Professional Documents
Culture Documents
network security
Conceptualizing security in mobile
communication networks – how does 5G fit in?
ericsson.com
Ericsson | A guide to 5G network security 3
Executive Summary
An introduction to telecom In qualitative terms alone, Advances in technology, together with the
network security 5G is worlds ahead of 4G broader development of networks beyond
• Today’s telecommunication networks • From a user perspective, 5G is inherently 5G RAN, are expected to have a significant
are generally separated into four log- different to any of the previous mobile impact on security, such as software-de-
ical parts: radio access network, core generations. Machine-type communica- fined networking (SDN), network function
network, transport network and inter- tion, enabled by 5G, is widely anti- virtualization (NFV) and edge computing.
connect network. Each network part cipated to become the strategic differ- The 5G 3GPP standard is agnostic, in that
comprises three so-called planes, each ence and unique selling point of 5G in it is flexible enough to allow for different
of which is responsible for carrying a dif- the long run. 5G networks will serve as types of physical and virtual overlap
ferent type of traffic, namely: the control critical infrastructures to facilitate the between the radio access network (RAN)
plane which carries the signaling traffic; digitization, automation and connec- and core network, for example, from a
the user plane which carries the payload tivity to machines, robots and transport remote device to the Core network.
(actual-) traffic; and the management solutions etc. Thus, there is significant The separation of functions between
plane which carries the administrative value at stake and, so too, a significantly RAN and core raises questions about
traffic. In terms of network security, all different tolerance for risk. competitiveness and performance.
three planes can each be exposed to • 5G marks the beginning of a new era of From an economic, competitive and
unique types of threats. There are also network security with the introduction of performance perspective, failing to make
uniform threats which can affect all IMSI encryption. All traffic data which is use of technological developments in the
three planes simultaneously. sent over 5G radio network is encrypted, configuration and deployment of 5G
• Telecommunication network security is integrity protected and subject to mutual commercial networks will ultimately prove
defined by the following components: authentication e.g. device to network. counterproductive to realizing unique 5G
– Standardization; a process whereby • Standardization authorities, such as use cases, such as critical machine-type
operators, vendors and other stake- those represented through 3GPP, do not communication or applications which
holders set standards for how standardize how functions are imple- belong to latency-sensitive autonomous
networks around the globe will work mented and realized. The main purpose systems.
together. This also includes how best of the specifications is to secure inter- In the era of 5G, it’s important that,
to protect networks and users against operability between the functions when we begin to conceptualize security
malicious actors. required to provide network connectiv- on a system wide level where telecom
– Network design; network vendors ity. Consequently, there is little about networks are an important component,
design, develop and implement the virtualization and cloud deployments in we adopt a strong understanding of the
agreed standards for functional the specifications. These details will be following:
network elements and systems, which addressed at the implementation and • Increased value at stake and
play a crucial part in making the end deployment phases. decreased risk tolerance
network product both functional and • Fairly trivial malware is still prevalent • Cyber-physical dependencies
secure. for infecting devices or at least gaining • Security of standards, products,
– Network configuration; at the an initial foothold within a targeted IT deployments and operations
deployment phase, networks are system. Simultaneously, telecommuni- • Proactive cybersecurity measures
configured for a targeted security cation networks using specialized • Vulnerability management
level, which is key to setting security equipment can be targeted by malware • Securing the supply chain.
parameters and further strengthening which is anything but trivial.
the security and resilience of the
network. Understanding security in the era of 5G
– Network deployment and operation; Telecommunication networks are evolving
the operational processes which allow rapidly across a broad technological
networks to function and deliver environment which includes virtualization,
targeted levels of security are highly IoT and Industry 4.0. This is met by an
dependent on the deployment and equally broad yet deteriorating cybers-
operations of the network itself. ecurity environment.
4 Ericsson | A guide to 5G network security
Contents
1. Introduction..................................................................................................................... 5
References......................................................................................................................................18
Glossary.....................................................................................................................................19-20
Ericsson | A guide to 5G network security 5
1. Introduction
New forms of wireless connectivity are new set of issues, such as the security, principles, implementation considerations
galvanizing a wave of digital transforma- safety, and robustness of cyber-physical and the day to day operations of networks.
tion which is disrupting our industries and systems. Novel types of attack, as well as In this document, 5G refers to the entire
forcing us to rethink traditional ways of new privacy and cybersecurity regulations, ecosystem of IoT, Industry 4.0, cloud,
working. This transformation is not just may take many industries by surprise. internet services, digitalization and
changing how we work with IT, office tools supporting technology in general.
and administrative systems; but it’s also Mitigating security and privacy Telecommunication networks, both fixed
creating new business opportunities. threats under 5G and mobile, are set to play an important
Value chains are becoming value The subject of security and privacy role in the 5G era, ultimately providing the
networks, where one-to-one relations continues to provoke a passioned response necessary low-latency connectivity to the
between suppliers, vendors, operators and high expectations from citizens and internet.
