Thursday, October 10, 2019
The National Institute of Standards and Technology (NIST) hosted a workshop that was open to the public, on 5G cybersecurity on October 10, 2019 at the National Cybersecurity Center of Excellence (NCCoE) . The purpose of the workshop was to explore the practical and implementable cybersecurity capabilities delivered by 5G systems, identify existing industry recommended practices for securing the supporting infrastructure and technologies, and understand potential opportunities and challenge areas affecting this evolution to 5G. The findings from this workshop will inform the development of potential NCCoE demonstration projects to leverage 5G cybersecurity capabilities and supporting technologies to protect the cellular communication network in addition to securing core 5G underlying infrastructure and services.
As 5G technology is deployed in our nation and across the world, there is great promise of positive change in the way humans and machines communicate, operate, and interact in the physical and virtual world. With cellular technology becoming the primary way devices are connected, it is imperative for organizations to understand and address the risks associated with the use of these technologies. As industry embarks on ubiquitous 5G deployments, there are opportunities to take advantage of the various cybersecurity technologies and capabilities that are available today. 5G introduces the concept of a Service Based Architecture for the first time in cellular networks. This design has fundamental impacts on the way network services are created and how the individual Network Functions communicate – not only is the core network decomposed into smaller functional elements, the communication between these elements is also expected to be more flexible, routed via a common service bus and deployed using virtualization technologies. It is envisioned that 5G network components are deployed on a hyper scalable containerized and virtualized infrastructure. While this is not the only approach for 5G deployments, this infrastructure is a fundamental building block of 5G that operators and manufacturers can adopt to meet customers’ demand of modern use cases. Secure deployment of the core network and radio access network services on cloud-like infrastructure constitutes a foundational element of both commercial and private 5G networks.
During the workshop, NIST introduced some notional ideas of a high-level reference architecture, supporting components of 5G deployments, and a proposed preliminary approach for gathering the existing cybersecurity guidance to develop practical practices that can be instantiated as potential NCCoE demonstration projects.
NIST invited industry subject matter experts and practitioners to present their views related to cellular security enhancements, deployment challenges and opportunities introduced with new service-based architecture of 5G technology, as well as proposed solutions. The workshop provided an opportunity for participants to share ideas about this work related to the evolution to 5G networks to include technologies and best practices that will be critical to a successful and secure deployment and operation of the network. Workshop participants also provided feedback on all aspects of the planned activities to include: relevant standards, guidelines, best practices, use cases and technologies to be considered, and sources of specifications and guidance. NIST is using the resulting prioritized list of activities to help accelerate the demonstration of the next generation cellular networks along with their supporting technologies that can be deployed and operated securely by default.
The following presentations were given during the workshop:
-NCCoE Overview - See the agenda & presentation
- Cisco - See the presentation
-Intel - See the presentation
- Nokia - See the presentation
-T-Mobile - See the presentation
Questions? Please send an email to 5G-Security@nist.gov.