17 September 2024
How soon can SCION reach escape velocity?
A blog by Adrian Perrig, ETH Zurich, and Nicola Rustignoli, SCION Association
Share this post
The SCION secure network architecture represents a groundbreaking shift in Internet design, adding exciting new properties compared to the current Internet infrastructure. SCION promises to introduce security benefits, optimize the efficiency of network communication, and enable new business models for Internet Service Providers (ISPs).
Given these benefits and the steady stream of Internet outages, how come SCION is not in wide use already? Why do national governments and large corporations not immediately adopt and deploy SCION? As we have seen in the past, the adoption speed of new Internet technologies such as IPv6 has been very sluggish, put mildly. In this article, we describe the circumstances in which the speed of adoption of SCION is rapid to reach escape velocity (e.g., achieve 1% of global Internet traffic). Once this milestone is achieved, wide-spread adoption will be rapid, as the wide-spread availability of a secure, reliable, and efficient network architecture will inherently drive further adoption. The question remains: how soon can we reach escape velocity?
The solution for critical infrastructure ecosystem communication
As witnessed in Switzerland, SCION is an ideal network communication technology for critical infrastructures. In fact, the Secure Swiss Finance Network (SSFN) has substantially advanced the early SCION deployment in Switzerland. With the availability of SCION connectivity, other critical infrastructures can now rapidly innovate and establish their secure communication networks, such as healthcare (SSHN) and energy (SSEN). Furthermore, the Swiss experience with SCION can serve as a model that can be adopted internationally as global deployment grows, by joining forces between the SCION ecosystem and the SCION Association.
SCION provides transformative benefits for any Internet-based communication, giving rise to the question on how fast the adoption speed would be until everyday consumers can benefit from SCION. In this article, we first describe the advantages that SCION can offer to everyday consumers, hinting at potential business models that could facilitate and accelerate this adoption, and sketching how technical adoption could proceed.
As with many new technologies, adoption of a disruptive technology needs to overcome many barriers, especially in the case of a new Internet technology. Specifically, user demand, availability of infrastructure, and technical implementations must be aligned. Experience with IPv6 suggests an at best very sluggish uptake that would require 2 decades to reach a meaningful magnitude of deployment. In contrast, we expect the uptake of SCION to be rapid, thanks to the intrinsic benefits and because IPv6 has cleared a pathway in the jungle of obstacles. The core of the argument is that a software update enabling SCION can translate
into a noticeable performance and network quality increase for the user – in a competitive application landscape the innovators’ adoption will give them an advantage, forcing competitors to also use the technology. Once set in motion, such a feedback cycle can rapidly drive adoption, providing the exciting prospect of a widely deployed secure Internet before the end of this decade.
Significant Security Benefits Over Today’s Internet
Thus, it is fair to say that SCION offers a comprehensive security upgrade that we desperately need to achieve highly resilient and available communication at low cost on a public Internet infrastructure. Given its significant security benefits, we anticipate that SCION will be actively promoted by regulators and industry seeking solutions for secure WAN communication.
Multipath Offers Optimization Opportunities
One of the key features of SCION is its multipath communication capability. Unlike the traditional single-path forwarding of IPv4 and IPv6, SCION allows the sender to select among multiple path options offered by the network. This multipath capability provides exciting optimization opportunities:
- Improved performance: By leveraging multiple paths, SCION can optimize for latency, bandwidth, or reliability, enhancing overall performance. Even after a modest amount of adoption in international networks, SCION can achieve performance gains surpassing 10% in many cases, in some cases even exceeding 50% in terms of end-to-end latency (which indicates the time for a network packet to travel from the sender to the receiver). Further gains are expected as deployment expands and additional paths become available.
- Resilience and availability: Multipath routing inherently increases network resilience. If one path fails or becomes congested, traffic can be dynamically rerouted through alternative paths, reducing downtime and maintaining service quality. Such fast failover provides operational continuity, which is especially important in critical infrastructures.
- Enhanced security: Multipath communication also mitigates certain types of attacks, such as Distributed Denial of Service (DDoS), by distributing traffic across multiple routes, making it harder for attackers to overload a single point of failure.
The IETF is now developing multipath QUIC, a new transport protocol that can leverage multiple paths. MPQUIC and SCION are perfectly synergistic: SCION can offer dozens of path options, and MPQUIC can become a technical enabler to SCION adoption.
New Business Models for Internet Service providers
SCION opens up innovative business opportunities for ISPs that are not feasible with today’s Internet architecture. These include:
- Premium path-aware services: ISPs can differentiate with premium services based on path control, allowing customers to select or avoid specific paths for their traffic, based on criteria such as latency, security, or jurisdiction. For example, ISPs can offer premium paths that bear a higher cost, for instance, paths traversing a low earth-orbit (LEO) satellite network, or a high-speed microwave network.
- Extended customer reach: ISPs can sell services to customers who are not directly connected to their network by leveraging SCION’s inter-domain capabilities. This extends the potential customer base and creates new revenue streams. For instance, ISPs can provide CDN offerings or cloud computation products that are announced through the SCION path dissemination mechanism.
- Enhanced security services: With built-in path security and a reduced DDoS attack surface, ISPs can offer enhanced security packages, providing added value to customers threatened by cyber attacks.
Experiences in deploying SCION within critical infrastructure ecosystems have demonstrated clear market opportunities for B2B communication. In addition, SCION-based products such as the GATE, can extend some of the benefits of SCION to small business and residential customers. In Switzerland, thanks to the secure networks built for the finance and healthcare industries, over 80% of consumers can now obtain SCION connectivity from their ISP. In particular, for the Anapaya GATE offering, close to 100% of users in Switzerland can benefit from SCION protection to reach important websites or services that elect to protect their traffic through this service. GATE is the result of collaboration of Anapaya and network service providers to offer SCION connectivity to critical services without requiring any hardware or software changes by users, as an IP-to-SCION translation is performed within the network.
New deployment models such as the GATE enable adoption on a wide scale, expanding monetization opportunities to a broad B2C customer base, improving ROI for ISPs.
As with any disruptive technology, business model innovation is unpredictable as it is fueled by human ingenuity, thus it is expected that ISPs will offer exciting new products based on SCION for many years to come.
Additional Endhost Software Unlocks SCION’s Benefits
Two’s a Company, Three’s a Party
In redundancy and decentralization, the saying “two’s a company and three’s a crowd” doesn’t apply, as efficiency and reliability can improve in well-engineered systems through more options.
A significant advantage of SCION is its ability to run side-by-side with existing Internet protocols. A triple-way stack approach ensures that IPv4 and IPv6 can always be used as a fallback, guaranteeing that communication quality can be strictly improved by adding SCION as a third option.
A Potential Adoption Scenario
Conditioned on a continuing rollout of SCION connectivity, consolidation and international expansion of critical infrastructure networks (e.g., secure ecosystem networks “S*N”) will drive the adoption of SCION by service providers.
Once SCION is available to users through mobile networks, and to services through cloud providers, the SCION infrastructure established for critical infrastructure becomes an enabler for adoption in mass markets. The opportunity for increasing communication quality can drive SCION adoption in gaming, teleconferencing, high-availability use cases, etc.
Once the early adopters deploy SCION, market competition will force adoption by their competitors. This will set in motion a virtuous cycle, where increasing adoption of SCION in an application will produce more SCION traffic, which incentivizes more ISPs to offer SCION connectivity, which results in more users and services being reachable via SCION, which in turn incentivizes more applications to adopt SCION as an additional option besides IPv4/6. Given the short update cycles in today’s software, deployment and rollout can be very rapid.