and end-users are being reinvented as governments alike. At the same time, It should be clear however, that
ecosystems of partners and co-creators. information security is a top concern telecommunication networks do not
among enterprises which are embarking provide end-to-end connectivity for all
Internet of Things and Industry 4.0 on a digital transformation journey. services. More specifically, mass-market
This cross-industry transformation has It’s imperative, therefore, that IoT IoT devices will only rely on telecommuni-
created a need to evolve the concept of is secure from the start, protecting cation networks to obtain access to the
wireless connectivity for the fifth genera- personal data, business-sensitive internet. Devices like these are still
tion of mobile technology (5G)1, to enable information, and critical infrastructure. required to have an over the top identity
new ways of defining performance Regulators are expected to walk management scheme, end-to-end security
monitoring and assurance as well as a fine line between protecting privacy, solutions (between the device and the
quality of service and user experience2. safeguarding national security, stimulating server on the internet) and must ensure
Compared with previous generations economic growth, and benefiting society their own specific application security.
of wireless communications technology, as a whole. To succeed with 5G trans- Devices and applications which do not
the rationale for 5G development is to formation, industries need to gather need to connect to the internet, such as a
expand the broadband capability of competence, understand new threats call between two mobile phones, whereby
mobile networks to provide specific and learn how to mitigate them. their communication will never leave the
capabilities not only for consumers but Building a secure 5G requires us to telecommunication network, enjoy
also for various industries and society at take a holistic view and not only focus on comprehensive network security.
large. Hence, unleashing the potential individual technical parts in isolation. The mobile network parts and, to some
of the Internet of Things3 (IoT). For example, interactions between user degree, fixed access of telecommunication
With IoT and Industry 4.0, a plethora of authentication, traffic encryption, mobility, networks are specified by the 3GPP
new device types with less homogeneity overload situations, and network resilience standardization organization. This
than today’s PCs and smartphones will be aspects need to be considered together. document refers to these parts as the 5G
connected with new and broader sets of It is also important to understand system (see chapter 4), not to be confused
applications. Not just internet-based relevant risks and how to address them with the more general use of the term 5G.
apps and content, but rather real time, appropriately.
mission-critical, industrial control systems
(Supervisory Control and Data Acquisition, 5G and end-to-end encryption
-SCADA) systems. The next digital era will Adopting this broader perspective
not just be confined to data behind screens ultimately leads us to encryption,
and keyboards, but will also enter the something which is often mentioned in
cyber-physical domain through robots, public debate. End-to-end encryption,
sensors, and autonomous cyber-physical although an integral tool, is still just one of
processes. the many tools needed to ensure the
Digital transformation will further security of a system. Let’s not forget also,
introduce new dimensions of attack vectors, the trustworthiness of 5G does not only
values, and vulnerabilities through these originate from a set of technical security
connected digital systems. IoT brings a features, but also from system design
6 Ericsson | A guide to 5G network security
2. Conceptualizing security
in telecom networks
2.1 What is a telecom network and how planes, each of which carries a different • User payload traffic contains the actual
does it work? class of traffic: signaling traffic, user data that is transferred for the user.
Telecommunication networks consist of payload traffic and management traffic. Without appropriate security measures,
four main logical network parts: radio The signaling plane transports messages the privacy of the user and the confi-
access network, core network, transport that are used to control user sessions, e.g. dentiality of enterprise or government
network, and interconnect network. establishing a call or data session. The data would be at risk. So far, integrity
The radio access network (RAN) is an contents of a call or web page is referred to protection for user payload traffic has
instance of access network, and a major as user plane or user payload. The been seen as necessary .
part of modern telecommunications. There management plane includes management • The management layer is needed to
are many types of access networks, such of monitoring, troubleshooting, configura- ensure that the service provider’s busi-
as the 3GPP access networks: GSM/GPRS, tion and optimization of networks. ness performs optimally. The man-
UMTS, EUTRAN, NG-RAN (5G), satellite, All planes are of interest for threat actors agement plane is an attractive target
and non-3GPP access networks: WiFi or for varying reasons: for hackers to gain access to network
fixed (wired) access network. • Signaling5 – the metadata which sup- resources, where they can manipulate
The core network can provide a number ports the networks is targeted to obtain and disturb network traffic and data.
of services to subscribers that are connected information such as the geographical Mitigation of network management
via the access network into the core, such position of a subscriber. Modification of related risks and threats requires secu-
as telephone calls and data connections. signaling traffic may be attempted to rity policies and several security controls
The transport network keeps the access re-route calls or intercept SMS messages to be implemented, such as access con-
network connected with the core, and the of a target for eavesdropping purposes trol and security monitoring, in the right
base stations within the radio access or denying service. Today’s security risks places (section 4).
network connected with each other. The are far more developed and complex
interconnect network connects different compared to previous generation tech- 2.2 Key security consideration in the
core networks with each other. Telecommu- nology. As such, signaling of previous standardization, development, deploy-
nication networks transfer voice and data generations, such as 2G, was developed ment and operations of telecom networks
across the globe with high quality and with a reduced focus on security. This Standardization has played a vital role
consistency. User devices such as mobile was owing, in part, to a high level of from the beginning of the emergence of
phones can stay connected regardless of trust in signaling peers. Now we know global cellular networks such as GSM or
time and place, which is all possible thanks better. Telecom signaling is regularly 2G. In this process, operators and vendors
to standardized signaling systems and attacked and sometimes exploited on a agree about how networks around the
interfaces. daily basis. In current 5G 3GPP stan- globe will work together and how the
Each network part can be subdivided dardization, security is now taking a networks and users can be protected
further into three so-called network central role across all aspects. against malicious actors. Network vendors
translate the agreed standards to
functional network elements and systems.
