In the 20 years (and almost countless extensions to SIP) that followed, it is hard to dispute that SIP has been a major success. At its core, SIP enabled the transformation of the telecommunications industry from one based on hardware, to one based on software – colloquially known as Voice over IP (VoIP). A 20th anniversary is the ideal time for a retrospective, to consider both its positives and negatives. On the plus side, this transformation resulted in the re-engineering of the phone network, the creation of new markets and market categories, and the creation of jobs and livelihoods. On the negative side, it has exacerbated the scourge of robocalling.  

The Phone Network Re-Engineered 

Prior to SIP, the telephone network was built using telephone switches based on custom hardware. These switches were made by a small set of vendors and were a completely verticalized solution from the physical networking layer to the application layer software.

With the mainstream adoption of IP networks, it became possible to replace that hardware with general purpose computers running SIP based software applications. This resulted a dramatic reduction of cost compared to the prior generation. SIP further reduced this cost by enabling these software applications to run on machines in a small number of data centers that might be far away from the people talking to each other, while still keeping the audio delays to a minimum. This centralization of the software was a dramatic shift in how the phone network worked.

This new paradigm had the most immediate impacts on the way corporate phone systems were built. Before SIP, businesses needed to put hardware based phone systems (called Private Branch Exchanges or PBXs) in each building, and wire them up on a separate network from the IP network used for everything else. SIP allowed enterprise IT departments to ditch this separate network and reuse the IP network  for voice. It also allowed them to put the software in their data centers, and eliminate the hardware in each building. This was a huge improvement in costs and reduction in complexity. The final icing on the cake was that SIP enabled video, instant messaging and presence too. This spawned the creation of desktop applications – called softphones – which allowed users to place calls, have video meetings, and chat. These were adopted widely by businesses far and wide. Today, almost all business phone systems are based on SIP.

With its success in corporations, pressure grew for the phone companies (i.e., the telcos), to provide a way for businesses to connect their phone systems to the rest of the phone network using SIP. Prior to this, businesses could use software within their corporate campus, but needed to switch to hardware to connect to the rest of the world. And so, “SIP Trunking” was born, providing a way to send and receive calls into the phone network using SIP-based software applications. This was adopted quickly, and was the first step in transforming the edge of the telco networks from hardware to software.

Around the same time, mobile phone operators were seeing an explosion in usage due to smartphones. These mobile phones had two distinct wireless connections – an old one just for voice, and a new one for data. To expand capacity, they needed to reclaim the voice channel and use it for data. They could do this by switching the voice to VoIP, which would require them to replace their own voice hardware with SIP-based software. The wireless industry produced an expansive set of specifications on how to build a SIP-based replacement for mobile phone networks, called the Internet Multimedia Subsystem (IMS). IMS was finally deployed in the late 2010’s. Today, most mobile phone calls use a SIP client built into the phone and traverse a SIP network deployed and operated by the mobile carriers. This change is largely invisible to mobile phone users, but not entirely! SIP also enabled the usage of higher quality wideband voice for phone calls. This creates an audio experience that is more like listening to music, and you may have noticed this happening in more and more calls you make. 

In a similar fashion, wireline telco provides saw a surge in demand for data. To make the jump to next-gen data access technologies like fiber, they needed to get rid of their separate voice networks and move to voice over IP too. Today, if you have one of these higher speed data networks and still have an analog phone in your home, the analog signal is converted to VoIP using a SIP client in the modem at your house, and then processed by a SIP network operated by the carrier.
The final piece of the of the puzzle is how carriers themselves connect to each other. This has been gradually migrating to SIP too, using carrier versions of SIP trunking. This change is now accelerating, since the conversion is needed to enable the deployment of STIR/SHAKEN, a SIP-based technology to combat robocalling.
Without a doubt, this transformation of the telecommunications technology stack – enabled by SIP - has had a massive impact on the world, enabling lower costs, more bandwidth for data, better quality for voice, and adding video.
 
