The use of 5G technology was one of the key issues discussed between Prime Minister Narendra Modi and US President Donald Trump ahead of the G-20 meet in Osaka in June. To better understand what is at stake, Karishma Mehrotra spoke to information security expert V Kamakoti, a member of the National Security Advisory Board and a professor of computer science and engineering at IIT Madras.
What does 5G technology enable?
Centuries ago, in Industry 1, the focus was the steam engine with mechanical engineering. Industry 2 required more electricity to run engines and machines. Industry 3, where we are now, is the electronics game. What we are looking forward to in Industry 4 are things like distributed processing, robotics, 3D printing, artificial intelligence, and big data. It will be distributed computing, trying to do activities that are distributed in nature.
What do we mean by ‘distributed’ activities? Say, I am a surgeon sitting in Chennai and I want to do two different surgeries in two different places on the same day. I can have a robotic setup in these locations and do robotic surgery.
So far, we have had human-to-human communication and human-to-machine communication. In Industry 4, it will also be a machine-to-machine. Two autonomous vehicles or two drones can do collaborative work.
Why does 5G bring up more urgent security concerns than before?
5G is taking technology closer and closer to mankind. When we looked at 2G, the mobile phone was used just for voice communication. We never dreamt that we would use mobile devices for anything else. Now, we rarely talk on our phones compared to (the) other activities (we do on them).
As we go towards 5G, a lot more of our livelihoods will depend on the network, so the issue of security becomes more significant.
In addition, the scale will be bigger, the number of towers will be bigger, the number of devices will be bigger, and when something goes wrong it becomes irreversible. Just like if you distribute one million phones and want to take them back, it will be difficult.
What is the global concern over Huawei?
The United States claims that it has security concerns in deploying (Chinese-owned) Huawei because of spyware and malware — what you would call back doors that could leak data from the installations. So the US has banned Huawei equipment to be deployed in that country.
Two things can happen if I have back door: I can leak information from a place to another place of my choice. Secondly, I can gain control over the equipment and stop it from functioning.
So, how should India manage these concerns?
Fortunately or unfortunately, the entire narrative of 5G is now being looked at through this ‘Huawei or not-Huawei’ issue. But the narrative should be, at the first stage, what do we need to do when we try to bring in unknown equipment — hardware or software? This should be the first question we need to answer. Huawei or not is for the next stage.
The unknown system problem is that it is very easy to find out if the system does what I want it to do, but it is difficult for me to find out whether the system will not do what I don’t want it to do.
We need to create a comprehensive framework for our requirements. In this, there will be technical issues, as well as the notion of trust and countries’ past record. Each sector will have its own do’s and don’ts, whether it is power, transportation, finance, entertainment, aviation, or defence.
Also, this is where indigenisation of technology comes in. If we focus on building technologies here (in India), I will have very, very clear access to my hardware and my software.
How will I be secure if I don’t even know what is inside my chips? In the mobile phone you are using, there are one billion transistors, and your Android operating system that is running, is one million lines of code. With one million lines of code running on one billion transistors, you don’t know what could happen.