE.
The multinational vendors that use telecom equipment after self-declaration and necessary certifications from overseas labs have been recently asked to shift to a regime that requires testing at the government-accredited local labs identified by the Telecommunication Engineering Centre (TEC).
In 2010, the Department of Telecom had put a similar security condition based on different companies and later the government decided to relax after the industry-wide consultation. It is also interesting to note that the government of India’s move comes at a time when the United Kingdom (UK) that had recently set up a test center aimed to screen source code.
Internet subscribers
According to a recent study, total revenues from the telecom equipment sector are expected to grow to $ 26.38 billion by 2020. The number of internet subscribers in the country is expected to double by 2021 to 829 million and overall IP traffic is expected to grow 4-fold at a CAGR of 30 per cent by 2021.
The Indian Government is planning to develop 100 smart city projects, where IoT would play a vital role in the development of those cities. The National Digital Communications Policy 2018 has envisaged attracting investments worth US$ 100 billion in the telecommunications sector by 2022.
India is currently the world’s second-largest telecommunications market with a subscriber base of 1.20 billion and has registered strong growth in the past decade and half. The Indian mobile economy is growing rapidly and will contribute substantially to India’s Gross Domestic Product (GDP), according to report prepared by GSM Association (GSMA) in collaboration with the Boston Consulting Group (BCG). As of January 2019, India has witnessed a 165 per cent growth in app downloads in the past two years. 4.8 billion download
