First Generation Network.
The first generation of the network was designed to study the feasibility to cross the entire metropolitan area network in just one jump (without trusted repeaters) and sharing as much classical communications infrastructures as possible. The diagram of the actual network, composed of three standard ROADMS (Reconfigurable Optical Add and Drop Modules, ADVA FS3000) in the core and a GPON access network at 2.4 Gbps (from Nortel), indicating where the two main experiments were done (GPON crossing and Core crossing) are depicted in Fig. 2. Ordinary 50 GHz (0.4 nm) DWDM filters and attenuators were added where needed. Care was taken to stay within the loss budget limits of the SFP transceivers used. The diagram of the detailed experiments is in Figs. 3a and 3b. The report was published in [Lancho et al., 2009 ]. The network demonstrated that mixing classical and quantum signals in typical infrastructures was not impossible and that, although reduced, decent performance could be achieved, including serving up to 4 simultaneous users in the GPON. It also highlighted the need to have QKD systems able to withstand around 30 dB losses in this scenarios and a higher resiliency to noise (by using e.g. shorter gates in the detectors). The QKD equipment used at the time (modified QKD 3000 systems from idQ) were good for about 14 dB losses and detector gates where too long (500 ns).
Second Generation Network.
With the second generation network we built a metropolitan area network —also with core (backbone) and access networks— trying to answer the question about how many simultaneous users a quantum network could support using standard telecommunications equipment. Given enough users, this could justify economically to build one to sell services. The network should also support addressing i.e. any user should be able to connect to any other user at will. Again, we wanted end-to-end quantum links, without the needs of trusted repeaters and stay well within a maximum loss budget of 30 dB. The network was designed to use a quantum band (1300 nm) and a classical band (1500 nm) and a mixture of CWDM and 100 GHz DWDM standard equipment. Intrinsic to its design (using the periodicity of standard AWG—Arrayed Waveguide Gratings) the quantum and corresponding classical channel —selected to be separated a multiple of the period of the AWG— of a given QKD device (that could be used for key distillation or other classical uses) were automatically and passively directed by the network to the same destination. The destination can be located in any of the access networks (up to 20) connected to the core, thus allowing the emitter to select the destination in the network. We demonstrated the ability to support up to 32 simultaneous classical channels without an increased classical BER (using standard range SFPs) together with quantum communications well below a 6% QBER. Results were reported in [Ciurana et al., 2014 ]. The same network was used for entanglement distribution [Ciurana et al., 2015 ]. A diagram of the network used is depicted in Fig. 4.
Third Generation Network
Network infrastructures are moving from traditional monolithic appliances working essentially as autonomous devices to coordinated views with a logically centralized architecture. The new paradigms rely on common interfaces to control programmable network devices. The logical structure is divided in control and data planes, dedicated to network control and data transport. A infrastructure layer contains the programmable network devices (Fig. 5). The SDN controller, thus, can oversee the working of a full network, providing channels and reconfiguring devices as needed to meet the demands. The SDN controller must run in a restricted environment, meaning that, from a security point of view, a telco network is now composed by a set of points of presence that are considered secure places. These are usually separated by distances of the order of 50 km or less. This is similar to a QKD trusted network, hence the distance limitation can be overcome in these type of networks by using the trusted nodes paradigm.
In this network, we explore the possibility to fully integrate QKD devices as network devices in SDN networks. This will allow not only a seamless integration of quantum communications in networks, but also to do it incrementally. QKD devices will be no longer peculiar devices with odd requirements that make them difficult to install and manage in a telecommunications network, but truly network devices that can readily integrated in an incremental way, as need arise and without ad-hoc modifications of the network. A depiction of this idea is presented in Fig. 6. (See, for example, references [Aguado et al., 2018.1 , Aguado et al., 2017.2 , Aguado et al., 2017.1 ]. A corresponding set of standards is being developed at the European Standard Institute.
This network has been recently deployed in facilities of Telefónica (press release here) in Madrid and using QKD systems from Huawei. This is a real world network, installed in the field and in production facilities, using standard installation procedures in order to show the maturity of the technology to provide real services. It is composed of three nodes over which a range of use cases have been tested. The flexibility of the SDN technology together with QKD devices specifically designed allow to manage the whole network, classical and quantum parts together, running on the same physical infrastructure. The SDN controller can optimize optical routes and such that the the noise is minimized and the quantum channel can be stablished. The QKD technology used is based in Continuous Variables, which is inherently more tolerant to noise. The current technology is capable of more than 20 channels sharing the same fibre and in the same optical band as the quantum channel, this is more than 2 Tbps of data using standard 100 Gbps communications technology in metropolitan area networks.
The network demonstrates the maturity of the technology in standard metropolitan area, where the distance is not a limitation. However it can be easily extended beyond, since the QKD system supports switching with links of up to 60 km each using standard fibre with 0.2 dB/km losses. It is to be noticed that in a real metropolitan area, fiber networks have to deal with many connectors and other devices that typically increases the losses well beyond this figure. On the other hand, telecommunication facilities within a metro area are much closer, separated by just a few kilometers. A map of the Madrid QKD network, with the actual distances and losses are displayed below.
Fourth Generation Network
The Madrid Quantum Network builds on top of the previous quantum network built in the Telefónica production premises, where we did our SDN experiments [Aguado et al., 2019 ]. It has been enlarged with sites of the RedIMadrid network, which is the network provider that links all research centers and Universities in the Madrid region, to a total of 13 links. The distances range from a couple to slightly over 40 km (60 km in new links under comissioning) and losses from a few dB to about 12-14 dB (counting additional connectors, filters, multiplexers, switches and add/drop devices). The network has amplifiers at several places that need to be bypassed. A Map of the network is presented the next Figure.
The Madrid Quantum Network is one of the large testbeds defined in the European OpenQKD Network Project. The project aims to show practical applications of quantum cryptography in networks using several demonstrators and testbeds. It has a large industrial participation and also intends to increase the Technology Readiness Level in QKD devices, networks and applications in order to bring a QKD related industry to maturity. It defines several demonstrators in many places of Europe and four larger testbeds in Berlin, Madrid, Poznan and Vienna.
There are several salient features in the Madrid Quantum Network that makes it unique worldwide. In the first place, this is a production network, where classical commercial communications are taking place in many nodes along the quantum ones. Not only the classical optical equipment is shared, but also the optical fibre is shared in most cases. This makes this testbed a real world one, that will present to QKD deployment the same challenges than a commercial one. This is much more realistic than any other previous QKD network built. To solve these challenges, the degree of control of the network must be large, and this is where the flexibility of the SDN approach shines. Note that in order to cope with the Service Level Agreements, internal restrictions in several of the links apply. For example, quantum communications are allowed only when there is a backup link where no quantum transmissions are taken place, so that classical communications are always safeguarded. This means that the control must route the quantum signals accordingly in order to comply with the SLA.
Other interesting feature is the fact that the network is owned by two providers, which makes for a demonstration of a multitenant quantum network. Finally, the network connects nodes from the Telefónica metro core network (e.g. Norte node in the map) to their 5G lab (IMDEA-NW node) which makes also for a realistic use case in blending QKD and 5G technologies. Along with this use case, the network will run many others, from more generic cases like critical infrastructure protection or secure data transmission for e-health services to other more specific, like network attestation or ordered proof of transit.