 You guys can hear me? All right. So just heads up. We have two more minutes to get started. I'd requested a, I'll go through the introductions. I'll go through the introductions. I had requested for being the keynote speaker. They said go screw yourself. So now here you find me in this room. I don't know how many, just to show our fans how many of you guys are from service providers like AT&T, Dallas, anybody? Ooh, you do realize this is next gen security for ZTA? OK, you guys are in the right room. How many of you are actively involved in 3GPP or ORAN? ONAP, TIP. Woo, awesome. All right, this is going to be great. So the way I've prepared these slides, it's going to be a kind of overview. We're going to go at the speed of light, as you will see. We are going to cover evolution of telecom and where we are today. Why do we need a light infrastructure platform like Starling X? And at the end, I have certain quiz questions, which if you answer right, you will get a cool giveaway, which is going to come to you from behind. We have how many do we have to give, four, five? We have eight to give up? So everybody gets one. They're only like eight or nine people anyways. So all right, before we get started, I just want to also make sure let's have this as a very open, communicative kind of session. You feel anything against me, anything against the slides, against the content, against the speaker. Feel free to shut up. I do not expect that to come up. So should we get started or? So let's get started. First of all, good morning, everyone. Come on, you guys. What are you guys doing? I woke up specially to do this. All right, so just want to let you know where are we. This is the lecture details, the abstract that was posted. I'm sure everybody of you read it, and this is exactly why you are here. But in a nutshell, if you haven't, we are going to be talking about security. We're going to be talking about telecom specifically for the likes of all these carrier service providers across the world. We'll touch security, of course, there. But in specific, we're going to be talking about zero trust security. What is zero trust architecture? And why do we need it? Why does the essence? Then I'll go through a proposal, aka authored by me. That's why I'm here. Again, just for the record, I wanted to be the keynote speaker. They said no. What are the next steps? How can we work together? This is an open source, open forum for discussion and collaboration. Why is it so important that we do work together on this one? And I'll go through that as well. It's not as simple as it sounds. And then finally, this is wrong. There are eight or nine winners. And if you answer a question, or even if you raise your hands and don't answer the question right, or if you don't even ask a question, I'll get you a winner label, just for being here. All right. So let's get started. I think we are here till 10, 11, or 12. I think it's only half in. Are you freaking kidding me? So who am I? That's me. That's me, also. My name is Siddharth Shabad. I work at Wind River, which is old Intel, now bought by Aptiv. My experience, I've been always being a geek in telecom. So all those Symantec, telecom, Motorola, 5G Sting was my own company. I sold it. What do I like to do? Well, just for all of us, these are things that I really like to do. No, pickleball forever is the favorite forum. Any of you a pickleball guy? All right. Anyways, I'm a pickleball instructor and a former player. I'm ranked number 41 out of 6,000 in the pro circuit today in US. That's me playing. That's my hairstyle, of course. And this is my email alias, if you want to reach out to me for anything, pickleball related. So let's go quickly and go over through this telecom. If anything, you guys, it's worth your time to come and I really appreciate it. But get certain things out of this, if you really want something out of this, other than the price that we are going to give you, try to understand one or two acronyms, and it will pay off. So we are going to recap 30 years of telecom, the whole telecom evolution, in less than five minutes. There's nobody who can do that. I can assure you. You go on YouTube, nobody can do this. What I'm going to do. So let's go through. If anybody has ever heard of 2G, 3G, 4G, raise of hands. Thank God, everybody. Awesome. So we started from 2G, 3G, 4G. As you can see, the architecture, don't worry about all those acronyms. Acronyms are for geeks. However, what you need to understand is there is a core network, which is the IP network, which is basically radio signals, converted all to 0s and 1s, and then transferred, so that you can make a call. And of course, there's a radio part, radio into the spectrum. Why do we pay for AT&T, Telus, and so on, so forth? So as you can see, for the purposes of our discussion, I'm going to focus on two things, core and radio. Forget about all of this. This is not in the quiz. What is in the quiz is radio and core. So let's focus, and now we go into the details. So the first thing is, many people in these parent organizations, OAPTIP, GSMA, 3GPP, these guys are all intellectuals. They get together, and