Market Category Creation

This transformation of the telecommunications industry also created entirely new markets and market categories which didn’t exist before SIP. To enumerate just a few of them:

• IP PBX: The PBX (Private Branch Exchange) is the product that provides phone services for businesses. This market was created as a direct replacement for the legacy hardware-based PBX products that preceded it. This market was led by Cisco, which never had a product in the PBX market, along with incumbents like Avaya, Siemens and Nortel, many of which had legacy products along with the newer IP-based ones. This market is now itself shrinking, being replaced by UCaaS.
• SIP Trunking: This market is estimated to be around $13B in 2021 and is a replacement for legacy hardware phone network access technologies.
• SIP Hardphones: Before SIP, the PBX vendors made their own phones, and a given phone could only work with their own hardware. With SIP, it became possible for vendors to produce phones that could work with many different IP PBXs. These were often produced at low cost. Vendors include Yealink, Cisco, Grandstream, and Avaya.
• Session Border Controller (SBC): The usage of SIP trunking drove demand for a new category of product that could serve as a SIP firewall of sorts, managing the boundary between an enterprise and a carrier, or between carriers. Ribbon and Oracle are the market leaders, with a market size estimated at USD $709M USD in 2022 .
• Internet Multimedia Subsystem (IMS): Market leaders include Ericsson, Siemens, and Nokia. The market size was USD $1.8B in in 2019. 
• CPaaS: Communications Platform as a Service: This is an entirely new market category that was enabled by the transformation of telecommunications to software. CPaaS vendors offer APIs that allow developers to build telecom applications easily. These APIs allow for sending of SMSs, placing and receiving of phone calls, and so on. Twilio created this market and is still the market leader. SIP enabled the CPaaS vendors to gain low-cost and global access to telephone services, and without SIP, the market could not have existed. The market is huge and growing – estimated at USD $5.2B in 2021  (though most of it is for sending SMS, where SIP has been less impactful).
• UCaaS: Unified Communications as a Service – puts the IP PBX in the cloud so businesses can consume voice and video communications services from the cloud. Market leaders include RingCentral, 8x8, Cisco, and Microsoft and Zoom. All of these vendors depend on SIP-based interconnection to the telephone network. This market is really big – estimated to be USD $28.9B in 2021! 
• CCaaS: Contact Center as a Service – enables contact center software to be delivered from the cloud, including voice response systems, agent desktop applications, and call distribution software. Vendors include Five9, Gensys, and NICE/InContact. Like UCaaS, these vendors depend on SIP to interconnect to the telephone network. This market was valued at USD $4.8B in 2021 .

​
When put together, these are no less than 8 distinct markets created by or enabled by SIP, representing approximately USD $50B in market value! 

Job Creation

For me, the greatest source of satisfaction from the success of SIP, is when I hear from someone that they have built their careers and their livelihood around this technology. SIP is complex, and like any complex technology that is used in many ways by many vendors in many markets, expertise in it becomes a marketable skill.
Many LinkedIn profiles will list “SIP” as a skill. Many are software developers, but there are many other jobs that require SIP expertise. SIP network engineers and technicians build, deploy and operate SIP networks. Sales and marketing engineers configure and demonstrate SIP-based products. IT workers that manage business communications for their companies need to understand SIP too.  A search on LinkedIn for people matching “SIP” yields approximately 239,000 results.

Many companies now exist that provide SIP certifications and training (for example – the SIP School . SIP is taught in graduate many classes that cover computer networking, and some even have dedicated courses just on VoIP.

Its hard to know how many jobs SIP has created, but it would not be unreasonable to guess it is somewhere in the ballpark of 100,000 jobs. If you add up the folks working in technical roles across the companies in the markets created by SIP, along with those working in telcos or in IT departments providing VOIP, it is easy to see how the number could be that large.
 
The Downside: Robocalling

Almost all technologies that have brought great benefits, have come with some drawbacks. There is no better example than the automobile, which has brought countless benefits, but also caused 42,915 deaths in 2021 due to automobile accidents. The Internet too, has brought countless benefits but has brought with it problems that are becoming more apparent. SIP has had far less impact as these technologies, and so its drawbacks are less too but they exist.

