During the past 25 years, the open-source movement has changed just about everything in technology. By transforming how software is developed, deployed and licensed, open source now powers most of the cloud-based apps and digital services we rely on in daily life. And now it is coming for one of the last proprietary holdouts: a key element of mobile network infrastructure.

When a smart phone user sends a text or posts on Instagram, they almost certainly never think about all the behind-the-scenes network components that make the connections happen. But there are many in a diverse ecosystem that uses radio frequencies to transmit data wherever it needs to go.

One of those critical pieces is the Radio Access Network (RAN), which connects individual devices to other parts of the network via the cloud. Traditionally, network operators have purchased those systems from a single vendor. The problem, as the Institute of Electrical and Electronics Engineers put it, is that “vendors have an incentive to lock operators into their respective ecosystems by ensuring their components don’t work with components from competitors.”

Enter Open RAN, a set of new standards and technologies that reimagine how wireless networks run by opening up the interfaces between RAN hardware and software components and thus enabling the mixing and matching of multiple vendors.

This cuts costs, which is especially important for operators as 5G and edge computing spur increasing consumption of mobile services. It also encourages innovation in the same way that everything else across the technology realm has benefited in recent years from the lower capital expenses and greater flexibility of the open ethos.

And, icing on the cake, the software-defined approach that Open RAN espouses paves the way for more cloud-based artificial intelligence and machine learning methods to automate repetitive tasks, improve troubleshooting, and optimize network performance.

Open RAN was one of the hottest topics at Mobile World Congress in Barcelona in early March, the latest sign of momentum for this game-changing approach. Others include:

  •  An announcement in December by the U.K. government  that it plans to accelerate the deployment of Open RAN networks there by increasing funding for Open RAN projects and setting new targets for operators to run 35 percent of the country’s mobile network traffic over open RAN by 2030. Meanwhile, Japan’s Ministry of Internal Affairs and Communications is reportedly working with local operators to trial Open RAN in Tokyo, according to GSMA, an industry group representing mobile network operators.
  •  A move in the U.S. Congress that would require the government “to conduct outreach and provide technical assistance to small communication network providers to raise awareness” about Open RAN. Legislators no doubt grasp Open RAN’s economic value in allowing newer entrants into the wireless infrastructure market.
  •  Five of the top European telco firms – Deutsche Telekom, Orange, Telecom Italia, Telefónica and Vodafone – called on EU member states in November to urgently prioritize Open RAN. “This will ensure that Europe continues to play a leading role in 5G, and in the future, in 6G,” the companies said. “Open, intelligent, virtualized, and fully interoperable RAN (enabling more effective and efficient mobile communications) is essential if Europe is to meet its target of 5G for all by 2030.”
  •  The U.S.-based Open RAN Policy Coalition, established in 2020, now has around 55 members, with a mix of major operators and vendors from around the world. The group is dedicated to promoting policies that will advance the adoption of Open RAN “to create innovation, spur competition and expand the supply chain for advanced wireless technologies including 5G.” Another group of nearly 40 industry leaders, the Telecom Infra Project, is promoting Open RAN has part of its mission “to accelerate the development and deployment of open, disaggregated, and standards-based technology solutions that deliver the high quality connectivity that the world needs.”

The momentum behind Open RAN seems even more convincing when you consider that this shift to openness in radio access networks mirrors a broader trend in the telco industry to replace closed, proprietary technologies. Witness how network function virtualization (NFV) is increasing flexibility, cost efficiency, and scalability by relying on open-source software to move network services to the cloud.

One hiccup in Open RAN’s adoption has been security concerns. It’s a fair question. In the single-vendor environment, a mobile operator essentially had one closed box. They couldn’t see what was inside but knew who to blame if something went wrong. In the Open RAN world, the plethora of new interfaces from multiple vendors has vastly expanded the attack vector for cyber criminals to try to exploit.

However, I believe the security risk is manageable by applying the same security hygiene that enterprises of all kinds have been leveraging throughout their software development lifecycles in the inherently heterogeneous age of open source. That means rigorous attention to secure architectural design, threat modeling, secure configuration, dynamic testing, and vulnerability patching.

The open source components also allow operators to inspect what code is actually executed, and prevent supply chain attacks, like state actors embedding “surprise code” into products coming from vendors they control. This is a rising concern due to recent geopolitical tensions, and most Tier 1 mobile operators already require detailed Software Bill of Materials, which list all the sub-components, and where they come from.

As an Open RAN Policy Coalition report stated, “One of the common misconceptions about an open RAN is that open interfaces introduce security risk. In fact, these same open interfaces, defined in technical specifications, provide a foundation and architecture for improving security. Although operators procure and integrate open RAN network functions in new ways, operators bring the same expertise, diligence and requirements for security and resilience to these environments.”

Furthermore, it points out, “Open RAN will enhance the ability of operators to integrate new security platforms without implementing custom adaptors for vendor-proprietary protocols and interfaces” and that “innovation and supplier diversity in an open ecosystem will bring forward additional diverse security solutions to address potential threats and mitigate risk.”

The coalition is correct that security, properly managed, is not an Open RAN showstopper.

As all the recent momentum shows, Open RAN is becoming a juggernaut that will redefine this crucial aspect of mobile network infrastructure for years to come. It’s going to be exciting to watch more and more companies enjoy the slew of benefits it brings