5G Cyber Security

5G technology is secure by design developed on the foundation of 4G LTE technnology with further security mechanisms and enhancements.

While the transition to 5G presents a wealth of opportunities and capabilities, it also introduces new cyber security vulnerabilities and threats. The development of 5G policies and standards serve as the foundation for securing 5G’s future communications infrastructure and new 5G security program and controls have been developed to secure 5G systems.

Cyber security is a key topic and 5G security has been enhanced for the 5G ecosystem.

GSMA - Network Equipment Security Assurance Scheme.

The Network Equipment Security Assurance Scheme (NESAS), jointly defined by 3GPP and GSMA, provides an industry-wide security assurance framework to facilitate improvements in security levels across the mobile industry. NESAS defines security requirements and an assessment framework for secure product development and product lifecycle processes, as well as using 3GPP defined security test cases for the security evaluation of network equipment.

NESAS provides a security baseline to evidence that network equipment satisfies a list of security requirements and has been developed in accordance with vendor development and product lifecycle processes that provide security assurance. NESAS is intended to be used alongside other mechanisms to ensure a network is secure, in particular an appropriate set of security policies covering the whole lifecycle of a network

Security Assurance Specification (SCAS)

SCAS defined by the 3GPP has been developed for testing network products such as 5G base stations. The test evaluates the product security levels to ensure customers that the product meets security standards.

Security analysis for O-RAN architectures

Fundamentally, system design requires an in-depth security analysis and appropriate security measures in place to prevent or mitigate potential attacks. With the introduction of each new entity to a system, a comprehensive threat analysis and corresponding security design is required to account for new potential attacks attempting to exploit the new interfaces and functionality.

O-RAN security focus group (SFG) was formed to conduct a deep threat analysis on every single O-RAN software/hardware component and interface and evaluate the impacts of identified threats to place appropriate security measures thereby making O-RAN secure. The O-RAN SFG is responsible for security guidelines that span across the entire O-RAN architecture. The security analysis and specifications are being developed in close coordination with all O-RAN Working Groups (WGs), as well as GSMA, regulators, and standards development organizations.

The O-RAN SFG risk analysis and evaluation process is based on the standard methods (ISO 27005) and has included collaboration by domain security experts from operators, vendors, and regulators.

Australian Cyber Security Centre (ACSC) and National Institute of Standards and Technology (NIST)

5G Cyber Security strategy, frameworks, standards and guides are provided by ACSC and NIST with security program and controls to be applied to protect 5G standalone (5GSA) networks from cyber security threats.

For further information contact us at sales@x4000.com