U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

5G Cybersecurity

The NCCoE is addressing the 5G security challenge by collaborating with industry to create practical solutions that can strengthen the security of a system’s architectural components, provide a secure cloud-based supporting infrastructure, and enable the security features provided by the current 5G standards.

 

Publications Read the 2-page fact sheet

Cybersecurity guidance to help consumers and operators of 5G networks securely adopt this technology as the development, deployment, and usage of 5G simultaneously evolves

The 5G security project can help organizations understand the cybersecurity opportunities, challenges, and risks associated with 5G network deployment, operation, and use. It will also provide information that organizations can use to design, acquire, integrate, implement, and operate 5G networks taking into consideration security of the full hardware to software stack.
Status: Preparing Draft

The 5G standalone network is operational! We are enabling, testing, and demonstrating the security capabilities outlined in Table 3-2 of preliminary draft NIST SP 1800-33B. As we enable, test, and demonstrate more of these security capabilities, we will share our findings.

NIST SP 1800-33A: Executive Summary (Initial Public Draft)Document Version NIST SP 1800-33A: Executive Summary (Initial Public Draft)
NIST SP 1800-33B: Approach, Architecture, and Security Characteristics (Preliminary Draft)Document Version NIST SP 1800-33B: Approach, Architecture, and Security Characteristics (Preliminary Draft)

The NIST NCCoE released six final publications in its Applying 5G Cybersecurity and Privacy Capabilities white paper series. These publications help organizations better understand how key 5G security and privacy capabilities operate and provide practical and actionable guidelines to support more secure deployment of 5G networks.

NIST CSWP 36: Applying 5G Cybersecurity and Privacy Capabilities (Final)Web Version NIST CSWP 36: Applying 5G Cybersecurity and Privacy Capabilities (Final)
NIST CSWP 36A: Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) (Final)Web Version NIST CSWP 36A: Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) (Final)
NIST CSWP 36B: Using Hardware-Enabled Security to Ensure 5G System Platform Integrity (Final)Web Version NIST CSWP 36B: Using Hardware-Enabled Security to Ensure 5G System Platform Integrity (Final)
NIST CSWP 36C: Reallocation of Temporary Identities (Final)Web Version NIST CSWP 36C: Reallocation of Temporary Identities (Final)
NIST CSWP 36D: No SUPI-Based Paging (Final)Web Version NIST CSWP 36D: No SUPI-Based Paging (Final)
NIST CSWP 36E: 5G Network Security Design Principles (Final) Web Version NIST CSWP 36E: 5G Network Security Design Principles (Final) 

Project Abstract

5G technology for broadband cellular networks will significantly improve how humans and machines communicate, operate, and interact in the physical and virtual world. 5G offers increased bandwidth, capacity, and low latency. These capabilities can benefit consumers and organizations of all sizes in all business sectors.

As 5G rolls out more widely, cybersecurity professionals must safeguard this new technology as 5G development, deployment, and usage continuously evolves.  

The NCCoE at NIST has built a laboratory where cyber engineers are designing a solution that operators and users of 5G networks can use to lessen 5G cybersecurity risks. The example implementation is a holistic approach to 5G cybersecurity focusing on standards and defined cybersecurity features, as well as cloud technologies that can provide foundational cybersecurity features outside the scope of 3GPP’s 5G security architecture; resulting in a security reference architecture for 5G networks that bridges the gap between IT and telecommunications cybersecurity capabilities. The project will also show how 5G security features can address known security challenges found in previous generations of cellular networks. And it will demonstrate how commercial and open source products can leverage cybersecurity standards and recommended practices for each of the 5G use case scenarios the project will undertake.

Read the project description

5G technology is transforming how people and machines operate in the physical and virtual world. Because of 5G, things that weren’t possible five years ago are today. Cybersecurity professionals must serve as guardians of 5G technology to ensure that as it is evolves, people and organizations can safely deploy it.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself