Ivo Ivanov from DE-CIX, on providing car makers with high-performance, reliable & secure interconnection to enhance their cars and protect their customers.
Industries worldwide are entering into a new era of digitalization, everywhere, for everything, making performance, resilience, and security in network connections business-critical. An increasing number of enterprises from segments like healthcare, finance, retail, logistics, and automotive have been discovering the benefits of connecting with their digital value chain via an Internet Exchange.
While Internet Exchanges have traditionally been seen as locations where telecommunications companies (carriers), Internet service providers, content networks, and content delivery networks interconnect to exchange data, we are now seeing an increasing number of participants joining from other industry segments, like healthcare, finance, retail, logistics, and of course, automotive.
As an early adopter, the automotive industry has already started reaping the benefits of interconnection over IXs. This is because the digital car is a prime example of a digital product – one where the manufacturers simply cannot afford to cut corners on the performance, resilience, or security of their networks. The efficacy and the privacy of their connections to other networks to exchange data are paramount to the provisioning of the many services and features that make the digital car what it is, and any lapses will impact strongly and immediately on the reputation of the car brand.
Joining the platform economy
At the same time, industries worldwide are entering into a new era of digitalization; everywhere, for everything, and for everyone. This requires rethinking and restructuring business models. Digital business models based on the platform economy are now offering distinct competitive advantages for globally -acting enterprises, which take them beyond the capabilities of traditional industrial setups. New players are now presenting a clear competitive challenge – for example, in the area of autonomous driving and car applications – to the traditional automotive sector. Therefore, car manufacturers are needing to shore up their space in the platform economy and interconnect with their suppliers, service providers, and customers in new and optimized ways in order to control the data journey of their cars.
By choosing an IX platform that already has an established and vibrant ecosystem of diverse kinds of networks, a car manufacturer can position itself right on the spot, where the digital economy is already playing out and where the future is being molded. The chances are high that the networks the car maker needs to interconnect with are already participating in these ecosystems. An IX enables direct interconnection between these parties, using the very efficient principle of one-to-many or many-to-many, and aggregating the traffic instead of using multiple bilaterals. Beyond this, if the automotive manufacturer creates its own closed and secure private ecosystem within the existing IX environment, the geographical distance to the other networks – and thus the reaction time (latency) – is minimized, resilience is ensured, and the car maker is rewarded with a substantial boost in the security of its networks, and, therefore, of its data. This can be further enhanced by additional security solutions provided by the Internet Exchange operator.
Creating interconnection ecosystems for industries – the digital car as a model
The digital car is a digital ecosystem entailing a huge variety of types of data. This includes data relating to physical safety and the physical conditions on the road, data for improving traffic management, data on the status and maintenance of the car, data on the provisioning of infotainment and entertainment and other services according to personalized preferences, and the list goes on.
We see three overriding challenges that car makers are confronted with in dealing with the exchange of these many different types of data with many different partners and service providers. Firstly, there is the provision of services and features smoothly and with fast reaction times (this is dependent on the performance and reliability of the connectivity to other networks). Secondly, there is the fulfillment of compliance requirements for multiple regions around the globe where the car may be sold or driven (leading to high levels of legal and regulatory complexity, increasing exponentially with the number of networks and service providers involved). Finally, there is the security of the network in order to ensure that neither the identity of the driver nor that of the car itself can be abused and that the car is protected from hijacking or any form of unauthorized manipulation.
Previously, the approach for automotive manufacturers was a best-effort solution involving Multiprotocol Label Switching (MPLS) and IP transit (upstream), with no end-to-end control of the traffic flows between the car and the networks wanting to deliver data to or receive data from the car. This solution creates a range of challenges for the networks: The more intermediates between two networks, the higher the latency, the greater the risk of performance and security issues, and the more complex compliance becomes – because if you do not control the data value chain, you cannot control any of this.
But at the same time, there’s also no need to go throwing the baby out with the bath water or reinventing the wheel: Existing MPLS and IP transit solutions can be enriched and complemented with interconnection services via an Internet Exchange, offering additional redundancy along with capitalizing on the ecosystem around the IX to ensure the optimization of performance and resilience, as well as increasing security. With the central challenges – performance/reliability, complexity/compliance, and security – in mind, it is clear that choosing the best interconnection solution is crucial to the long-term market positioning of the car manufacturer.
How connectivity issues can impact brand reputation
Customers that purchase a digital car from a premium brand expect correspondingly good digital services. Whether attending video conferences on the road, connecting to business applications when underway on business, or entertaining the children in the back on a long drive.
If the connectivity performance is poor and digital services cannot be consumed as expected, the responsibility for such failings will land squarely on the shoulders of the car maker, with the accusation that their digital products are not properly connected.