Core Network of The design and development performed
Management
Other Operator by the network vendor is a crucial part in
making the end network product
functional as well as secure.
In the deployment phase, networks are
also designed and configured for targeted
Interconnect
User Access Network Core Network Network Public
security level, as well as to set security
Equipment Networks parameters and further harden the
Transport Network resilience of the network. At the opera-
tional phase, operational processes which
Management Traffic facilitate the network and deliver a
Control Signaling
User Payload
targeted level of security are highly
dependent on the deployment and
Figure 1: The mobile communication network – logical elements and logical planes operations of the network. One way of
Ericsson | A guide to 5G network security 7
3. Critical Infrastructure
- value at stake in 5G
Network slicing
controlled devices and vehicles is already
Mobile
beginning to take place at scale. Conse-
Broadband SGW PDN
GW MME PCRF HSS OSS quently, when these movements intersect,
intelligent and autonomous devices will be
an integral part of industry and society.
Massive MTC
MME
SGW
HSS OSS
How all these technologies are built,
PGW
4. 3GPP standardization
of the 5G system
4.1 What is a 3GPP standardized 3GPP does not standardize how 5G system addressed in a much broader way (see
5G system? functions are implemented and realized. section 5) – 5G standards or, for that
The main service which the 5G system The main purpose of the specifications is matter, any other technical standards will
provides today’s users is mobile (wireless) secure interoperability between the only be part of a much bigger picture.
connectivity of a device to a network, often functions required to provide network
for Internet connectivity. This is also why connectivity. Consequently, there is little 4.2.1 Mutual authentication: the end-
the first 5G system use cases e.g. enhanced about virtualization and cloud deploy- users of the 5G system are authenticated
mobile broadband and fixed wireless ments in the 3GPP specifications. Those to support charging for network access,
access, were piloted to offer users a better aspects are handled by other standards accountability (e.g., which user had which
experience of the Internet. organizations, especially ETSI ISG NFV IP address and when), and Lawful
3GPP does not typically standardize (European Telecommunications Standards Intercept. The network is also authenti-
application services (such as Internet Institute, Industry Specification Group, cated towards the end-users so that the
applications) since they are considered to Network Functions Virtualization) and end-users know that they are connected
be out of scope of 3GPP’s connectivity ONAP (Open Network Automation to a legitimate network.
focus. There are however a few exceptions: Platform). Some details are not standard-
telecommunication networks have ized at all and are left for implementations 4.2.2 Confidentiality of user plane data
traditionally provided the possibility for and deployments. Further, aspects that are – the actual traffic data that is being
two devices to connect to each other with part of a digitized society and industrial transmitted – is achieved by encryption
the support of the network (e.g., to set up IoT that are not related to the radio access of end-user data as it passes through the
voice calls). In 4G networks, voice calls are connectivity is mainly out of scope for 3GPP. mobile network to prevent eavesdropping
set-up using voice over LTE (VoLTE) over the air or on wires. Once the data
service on top of the connectivity service. 4.2 Security functions provided leaves the 5G system and traverses the
VoLTE uses the IP Multimedia Subsystem by the 3GPP standard Internet, the 3GPP standard does not
(IMS) also standardized in 3GPP, similar This section contains an overview of some ensure confidentiality.
voice service is also planned for 5G. of the most important security services
Furthermore, 3GPP standardizes the provided by 3GPP standard to safeguard 4.2. 3 Privacy threats to end users are
security to support these services. the connectivity for users, and the service mitigated by mechanisms that protect
3GPP standards also cover some aspects availability and charging by the operator user identifiers. Note that, similarly to
of machine type communications and IoT. of the network. 3GPP’s 5G system confidentiality, even though the 5G system
Here, the focus is to provide the devices standards provide security mechanisms, protects the privacy of the end-user using
with connectivity. Consequently, the 3GPP which are based on well-proven 4G an Internet application over the 5G system,
standards cover efficient means to provide security mechanisms, but also include new the 3GPP standards do not intend to, and
these devices with an IP point of presence. enhancements for e.g. encryption, cannot, mitigate all privacy threats outside
Any security issues related to the actual authentication and user privacy. the 5G system even though there may be
application is considered out of scope and While 3GPP security mechanisms privacy concerns for the application also
needs to be taken care of over the top. provide reliable links for non-malicious bad in a more general 5G setting. These threats
For example, 3GPP’s 5G system can radio conditions (see below) they do not require additional efforts by Internet
provide a temperature controller in a protect against all possible threats, for application providers. The 5G system
refrigerated goods wagon of a train with IP instance DDoS and radio jamming. protects the messages sent by a social
connectivity, but seen from the general 5G Protecting against DDoS attacks and radio media user while they traverse through the
view, the authentication of the manage- jamming is something that is left for mobile RAN and 5G system core network.
