33  Private 5G Networks for IoT

In 60 Seconds

Private 5G networks give enterprises dedicated cellular infrastructure for IoT with guaranteed QoS, low latency, and full security control. Three deployment models exist: standalone (own core + RAN), hybrid (shared core, private RAN), and network slice (virtual private network on public infrastructure). Spectrum options include CBRS (shared, low cost), licensed (exclusive, high performance), and mmWave (ultra-high bandwidth, short range), with TCO typically justified when Wi-Fi cannot meet industrial reliability or coverage requirements.

Key Concepts

• Private 5G Network: An enterprise-dedicated 5G network deployed on-premises using licensed, shared licensed (CBRS), or unlicensed spectrum; provides guaranteed QoS independent of public network load
• CBRS (Citizens Broadband Radio Service): US FCC spectrum sharing framework in the 3.5 GHz band; three tiers: Incumbent Access → Priority Access License (PAL) → General Authorized Access (GAA)
• OnGo (formerly CBRS Alliance): US industry alliance promoting CBRS deployment for private 5G and LTE networks; certifies devices for CBRS compliance
• MEC (Multi-access Edge Computing): Computing infrastructure co-located at the private 5G base station; enables low-latency (<5 ms) application processing at the network edge
• gNodeB (gNB): 5G NR base station serving UEs; private 5G uses small cells (picocells/femtocells) or industrial-grade gNBs depending on coverage area and capacity requirements
• 5G Core (5GC): Cloud-native SA core network functions: AMF, SMF, UPF, AUSF, NRF; private 5G deployments run 5GC on-premises or in a private cloud for data sovereignty
• Network-as-a-Service (NaaS): Managed private 5G offering from vendors (Ericsson, Nokia, Celona, Betacom) providing hardware, software, and operations for a monthly fee
• PLMN-ID: Public Land Mobile Network identifier (MCC+MNC); private 5G networks use dedicated PLMN IDs to prevent public UEs from attempting to register on the enterprise network

33.1 Private 5G: Enterprise IoT Connectivity

Learning Objectives

By the end of this section, you will be able to:

• Architect private 5G network topologies mapping RAN, core, and edge components to enterprise IoT requirements
• Evaluate deployment models (standalone, hybrid, network slice) against latency, sovereignty, and cost constraints
• Justify spectrum selection (CBRS, licensed, mmWave) based on coverage area, bandwidth demand, and regulatory context
• Calculate total cost of ownership and return on investment for private 5G deployments over a 5-year horizon
• Map private 5G integration points to existing OT/IT infrastructure including SCADA, PLCs, and enterprise LANs
• Contrast private 5G and Wi-Fi 6E to determine optimal technology assignment by device criticality

33.2 Prerequisites

Before diving into this chapter, you should be familiar with:

• 5G Advanced and 6G for IoT: 5G evolution and capabilities
• Cellular IoT Fundamentals: Cellular IoT basics
• IIoT and Industry 4.0: Industrial IoT context

Related Chapters

5G and Cellular:

• 5G Advanced and 6G for IoT - 5G evolution
• Cellular IoT Fundamentals - Cellular basics
• NB-IoT Fundamentals - Narrowband IoT

Industrial:

• Industrial Protocols Overview - OT integration
• IIoT and Industry 4.0 - Context

Key Takeaway

In one sentence: Private 5G provides dedicated wireless capacity with guaranteed latency and data sovereignty by deploying your own 5G infrastructure on-premises, eliminating dependence on public carriers for mission-critical industrial IoT.

Remember this: Private 5G makes sense when you need sub-10ms latency, data must stay on-site, or you cannot tolerate capacity sharing with public users; otherwise, public 5G with network slicing is more cost-effective.

33.3 For Beginners: Understanding Private 5G

What is Private 5G and Why Would You Want It?

Public 5G is like a public highway: - Shared with everyone - Operator controls the rules - Traffic congestion possible - Data travels through operator network

Private 5G is like having your own private road: - Dedicated to your organization - You control the rules - Guaranteed capacity - Data stays on-site

Why Go Private?

1. Reliability: Your factory robots don’t compete with TikTok videos
2. Security: Sensitive data never leaves your premises
3. Latency: Local network = faster response
4. Control: You decide priorities and policies
5. Coverage: Optimized for YOUR building, not the neighborhood

Real-World Example: A car factory needs 1ms response for robot control. Public 5G can’t guarantee this because: - Nearest cell tower is 500m away - Core network is in another city - Other users share the capacity

Private 5G solves this: - Base station inside the factory - Core network on-site - Only factory devices use it

Sensor Squad: Your Own Private Network!

“Private 5G is like having your own personal cell tower!” Sammy the Sensor said excitedly. “Instead of sharing a public network with millions of phone users, a factory can set up its own 5G base stations inside the building. That means guaranteed bandwidth, super low latency, and no one else slowing down the network.”

“Security is a huge advantage,” Lila the LED noted. “With private 5G, all the data stays inside the building. No sensor readings, no camera footage, no robot commands ever travel through the public internet. For factories making secret products or hospitals handling patient data, this is essential.”

Max the Microcontroller explained, “There are three ways to build a private 5G network. Standalone means you own everything – the radio, the core network, the servers. Hybrid means you share some infrastructure with a public carrier. And network slicing means the carrier gives you a dedicated virtual network on their public infrastructure. Each has different costs and trade-offs.”

