5G Cybersecurity

The NCCoE is addressing the 5G security challenge by collaborating with industry to create practical solutions that can strengthen the security of a system’s architectural components, provide a secure cloud-based supporting infrastructure, and enable the security features provided by the current 5G standards.

 

Publications Read the 2-page fact sheet

Cybersecurity guidance to help consumers and operators of 5G networks securely adopt this technology as the development, deployment, and usage of 5G simultaneously evolves

The 5G security project can help organizations understand the cybersecurity opportunities, challenges, and risks associated with 5G network deployment, operation, and use. It will also provide information that organizations can use to design, acquire, integrate, implement, and operate 5G networks taking into consideration security of the full hardware to software stack.
Status: Soliciting Comments

The 5G standalone network is operational! We are enabling, testing, and demonstrating the security capabilities outlined in Table 3-2 of preliminary draft NIST SP 1800-33B. As we enable, test, and demonstrate more of these security capabilities, we will share our findings.

Upon review, we recognize that this NIST/NCCoE publication contains potentially biased terminology. As new publications are developed, they will follow NIST’s inclusive language guidance.

The preliminary draft guide is available for download by specific volumes:

NIST SP 1800-33A: Executive Summary (Preliminary Draft)Document Version NIST SP 1800-33A: Executive Summary (Preliminary Draft)
NIST SP 1800-33B: Approach, Architecture, and Security Characteristics (Preliminary Draft)Document Version NIST SP 1800-33B: Approach, Architecture, and Security Characteristics (Preliminary Draft)

The following cybersecurity white paper is now open for public comment through October 30, 2024.

NIST CSWP 36B: Using Hardware-Enabled Security to Ensure 5G System Platform Integrity (Initial Public Draft)Web Version NIST CSWP 36B: Using Hardware-Enabled Security to Ensure 5G System Platform Integrity (Initial Public Draft)

The public comment period for the following papers has closed. We are currently reviewing the comments received.

NIST CSWP 36: Applying 5G Cybersecurity and Privacy Capabilities (Initial Public Draft)Web Version NIST CSWP 36: Applying 5G Cybersecurity and Privacy Capabilities (Initial Public Draft)
NIST CSWP 36A: Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) (Initial Public Draft)Web Version NIST CSWP 36A: Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) (Initial Public Draft)

Project Abstract

5G technology for broadband cellular networks will significantly improve how humans and machines communicate, operate, and interact in the physical and virtual world. 5G offers increased bandwidth, capacity, and low latency. These capabilities can benefit consumers and organizations of all sizes in all business sectors.

As 5G rolls out more widely, cybersecurity professionals must safeguard this new technology as 5G development, deployment, and usage continuously evolves.  

The NCCoE at NIST has built a laboratory where cyber engineers are designing a solution that operators and users of 5G networks can use to lessen 5G cybersecurity risks. The example implementation is a holistic approach to 5G cybersecurity focusing on standards and defined cybersecurity features, as well as cloud technologies that can provide foundational cybersecurity features outside the scope of 3GPP’s 5G security architecture; resulting in a security reference architecture for 5G networks that bridges the gap between IT and telecommunications cybersecurity capabilities. The project will also show how 5G security features can address known security challenges found in previous generations of cellular networks. And it will demonstrate how commercial and open source products can leverage cybersecurity standards and recommended practices for each of the 5G use case scenarios the project will undertake.

Read the project description

5G technology is transforming how people and machines operate in the physical and virtual world. Because of 5G, things that weren’t possible five years ago are today. Cybersecurity professionals must serve as guardians of 5G technology to ensure that as it is evolves, people and organizations can safely deploy it.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself

First & Last Name