Thank you again for attending our session on How to Prepare Your Transit System for the 5G Future. Here are the questions that followed the presentation and their answers. If you have additional questions, be sure to reach out.
Do you have a service provider certification for the 5G routers?
If the question is around whether we have operator certifications, the answer is yes. Our newer 5G products, like our most of our products, are certified on Verizon, AT&T and T-Mobile. Both of these new products will also be FirstNet-ready as well.
What is the timeline for the vehicle-to-vehicle technology and how soon can we expect transit systems to be able to incorporate these capabilities?
So, that's been around for quite some time ̶ “vehicle to everything” or “V2X” ̶ back with DSRC (Dedicated Short Range Communication) as it first came out in that form. Now it's changing to cellular. And there are pilots going on and it's released recently, in 3GPP Release 16, which finished up last year. So, from what I've seen, next year some cars will come out with cellular V2I, V2X. So, it's going take a few more years. As David mentioned, it's a journey with 5G and we'll see it more and more in the coming years. But for transit, I think it'll be a few years yet before the recent new technology with Sidelink will become available in 5G.
Regarding the 5G slices, is it separate bands that the carriers use that will assure access when other slices are busy?
I think the best way I can answer that is, yes, there are different bands...actually you can tell what a band is if it's a 5G or LTE band, that all the 5G bands have a lowercase n before them. So, if you look at our datasheet online or others that have certain modules, they specify bands that way. As far as being able to determine when they are connected to different bands, that's obviously something that the mobile operators are going to be determining a lot more. We're just able to present as far as what the cellular coverage is. And if it is connected to a 5G band, it will show as 5G as I mentioned in the second to the last slide that I've shared.
How is securing a device that is on a bus or train different than securing a computer in a data center?
Yeah, there are many differences. Obviously, the biggest one is location. A data center is typically something where you have hardened doors, and “man traps,” as they say, to be able to protect access. You can put a lot of controls on the perimeter. One great thing too about standard security in a data center is you just have a lot of compute cycles that you can put equipment and things to that effect. So, when you put that into a device, it's on a bus or a rail, the first thing is that you don't have those compute cycles to be able to spend. A perfect example is our work that we're looking at for network intrusion detection, right? You can't run all the rules that you normally would on a network on a device. So, it requires smart thinking about that as well as understanding what happens to that device during its lifecycle. Another critical difference is the ability to steal a device. In our solution, we try to defend against class attacks. Meaning that you should be able to steal a device and open it, but you can't learn something about the network and start attacking other devices and the network remotely. There's no secret password that gets you into everything and now you can use that for future exposures. We're looking at future things like tamper evidence that helps factory-erase a device to clear those things out. So, these are the kind of the differences.
How many SIM slots are on each 5G dual router and does it have eSIM support?
Great question. Our TX54 5G is a dual cellular radio option. So, basically, every time Digi has a single cellular radio, there are two accompanying SIM slots. If it has two, there would be four SIM slots on the TX54 5G product. The TX64 5G rail is a single cellular 5G option. So, it has two SIM cards on that one. For the question about eSIM, we have some footprints on our devices, but we don't have that populated as an option. It's something that we continue to consider and we would be interested in engaging with you. Feel free to reach out to Digi on specific needs for eSIM in your 5G device.
Are there any plans for 10 Gigabit Ethernet?
Good question. Not on these devices. I think as we talk about the enterprise SD-WAN products on our enterprise space and potentially our next-generation after the TX64 ̶ 2.5 and 10-Gig Ethernet ports are definitely considered. I wouldn't be able to confirm if those would be next-gen products today. But as speeds continue to advance, obviously, that will be a strong consideration in our next-generation enterprise and transportation routers.
Regarding the transit capacity management and how it relates to real-time and projected capacity monitoring, could this technology be used to monitor the average amount of people in any vehicle, then use the data to see the projected population with an area of interest?
Yes, that's a part of the application and the technology that's being used, and that application can do more things. I think there are plans to expand that. So, it's something that could be done. They have to check to see where it is exactly to do that sort of capacity management, but predicting capacity is part of the project. It's not just managing the real-time capacity, but other things such as how weather impacts daily ridership are part of the project as well.
With the recent ransomware attacks, how do we protect these devices from attacks? And how can they help us prevent them in the future?
This is also a good question because it's very much in the news, as everybody is aware with the pipeline attacks. There are two different answers to this. As most people probably know, the ransomware attacks typically have been more of what we call back office. It hits your Microsoft, your core infrastructure of your organization. with our vendor attestation process that we go through with our suppliers, we've actually had some vendors who have been affected. They did really well because they had a lot of their operation network segregation within their corporation, meaning, for example, they're not building all one big network and everything is attached. Now, typically, this will not hit devices per se, but it could hit the management of your devices.
So, ultimately, having that segregation to your critical assets within your infrastructure away from what your corporate network, is a good thing. You may not have isolation, but you're going to have a very clear delineation in security zones. And having a network infrastructure and architecture that supports segregation, which these devices will support, will help.
The second part of this, and we're seeing this a lot, is that there's a really big push to keep devices updated and properly configured. Unfortunately, due to staffing issues and the complexity of this, typically devices were not updated and configurations were not checked for years. This traditionally has been very difficult to do in an organization. We're finding is a lot of organizations are really just getting in trouble because they're not updating the devices when critical security vulnerabilities are released. The future is to adopt a NMS tool, case in point, our Digi Remote Manager is such a tool, and is able to manage devices and configurations up to date. If there is a vulnerability, the screen is going to turn red on you. You know that there's something there that could be attackable.
We believe that the future in security for the device is cloud. One critical item that falls under the segregation concept is the ability to use cloud to separate the running backend systems with the API. These type of attacks really cannot go through an API interface. So, having that separation, that isolation, is key in protection from these attacks, or at least compartmentalizing the attacks.