“The cost question is important,” Bella the Battery added. “Private 5G makes sense when you have hundreds or thousands of devices that need reliable, fast connections in one location. A factory with robot arms, cameras, and sensors all needing real-time communication is a perfect use case. But for a few sensors spread across a city, public cellular IoT is usually more cost-effective.”

33.4 Private 5G Architecture

33.4.1 Core Components

Figure 33.1: Private 5G end-to-end architecture from devices to enterprise systems

Alternative View: Data Flow Sequence

Private 5G data flow sequence from device registration to data delivery

This sequence diagram emphasizes the data flow path, showing how control plane (AMF/SMF) sets up sessions while user plane (UPF) handles actual IoT data routing to edge servers.

33.4.2 Deployment Models

Model	Description	Best For	Relative Cost
Standalone	Full private infrastructure	Large enterprises, critical apps	Very high
Hybrid	Private RAN, shared core	Medium enterprises	High
Network Slice	Virtual private on public	Multi-site, mobile workforce	Medium
Neutral Host	Shared private infrastructure	Buildings, campuses	Low

33.4.3 Standalone vs Hybrid vs Slice

Figure 33.2: Standalone, hybrid, and network slice deployment model comparison

33.5 Spectrum Options

33.5.1 Available Spectrum for Private 5G

Spectrum	Frequency	Region	License Type	Bandwidth
CBRS	3.55-3.7 GHz	USA	Light licensing	150 MHz
n78	3.3-3.8 GHz	Europe	Country-specific	100-400 MHz
n79	4.4-5.0 GHz	Japan, China	Licensed	100-400 MHz
mmWave	24-28 GHz	Global	Licensed/shared	400+ MHz
Unlicensed	5-6 GHz	Global	Unlicensed	500+ MHz
Shared	Varies	Various	Dynamic sharing	Varies

33.5.2 CBRS Deep Dive (USA)

Figure 33.3: CBRS three-tier spectrum sharing with SAS coordination

33.5.3 Spectrum Selection Guide

Use Case	Recommended Spectrum	Reasoning
Factory floor	CBRS (GAA/PAL), n78	Indoor, predictable environment
Campus	Licensed or PAL	Outdoor, reliability needed
Warehouse	mmWave	High density, short range OK
Oil/Gas remote	Low-band licensed	Long range, fewer obstacles
Temporary site	GAA, unlicensed	Quick deployment, lower cost

33.6 Design Considerations

33.6.1 Coverage Planning

Figure 33.4: Private 5G coverage and capacity planning factors

33.6.2 Capacity Planning Formula

Cells Required:

Cells = max(Coverage_cells, Capacity_cells)

Coverage_cells = Area (m²) / Cell_coverage (m²)
Capacity_cells = Total_throughput / Cell_capacity

Example:
- Factory: 50,000 m²
- Cell coverage (indoor, 3.5 GHz): 5,000 m²
- Total devices: 1,000
- Average throughput: 10 Mbps
- Cell capacity: 500 Mbps

Coverage_cells = 50,000 / 5,000 = 10 cells
Capacity_cells = (1,000 × 10) / 500 = 20 cells

Required: 20 cells (capacity-limited)

Putting Numbers to It

Capacity planning for private 5G involves balancing coverage area against throughput demand. The key insight is that you need enough cells to satisfy BOTH constraints.

Coverage vs Capacity Tradeoff:

For the factory example above, the coverage requirement is actually more forgiving than capacity:

\[\text{Coverage cells} = \frac{50,000 \text{ m}^2}{\pi \times 40^2 \text{ m}^2} = \frac{50,000}{5,027} \approx 10 \text{ cells}\]

But capacity dominates:

\[\text{Capacity cells} = \frac{1,000 \text{ devices} \times 10 \text{ Mbps}}{500 \text{ Mbps per cell}} = 20 \text{ cells}\]

The final requirement is 20 cells (the higher number). If you deploy only 10 cells (enough for coverage), each cell would need to serve 100 devices at 10 Mbps = 1,000 Mbps, exceeding the 500 Mbps cell capacity by 2×, causing congestion.

Cost impact: 20 cells @ $15,000 each = $300,000 (vs $150,000 for 10 cells). This 2× cost difference is why accurate capacity modeling is critical—underestimating by 50% leads to network overload and $150K of additional infrastructure.

33.6.3 Interactive Capacity Planning Calculator

Use this calculator to estimate cell count for your own private 5G deployment:

viewof area_sqm = Inputs.range([1000, 500000], {value: 50000, step: 1000, label: "Facility area (m\u00B2)"})

viewof cell_coverage = Inputs.range([1000, 15000], {value: 5000, step: 500, label: "Cell coverage (m\u00B2/cell)"})

viewof num_devices = Inputs.range([10, 10000], {value: 1000, step: 10, label: "Total devices"})

viewof avg_throughput = Inputs.range([0.1, 100], {value: 10, step: 0.5, label: "Avg throughput per device (Mbps)"})

viewof cell_capacity = Inputs.range([50, 1000], {value: 500, step: 50, label: "Cell capacity (Mbps)"})

viewof cost_per_cell = Inputs.range([5000, 50000], {value: 15000, step: 1000, label: "Cost per radio unit ($)"})

coverage_cells = Math.ceil(area_sqm / cell_coverage)
capacity_cells = Math.ceil((num_devices * avg_throughput) / cell_capacity)
required_cells = Math.max(coverage_cells, capacity_cells)
limiting_factor = coverage_cells >= capacity_cells ? "Coverage" : "Capacity"
total_radio_cost = required_cells * cost_per_cell