they said, listen, you know what? We have to start working on advancement. The cars are going to talk to each other. The cows are going to tell us how many, what kind of output they're going to deliver. All this IoT, massive IoT, and so on. So how do you do that? How do you get within the space of the same spectrum or a different spectrum, how do you get all that data engulfed in it? So the way they started doing it is, hey, you know what? There were two things, remember? Quiz number one, what did I tell you to remember from the last slide? Two things. Dude, winner. All right. And by the way, I was looking for those people who raised their hands. There was only one. So only one winner, right here, sir. So really quickly, what did they do? They took the EPC, the core, and they broke it. They broke it, and they kept on breaking it. Now, what they did was the architecture. What that means is control and user plane. Control plane is how you start the session, how you interact, who I'm talking to, who the signals are created, or the access are created. And then the user plane where the data is going to go through. So for purposes, again, of our discussion, control plane is where all the control things happen. You control the session. User plane is the browsing you do, or all the good sites you go to. I was so careful. All right. So then, again, we have to keep thanking those guys at Onaptive, GSMA, 3GPP. They kept on thinking, and they said, you know what? From the CUPS architecture, why don't we use something that is going on these days? Virtualization. And hey, you know what? Take a step further. Go NFV, which stands for Network Functional Virtualization. So you're going to take the network function, and you're going to virtualize it. Again, keep in mind, the core and the radio, these guys are only focusing on the core at the moment. So what we have done is we have taken from monolithic architecture, which was one box, one doing one thing, into taking the whole function, breaking it up into these modular functions, some modular function, or you can say microservices. And basically, now this has become your core. So if you get the drift where I'm going with this, is where we started from from one box, now the core is just multiplying. That is the key takeaway here. So going forward. So now we are here at the core. Again, we have broken it. I want to go quickly. I promised you I will be going. And now all those guys that we love, they actually sat down and they said, you know what? Now we have broken up the core. There's one more thing left to be broken. Can anybody tell me what was that? There, winner. Again, show of hands. There were only one hand. My god. That must be because of the speaker. However, so when you talk about, oh, right there. Right there, back, back, back, back, back, right there. Thank you. So when we disaggregate RAM, when we talk about disaggregating RAM, you are basically introducing few new concepts. Now what we are saying is that it doesn't matter if Samsung makes the antenna or somebody in India is making the antenna. It doesn't matter who makes the antenna. At the end of the day, we as a service provider should be able to buy any component of any of those architecture, the breakup, and put it in place. Now understand this. Where we started was, the evolution was there were only few companies. One of that companies, really quick hand. Where did I work, which was a telecom company? Anybody? Dude, come on, man. You've already got so many prizes. So yes, correct. So Motorola, at that time when we had started, there were only few players, Motorola, Alcatelucin, Nokia. Now, as you would see over the years, that have kind of shrunk. However, the good news is that with the virtualization of the microservices in the 5G architecture and the open RAM disaggregation, what has happened is, it has opened up the new floor for new vendors. You would see Mavinia or you would see people. I'm sorry? Perfect, yes. So you have all these new companies coming up, which is excellent for the ecosystem, by the way. So I want to focus quickly upon this. This is the new best thing if you really are looking for a job in the, I would say, in the next couple of months or years. I think this is where you need to be if this is what kind of gets you going, which is the open RAM forum, open RAM. This is the next big thing. And this is what makes 5G so amazing and sexy, as you would see. All right, so of course, we are here for Starling X. We have to discuss how we play into that picture. So what we have done for is we've broken up the network. We have broken up the RAM. We have broken up the core. Now when we talk about the edge, what are we talking about? In reference to this particular session, the edge here is where the radio antenna that you see walking, like you're going down the highway, you'll see all these big radio towers, cell towers. Those cell towers basically go, there's a fiber that connects the cell tower, the antenna down to a box in the enclosed area. And that's where the edges come up. Now, as you know, why we are all here is Starling X. It's the most fundamental platform, at least