How to Ensure the security of future 5G systems
- Works gets underway on 5G-ENSURE project
- Part of the EU’s €3.5bn 5G-PPP initiative
- Taking a Security by Design approach
- Team includes operators, vendors and cybersecurity specialists
2015 was certainly the year when 5G moved into the limelight. Although we are still five years away from the first expected commercial standards-compliant networks, R&D activity is ramping up and politicians rushing to help in order to reap the economic benefits in the future (at least in Europe and Asia they are, with the Americas apparently reluctant to make such a public move from LTE to 5G – let’s hope that changes next year).
The European 5G Infrastructure Public Private Partnership (5G-PPP) is already hard at work overseeing a suite of technology initiatives, all designed to help European telecoms businesses get a lead on 5G work. One of these initiatives (and there are many of them) went public this week with an update on its activities. 5G-ENSURE brings together European network operators, IT providers and cyber security experts to build, define and deliver a proposed 5G Security Architecture, to then be shared and agreed across the various 5G stakeholders. Partners include Telecom Italia, Orange, Alcatel-Lucent, Ericsson and NEC.
“5G-ENSURE will specify, develop and release an initial set of useful and usable security enablers for 5G,” said Petteri Mannersalo of VTT, Finland and Pascal Bisson of Thales, France, who jointly manage the 5G-ENSURE project.
Working collaboratively with all the 5G-PPP projects, the aim of 5G-ENSURE is to provide the security architecture needed to expand the mobile ecosystem into an entirely new networked society, attracting new types of users and giving operators a platform for entirely new business opportunities. For example, the 5G infrastructure will have to cope with billions of small devices in the IoT, in addition to the billions of data-heavy consumers.
The 5G-ENSURE team say they are following a “security by design” approach where 5G inherent security needs are understood and addressed by design. “The security mechanisms and tools will be demonstrated in the context of cyber security,” the team says. “A 5G test-bed will be used for validating operational capacity in response to security and privacy issues.” But alongside security work, the team is aware of the need to build this into the new standards for 5G.
“Standardisation is crucial because it means we have common agreement on the most important technical and service requirements,” said Luciana Costa, security consultant at the Security Lab Department, Telecom Italia Information Technology. “Having security standards will ensure compliance to a common security baseline at network, service and product level. This guarantees global interoperability of 5G networks.”
The 5G-ENSURE project has received funding of just over €7.5m out of a total €3.5bn for the 5G-PPP initiative, which is being part-funded for initial phase work by the Horizon 2020 project – the European Union’s largest ever Research and Innovation funding programme. It is guided by an international Advisory Board, comprising recognised experts in 5G-related areas. The project will run for 24 months. If all goes well, the team will have by then developed a trustworthy 5G system offering reliable security services to customers with a “zero perceived” downtime for service provision.