html`<div style="background: var(--bs-light, #f8f9fa); padding: 1rem; border-radius: 8px; border-left: 4px solid #3498DB; margin-top: 0.5rem;">
<h4 style="margin-top:0;">Cell Count Estimate</h4>
<table style="width:100%; border-collapse: collapse;">
<tr><td style="padding:4px 8px;"><strong>Coverage-based cells:</strong></td><td style="padding:4px 8px;">${coverage_cells}</td></tr>
<tr><td style="padding:4px 8px;"><strong>Capacity-based cells:</strong></td><td style="padding:4px 8px;">${capacity_cells}</td></tr>
<tr style="border-top: 2px solid #3498DB;"><td style="padding:4px 8px;"><strong>Required cells:</strong></td><td style="padding:4px 8px;"><strong>${required_cells}</strong> (${limiting_factor}-limited)</td></tr>
<tr><td style="padding:4px 8px;"><strong>Radio unit cost:</strong></td><td style="padding:4px 8px;">$${total_radio_cost.toLocaleString()}</td></tr>
</table>
</div>`

33.6.4 Latency Architecture

Figure 33.5: On-premises vs cloud latency breakdown for private 5G

33.7 Cost Analysis

33.7.1 TCO Components

Component	Capital Cost	Annual Operating
Radio Units	$5K-50K each	Maintenance, power
Core Network	$50K-500K	Licensing, support
Edge Computing	$20K-100K	Power, maintenance
Spectrum (PAL)	$0-100K	Annual fees
Integration	$50K-200K	Ongoing support
SIM/eSIM	$1-10/device	Management

33.7.2 Example: Factory Deployment

Factory: 100,000 m² (10 hectares)
Devices: 5,000 (sensors, cameras, AGVs)

Capital Costs:
- 30 Radio Units @ $15K          = $450,000
- Private Core (software)         = $200,000
- Edge Servers (2x)              = $80,000
- Integration Services           = $150,000
- Contingency (15%)              = $130,000
Total CapEx                      = $1,010,000

Annual Operating:
- Spectrum (CBRS PAL)            = $25,000
- Core licensing                 = $50,000
- Support contracts              = $80,000
- Power and facilities           = $30,000
- Staff (0.5 FTE)                = $60,000
Total OpEx/year                  = $245,000

5-Year TCO: $1,010,000 + (5 × $245,000) = $2,235,000
Per device per month: $2,235,000 / (5,000 × 60) = $7.45

33.7.3 Interactive TCO Calculator

Estimate your private 5G total cost of ownership over a configurable time horizon:

viewof tco_radio_units = Inputs.range([1, 200], {value: 30, step: 1, label: "Radio units"})

viewof tco_cost_per_ru = Inputs.range([5000, 50000], {value: 15000, step: 1000, label: "Cost per radio unit ($)"})

viewof tco_core_cost = Inputs.range([50000, 500000], {value: 200000, step: 10000, label: "Core network cost ($)"})

viewof tco_edge_cost = Inputs.range([0, 200000], {value: 80000, step: 10000, label: "Edge computing cost ($)"})

viewof tco_integration = Inputs.range([0, 300000], {value: 150000, step: 10000, label: "Integration cost ($)"})

viewof tco_annual_opex = Inputs.range([50000, 1000000], {value: 245000, step: 5000, label: "Annual OpEx ($)"})

viewof tco_devices = Inputs.range([100, 10000], {value: 5000, step: 100, label: "Number of devices"})

viewof tco_years = Inputs.range([1, 10], {value: 5, step: 1, label: "Time horizon (years)"})

tco_capex = (tco_radio_units * tco_cost_per_ru) + tco_core_cost + tco_edge_cost + tco_integration
tco_contingency = Math.round(tco_capex * 0.15)
tco_total_capex = tco_capex + tco_contingency
tco_total = tco_total_capex + (tco_annual_opex * tco_years)
tco_per_device_month = tco_total / (tco_devices * tco_years * 12)

html`<div style="background: var(--bs-light, #f8f9fa); padding: 1rem; border-radius: 8px; border-left: 4px solid #E67E22; margin-top: 0.5rem;">
<h4 style="margin-top:0;">TCO Summary (${tco_years}-Year)</h4>
<table style="width:100%; border-collapse: collapse;">
<tr><td style="padding:4px 8px;">Radio units (${tco_radio_units} @ $${tco_cost_per_ru.toLocaleString()}):</td><td style="padding:4px 8px; text-align:right;">$${(tco_radio_units * tco_cost_per_ru).toLocaleString()}</td></tr>
<tr><td style="padding:4px 8px;">Core + Edge + Integration:</td><td style="padding:4px 8px; text-align:right;">$${(tco_core_cost + tco_edge_cost + tco_integration).toLocaleString()}</td></tr>
<tr><td style="padding:4px 8px;">Contingency (15%):</td><td style="padding:4px 8px; text-align:right;">$${tco_contingency.toLocaleString()}</td></tr>
<tr style="border-top: 1px solid #ccc;"><td style="padding:4px 8px;"><strong>Total CapEx:</strong></td><td style="padding:4px 8px; text-align:right;"><strong>$${tco_total_capex.toLocaleString()}</strong></td></tr>
<tr><td style="padding:4px 8px;">Total OpEx (${tco_years} yr @ $${tco_annual_opex.toLocaleString()}/yr):</td><td style="padding:4px 8px; text-align:right;">$${(tco_annual_opex * tco_years).toLocaleString()}</td></tr>
<tr style="border-top: 2px solid #E67E22;"><td style="padding:4px 8px;"><strong>${tco_years}-Year TCO:</strong></td><td style="padding:4px 8px; text-align:right;"><strong>$${tco_total.toLocaleString()}</strong></td></tr>
<tr><td style="padding:4px 8px;"><strong>Per device per month:</strong></td><td style="padding:4px 8px; text-align:right;"><strong>$${tco_per_device_month.toFixed(2)}</strong></td></tr>
</table>
</div>`