in a distributed way. That is the platform of choice. Many carriers have already adopted it, and many carriers are still in the process of adopting it. Why? I'll tell you why in a little bit. But again, the key takeaway on this slide is that Starling X is the edge platform for 5G and beyond. OK? Good? All right. Quick question. Which is the platform for the future? Oh, two. Winner, winner. Awesome. I want everybody to be a winner at the end of the day, guys. Come on. All right. So let's go quickly, because I'm already on my bottom of the hill. So far, I just want you guys to get something out of it and a discussion worthwhile. Afterwards, again, this is just a 30-minute session. The goal here is we can collaborate. We can talk about all the other things at the end. But I want you to get something out of this session. Do you understand what 5G is? Why? 5G is so powerful. Why everybody is talking about it? And that is why the reason is disaggregation. Everything is broken up into microservices. OK? So eventually, if you're having a game of, I think, Toronto Raptors, or I don't know if Vancouver has an NBA team, I don't know about that. But say, for example, if you're having a game, and all of a sudden everybody starts doing multimedia, all of a sudden the number of users spikes up at the cell tower. So what the microservice architecture, the carrier, can just come in and start pumping in more servers to increase the throughput aggregate. OK? So that is the beauty of microservices. And of course, 5G, the spectrum. So really quick, this is where starting X plays. Why we talked about Edge? Because you can do as a container, as a service. All these are different, multiple, different containers. Or you can say pods running in it. Here, Edge OS and physical layer, these are the base for Starling X. Nothing new here. I just wanted to bring it up to your attention if you have any questions, feel free to stop me. So a quick recap in 10 minutes. We started up with G evolution. We started up with breaking the core. We started up breaking the core into microservices. We started up breaking the RAM. Core and RAM, we split it up. And then finally, I told you we're Starling X plays. All right? Any questions so far? No, because we are going at the speed of rocket. Hold it. My four questions come to you now. Listen, if I'm a service provider, I just told you the evolution. How the hell am I going to find a small issue? Like, say, for example, hey, hey, you know what? A subscriber with this number or an IMEI, he's not able to get on my network. Yeah. Can you tell me where the problem might be? Because, hey, you know what? These are all these are legacies hardware. So if you go to a computer closet of AT&T or Telus or something, you will see more service than you can think of. It's very complex. However, where I'm going with this is it's not so trivial to figure out where the problem lies in this complex, virtualized world. So really quick, anybody? Quiz question. What does this refer to? Anybody? Oh, god, everybody is a genius here. This section is way better than this section. All right. Really quick. We have 10 more minutes. Anybody on this side? Anybody? What am I referring to here? There you go. Winners, winners everywhere. So basically, you don't need to be a James Bond or you're trying to find a needle in the haystack. Even James Bond cannot figure that out. So there comes the zero trust architecture. What is zero trust architecture and why is it required? There are some assumptions. Now, zero trust architecture came from enterprise. And what it is is you assume the worst. Think the worst case scenario. Think that you are going to get screwed. At the end of the day, that is the best assumption to have. You are going to get screwed. Cyber attack is imminent. Now, how do you want to answer this is basically you can think of it as an insider threat or an outsider threat. Somebody can hack you or somebody from internal can leak data out. Therefore, every device, every user, and every workflow, that it needs to be authenticated and authorized. Is that my time is up? I still have nine minutes, right? OK, all right. So basically, every device user workflow should be authenticated and authorized. That is the key takeaway from zero trust architecture. Finally, 3GPP, of course, we cannot forget them. These guys are the intelligent guys. They basically came down and they said, OK, we are going to adopt the stride model. So what is the stride model? Spoofing, tampering, repudiation. All this is stride, basically, as you can think of all the threats. That is what stride stands for. Basically, on the right-hand side is what that means in simple English. How do you do that? Now, every interface, every workflow is going to go through this kind of microscopic figuring out where the threats are, who the threat causes, and how do you rectify it. So what is the proposal? The proposal that I wanted to bring up and that got accepted was basically that there's nothing rocket science here. However, what we need to figure out is that it has to be a real-time solution, a real-time analytic, intelligent-driven solution. If