Misconceptions about embedded SIM cards (eSIM) for IoT are preventing companies from adopting this new technology. This is harmful, as eSIM patching is critical to successful secure IoT deployment.

eSIMs are slowly replacing standard SIMs in IoT devices and products such as smartwatches. They are also making their way into the machine-to-machine world.

However, the rollout has been slowed by unresolved conflicts between competing technical standards and tighter restrictions on data management rules globally. Despite the need for better IoT device security, removing barriers to adoption is less than likely any time soon.

Machine-to-machine, or M2M, is a broad label that can be used to describe any technology that enables network devices to exchange information and take actions without the manual assistance of humans. .

controversial technology

Mostly led by the automotive and transportation industries, eSIMS also contributes to tracking operations in healthcare, smart mobility, utilities and other sectors. But eSIM technology remains controversial so far, noted Noam Lando, CEO and co-founder of global connectivity provider Webbing.

Webbing provides enterprise-grade solutions for Fortune 500 and IoT/M2M companies, as well as an embedded solution for a variety of manufacturers worldwide. The deployment is part of a phased process to ensure a secure and continuous Internet connection for all devices, no matter where in the world they are.

Lando said that “eSIM technology is a game-changer in telecommunications. It completely digitizes the cellular subscription provisioning process. As with any technology that is disruptive, it is important to better understand its benefits, clear up misconceptions, and help with IoT usage.” There are a lot of debates and discussions around it for its effect on expediting matters.”

Why all the commotion?

We asked Lando to go down the circuit boards to find out why eSIM technology is causing such an industry-wide uproar.

TechNewsWorld: Is the technology upgraded in eSIMS worth the current turmoil?

Noam Lando: eSIM technology promises cost-effective connectivity establishment and maintenance that is accessible anywhere in the world, regardless of device manufacturing or deployment as well as ultimate control. With the promise of eSIM technology, enterprises can scale their IoT deployments globally, reducing total ownership and business process management costs and shortening time to market.

This generates a lot of hype, especially when you have device makers like Apple, Microsoft, and Google that have eSIM as a standard feature in their new devices.

I understand a “BUT” here. It always takes BUT in the works. So what is the big but around eSIM development?

Lando: However, when companies look deeper into implementing eSIM technology, they realize that there are two standards: consumer and machine-to-machine (M2M). They are not sure which standard to use and often feel that the implementation of eSIM technology is not as easy for their IoT devices as it is for smartphones, laptops and tablets.

Therefore, there is a lot of discussion about the two standards and their pros and cons, especially around M2M.

What are the drawbacks of standard sim?

Lando: For traditional SIM cards, carrier provisioning is done at the manufacturing level. They can only host one profile and are not reprogrammable. That’s why you need a new SIM when switching cellular providers. It is not ideal for IoT deployment. Especially the global ones.

Noam Lando, CEO and Co-Founder of Webbing
Noam Lando, CEO of Webbing

Once the SIM is implemented, you have vendor lock-in. With thousands and even millions of devices in IoT deployments, it is impractical to change SIM cards when you want to change wireless carriers. This requires site visits, and it can be physically difficult to access the card.

In addition, issues complying with the global trend to impose regulatory requirements on communication services and data management. These include restrictions on data leaving countries and global enterprises requiring localized deployment with local wireless carriers.

This requires the storage, management and deployment of multiple wireless carrier-specific product SKUs that increase production and logistics costs.

The attraction towards eSIM seems to be evident. What are the main benefits?

Lando: eSIM technology provides a robust, scalable solution to the limitations of traditional SIMs. What makes eSIM unique is the technological advancement made in UICC, the SIM’s software, now called eUICC.

That new technology follows a new standard developed by GSMA. It is remotely programmable and reprogrammable, can host multiple cellular carrier subscriptions, and simplifies the selection, contracting, and onboarding of cellular providers with over-the-air (OTA) provision.

I think another but works here. What are the unresolved issues with eSIM replacement?

Lando: Consumer and M2M are implemented differently. Consumer Standard targets consumer devices such as mobile phones, tablets and laptops, wearables, and other IoT devices with end-user interactive environments. It is secure by design, can host multiple wireless carrier profiles, and features carrier swap. However, it is designed for private consumer use.

How suitable are eSIMs for other uses?