33.7.4 ROI Considerations

Benefit	Quantifiable Value
Reduced downtime	$100K-1M/hour avoided
Increased productivity	5-15% improvement
Reduced Wi-Fi infrastructure	30-50% less APs needed
New use cases enabled	Automation, AGVs, AR
Security improvements	Breach risk reduction

33.8 Integration Patterns

33.8.1 Wi-Fi Coexistence

Figure 33.6: Private 5G and Wi-Fi coexistence by device criticality

33.8.2 OT Network Integration

Integration Point	Approach
SCADA	5G to Ethernet gateway
PLCs	RedCap or LTE-M modules
HMIs	Wi-Fi/5G dual-mode
Historians	Edge to cloud sync
MES/ERP	5G core to enterprise LAN

33.9 Worked Examples

Worked Example: Private 5G Coverage Planning for Manufacturing Facility

Scenario: A semiconductor fabrication plant needs private 5G to support automated guided vehicles (AGVs), real-time machine monitoring, and augmented reality maintenance. The facility requires sub-10ms latency for AGV control and 99.999% reliability. Calculate the number of radio units, spectrum requirements, and deployment architecture.

Given:

• Facility: 50,000 sqm cleanroom (250m x 200m) with 5m ceiling
• Devices to support:
  • 50 AGVs requiring <10ms latency and 5 Mbps each
  • 500 machine sensors sending 1 KB every 10 seconds
  • 20 AR headsets requiring 50 Mbps each during maintenance sessions (max 5 concurrent)
• Environmental factors: Cleanroom with metal equipment, no outdoor coverage needed
• Spectrum: CBRS available (USA location)
• Deployment model: Standalone private 5G (data sovereignty required)

Step 1: Calculate coverage-based radio unit count

Indoor 5G coverage (mid-band 3.5 GHz):
- Typical cell radius in industrial environment: 50-80m
- Cell coverage area: π × 65² = ~13,000 sqm (using 65m avg)
- Derating for metal equipment: 30% reduction → 9,100 sqm effective

Coverage-based cells: 50,000 / 9,100 = 5.5 → 6 cells minimum
Add overlap for handover (AGVs): 6 × 1.3 = 7.8 → 8 cells

Step 2: Calculate capacity-based radio unit count

Bandwidth requirements (simultaneous):
- AGVs: 50 × 5 Mbps = 250 Mbps (constant, safety-critical)
- Sensors: 500 × 1 KB / 10s = 50 KB/s = 0.4 Mbps (trivial)
- AR headsets: 5 × 50 Mbps = 250 Mbps (peak, maintenance windows)

Total peak: 250 + 0.4 + 250 = 500.4 Mbps

CBRS capacity per cell (40 MHz, TDD):
- Theoretical: 300 Mbps downlink
- Practical at 70% utilization (30% overhead): 210 Mbps per cell

Capacity-based cells: 500.4 / 210 = 2.4 → 3 cells minimum

Limiting factor: Coverage (8 cells), not capacity

Step 3: Design spectrum allocation

CBRS spectrum plan (150 MHz available, 3.55-3.7 GHz):
- AGV traffic (URLLC): 20 MHz dedicated slice, low latency config
- Sensor traffic (mMTC): 10 MHz shared, high device density
- AR traffic (eMBB): 40 MHz when active, shared with sensors

Total required: 70 MHz (leaves 80 MHz for future expansion)

Spectrum Access System (SAS) registration:
- PAL license: 2 × 10 MHz (20 MHz total) for AGV priority
- GAA: 50 MHz for sensors and AR (best effort, but indoor = reliable)

Step 4: Architect for sub-10ms latency

Latency budget breakdown:
- Radio access (air interface): 1-2ms (5G NR)
- Fronthaul (RU to DU): 0.5ms (fiber)
- Backhaul (DU to UPF): 0.5ms (fiber)
- UPF processing: 0.5ms (local breakout)
- Edge application: 2-3ms (on-premises MEC)
- Return path: ~3ms (symmetric)

Total round-trip: 8-10ms ✓

Architecture requirements:
- Deploy UPF (User Plane Function) on-premises (not in carrier cloud)
- MEC server co-located with 5G core (same rack)
- AGV control application on MEC (not in data center)
- Direct fiber from radio units to local switch (no hops)

Step 5: Calculate 5-year cost

Capital Costs:
- 8 Radio Units @ $20,000 each        = $160,000
- Private 5G Core (software license)  = $150,000
- MEC Server (edge compute)           = $50,000
- Network switches + fiber            = $40,000
- SAS certification + setup           = $10,000
- Integration and commissioning       = $90,000
Total CapEx                           = $500,000

Annual Operating:
- CBRS PAL license (20 MHz, local)    = $15,000
- Software maintenance (core)         = $30,000
- Support contract                    = $25,000
- Power + cooling                     = $10,000
Total OpEx/year                       = $80,000