you find a problem in a workflow, where and how, you can stop it. It has to address the basic needs. It can be in the RAN or it can be the core. Remember, we broke the RAN and the core. It has to be a workflow-driven. It has to basically adopt to either an IoT issue or a subscriber issue or a vehicle-to-vehicle issue. All these are basically the fundamental drivers for where we are headed to. Finally, it has to be open source. That's the reason why we are all here. That's the reason why you're hearing me. That is, we need to share, we need to collaborate. Nor one person is going to be a king person. Not even, I would say, Ericsson Nokia would know everything. Because we have just opened it up. We have opened each and every layer of the telco network. Disaggregation. Finally, I just come up with this concept. I was going to give an acronym for this, but I could not. But this is the concept of, as you know, CAS stands for Container as a Service. But here, in this case, I'm saying it should be container as a security. What I'm trying to do is figure out all the enforcement points. Now, this is the key takeaway. All the red things are the enforcement points. Last quick question, quiz question. What are the red points in the slide? Raise of hands, my friends. Yes, everybody is a winner. It is the enforcement point. Thank you. So basically, what we are trying to do here is, we can figure out each and every component, and we can map it out, either an enforcement point or a decision point. PDP, policy decision point, and PEP, policy enforcement point. The fundamental is that some of these components, some of these layers, are going to be where you decide where the problem is. And there are some points which we call enforcement, which is where you're going to block the connection or where you're going to isolate the connection. So in summary, I think this is where we are. We are going to be basically at, after this session is over, you can come down to Wind River Booth. We are presenting over there in the booth. Basically, we have three buckets that I think we can all collaborate in. Again, these will be open as part of the Infresh Foundation. I don't know what the next steps are here. But there are over 300 workflows that we have defined. These workflows when we talk about are specific to the interfaces, the architecture and the releases or the, you know, like 3GPP release 16 is what is happening for 5G. We are already talking about release 21. Basically, all these workflows can be defined. Based on these workflows, you can have, you have to classify them as a policy decision points or an enforcement points. So what does that mean? Well, you take the interfaces, you break it down into protocol specification and releases, okay, but identify those. As I said, we already have identified up to 300 so far. And then finally, how can you do the enforcement and what layer can you do the enforcement? And I think the, I think I'm getting pushed back here. So last really quick, already as CAS platform, we offer Calco, Istio, basically, these are different types of access list that programs, open source programs that you can use as part of Starling X. However, outside of this, there is whole slew of innovation left. And that is where I think we as open source community can play and collaborate. And that is where all these workflows, all this information can be taken up and inserted and then used. And that is where I think the AIML company into the picture. We have two more minutes and anybody has a question because that was my, that you guys get something out of this. If nothing else, you now should be able to understand the keywords, disaggregation, ran core. Anybody who doesn't understand disaggregation, ran core, I did not do justice then. Question. So that's a very good question. So first of all, let's just, let's try to break your question into you, in a disaggregation environment, let's talk about focus on ran for one second, okay? Now there was one slide I think I presented and this is more slides. Guys, you will be getting the slide decks as part of this, I'm guessing. There was a map here, right here, no, this one. So I want to basically talk about this. So this is the open ran, where I'm just giving you an example. Open ran, what happens is, is there is a function or a service layer that is called the SMO, service management and orchestration. That is where you embed your AIML engine, right? All the data of the analytics of the workflows gets going into that. And basically what will happen is there are two components defined in the release and that is a non-real-time framework and a real-time framework. Depending on how critical the error is or how critical the service is that is going to get broken up, this is where it feeds into. Where I'm going with this is the AIML, okay, needs to be given enough data to be able to determine autonomously where to go for non-real-time or real-time. Any other question, guys? Well, thank you all for attending. If you guys haven't won the prize, please stop by at the end or come to Wind River Booth and I will make sure you got something out of it, okay? Thank you.