ment traffic to the controller must be implementation and deployment, e.g. The social media service must itself ensure
addressed over the top, since the IP to re-route traffic via other base stations that the message is protected end-to-end,
address may be accessible via the Internet, if one is jammed, or scaling mechanisms since it will traverse the Internet once it
so anyone could send messages to the and selective dropping/throttling in case leaves the 5G system. It is of course also
controller. of DDoS. Therefore, the appropriate level up to the social media service to ensure
Apart from the security assurance of cyber-resilience in the 5G system and the privacy of the user data once it has
specifications (see section 4.3 below), 5G in general needs to be understood and reached their servers and is being stored
and processed.
Ericsson | A guide to 5G network security 11
4.2.4 Encryption and integrity protection secure. Other examples of compartmen- secure standardized system and protocols.
3GPP standards ensure that appropriate talization are cryptographically separated Therefore, 3GPP and GSMA took the
encryption and integrity protection keys used at mobility events, and network initiative to create a security assurance
algorithm choices are made. 3GPP here slicing. Isolation of network slices is an scheme called the Network Equipment
enjoys the support of security algorithm important aspect, but it is not in the scope Security Assurance Scheme (NESAS),
expert group of ETSI (European Telecom- of 3GPP standards and is provided through which is suitable to the telecom equipment
munications Standards Institute), implementation and deployment, e.g. lifecycle. Ericsson strongly and actively
specifically ETSI SAGE (Security targeted for specific use cases (see section supports the initiative in both 3GPP and
Algorithms Group of Experts). For IP layer 3) and desired performance and derived GSMA by feeding the strongest parts of
and above, 3GPP relies on well-proven economic benefit. our own Security Reliability Model (SRM)
IETF security protocols. Finally, one of the key purposes of 3GPP into the scheme, ensuring the other parts
The 5G system provide reliability standardization is to ensure interoperability are covered by the scheme, and aligning
and robustness against non-malicious of security mechanisms between 5G system the two.
unavailability situations, i.e. errors that functions. NESAS comprises two main components:
appear due to unusual but expected bad security requirements and an auditing
radio conditions and broken links. 4.2.7 Implementation aspects of the 5G infrastructure. The security requirements
system are only standardized by 3GPP are defined jointly by operators and
4.2.5 A false base station15 in GSM could to a very limited degree. vendors in 3GPP. These requirements
identify a subscriber via the IMSI For example, whether certain functions are currently defined on a node basis
(International Mobile Subscriber Identity)16. are implemented in single physical servers and collected in so-called SeCurity
The technique is called IMSI catching. (physically isolated and separated) or Assurance Specifications (SCAS). There is,
In GSM an attacker could even eavesdrop implemented as virtual machines (VMs) for example, one specification defining
on users’ data. Later generation mobile in a cloud or virtualized environment security requirements for 4G base stations.
networks, starting from 3G, prevent the (shared hardware) is up to implementation Various types of requirements exist,
eavesdropping attacks because the and operator deployment choices including the use of functional security
network is there authenticated to the user. (economics). This means that there is no policies, such as minimum length of
However, IMSI catching attacks are still simple rule of thumb derived from 3GPP management passwords, but also
possible in 3G and 4G. In 5G standards, standards regarding the separation of qualitative requirements on hardening
even IMSI catching attacks are prevented. RAN and Core functions but rather flexibility and penetration testing. The auditing
This is through a technique where the prevails, even in a single physical network infrastructure is governed by the GSMA,
user’s long-term identifier is never different configuration for different 5G the global mobile operator organization.
transmitted over the radio interface in use cases are possible, resulting in several The GSMA appoints audit firms that
clear text. Further, 5G increases the differently configured logical networks perform the audits of vendors’ develop-
frequency with which temporary user are running over one physical network. ment and testing processes. The GSMA
identifiers are updated, further For functions implemented in a traditional also awards certificates to the vendors
improving privacy. non-virtualized fashion, 3GPP, in that pass audit and revokes certificates
cooperation with GSMA, develops security from the ones that do not.