5-Year TCO: $500,000 + (5 × $80,000) = $900,000
Per device per month: $900,000 / (570 × 60) = $26.32

Result:

Specification	Value
Radio Units	8 (coverage-limited)
Spectrum	70 MHz CBRS (20 MHz PAL + 50 MHz GAA)
Latency (AGV)	<10ms round-trip
Capacity	500 Mbps peak
Reliability	99.999% (standalone, redundant core)
5-Year TCO	$900,000

Key Insight: This deployment is coverage-limited (8 cells for coverage vs 3 for capacity), typical for industrial environments with metal obstructions. The critical success factor is edge architecture - placing UPF and MEC on-premises achieves sub-10ms latency that would be impossible with traffic routed through carrier networks (which add 20-50ms). The CBRS PAL license provides guaranteed capacity for safety-critical AGVs, while GAA is sufficient for indoor sensor traffic. At $26/device/month over 5 years, private 5G is more expensive than public cellular but enables use cases (URLLC for AGVs, data sovereignty) that public networks cannot guarantee.

Worked Example: Private 5G vs Wi-Fi 6E ROI Analysis for Smart Hospital

Scenario: A 500-bed hospital is evaluating private 5G versus Wi-Fi 6E for connecting medical IoT devices including patient monitors, infusion pumps, and mobile workstations. The deployment must meet clinical-grade reliability requirements. Compare 5-year total cost of ownership and identify which technology suits each use case.

Given:

• Hospital: 100,000 sqm across 3 buildings (main hospital, clinic, research)
• Devices to connect:
  • 500 patient monitors (2 Mbps each, 99.99% uptime required)
  • 200 infusion pumps (100 Kbps each, life-critical alerts)
  • 300 mobile workstations (10 Mbps each, roaming between floors)
  • 1,000 asset tracking tags (10 KB/hour each)
• Requirements:
  • Patient monitors: <100ms latency, zero interference tolerance
  • Infusion pumps: FDA Class II medical device compliance
  • Roaming: Seamless handover as clinicians move between units
• Current infrastructure: Existing Wi-Fi 5 network (aging, interference issues)

Step 1: Analyze technology fit by device type

Device Requirements Analysis:

Patient Monitors (500):
- Criticality: HIGH (patient safety)
- Bandwidth: 2 Mbps (continuous vital signs)
- Latency: <100ms (alarm propagation)
- Mobility: Stationary (bedside)
- VERDICT: Either 5G or Wi-Fi works, but 5G URLLC provides guaranteed QoS

Infusion Pumps (200):
- Criticality: CRITICAL (medication delivery)
- Bandwidth: 100 Kbps (dose adjustments, alerts)
- Latency: <50ms (life-critical)
- Mobility: Occasionally moved between rooms
- Regulatory: Must avoid RF interference with other medical devices
- VERDICT: Private 5G preferred (dedicated spectrum, no interference from consumer Wi-Fi)

Mobile Workstations (300):
- Criticality: MEDIUM (clinician productivity)
- Bandwidth: 10 Mbps (EHR access, imaging)
- Mobility: Continuous roaming across floors/buildings
- VERDICT: Wi-Fi 6E preferred (ubiquitous coverage, lower cost per device)

Asset Tags (1,000):
- Criticality: LOW (inventory management)
- Bandwidth: Minimal (10 KB/hour)
- Battery: 5+ year requirement
- VERDICT: Wi-Fi HaLow or BLE preferred (lowest power, not 5G)

Step 2: Calculate coverage requirements

Wi-Fi 6E Requirements (for workstations + general coverage):
- Coverage area per AP (indoor hospital): 500 sqm
- APs needed: 100,000 / 500 = 200 APs
- Add 30% for density and reliability: 260 APs
- Cost: 260 × $1,500 (enterprise medical-grade) = $390,000

Private 5G Requirements (for monitors + pumps):
- Coverage area per cell (3.5 GHz indoor): 3,000 sqm
- Cells needed: 100,000 / 3,000 = 34 cells
- Add 20% for critical coverage overlap: 41 cells
- Cost: 41 × $15,000 (medical-certified) = $615,000

Hybrid approach:
- Deploy Wi-Fi 6E everywhere (260 APs): $390,000
- Deploy 5G only in patient care areas (25 cells for 75,000 sqm): $375,000
- Total infrastructure: $765,000

Step 3: Calculate 5-year TCO comparison

Option A: Wi-Fi 6E Only
- Infrastructure: 260 APs × $1,500 = $390,000
- Installation: 260 × $500 = $130,000
- Annual maintenance: $80,000/year
- Device adapters: Included (Wi-Fi built-in)
- 5-Year TCO: $390K + $130K + ($80K × 5) = $920,000

Option B: Private 5G Only
- Infrastructure: 41 cells × $15,000 = $615,000
- Core network: $200,000
- Installation: $150,000
- Spectrum (CBRS PAL): $30,000/year
- Annual maintenance: $100,000/year
- Device adapters: 2,000 × $50 = $100,000 (5G modules for devices)
- 5-Year TCO: $615K + $200K + $150K + ($130K × 5) + $100K = $1,715,000

Option C: Hybrid (Recommended)
- Wi-Fi 6E (general): 260 APs × $1,500 = $390,000
- Private 5G (critical care): 25 cells × $15,000 = $375,000
- 5G Core (smaller scale): $120,000
- Installation: $200,000
- Spectrum: $20,000/year
- Maintenance: $120,000/year
- 5G adapters (700 devices): 700 × $50 = $35,000
- 5-Year TCO: $390K + $375K + $120K + $200K + ($140K × 5) + $35K = $1,820,000

