How India relaxed its telecom source code demand
India enabled telecom equipment suppliers to deliver the registered source code for multinational companies such as local telcos and ericsson, nokia and cisco, but created a setback for local gear manufacturers.
After the last change, manufacturers should only provide a summary of the results of the internal safety test and follow the test procedure. If there is a suspicion of product security during a security violation, they should submit full test reports and cooperate with the welding code test unit of the Telecom department.
Two officials who are aware of the issue confirmed the amendment. Mint In addition, telecom has a change in the safety rules of resource code requirement.
Code
The source code is an important part of the software that controls the work of physical equipment. The February notification that Telcos should send source codes worried foreign companies that supply equipment such as switches, routers and modems.
“This is a bit positive, however, the process of sharing internal security tests is burdensome and difficult,” he said. He said. In case of anonymity, the manager will also benefit from telecom operators can also offer equipment and networks without delays due to source code.
The change is gaining importance at some time of India’s trade negotiations with the US and the European Union. In March, the US Trade Representative (Ustr) marked concerns about the announcement of registered information such as cost -effective third -party equipment test and resource code and internal tests. The resource code shipment would start on January 1, 2026.
Critical Inch
One of the two people mentioned above, “Telecom networks are critical infrastructure. When compensated, they may affect defense, emergency service, banking and government operations. Access to the source code helps the government to confirm that the vendors are not intentional or deliberately left.”
Nokia, Ericsson, India Cellular Operators Association (COAI) and DOT E -mail to the queries remained unanswered.
“The original equipment manufacturer, except for information about intellectual property (IP), will present the internal test report, but the internal test report, which includes a summary of the security deficits/weaknesses classified by risk. It has been seen by a copy of the notification Mint.
Scheme delays
In 2020, the government launched the Communication Security Certificate Program (COMSEC) to develop Indian standards, test processes and a certificate ecosystem. However, there have been delays in the implementation of certification norms about the lack of state test capacity of equipment producers and concerns about a cumbersome registration process. This caused the scheme to be universally implemented in the telecom ecosystem.
According to the NCCS website, there are seven telecom security test laboratories accredited by the government.
The Source Code in ITSAR aims to confirm that the safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety safety security safety safety suppression item was initially purified from the security deficits, but that companies require companies to share the source code and increase their intellectual property (IP) anxiety among global sellers. With the latest amendment, companies need to provide self -knowledge that their products are developed and tested according to the procedures specified within the framework of the requirement and even without sharing the sensitive source code.