Without a doubt, the biggest drawback has been the rise of robocalling and the fake caller IDs that come with it. Telemarketing calls predate SIP for sure. However, as SIP reduced the costs of placing calls and made it possible to do using off the shelf software, it caused a sharp increase in the volume of these unwanted calls.

The problem is exacerbated by a design flaw in SIP – the lack of an authenticated caller ID. Without that, it is easy for callers to insert any phone number they want. This design defect was inherited from email, as SIP copied this aspect of its design from how email worked. After many years of failed attempts to resolve the problem, there is finally light at the end of the tunnel using a SIP-based technology called STIR/SHAKEN.
 
In Conclusion

It’s been the highlight of my career to have had the fortune to be the lead author for a technology that, 20 years later, has had a profound impact on the world. By enabling the transformation of telecommunications from hardware to software, SIP drove a re-engineering of both mobile and wired phone networks that resulted in lower cost communications services and more bandwidth available for data. It brought video to the enterprise, created entirely new markets and some new market categories, and created at least a hundred thousand jobs. I try and remind myself of that every time I get one of those annoying robocalls 😊
 

To DIsney, Apple, Hulu, Ultraviolet and the rest of you:

Please, please stop the madness. All of us folks on the Internet are glad that we're finally seeing ways to get and access movies online and then watch them across PC, smartphones, tablets and sometimes connected TVs. It looks like the industry is generally heading towards the model of a video locker, which stores the set of movies I'm entitled to and then allows me to access that locker across a set of devices. The problem is, the various studios and digital providers are driving towards increasing fragmentation so that I cannot have just one locker. I need lots of them.

First there was iTunes, the grand-daddy of digital lockers. When you'd buy a movie, it would sometimes come with an iTunes unlock code and you could add the movie to your iTunes library. Then, Ultraviolet came along. Some, but not all, of the movie studios signed up with Ultraviolet and the fragmentation started. Some movies would come with Ultraviolet digital. Others with iTunes. Some, with both. Ultraviolet itself is fragmented; there is the backend locker service (which is Ultraviolet), and then you need to link your Ultraviolet account to OTHER services which could access and stream it for you. I linked mine to Flixter. As time went on, we saw more and more front ends show up, and when  you'd buy a movie they would prefer one over another. I got some movies at Target, and Target has their own front end (Target Ticket), so I ended up with an account there and now that one is also linked to Ultraviolet. Then Disney decided to do their own movie locker (Disney Movies Anywhere), and their movies show up there, but not Ultraviolet. You can link iTunes to Disney Movies Anywhere now, so *some* movies in iTunes show up in Disney Movies Anywhere and vice a versa, but not all. Confused yet? The final piece of madness I noticed is this - Target Ticket ran an incentive which gave me 10 free movies if I gave them my credit card number. Figuring by now they've got their security in order, I did that and got ten movies that went into Ultraviolet, which is good. One of them, Officespace, shows up in Ultraviolet, but apparently can only be played in Target Ticket and not Flixter! So now we're seeing fragmentation of Ultraviolet content across front ends. Of course, each locker and service has their own ways of viewing the content; some support Chromecast (Flixter) and not others (Disney Movies Anywhere).

Its MADNESS.

And so, my plea. For the good of the users, can we please have the following:

1. Users can choose any locker service they desire.
2. When you buy a physical or digital movie, you can add it to any digital locker service you prefer.
3. You can transfer your content between digital locker services so you don't get trapped.
4. Every locker service offers, at a minimum, PC/Mac streaming and download, IOS, Android streaming and download, and support for Chromecast. Others are optional.

And then let the locker services compete with each other for ease of use, marketplace, speed, and additional services. I personally would pay a nominal monthly fee for a locker service with these properties.

Yours truly,

A Frustrated Digital User

This week, I gave a two hour talk to the Freehold High School Computer Science Academy on how VoIP works. This ended up being quite a bit of work actually, since I needed to distill my existing tutorials to something a high school student could understand. I ended up needing to explain a bunch of core IP concepts first. Here's what I came up with. The feedback from the students was positive - many said they understood it! You can find the PPT here. Comments on the content are most welcome.