4.2.6 Compartmentalization: The 5G assurance specifications, which sets NESAS aims to meet the needs of many
system supports different types of requirements for some implementation national and international cybersecurity
compartmentalization, e.g. functions that aspects17. regulations, such as the EU cybersecurity
aim to isolate possible security breaches certification framework. The move
from escalating from one part of the 4.3 Security Assurance in 3GPP SECAM towards larger portions of products being
network to another. For example, there is Mobile networks form the backbone of the software – as we can see with SBA and
a clear split between the Radio Access connected society and are even classified cloud-based implementations – also offers
Network and the core network functions. as critical infrastructure in some jurisdic- the possibility for faster update cycles if
This means that, should a radio base tions, making security assurance especially vulnerabilities are discovered.
station get compromised, the core network, important. Early on, the telecom industry
which provides global functions and realized the need to ensure secure
processes more sensitive data, is still implementations in addition to the
12 Ericsson | A guide to 5G network security
5. Security Architecture in 5G
• System-wide security
(horizontal security)
– Network level = Access &
= Apps & Cloud
=
– Slicing Network
– Application level security
M Security Mgmt
–C onfidentiality and
integrity protection Security functions
– Interconnect (SBA)
Trust anchoring
The Service Based Architecture (SBA) and blades and network security functions provide a secure deployment in virtualized
splitting of functionality in the traditional deployed with policies tailored to the deployments. Currently, the industry is
radio baseband unit opens to deployments specific application requirements. working on establishing methods to
in cloud environments. This flexibility achieve similar trust and security as in
grants several opportunities to realize new 5.2 Deployment/Vertical security embedded systems. For instance, hard-
value-added service offerings, but also 3GPP specifies network functions and how ware platforms (data center servers)
bares new risks and attack vectors that they interact, but it does not specify how need to include hardware technologies
must be controlled in order to uphold the network functions should be implemented such as trusted platform modules (TPM),
operator’s targeted security posture. in embedded systems or in virtual hardware security modules (HSM), and
Some activities and controls to increase environments. secure enclaves in CPUs and these
the trustworthiness in cloud include, but Traditionally, radio base station capabilities need to be utilized by the
are not limited to: equipment and radio core nodes are virtualization platform and exposed
• Hardening of the Network Function developed on vendor designed hardware to and attested by applications running
Virtualization environment, e.g., host OS platforms. These platforms have been on those platforms.
hardening, secure configuration of the carefully designed to meet strict require- Virtualization of 3GPP functions allows
hypervisor or container environment. ments on availability, mean time between a flexible distribution of the functions
• Tenant separation such that tenants are failures (MTBF), performance, scalability, across infrastructure across the network
unable to interfere, have unauthorized power consumption, and physical security in ways that are not possible for hard-
data access, or intercept network traffic properties. ware-based solutions. It is possible, for
from other tenants. For example, a radio baseband unit example, to deploy a network slice where
• Compliance monitoring of tenants includes tamper resistant hardware to both RAN and Core Network functions
to ensure they remain within defined securely store sensitive secrets, support deeper in the network towards the edge
security policy secure boot procedures that verifies the on distributed cloud platform to serve
• Generation of detailed audit trails integrity and origin of software that is local enterprise services or regional IoT
to support incident response and loaded onto the hardware, and hardware applications. This requires that network
restoration activities accelerators to boost cryptographic orchestrators which deploy the applica-
• Workload life-cycle management to performance. During the manufacturing tions, the distributed cloud platform on
ensure secure onboarding of virtual of baseband units, the hardware is which the applications run, and the
network functions, verify the integrity of provisioned with vendor unique applications themselves can be hardened
software during boot and the integrity credentials, called Vendor Credentials, and provide enough security controls.
of workloads in operations, and secure that are used to cryptographically This is necessary to meet the operator’s
decommissioning of workloads. authenticate the device vendor of origin. wanted security posture, at the same time
This credential is used to secure deploy- as fulfilling the security requirement for the
A logical construct that is used to describe ment and integration of baseband units network slice use case. This is achieved by
the segregation of network services with into operator networks. These credentials solutions that coordinate service deploy-
different performance and security are securely stored on hardware devices ment and security configuration across
properties is the network slice. Several of with an established Trusted Execution all involved domains. After deployment,
the abovementioned controls and design Environment (TEE) as specified by the continuous monitoring is needed to verify
guidelines will be combined to realize Trusted Computing Group creating trust that the wanted security state is main-
different network slices. For instance, a that can be carried into deployment that tained throughout the lifecycle of deployed
mission critical application that requires is rooted in the hardware. services.
high availability, priority access to In virtualized deployments, the situation
resources, and isolation from other is different since multiple vendors may be
services may be realized using services involved in providing different parts of the
with geographic path redundancy with solution, such as the hardware infrastruc-
fast failover, authenticated with confiden- ture, the virtualization platform, and the
tiality and integrity using IPsec, and applications execute the 3GPP network
processed by dedicated 5G Core network functions. Secure provisioning and storage
functions deployed on committed server of identifiers and credentials is integral to
14 Ericsson | A guide to 5G network security
(AoR): Product Security and Privacy” The most prominent assurance activities latest patches, disablement of insecure
defines how responsibilities and authori- leveraged by Ericsson are Risk Assess- services and replacement of default
ties are distributed between different roles ments, Secure Coding practices, Vulnera- passwords.
