Behind stylish nex-gen phones and interesting gimmicks, 5G and IoT took center stage at this year’s Mobile World Congress, though security for both wireless and wired connectivity remained in the background—but not for Rohde & Schwarz. Instead, the company demonstrated test solutions for all three, providing the technical support for what is to come.
“The way they’re talking about 5G here you’d think it was being deployed tomorrow,” said Jim McGregor, principal analyst at Tirias Research, when we met in the halls. He was, of course, alluding to the nascent stage of 5G standards development, never mind deployment. That didn’t dampen the buzz, however, especially with Qualcomm and Intel almost side-by side in the hall, vying for attention. Intel played up its end-to-end (infrastructure to wireless device) strength; Qualcomm showed off its Snapdragon processors, automotive and operator alliances, 5G New Radio, and LTE-based private networks.
Meanwhile, Rohde & Schwarz was focused on the hard job of explaining how it was all going to be tested when 5G-ish type devices do start to emerge—and how developers and designers could ensure security, which remained the classic “elephant in the room.”
At the front end, 5G is looking like it will require wideband power amplifiers for the 28- and 39-GHz bands, so Rohde & Schwarz showed off the latest option in its FSW high-end, signal, and spectrum analyzers: the FSW-B1200 option.
According to Johan Nilsson, the product line manager who demonstrated the unit, the analyzer uses new digital boards with 14-bit converters implemented in a proprietary (non-interleaved) fashion to bump up the bandwidth from the older FSW-B512’s 512 MHz to 1.2 GHz. By doing so, wideband 5G signals can be tested in detail.
At the booth, the device under test was a typical Hittite 28-GHz power amp (PA). A 64-QAM OFDM signal was run through the PA and a 3D plot generated to show the EVM.
The EVM was 1% at 1 GHz, according to Nilsson, who also commented that the pull for systems like the FSW-B1200 is coming from a demand for 5G solutions from operators like Verizon.
NarrowBand-IoT (NB-IoT) Test
5G and IoT are tightly coupled in that 5G will incorporate low-latency, low-power wireless connectivity to directly connect sensors over wide areas. The timeline for 5G-like, low-power, wide area networks (LPWANs) made a leap forward in June of 2016 when the 3GPP announced that it had integrated NarrowBand-IoT into Release 13 of its specification (LTE Advanced Pro).
This put the onus upon test-and-measurement companies to come up with a test regimen, quickly. To this end, R&S demonstrated the CMW500 reference implementation for 3GPP NB-IoT, using Qualcomm’s MDM9206 LTE modem (see photo).
The CMW500 (left) was used as part of a test rig that lets designers test IoT devices based on the Qualcomm MDM9206 NB-IoT modem (center, behind white keyboard). (Source: ClariTek)
The MDM9206 is a global Cat M1/Cat NB-1 dual-mode LTE modem. By using the R&S CMW-KU300 NB-IoT MLAPI scenarios and the R&S CMW-KR313 3GPP Rel. 13 C-IoT protocol test enabler on a single R&S CMW500 radio communication tester, engineers can test their IoT devices based on the MDM9206 LTE modem under realistic conditions. They do so by attaching and establishing a real-time, comprehensive connection with the simulated network, then testing relevant signaling and RF scenarios related to the 3GPP Release 13 specification.
According to Christian Dobmeier, who led the demonstration, there is typically a year or more to develop a test solution. It takes time, but NB-IoT came out rather suddenly, so they developed the solution in roughly six months.
The demonstration begins with a network attachment and establishment of a comprehensive data session. Using the R&S CMW-KM300 NB-IoT Tx-Measurement personality during an established NB-IoT call, RF parametric tests to evaluate RF-spectrum, output-power, and error vector magnitude (EVM) provide unique insight into the RF performance of the IoT-device.
Security Lurking in the Background
Like Quasimodo lurking in the background, yet ringing the bells as needed, security haunts the 5G and IoT stage. That said, it’s a critical feature, and tests need to be developed to ensure it’s implemented correctly.
For this, R&S introduced and demonstrated a rather unique test solution that combines its hardware with deep-packet-inspection (DPI) IP security mechanisms for IoT and devices that it pulled from its Cybersecurity division. Christian Hof, the product line manager, gives a good rundown of how it works.
The solution uses a car telematics unit that is acting like it’s connected to the internet, but the R&S CMW-KM052 analysis option turns the R&S CMW500 wideband radio communication tester into a valuable tool for improving the security of IP-based data communications for mobile and IoT modules. Users are provided with a detailed overview of security-related parameters in a controlled wireless environment. For developers, they can detect and close security gaps at an earlier point in the development process.
It isn’t necessary to install additional software on the DUT for the analysis, nor does the DUT need to have a debug interface. The R&S CMW500 sets up the wireless connection and functions as a wireless network during IP data communications over the Internet. Developers can flexibly configure the cells to simulate real-world applications in the end customer's target network. They only need a single test instrument for RF analysis in cellular and non-cellular networks, protocol tests and IP application tests as well as for analysis of security-relevant parameters for IP data communications. This is not available anywhere else.
The Cybersecurity software (R&S PACE2) analyzes IP traffic in real time within a controlled test environment. It generates statistics for the IP connections in real time, and outputs a clear overview of the results. The software module allows the user to define sensitive and device-specific information. Statistics show whether this information appears in unencrypted connections.
The module also analyzes parameters for SSL/TLS handshake sequences, as well as certificates, the country name, and the domain name of the endpoint server. Another important function is the active scanning of the IP ports on the mobile or IoT device. This makes it easy to detect invalid configurations and suspicious communications behavior.
For developers who may have kludged together a number of devices that were passed as secure initially, the combination may open up attack surfaces, but the R&S system ensures those security breaches are caught in time.
While 5G, NB-IoT, automotive, and stylish phones to match accessories were hot at MWC-2017, it’s good to see test companies focusing on the underlying technologies that will make it happen.