Step 4: Quantify benefits for ROI calculation

Benefit Analysis (Hybrid vs Wi-Fi-only):

Interference Reduction:
- Current Wi-Fi causes 12 patient monitor alarms/month to fail
- Each missed alarm: $50,000 average liability + patient risk
- 5G eliminates monitor interference: 12 × $50K × 12 = $7.2M/year avoided risk

Infusion Pump Reliability:
- FDA requires documented connectivity for networked pumps
- Private 5G provides audit trail + guaranteed QoS
- Enables 200 pumps to use dose error reduction software
- Medication errors prevented: Est. 50/year × $10K avg = $500K/year savings

Clinician Productivity:
- Wi-Fi 6E roaming reduces EHR "spinning wheel" wait by 30 sec/access
- 300 workstations × 50 accesses/day × 30 sec = 125 hours/day saved
- Nurse cost: $50/hour → $6,250/day → $1.5M/year productivity gain

5-Year Benefit: ($7.2M + $0.5M + $1.5M) × 5 = $46M
5-Year Additional Cost (Hybrid vs Wi-Fi): $1.82M - $0.92M = $900K
ROI: ($46M - $0.9M) / $0.9M = 5,011% (extremely positive)

Result:

Metric	Wi-Fi Only	5G Only	Hybrid
5-Year TCO	$920,000	$1,715,000	$1,820,000
Interference Risk	HIGH	NONE	LOW
FDA Compliance	Challenging	Full	Full
Roaming Quality	Excellent	Good	Excellent
ROI vs Wi-Fi	Baseline	Moderate	5,011%

Key Insight: The hybrid approach costs 2x more than Wi-Fi-only but provides 50x return through risk mitigation and productivity gains. Healthcare is one of the strongest use cases for private 5G because the cost of connectivity failures (patient safety, regulatory compliance, liability) far exceeds infrastructure investment. The key insight is deploying 5G only where it provides unique value (interference-free spectrum for life-critical devices) while using cost-effective Wi-Fi 6E for general connectivity. Pure 5G is overkill for mobile workstations; pure Wi-Fi is insufficient for medical devices that cannot tolerate interference from visitor smartphones. Hybrid architecture matches technology to clinical requirements.

33.10 Understanding Check

Knowledge Check

Scenario: A logistics company wants private 5G for a 500,000 m² warehouse with: - 200 AGVs requiring <20ms latency - 500 handheld scanners - 100 loading dock cameras - Integration with existing WMS (Warehouse Management System)

Questions:

1. Which deployment model would you recommend?
2. What spectrum would you use in the USA?
3. How many radio units are needed?
4. What’s the rough cost estimate?

Auto-Gradable Quick Check

Match Private 5G Components to Their Functions

Order the Private 5G Deployment Process

Place these steps in the correct sequence for deploying a standalone private 5G network for industrial IoT.

Solution

1. Deployment Model: Standalone Private

• AGVs need guaranteed low latency (URLLC)
• High device density requires dedicated capacity
• WMS integration needs local UPF
• Standalone gives maximum control

2. Spectrum: CBRS with PAL + GAA

• PAL for AGV priority lanes (10-20 MHz)
• GAA for general coverage (40-60 MHz)
• Indoor-only = no incumbent interference concerns
• Cost-effective, no major licensing

3. Radio Unit Calculation:

Coverage:
- Indoor warehouse: ~3,000 m² per cell (high-density assumption)
- 500,000 / 3,000 = ~167 cells minimum

Capacity:
- 200 AGVs × 5 Mbps = 1,000 Mbps
- 500 scanners × 1 Mbps = 500 Mbps
- 100 cameras × 15 Mbps = 1,500 Mbps
- Total: 3,000 Mbps = 3 Gbps
- Per cell (CBRS 40 MHz): ~200 Mbps
- Capacity cells: 3,000 / 200 = 15 cells

Limiting factor: Coverage (167 cells)
Add 20% margin: 200 Radio Units

4. Cost Estimate:

CapEx:
- 200 Radio Units @ $10K      = $2,000,000
- Private Core                = $300,000
- Edge Servers (4x)           = $200,000
- Integration                 = $300,000
- Contingency                 = $400,000
Total CapEx                   = $3,200,000

Annual OpEx:
- CBRS PAL (5 licenses)       = $50,000
- Support/Maintenance         = $200,000
- Power/Facilities            = $100,000
- Staff (1 FTE)               = $120,000
Total OpEx                    = $470,000

5-Year TCO: $3.2M + (5 × $470K) = $5,550,000
Per device per month: $5.55M / (800 × 60) = $115

Comparison: Public 5G would cost ~$50/device/month but can’t guarantee AGV latency requirements.

33.11 Visual Reference Gallery

Explore these AI-generated diagrams that visualize Private 5G network concepts:

Visual: Private 5G Architecture

Private 5G network architecture

Private 5G networks provide dedicated wireless infrastructure for industrial IoT, enabling guaranteed latency, capacity, and data sovereignty.

Visual: Private 5G Deployment Models

Private 5G deployment options

Choosing the right deployment model depends on requirements for control, latency, and investment, with Standalone offering full ownership and Slice providing flexibility.

Visual: CBRS Spectrum Access

CBRS spectrum tiers

CBRS enables affordable Private 5G in the USA through shared spectrum with tiered access, allowing enterprises to deploy without traditional spectrum licensing costs.