and functions to manage and control bility Analyses and Hardening. These are
product security and privacy across defined as such: 6.6.3 Documentation
Ericsson products. SRM is linked to the • A Risk Assessment will identify risks The documentation aspect in SRM defines
distinct responsibilities and defines in related to the product when used in the security and privacy specific customer
detail what needs to be implemented and customer’s network, after which it will documents. The documents defined in
which activities need to be performed. either create controls to reduce the risks SRM are the Hardening Guidelines,
SRM is enforced through the above or suggest alternative means to reduce Security and Privacy User Guide, and the
“AoR Product Security and Privacy”, and the risk exposure of the customer. Unac- Security Test Results report.
further details are provided by a set of ceptable risks will be mitigated with risk
Ericsson internal Generic Product Require- treatment actions. 6.6.4 Enabling Product
ments (GPR). GPR defines the key product • By following secure coding practices, Near Security Services
functionalities, security and privacy related Ericsson reduces the possibility of design Ericsson’s product-near security services
product documentation which are needed, flaws and implementation bugs during are currently handled separately by the
as well as confirmation of security the software development. Secure service organizations and are inde-
assurance activities. coding activities aim to reduce flaws pendently defined by the products.
and weaknesses in the software code Currently, SRM does not define specific
6.6.1 Functions through code reviews and various static mandatory deliverables in this area.
Security Reliability Model (SRM) defines and dynamic scanners and tools. Typical deliverables are security and
a set of security and privacy functions for • The Ericsson way of performing Vul- privacy training recommendations,
Ericsson products. The product organization nerability Analysis (often referred to solution level integration guidance and
responsible for each Ericsson product will as Vulnerability Assessment within the potential deployment-time hardening
analyze, decide and document the industry) comprises the testing and ver- activities that need to be included in
applicability and compliance to the GPR ification (including penetration testing) customer delivery projects.
security and privacy requirements. Not all activities which are designed to identify
functions listed in the GPR are compulsory, weaknesses and vulnerabilities present 6.3 Avoiding vulnerabilities
nor applicable, for a specific product. in the product or solution. The vulnera- The work to avoid vulnerabilities includes
In addition, products may be designed to bility analysis verifies security character- product and feature risk assessments and
support privacy and security requirements istics and security configuration of the secure design, secure coding principles
that are not in the GPR. product/solution and identifies new vul- and use of analysis tools, and supply chain
One key deliverable of a Risk Assess- nerabilities through both black box and security considerations.
ment process (see 6.6.2 below) is to white box testing. Remaining vulnerabil-
identify a list of security and privacy ities shall be documented with mitiga-
functions which are required to minimize tion proposals. A Vulnerability Analysis
known risks to an acceptable level. shows that Risks discovered in the Risk
Assessment activity are sufficiently con-
6.6.2 Assurance trolled (or mitigations documented) in
Assurance activities are divided to three the final product.
levels; basic, advanced and tailored level. • Hardening means increasing product
All basic level assurance activities shall be security by reducing its attack surface.
performed by the product development, Hardening is a design and a configura-
given that the activities are applicable. tion issue as well as a deployment issue.
Advanced level activities can be performed Hardening ensures that the product
for parts of products with need of high is configured in a manner that mini-
security assurance. Tailored level activities mizes the risk of unauthorized access,
are used for products, or parts thereof, including system compromise. Hard-
where product specific assurance require- ening includes, for example, removal of
ments exist. unnecessary software, installation of the
16 Ericsson | A guide to 5G network security
References
1. Ericsson.com. What is 5G? – Ericsson. [online] Available at: 11. Smeets, B., Bergström, D. and Kristiansson, J. (2017). Secure
https://www.ericsson.com/en/5g/what-is-5g brokering of digital identities. [online] Ericsson Research
Blog. Available at: https://www.ericsson.com/research-blog/
2. Ericsson.com. 5G systems - Enabling the transformation of secure-brokering-digital-identities, and, Smeets, B., Englund,
industry and society – Ericsson White Paper. [online] H., Sandgren, N. and Ståhl, P. (2017). Smart Contracts for
Available at: https://www.ericsson.com/en/white-pa- Identities. [online] Ericsson Research Blog. Available at:
pers/5g-systems--enabling-the-transformation-of-indus- https://www.ericsson.com/research-blog/smart-con-
try-and-society tracts-for-identities
3. Ericsson.com. IoT connections outlook – Mobility Report 12. Smeets, B. and Ståhl, P. (2017). Secure IoT identities. [online]
June 2018. [online] Available at: https://www.ericsson.com/ Ericsson Research Blog. Available at: https://www.ericsson.