Lando: The M2M standard targets industrial M2M and IoT devices such as cars, water meters, trackers, smart factories, and other components used in industrial, non-end-user interactive environments.

The M2M eSIM standard is also secure by design. It facilitates carrier migration and, in theory, provides remote centralized management and provision of carrier profiles. However, it is not as cut and dry as it seems.

That said, why isn’t the upgrade so promising yet?

Lando: M2M eSIM implementation is cumbersome, time consuming, and has long capital investment cycles. Implementing this requires collaboration between the enterprise, eSIM manufacturers and wireless carriers during the manufacturing process.

What are the biggest misconceptions about eSIM for IoT?

Lando: The biggest misconception about eSIM for IoT is that the benefits it provides to consumer devices can be implemented on IoT. Enterprises quickly realize that they have to implement a separate standard for IoT/M2M, which requires SM-DP (Subscription Manager – Data Preparation) and SM-SR (Subscription Manager – Data Preparation) to provision and manage carrier subscriptions remotely. Subscription Manager – Secure Routing). The M2M standard is cumbersome, requiring a substantial investment of money and time to organize the implementation of a wireless carrier.

Where do you see the fight between competing standards headed?

Lando: When looking at mobile data connectivity, there is no big difference between M2M and IoT device requirements when it comes to remote SIM provisioning. If anything, the benefits of eSIM (eUICC) technology are greater for M2M devices as they usually have a longer life cycle, and the demand for changing carriers at some point is high.

This can be for commercial or technical reasons. Hence, M2M devices are also likely to get eSIM instead of standard SIM.

Developers support eSIM to solve IoT and embedded firmware patch issues. eSIM hardware and eUICC components are certified in accordance with GSMA’s Security Accreditation Scheme (SAS). This guarantees a very high level of security. In addition, cellular connectivity is secure by design: data is encrypted, and users are securely identified.

What are the most important problems facing IoT and embedded technologies?

Lando: One of the most important problems facing IoT deployments is dealing with carrier lock-in and various global regulatory requirements. In such cases, enterprises require local deployment and local wireless carriers. Enterprises with global deployments need the flexibility to easily and efficiently change carriers to meet local regulations.

Why are companies not actively adopting eSIM technology?

Lando: From our experience, companies want the promise of eSIM technology, but the current ecosystem fails to provide it. The two eSIM standards disregard the need for enterprises to manage their own fleet of devices.

On the one hand, enterprise-based devices such as mobile phones, laptops, tablets, scanners, and so on are covered under the consumer standard. Hence companies do not have complete control over setting up and managing career profiles with centralized eSIM management. The consumer standard requires the end user with the device to consent to the carrier profile being installed.

Meanwhile, the M2M standards for IoT deployments are cumbersome. They require a substantial investment of money and time to organize the implementation of wireless carriers.

It also limits the choice of customers due to a complex implementation to switch between carriers.

This is why we have developed WebbingCTRL, an eSIM, with a management platform that can be easily and remotely configured as the profile of any wireless carrier, paving the way for the adoption of eSIM technology in the IoT space. does.

Canonical is emphasizing the security and usability suitability of Internet of Things (IoT) and edge devices management with its June 15 release of Ubuntu Core 22, a fully containerized Ubuntu 22.04 LTS variant optimized for IoT and edge devices Is.

In line with Canonical’s technology offering, this release brings Ubuntu’s operating system and services to the full range of embedded and IoT devices. The new release includes a fully extensible kernel to ensure timely responses. Canonical partners with silicon and hardware manufacturers to enable advanced real-time features on Ubuntu certified hardware.

“At Canonical, we aim to provide secure, reliable open-source access everywhere – from the development environment to the cloud, to the edge and across devices,” said Mark Shuttleworth, Canonical CEO. “With this release and Ubuntu’s real-time kernel, we are ready to extend the benefits of Ubuntu Core throughout the embedded world.”

One important thing about Ubuntu Core is that it is effectively Ubuntu. It is fully containerized. All applications, kernels and operating systems are strictly limited snaps.

This means it is ultra-reliable and perfect for unattended devices. It has removed all unnecessary libraries and drivers, said David Beamonte Arbushes, product manager for IoT and embedded products at Canonical.