Common Mistake: Overestimating 5G Performance Without Understanding Fronthaul Requirements

The Error: A manufacturer deploys private 5G in a factory with promises of “sub-5ms latency for robot control,” but measures actual round-trip latency of 18-25ms in production. The robot control system experiences frequent timeout errors, causing production line stoppages.

Why It Happens: Marketing materials advertise 5G NR air interface latency of 1ms, leading engineers to assume end-to-end application latency will be similarly low. In reality, total latency includes multiple components that are often overlooked during planning.

Real-World Impact:

• Production line stoppages: 12 incidents in first month
• Lost production time: 47 hours @ $25,000/hour = $1.175M
• Emergency network redesign: $85,000
• Reputation damage with factory automation customer

The Numbers - Latency Budget Breakdown:

Component	Advertised	Actual Deployment	Why Different
Radio air interface	1ms	2-3ms	Ideal vs real-world RF conditions
Fronthaul (RU to DU)	0ms (ignored)	1-2ms	Depends on fiber distance and switches
Midhaul (DU to CU)	0ms (ignored)	0.5-1ms	If CU/DU split
Backhaul (CU to UPF)	0ms (ignored)	2-5ms	UPF in cloud vs on-prem
UPF processing	0ms (ignored)	1-2ms	Depends on server specs
Application server distance	0ms (ignored)	5-10ms	Cloud vs edge location
Return path	Symmetric	Symmetric	Double one-way time
Total round-trip	“~1ms”	18-25ms	Reality check

Root Cause Analysis:

Problem 1: UPF in cloud data center (80 km away)

Network topology:
Robot → gNB (factory floor)
     → DU (factory MDF room) - 0.5ms fiber
     → CU (factory data closet) - 0.3ms fiber
     → Enterprise router - 0.5ms
     → Internet circuit to cloud - 12ms
     → Cloud UPF - 2ms processing
     → Robot control server (same cloud) - 1ms
     → Return path - 16ms
Total: 32ms round-trip

Problem 2: Fronthaul over Ethernet switches

Original design (cost-optimized):
RU → Building switch (2 hops) → Core switch → DU
Each switch: 0.5-1ms forwarding delay
Result: 2-3ms fronthaul latency (should be <1ms for URLLC)

The Fix - Edge Architecture Redesign:

Revised topology:

Robot → gNB (factory floor)
     → Direct fiber (no switches) → DU - 0.2ms
     → DU and CU colocated - 0.1ms
     → UPF on-premises (same rack) - 0.3ms
     → MEC server (same rack) → Robot app - 0.5ms
     → Return path - 1.2ms
Total: 2.4ms round-trip ✓ MEETS <5ms target

Key changes:

1. Move UPF to on-premises MEC server (eliminate 12ms cloud roundtrip)
2. Direct fiber from RUs to DU (eliminate switch hops, reduce 2ms to 0.2ms)
3. Colocate all 5G core functions in single edge server rack
4. Run robot control application on MEC, not in cloud

Cost Impact:

Component	Original (Cloud)	Revised (Edge)	Delta
5G Core licensing	$80K (cloud SaaS)	$150K (on-prem)	+$70K
MEC server	$0	$25K	+$25K
Fronthaul fiber	$5K (standard)	$15K (direct runs)	+$10K
Annual cloud connectivity	$36K	$0	-$36K/year
Total 5-year	$260K	$285K	+$25K over 5 years

Result: $25K additional investment (9.6% cost increase) achieved actual <3ms latency vs 25ms before.

Lesson for Other Deployments:

Latency-sensitive applications (URLLC: <10ms):

• ✓ Deploy UPF on-premises (not cloud)
• ✓ Colocate 5G core with MEC server (same rack or adjacent)
• ✓ Use direct fiber for fronthaul (no intermediate switches)
• ✓ Run critical applications on MEC, not cloud
• ✓ Budget for enterprise-grade servers ($20-30K)

Non-latency-sensitive (eMBB: 50-100ms acceptable):

• ✓ Cloud UPF acceptable (save $70K+ on core licensing)
• ✓ Standard Ethernet switching for fronthaul (save $10K on fiber)
• ✓ Applications can run in cloud (save $25K on MEC servers)
• ⚠ Understand you’re getting public 5G latency, not URLLC

Verification checklist before going live:

[ ] Measure ping latency from device to application server
[ ] Test at peak device count (100+ simultaneous devices)
[ ] Verify under realistic RF conditions (not just lab with -60 dBm signal)
[ ] Load test with application protocol overhead (not just ICMP ping)
[ ] Document every network hop and measure per-hop latency
[ ] Budget 2-3ms for air interface (not theoretical 1ms)

Key Insight: Private 5G’s “1ms latency” refers to air interface only. Total application latency depends on architecture choices (edge vs cloud, fronthaul topology, core location). For true URLLC (<5ms end-to-end), you MUST deploy edge architecture with on-premises UPF and colocated applications. Budget an additional 20-30% capex for edge infrastructure vs cloud-based deployments. Always prototype with full network topology and measure actual end-to-end latency before claiming latency targets to customers.