en/mobility-report/reports/june-2018/iot-connections-out- com/research-blog/secure-iot-identities
look
13. Ericsson.com. Network Slicing – Ericsson. [online] Available at:
4. Ericsson.com. (2018). 5G security - enabling a trustworthy 5G https://www.ericsson.com/en/digital-services/trending/
system – Ericsson White Paper. [online] Available at: https:// network-slicing
www.ericsson.com/en/white-papers/5g-security---en-
abling-a-trustworthy-5g-system 14. Keller, R. (2018). Voice in 5G system—architecture and EPS
fallback. [online] Ericsson Future Digital Blog. Available at:
5. Ericsson.com. (2018) Signaling security – Ericsson White https://cloudblog.ericsson.com/digital-services/voice-in-5g-
Paper. [online] Available at: https://www.ericsson.com/en/ system-architecture-and-eps-fallback
white-papers/signaling-security
15. Norrman, K. and Kumar Nakarmi, P. (2018). Detecting false
6. Ericsson.com. 5G standardization – Ericsson. [online] base stations in mobile networks. [online] Ericsson Research
Available at: https://www.ericsson.com/en/tech-innovation/ Blog. Available at: https://www.ericsson.com/research-blog/
standardization/5g-standardization detecting-false-base-stations-mobile-networks
7. Cagenius, T., Ryde, A., Vikberg, J. and Willars, P. (2018). 16. Norrman, K. and Kumar Nakarmi, P. (2017). Protecting 5G
Simplifying the 5G ecosystem by reducing architecture against IMSI catchers. [online] Ericsson Research Blog.
options. [online] Ericsson Technology Review. Available at: Available at: https://www.ericsson.com/research-blog/
https://www.ericsson.com/assets/local/publications/ protecting-5g-imsi-catchers/
ericsson-technology-review/docs/2018/etr-5g-core-radio-
migration.pdf 17. Norrman, K., Teppo, P., Mononen, K. and Nilsson, M. (2014).
Setting the standard: methodology counters security threats.
8. Ericsson.com. Telecom Security Products and Solutions - [online] Ericsson Review. Available at: https://www.ericsson.
Ericsson. [online] Available at: https://www.ericsson.com/ com/assets/local/publications/ericsson-technology-review/
en/security docs/2014/er-security-assurance-3gpp.pdf
9. Ericsson.com. 5G ultra-low latency propels jet engine 18. GSMA.com. Network Equipment Security Assurance Scheme.
manufacturing. [online] Available at: https://www.ericsson. [online] Available at: https://www.gsma.com/aboutus/
com/en/networks/cases/5g-ultra-low-latency-pro- workinggroups/working-groups/fraud-security-group/
pels-jet-engine-manufacturing Ericsson.com. Bringing 5G network-equipment-security-assurance-scheme
business value to industry - Ericsson. [online] Available at:
https://www.ericsson.com/en/trends-and-insights/ 19. Ericsson.com. Ericsson PSIRT. [online] Ericsson Enterprise
consumerlab/consumer-insights/reports/5g-business-val- Security. Available at: https://www.ericsson.com/en/
ue-to-industry-blisk about-us/enterprise-security/psirt
Glossary
1G Core Incident
First generation wireless. Analog technology The “backbone” network which provides the An event that results in unauthorized access,
supporting voice. interconnect between other networks and loss, disclosure, modification, disruption,
systems to exchange information such as or destruction of data.
2G calls and data, including the special purposes
Second generation wireless. Introduced SMS, servers and databases. Interface
MMS and data transmission. A shared boundary across which two or more
Distributed Denial of Service Attack (DDoS) separate components of a computer system
3G A denial of service (DoS) attack is a malicious exchange information.
Third generation wireless. High data speeds, attempt to make a server or a network resource
always on data access and increased voice unavailable. Interoperability
capacity. A characteristic of a product or system, whose
Distributed Cloud interfaces are completely understood, to work
4G Interconnecting data and applications served with other products or systems.
Fourth generation wireless. An all IP from different locations.
based network system with increased Internet of Things (IoT)
data speeds over. Edge computing The interconnection via the Internet of
Computation and processing of data is computing devices embedded in everyday
5G performed on distributed device nodes as objects to enable them to send and receive data.
Fifth generation wireless. Targets high data opposed to primarily taking place in a
rate, reduced latency, energy saving and centralized cloud environment. IP connectivity
massive device connectivity. A network or interface that supports Internet
Encryption Protocol (IP) communications.
3GPP The process of converting information or data
The 3rd Generation Partnership Project, a (plaintext) into encoded format (ciphertext) Internet Protocol security (IPsec)
collaboration between groups of telecommuni- to prevent unauthorized access. A framework of open security standards for
cations standards associations. helping to ensure private, secure communica-
European Telecommunications Standards tions over Internet Protocol (IP) networks
Artificial Intelligence (AI) Institute (ETSI) using cryptographic security services
The ability of a digital system to perform tasks A non-profit organization that establishes
commonly associated with intelligent beings. telecommunications standards for Europe. MACsec
A security standard which defines connection-
Authenticate Evolved Universal Mobile Telecommuni- less data confidentiality and integrity on
The process of determining whether someone cations System Terrestrial Radio Access ethernet links.
or something is, who or what it declares itself Network (EUTRAN)
to be. The air interface in an LTE cellular network. Integrity protection algorithm
A software algorithm that is designed to
Active detection Functional element maintain and assure the accuracy and
The process of proactively identifying the A manageable logical entity uniting completeness of data.
occurrence of a breach. one or more physical device.
Latency
Baseband unit Hardening Delays in transmitting or processing data.
