The NCCoE Releases Preliminary Draft on 5G Cybersecurity



This project is a collaboration with industry. Our goal is to develop a commercial-grade security reference architecture for 5G networks that bridges the gap between IT and telecommunications cybersecurity capabilities. To support this goal, the preliminary draft guide’s example solutions contain approaches that organizations can use to better secure 5G networks through a combination of 5G security features and third-party security controls.

Throughout this project, as we identify gaps in 5G cybersecurity standards, we will coordinate and collaborate with the appropriate standards development organizations to address them.   


We take a holistic approach to 5G cybersecurity by focusing on standards/3GPP-defined security features, and security capabilities in the supporting cloud infrastructure. The preliminary draft publication covers a typical implementation of a secure 5G standalone (SA) deployment. This implementation is enabling and demonstrating security capabilities in two focus areas:

  • Infrastructure Security—We explore trusted and secure cloud resources required to operate a modern mobile network, specifically the supporting infrastructure’s cybersecurity protections.
  • 5G SA Security—We deploy a 5G SA network to enable the foundational configuration of the 5G core’s security features. The goal is to show what cybersecurity capabilities are available to support a 5G SA deployment.

The comment period for the 5G Cybersecurity preliminary draft practice guide is open through June 27, 2022. Share your feedback or email the project team. To receive the latest news and updates about this project, go here to join the 5G Community of Interest.