Interconnecting with partners via an Internet Exchange enables aggregation in an improved latency to the location of the car, and therefore with improved stability and reaction times. Because at an IX, automotive networks are enabled to meet in the most direct and shortest way with all the data suppliers and buyers that are currently important to them – as well as those that in the future are likely to become important. With a direct interconnect, coupled with a closed user group (CUG) specifically designed for enterprise interconnection, the connection on the network side can be ideally optimized, reducing latency to the other provider networks and data centers involved and significantly improving the performance of digital services and applications within the digital car.
The automotive manufacturer as custodian of personal privacy
Interconnection via and IX not only improves the performance, but also helps with the fulfillment of data protection and compliance requirements. Connected vehicles collect a huge amount of personal data. Controlling compliance through connecting individually to each partner network and forging individual bilateral relationships – as has been done in the past in the automotive industry – is not a future-oriented approach for the digital car. Such a solution does not scale well to larger ecosystems involving a greater number of players wishing to interconnect intelligently.
There’s another way to deal with this challenge: If an Internet Exchange operator provides the automotive manufacturer with a closed, secure, and private interconnection environment in the form of a closed user group (CUG) in which policies for compliance requirements are enabled, then fulfillment of these policies can function as a prerequisite for all the participants of the group, and this can be efficiently controlled.
Multiple adjacent CUGs can be owned and operated by the car maker to take care of conflicting regulations while always maintaining its own company policies. For example, a manufacturer could set up three separate CUGs in the digital hub Frankfurt, with one corresponding to EU law, one to UK law, and a third according to the compliance requirements in the USA. Equally, a set of adjacent CUGs could be set up on an IX platform in any of the world’s strong digital hubs – like New York to serve the North American regulatory environment, Madrid to serve Southern Europe, and Mumbai to serve the Indian subcontinent. By locating the CUG within the region it serves, getting closer to the ground where the car is on the road, performance and reliability can clearly also be optimized.
Mitigating the risk of malicious third parties lurking under the cover of anonymity
The issue of security is even more critical. One of the most highly charged threat scenarios for the digital car is the potential theft of the identity of the driver (that a crime could be committed in the guise of an innocent car owner) or of the car itself as an IoT device (that the car could be hijacked, manipulated technically, or in the worst case even weaponized). The approach of the closed environment offered by a CUG, being very direct and close to the action, means that security can be substantially improved. This is possible, firstly, because of the direct interconnection of the networks. The fewer intermediary transporters there are between the automotive network and the network of the legitimate data supplier/recipient, the fewer possibilities there are for anonymous third parties to lurk in the shadows. In contrast, this is not possible with IP transit, the traditional approach to automotive connectivity. With IP transit, the car manufacturer’s only option is to place its traffic into the hands of a transit provider, who, in turn, announces the packet requests back to the global Internet – to a variety of recipients and senders that the car maker does not and cannot know.
Connecting partners – the digital car of the future is a network on wheels
If, instead, data is sent to an automotive manufacturer network via a secure closed user group on an IX platform, then the manufacturer knows exactly which network has sent it, the connection having been checked using BGP and Layer 2 validation instruments. The risk of hijack or a DDoS attack originating from this network is therefore much lower. On top of this, an Internet Exchange operator like DE-CIX can provide additional security mechanisms to reduce the danger of route hijacks, to prevent IP hijacking, and to protect networks from DDoS attacks, protecting the digital car and its ecosystem against the most significant risks of the Wild West of the open Internet.
Many of the challenges faced by car manufacturers in implementing connectivity for the digital car can be solved using the logic of secure interconnection within a Closed User Group located in a vibrant digital ecosystem, via an Internet Exchange like DE-CIX – home to the largest neutral ecosystems in the world. This same logic applies just as well to other transport sectors, like airlines and logistics suppliers. But it also applies to all industries entering the platform economy – banks, e-health system operators, the hospitality sector, e-manufacturing with its global supply chains, and many more in future. Closed, secure, and private interconnection environments offer everyone the chance to grow and develop their digital business models with security and resilience baked in.
Ivo A. Ivanov is CEO of DE-CIX International and COO of DE-CIX Group AG, with more than 10 years’ experience in the regulatory, legal, and commercial Internet environment. Ivo joined DE-CIX in January 2007. In recent years, he has been deeply involved in the establishment of DE-CIX sites in Istanbul, Palermo, Madrid, Marseille, New York, Dallas, Dubai (UAE-IX powered by DE-CIX), as well as Mumbai (Mumbai IX powered by DE-CIX), and several DE-CIX consultancy projects in Africa, Asia, and Europe.
Ivo has an educational background focused on law and business. Fluent in German, English, Russian, and Bulgarian, he graduated from a German business school in 1995 and holds two law degrees, from the Universities of Sofia (Bulgaria) and Bonn (Germany). After graduation, he worked as a lawyer, with a focus on e-commerce law, IP law, telecommunications law, and data protection law.
Please note: The opinions expressed in Industry Insights published by dotmagazine are the author’s own and do not reflect the view of the publisher, eco – Association of the Internet Industry.