“It uses the same kernel and libraries as Ubuntu and its flavors, and it’s something that developers love, because they can share the same development experience for every Ubuntu version,” he told LinuxInsider.

He said it has some out-of-the-box security features such as secure boot and full disk encryption to prevent firmware replacement, as well as firmware and data manipulation.

certified hardware key

Ubuntu’s certified hardware program is a key distinguishing factor in the industry’s response to Core OS. It defines a range of trusted IoT and edge devices to work with Ubuntu.

The program typically includes a commitment to continuous testing of certified hardware in Canonical’s laboratories with every security update throughout the device’s lifecycle.

Advantech, which provides embedded, industrial, IoT and automation solutions, strengthened its participation in the Ubuntu Certified Hardware program, said Eric Cao, director of Advantech Wise-Edge+.

“Canonical ensures that certified hardware undergoes an extensive testing process and provides a stable, secure and optimized Ubuntu core to reduce market and development costs for our customers,” he said.

Another usage example, Brad Kehler, COO of KMC Controls, is the security benefits that Core OS brings to the company’s range of IoT devices, which are purpose-built for mission-critical industrial environments.

“Safety is of paramount importance to our customers. We chose Ubuntu Core for its built-in advanced security features and robust over-the-air update framework. Ubuntu Core comes with a 10-year security update commitment that allows us to keep devices safe in the field for their longer life. With a proven application enablement framework, our development team can focus on building applications that solve business problems,” he said.

solving major challenges

IoT manufacturers face complex challenges to deploy devices on time and within budget. As the device fleet expands, so too does ensuring security and remote management are taxing. Ubuntu Core 22 helps manufacturers meet these challenges with an ultra-secure, resilient and low-touch OS, backed by a growing ecosystem of silicon and original design maker partners.

The first major challenge is to enable the OS for their hardware, be it custom or generic, the well-known Arbus. It’s hard work, and many organizations lack the skills to perform kernel porting tasks.

“Sometimes they have in-house expertise, but development can take a lot longer. This can affect both time and budget,” he explained.

IoT devices should be mostly unattended. They are usually deployed in places with limited or difficult access, he offered. It is therefore essential that they be extremely reliable. It is costly to send a technician to the field to recover a bricked or unstarted device, so reliability, low touch, and remote manageability are key factors in reducing OpEx.

He added that this also adds to the challenge of managing the software of the devices. A mission-critical and bullet-proof update mechanism is critical.

“Manufacturers have to decide early in their development whether they are going to use their own infrastructure or third parties to manage the software for the devices,” Arbus said.

Beyond Standard Ubuntu

The containerized feature of Core 22 extends beyond the containerized features in non-core Ubuntu OSes. In Ubuntu Desktop or Server, the kernel and operating system are .deb packages. Applications can run as .deb or snap.

“In Ubuntu Core, all applications are strictly limited snap,” Arbusue continued. “This means that there is no way to access them from applications other than using some well-defined and secure interfaces.”

Not only applications are snaps. So are the kernel and operating system. He said that it is really useful to manage the whole system software.

“Although classic Ubuntu OSes can use Snaps, it is not mandatory to use them strictly limited, so applications can have access to the full system, and the system can have access to applications.”

Strict imprisonment is mandatory in Ubuntu Core. Additionally, both the kernel and the operating system are strictly limited snaps. In addition, the classic Ubuntu versions are not optimized for size and do not include some of the features of Ubuntu Core, such as secure boot, full disk encryption, and recovery mode.

Other Essential Core 22 Features:

  • Real-time compute support via a real-time beta kernel provides high performance, ultra-low latency and workload predictability for time-sensitive industrial, telco, automotive and robotics use cases.
  • There is a dedicated IoT App Store in the dedicated App Store for each device running Ubuntu Core. It provides complete control over apps and can create, publish and distribute software on a single platform. The IoT App Store provides enterprises with a sophisticated software management solution, enabling a range of new on-premises features.
  • Transactional control for mission-critical over-the-air (OTA) updates of kernel, OS, and applications. These updates will always complete successfully or automatically revert to the previous working version so that a device cannot be “britched” by an incomplete update. Snap also provides delta updates to reduce network traffic, and digital signatures to ensure software integrity and provenance.

More information about Ubuntu Core 22 can be found at ubuntu.com/core.

Download images for some of the most popular platforms or browse all supported images here.