A subsystem in a telecommunications device Increasing product security by reducing its
that processes baseband radio signals. attack surface. Hardening ensures that the Layer
product is configured in a manner that Level of abstraction in a network protocol stack.
Botnets minimizes the risk of unauthorized access
A network of computing devices infected with and system compromise. Long Term Evolution (LTE)
malicious software and controlled as a group A standard for 4G wireless broadband
without the owners’ knowledge. Hypervisor or container environment technology that offers increased network
The separation a computer’s operating system capacity and speed to mobile device users.
Breach and applications from the underlying physical
A security incident where the confidently, hardware. Lawful intercept
integrity or availability of a system has Facilities in telecommunications networks that
occurred. Internet Engineering Task Force (IETF) allow law enforcement agencies with legal
The body that defines standard Internet authorization to wiretap individual subscribers.
Continuous integration (CI) operating protocols. Logical network
The practice of merging all developer working IMS A way of representing networks that have
copies to a shared repository several times a day. IP Multimedia Subsystem or IP Multimedia the same connectivity properties.
Compartmentalization Core Network Subsystem enables the
Functions that aim to isolate possible security convergence of data, speech, and mobile Massive machine type communication
breaches from escalating from one part of the network technology over an IP–based Automatic data generation, exchange,
network to another. infrastructure. processing and actuation among intelligent
Ericsson | Network security and 5G 19
machines on a large scale with the quality of privacy related product documentation, and Quality of Service (QoS)
transmitting low volume of non-delay sensitive the needed evidence about security assurance Technology that manages data traffic to
information. activities. reduce packet loss, latency and jitter
the network.
Mean time between failures Radio jamming
Predicted elapsed time between inherent The deliberate jamming, blocking or interfer- Transport network
failures of a system. ence with authorized wireless communications. Connects the access network with the core or
base stations with each other within the radio
Metadata Radio unit access network
Summarization information of data, A remote radio transceiver that connects to an
for example the duration of a call or who operator radio control panel via electrical or Trusted Execution Environment
was called. wireless interface. A secure area of a processor used to guarantee
code and data loaded inside is protected with
Mobile Broadband Roaming respect to confidentiality and integrity.
Wireless internet, often through a mobile When a cellular customer makes and receive
telecommunications network. voice calls, send and receive data when Topology
travelling outside the geographical coverage The arrangement of a network, including its
Network slicing area of the home network. nodes and connecting lines.
Virtualization capability that allows multiple
logical networks to run on top of a shared Payload Trusted Platform Module (TPM)
physical network infrastructure. The part of transmitted data that is the actual A specialized chip used to carry out crypto-
intended message. graphic operations like the storing of encryption
Domain Name System (DNS) keys to secure information which is usually
A method and infrastructure for converting Penetration testing used by the host system to authenticate
alphabetic names into numeric IP addresses. An authorized simulated attack on a computer hardware.
system, performed to evaluate the security of
Dynamic Host Configuration Protocol (DCHP) the system. User plane data
A protocol for assigning dynamic IP addresses The part of transmitted data that is the actual
to devices on a network. Product Security Incident Response Team intended message.
(PSIRT)
Network Function Virtualization (NFV) Ericsson unit that is responsible for actively Universal Mobile Telecommunication System
The visualization of network services that and continuously monitoring new vulnerabilities (UTMS)
traditionally run on proprietary, dedicated and making sure they are fixed timely through- Also known as 3G.
hardware out Ericsson’s portfolio.
Voice over LTE (VoLTE)
Next Generation Radio Access Scaling mechanisms A technology that supports voice calls
Network (NG-RAN) Mechanism to increase or decrease capacity to over a 4G telecommunications network.
Infrastructure for 5G. meet the required demand at a given moment.
Vendor credentials
Port-based authentication Secure coding Vendor unique information used to identify
A mechanism to authenticate devices wishing The practice of developing computer software hardware such as radio base station so that it
to attach to local access network. in a way that guards against the accidental can be identified and trusted in a specific
introduction of security vulnerabilities. operator network and used for bootstrapping
Radio Access Network (RAN) operator keys.
Technology that connects individual devices Selective dropping/throttling
to other parts of a network through radio A technique to discard or queue incoming traffic, Virtualization
connections. often in response to network congestion. To create a virtual version of a device or
resource, such as a server, storage device,
Geographical redundancy Service Based Architecture network or operating system.
Replicates data between two geographically System architecture centered around services
distant sites so that applications can switch that can register themselves and subscribe to Vulnerability
from one site to another in the case of failure. other services. Employed in 5G core networks. A weaknesses or gap in a system that can be
exploited by threats to gain unauthorized
Path and link redundancy Software-Defined Networking (SDN) access to an asset.
An alternative channel of communication in An architecture that aims to make networks
the event of a failure. agile and flexible that enables providers to
respond quickly to changing business
Global System for Mobile requirements.
communication (GSM) Signaling (traffic)
Also known as 2G technology employed The exchange of information between involved
in second generation telecommunication points in the network that sets up, controls,
networks. and terminates a call or data session.