Source code rule wont work: Nokia Siemens

Written by Anandita Singh Mankotia | New Delhi | Updated: Oct 8 2010, 06:10am hrs
Indias security rules mandating telecom equipment providers to submit source codes of their software and hardware are neither feasible nor fool-proof, says Nokia Siemens Network (NSN), the second-largest global provider of such equipment. The NSN observation also raises doubts on the reliability of source codes which Chinese vendors Huawei and ZTE have agreed to submit.

In an exclusive interview with FE, Barry French, head of marketing and corporate affairs at NSN, who is currently on a visit to India, said: The software and hardware code is a complex matrix and gets continuously updated with upgradation in technology from time to time. Even if we submit the source code today, it would automatically become invalid over a period of time as the equipment would be upgraded.

The Finnish company has received support from European peers like Ericsson and Alcatel-Lucent, who too have expressed reservations about the rule. The suppliers are in discussions with the government to explore an alternate mechanism to address the country's security concerns.

Earlier this year, in an attempt to check the possibility of spyware and malware in telecom equipment, the government had mandated the suppliers to submit source codes to an escrow account. French also pointed to intellectual property rights (IPR) issues in submitting source codes. The codes entail not just our IPR but also of our partners and various vendors involved in constructing the equipment. To meet the government's requirement, we would need to submit information which we either don't have or do not have the authority from our vendors to disclose, he said.

French declined to reveal the specifics of the company's discussions with the government and nor any possible solution to the issue.

Analysts however, said that if codes changed over time, it needs to be examined how the government plans to monitor it in cases of those vendors who have agreed to deposit them. Chinese vendors Huawei and ZTE have agreed to submit the codes.

According to NSN, security concerns are genuine but complex and challenging. The government and the industry would have to come to a consensus on it, French said. He said that ever since India directed vendors to submit source codes, some other countries, including Russia, have started working towards it.

Telecom operators outsource building and management of their networks to various vendors and would not be in a position to check any possible espionage happens.

The government recently relaxed the equipment norms giving a choice to the vendors to either submit the code or a declaration that the equipment do not have any spyware.