5G Cybersecurity

The NCCoE is addressing the 5G security challenge by collaborating with industry to create practical solutions that can strengthen the security of a system’s architectural components, provide a secure cloud-based supporting infrastructure, and enable the security features provided by the current 5G standards.

Cybersecurity guidance to help consumers and operators of 5G networks securely adopt this technology as the development, deployment, and usage of 5G simultaneously evolves

The 5G security project can help organizations understand the cybersecurity opportunities, challenges, and risks associated with 5G network deployment, operation, and use. It will also provide information that organizations can use to design, acquire, integrate, implement, and operate 5G networks taking into consideration security of the full hardware to software stack.
Status: Reviewing Comments

The public comment period has closed for 5G Cybersecurity. Thank you to everyone who shared their feedback with us. We are currently reviewing the comments received as work continues on the implementation of the demonstration and development of other sections of the publication.

NIST is adopting an agile process to publish this content. Each volume is being made available as soon as possible rather than delaying release until all volumes are completed. Work continues on implementing the example solution and developing other parts of the content. As a preliminary draft, we will publish at least one additional draft for public comment before it is finalized. 

Upon review, we recognize that this NIST/NCCoE publication contains potentially biased terminology. As new publications are developed, they will follow NIST’s inclusive language guidance.

The preliminary draft guide is available for download by specific volumes:

Project Abstract

5G technology for broadband cellular networks will significantly improve how humans and machines communicate, operate, and interact in the physical and virtual world. 5G offers increased bandwidth, capacity, and low latency. These capabilities can benefit consumers and organizations of all sizes in all business sectors.  

As 5G rolls out more widely, cybersecurity professionals must safeguard this new technology as 5G development, deployment, and usage continuously evolves.  

The NCCoE at NIST has built a laboratory where cyber engineers are designing a solution that operators and users of 5G networks can use to lessen 5G cybersecurity risks. The example implementation is a holistic approach to 5G cybersecurity focusing on standards and defined cybersecurity features, as well as cloud technologies that can provide foundational cybersecurity features outside the scope of 3GPP’s 5G security architecture; resulting in a security reference architecture for 5G networks that bridges the gap between IT and telecommunications cybersecurity capabilities. The project will also show how 5G security features can address known security challenges found in previous generations of cellular networks. And it will demonstrate how commercial and open source products can leverage cybersecurity standards and recommended practices for each of the 5G use case scenarios the project will undertake.  

5G technology is transforming how people and machines operate in the physical and virtual world. Because of 5G, things that weren’t possible five years ago are today. Cybersecurity professionals must serve as guardians of 5G technology to ensure that as it is evolves, people and organizations can safely deploy it.   

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself

First & Last Name