When deploying IoT equipment in remote locations, chances are you’ll be using cellular communication to collect data from and send instructions to each device. This means you’ll need a subscriber identity module — more commonly known as a SIM, or, as they were known in legacy GSM and UMTS networks, a universal integrated circuit card (UICC).
The SIM is an integrated circuit (IC) that securely identifies the user, contains the encryption algorithms, and allows access to the mobile network. As we all know from our mobile phones: No SIM means no network access (other than emergency calls).
A lot has been written about the rapid advancements in the IoT and the underlying cellular networks. What hasn’t attracted as much attention, is the concurrent evolution of SIM technology. This article aims to shine a light on the latest iteration of the SIM: the iSIM, and why it’s good news for those designing, building and operating cellular IoT kit.
But first, a little bit of history, to set the scene and understand the various technologies and acronyms relevant to the iSIM.
The shrinking SIM
SIMs are ICs that run a SIM operating system (OS), and securely store an international mobile subscriber identity (IMSI) and a mobile network operator (MNO) profile, which enables the subscriber to access the mobile network. The MNO profile is securely programmed into the SIM, and includes the network access applications, keys and credentials for a specific network operator.
After starting out as the size of a credit card, SIMs gradually shrunk down through mini, micro and then nano formats. What’s remained constant, however, is the requirement for a physical element to access the mobile network.
The emergence of the eSIM and eUICCs
The early 2010s saw a new option emerge: the embedded SIM, or eSIM. Typically in the MFF2 form factor (see figure 1 below), the eSIM is a SIM chip containing the MNO profile, soldered onto a device’s printed circuit board (PCB). Compared to conventional plastic SIM cards, an eSIM is smaller, more robust, more reliable and less prone to theft. These characteristics saw eSIMs gain significant traction in the automotive, metering and industrial monitoring markets.
Figure 1: SIM card and eSIM form factors
Some eSIMs must be pre-loaded with a single MNO profile, while others can be provisioned over the air (OTA), using a secure remote SIM provisioning (RSP) system. An eSIM with this OTA capability is categorized as an eUICC. An eUICC is a SIM in any form factor that’s capable of OTA MNO profile updates.
This distinction between eSIMs and eUICCs is important: the terms are often wrongly used interchangeably. This can lead to problems for device makers and operators, when they discover they can’t perform an OTA change of the MNO profile on a fleet of devices already in the field, because the eSIM they selected doesn’t include eUICC capability or have access to an RSP system.
As eUICCs gained in popularity, there was a surge of RSP systems to manage them. Some were custom implementations, while others use GSMA standards. We’ll come back to RSP systems shortly.
Unsuccessful attempts to eliminate the physical SIM
Having shrunk the SIM right down, there were then attempts to dematerialize it altogether, and incorporate it into the cellular module’s software. These ‘soft SIM’ approaches failed for security and integrity reasons. An IoT module, even with a “trusted zone” inside the cellular IC, isn’t secure enough to store a SIM OS.
As a result, most MNOs refused to support soft SIMs, and the few implementations that were realized are custom SIMs created in partnership with a specific MNO or mobile virtual network operator (MVNO). These are closed ecosystems, and this solution has not achieved widespread success in the market.
The next iteration: the iSIM
The iSIM is the next evolution of the SIM, and achieves the dematerialization that soft SIMs were seeking. The iSIM is a system-on-chip (SoC) solution that embeds a silicon integrated secure element (iSE) inside the cellular IC. Crucially, the iSE is distinct from the cellular IC, and contains the SIM OS and MNO profile. It provides the same level of security and tamper-resistance as a classic SIM or eSIM.
iSIMs will have a number of advantages for those designing, building and operating IoT devices.
Better than plastic SIM cards
Compared to conventional plastic SIM cards, iSIMs require less space on the PCB, because you eliminate the need for the SIM holder and the associated surrounding components. iSIMs are also less prone to failure from vibrations and temperature cycling.
Moreover, they simplify logistics, purchasing and provisioning for device-makers. This is because you don’t need to negotiate and purchase SIMs for devices in advance, manage warehouse stock of SIMs, or physically insert SIMs into devices during provisioning. You can also stock finished IoT devices without the need to have different stock-keeping units (SKUs) for different onboard SIM cards. Instead, you can have a single SKU, and apply a network profile to the iSIM later.
For those deploying and operating IoT devices, iSIMs offer advantages too. A device with an eUICC iSIM and access to an RSP system can use different MNOs over its lifespan, perhaps to benefit from more attractive rates as these become available. In countries where permanent roaming isn’t possible, devices can easily be switched onto a local network. And all of this can be done without the need to physically swap SIM cards, which would be impossible in sealed devices, as well as cost-prohibitive and massively operationally complex in anything other than very small deployments.
All of this combines to help reduce costs, simplify operations and offer genuine flexibility throughout the lifecycle of the IoT device.
Benefits over eSIMs
The benefits of an iSIM over an eSIM will be more nuanced, but still significant. Let’s remind ourselves of the key difference between the two: The iSIM is a SIM OS running on a secure element that’s embedded inside the cellular IC, whereas an eSIM is a secure element running the SIM OS, soldered to the PCB.
The eSIM is a discrete hardware component that you need to buy, profile (unless it has eUICC capability and you have an RSP system available) and solder onto your board, in addition to the cellular communication module. This carries not-insignificant cost implications during procurement, manufacturing and logistics. Moreover, there are typically minimum order quantities associated with eSIMs, which some IoT device vendors may not initially be able or willing to meet.
A new RSP standard: The key to unlocking iSIMs in IoT devices
For iSIMs to make a big impact in the IoT space, they require both eUICC capability, and a supporting RSP system that’s tailored to the needs of network- and user-interface-constrained devices.
Remote SIM provisioning is already common with new smartphones. Rather than having to insert a physical SIM, consumers scan a QR code with the phone’s camera. This activates the RSP system and triggers the download of the relevant MNO profile onto the device’s eSIM. The process works the same with an iSIM, with the only difference being the physical location where that MNO profile is stored.
Given its convenience, why has remote SIM provisioning not seen widespread adoption in the cellular IoT space?
There are two GSMA-compliant RSP solutions currently, including one aimed specifically at machine-to-machine (M2M) environments (GSMA SGP.01/.02). However, both are relatively data-heavy, so aren’t generally suitable for remote IoT devices with constrained power budgets, which need to minimize data usage.
Moreover, the M2M RSP GSMA standard requires the MNO to push the profile into the device. It’s not the IoT device or its user that initiates and owns the control of the RSP process, which constrains flexibility.
To address this, the GSMA is working on a new standard, specifically designed for IoT devices: SGP.31/.32. This is set to be released in the first half of 2024, and will be the key to enabling widespread adoption of iSIMs in the IoT space.
Exciting times for cellular IoT device makers and operators
Needless to say, we’re incredibly excited about the opportunities this new standard is going to unlock for those making and operating IoT devices. The phrase ‘game-changing’ is over-used, but in this case, we feel it’s appropriate. With opportunities to drive down both manufacturing and running costs, plus the flexibility to deploy anywhere in the world with greater ease, and switch between MNOs when desired, we can’t wait to see what new products and services our cellular module customers are able to bring to market.