IP communications services - voice, video and chat and the many variations therein - are all the rage again. Startups are sprouting daily. Though some focus just on mobile, many are building cross-platform applications.

When building such a service, the first and most important capability that you need to build is perhaps not so obvious. It is not wideband voice. It is not chat. It is automated (and silent) client software upgrade. 

For mobile clients, automated and silent software upgrade is not yet fully possible. IOS7 allows the user to opt into automated updates, but this is not under application control. Mobile applications can, however, do a check upon launch to determine if an upgrade is needed. If so, it can surface a modal dialog which requires the user to upgrade or exit, and if they click upgrade, take them to the app store to get the latest version. The situation is better on desktops, where fully automated and silent upgrade (meaning the user does not need to know about the upgrade or give permission) is possible. Applications like Chrome and Skype have been doing this for some time. 

Why is automated software upgrade so important? There are four big reasons: elimination of perpetual tech debt, elimination of security weaknesses, avoidance of IPR pitfalls, and preservation of innovation velocity.

The first reason is: every client you ship which you cannot force upgrade is a piece of tech debt which stays with you forever. Inevitably in a cloud service, you will need to modify your protocols and interfaces. This applies to client-server protocols but also to p2p protocols (e.g., RTP). If you cannot upgrade these clients, it means that the client-server protocols they support must be supported in servers indefinitely. But worse, the p2p protocols they use must continue to be supported in every other client - indefinitely. This means that, over the years of lifetime of the service, each upgrade of a client must remain interopreable with every prior version of the protocols that have ever been shipped. Consider then a service which upgrades its p2p protocols 3 times a year (a very conservative number). Over a five year lifetime there are 15 different versions of this protocol in the client. From a testing perspective, there are now 15^2 or 225 different permutations of client versions which must be verified!

In other words, non-upradeable clients represent a technical debt which actually grows linearly over time for client-server protocols, and grows exponentially for p2p protocols. As communications services often use p2p protocols, communications applications are particularly susceptible to this tech debt.

The second reason is that you put yourself in a position of introducing security vulnerabilities you cannot patch (at least without locking out those clients). If a vulnerability is discovered that is unique to that instance of the client, and this vulnerability threatens the entire network, this is a vulnerability you cannot easily patch. In pure client-server systems the vulnerabilities primarily exist in the cloud. But communications systems utilizing p2p protocols often have substantial client side business logic, introducing network vulnerabilities that are exposed through the client. As an example, a buggy client might respond to unauthenticated STUN transactions; such a client can be used as a relay for launching DOS attacks against a target.

The third reason is one of intellectual property. Voice and video communications systems in particular utilize codecs and technologies which are laden with patents. If, after deployment, you are sued for patent violations, and as a remedy you need to remove the offending technology, you will not be able to do so (again, not without locking out the users on that version of the client). This represents a nearly unremovable piece of legal risk from the system.

The fourth reason is one of innovation velocity. Let us say you wish to introduce a new feature which improves the service, but this requires a change to the p2p protocols used by the client. If both clients in a call require the change (which is almost always the case), and only the fraction f of the users have the new client, the probability that the new feature can be used is f^2. This means that the overall value of the feature is relatively low until it is in use by the vast majority of the userbase. If you want to achieve even 50% penetration of a feature (meaning it can be used in 50% of calls), you need over 70% of your clients to have it. 

This issue applies to embedded voice and video systems, such as wifi phones, teleconferencing systems, and so on. Traditionally these systems have had weak software platforms that did not allow for automated software upgrade. Indeed, consumer electronics products have not traditionally allowed for even manual software upgrade. Consequently, these devices literally represent an unmoveable, forever piece of tech debt that cannot even be eliminated with emails and warnings to the user. And, unlike apps, cutting those users off is much more damaging because they have spent dollars to buy a piece of electronics that is meant to provide communications. 

Invariably in the lifetime of any successful communications service, there will be a need for some major upgrade. And when they day comes, you will be thankful for having automated upgrades across the user base.