Concept Relationships

Builds on:

• 5G Advanced and 6G for IoT - Private 5G applies 5G capabilities to enterprise environments
• Cellular IoT Fundamentals - Understanding cellular basics before private deployments

Extends to:

• Edge-Fog Computing - Private 5G relies on edge infrastructure for low latency
• Industrial Protocols Overview - OT integration with private 5G

Compares with:

• Wi-Fi 6E - Alternative enterprise wireless with different tradeoffs
• Public 5G with network slicing - Shared vs dedicated infrastructure

Related Architectures:

• IIoT and Industry 4.0 - Use cases driving private 5G adoption

See Also

Deployment Planning:

• Network Architecture Design - Principles for private network design
• Spectrum Management - CBRS, licensed, and mmWave options

Technical Deep Dives:

• URLLC Requirements - Ultra-reliable low-latency communication fundamentals
• MEC Platforms - Multi-access edge computing for private 5G

Cost Analysis:

• TCO Modeling - Frameworks for 5-year cost projections
• ROI Calculators - Quantifying private 5G benefits

33.12 Key Takeaways

🏷️ Label the Diagram

💻 Code Challenge

33.13 Summary

1. Private 5G provides dedicated capacity, low latency, and data sovereignty

2. Three deployment models: Standalone (full control), Hybrid (shared core), Slice (virtual private)

3. CBRS spectrum (USA) enables affordable private 5G with PAL for priority and GAA for opportunistic

4. Coverage and capacity both drive cell count—calculate both and use the higher

5. Edge computing is essential for achieving sub-5ms latency

6. TCO includes: Radio units, core network, edge, spectrum, integration, operations

7. Wi-Fi coexistence is common—use 5G for critical, Wi-Fi for enterprise devices

33.13.1 Private 5G Deployment Decision Framework (Variant View)

This decision tree guides enterprise architects through key considerations when evaluating private 5G deployment options:

Figure 33.7: Private 5G deployment decision framework. Critical data sovereignty with maximum control leads to Standalone Private ($500K-2M CapEx, sub-5ms latency, full infrastructure). Moderate control needs or lower budget leads to Hybrid Model (private RAN with shared core, $200K-500K, 5-20ms latency). Multi-site or budget-constrained leads to Network Slice (virtual isolation, $50K-200K/year OpEx, 10-50ms latency). No sovereignty requirements with single site may use enhanced public 5G with SLA.

33.13.2 Private 5G vs Wi-Fi Comparison (Variant View)

This comparison helps enterprises evaluate when to use Private 5G versus Wi-Fi 6E for industrial IoT applications:

Figure 33.8: Private 5G vs Wi-Fi 6E selection guide. Mission-Critical (teal): Private 5G preferred for URLLC (1ms, 99.999% reliability), guaranteed QoS, no interference, and licensed spectrum. Applications: robot control, autonomous vehicles, safety systems. Balanced Performance (orange): Either works with 5G at 5-10ms or Wi-Fi 6E at 2-5ms typical, cost drives decision. Applications: video surveillance, AR/VR, industrial sensors. Enterprise (navy): Wi-Fi 6E preferred for ubiquitous device support, lower cost, existing infrastructure. Applications: laptops, tablets, barcode scanners, guest access. Recommendation: Deploy both - 5G for critical OT, Wi-Fi for enterprise IT, unified management.

Common Pitfalls

1. Comparing Private 5G to Wi-Fi Based Only on Bandwidth

Wi-Fi 6E provides >1 Gbps throughput and costs $200–500 per access point — far cheaper than private 5G ($10,000–50,000 per small cell). Private 5G justifies its premium over Wi-Fi only when specific requirements exist: deterministic URLLC latency (<5 ms), reliable coverage in RF-challenging environments (metal factories), support for hundreds of devices per cell, or outdoor/large-area coverage. For office environments and meeting rooms, Wi-Fi 6/6E is almost always more cost-effective than private 5G.

2. Underestimating Private 5G Deployment Complexity

Private 5G deployments require: spectrum licensing (CBRS PAL or national license), core network infrastructure (5GC on-premises or cloud), SIM provisioning for all devices, RF planning and site survey, regulatory compliance (FCC/CE for 5G equipment), and ongoing network operations. Total project cost for a 50,000 m² factory is $500,000–2,000,000 including hardware, installation, and 3-year operations. Organizations that approach private 5G as a “plug in an access point” project severely underestimate scope and budget.

3. Not Planning for UE Device Certification

Private 5G networks require UE (User Equipment) devices certified for the deployed frequency band and 5G NR standard. Most existing IoT devices (sensors, actuators) do not have integrated 5G modems. New device designs require 5G NR modem integration (Quectel, u-blox, Sierra Wireless 5G modules), RF certification, and carrier acceptance testing on the private network. Budget 12–18 months for device development and certification before the private 5G network can serve custom IoT devices.

4. Assuming CBRS GAA Tier Provides Guaranteed Service

CBRS General Authorized Access (GAA) is the lowest-priority tier — it must yield spectrum to both incumbents (US military, satellite) and Priority Access License (PAL) holders. During spectrum conflicts, GAA devices are automatically de-prioritized or assigned to alternate channels by the SAS (Spectrum Access System). For mission-critical IoT applications requiring guaranteed bandwidth, purchase PAL licenses or deploy on exclusively licensed spectrum to ensure interference-free operation.

33.14 What’s Next

Chapter	Focus Area
5G Advanced and 6G for IoT	5G evolution, RedCap, and 6G research directions
5G Network Slicing	Virtual network isolation and slice management
5G URLLC and Future	Ultra-reliable low-latency communication for industrial IoT
Cellular IoT Deployment Planning	End-to-end deployment methodology and site surveys
Edge-Fog Computing	Edge architecture for low-latency private 5G applications