With 5G currently available as a consumer-facing service in key geographies including China, Western Europe and U.S., operators and end users are already exploring what’s next.
As 5G evolves, networks will become cloud-native and distributed, network management and operations will become automated, and capable of supporting a huge number and mix of device types.
As use cases like autonomous driving, remote surgery and lights-out factories are enabled by 5G, the cybersecurity landscape also changes in a meaningful way. In a fully connected world, a network attack could mean more than just dropped calls; it could mean that foundational systems like transportation, manufacturing and public safety come to a screeching halt. That’s why as 5G continues to evolve, the global, unified approach to 5G cybersecurity needs to evolve as well through a collaborative, standards-based process.
As Andy Purdy, chief security officer, Huawei USA, put it in an interview, “As the technologies in communications evolve from the 4G into the 5G, a large group of global organizations, companies and governments have worked through the 3GPP process of developing standards for 5G” based on near-term business scenarios. “As 5G evolves, there will be new business scenarios and new standards and conformance programs to help make sure the risk is addressed.”
The process needs to be one of continuous development and improvement, which will certainly be necessary over time,” Purdy said.
New technologies and network architectures
Previous generations of telecom networks have been largely comprised of single-purpose infrastructure, from the core out to the RAN, that requires field technicians to physically visit sites to perform maintenance and upgrades. With 5G, the goal is to use more general-purpose hardware running virtualized network functions as software, allowing for a much faster, more dynamic approach to network management and operations.
Following this trend toward a more IT-centric network, the latency benefits of 5G require a more distributed architecture to enable use cases needing real-time data processing. For consumers, a seamless mobile VR experience will require some compute and storage functions to move from a centralized cloud to an edge cloud. For the enterprise, real-time facial recognition for security or access control will require localized data processing in an edge cloud to support the “real time” aspect.
As these new technologies and architectures continue to be deployed in networks around the world, Huawei’s approach to cybersecurity assurance involves fostering trust through a transparent process. At facilities in China and Europe, customers, governments and third party experts can test Huawei products in dedicated labs to ensure compliance with cybersecurity and other standards.
Purdy said 5G cybersecurity concerns apply “to all vendors and all products. It’s important to address the risk relative to all vendors. There will be direct study of the products. That gives a high level of assurance that the products do not have issues.”
Massive number of devices and connection
Baked-into 5G is support for a massive number of connected devices–not just smartphones but also consumer premise equipment, sensors, cameras, vehicles, everything really. In this case, massive equates to 1 million connected devices per square kilometer, a significant increase as compared to the roughly 60,000 low-power devices per square kilometer that LTE is designed to support.
This huge growth in number and type of network endpoints has a two-fold impact on cybersecurity. First, more endpoints directly equates to an expanded attack surface, meaning resources need to be scaled accordingly. Second, the data usage profiles and deployment scenarios associated with these devices requires a much more nuanced approach to detecting anomalies. For instance, the data patterns associated with a handset are very different than the same metrics for a connected utility meter that sends a small amount of data at a fixed interval or a HD security camera that’s constantly streaming 4K video.
Diversified 5G services
5G follows a service-based architecture wherein interconnected network functions use a service based interface to expose functionality between network elements. This end-to-end architecture underlies network slicing, wherein an operator can deliver the exact requirements for a given application in a way that optimizes network resource and spectrum utilization.
Combine the enahnced mobile broadband, ultra reliable low latency communications and massive support for the internet of things, with automated network slicing, and operators will be able to flexible spin-up any type of new service.
This idea of understanding the variability in cybersecurity protocols needed to match the variability of currently articulated and potential future services is key and something the GSMA calls out in a security report:
“As these new service providers develop new and innovative services for particular market segments, they may be unaware of the threats their service may face. In some cases, the service provider may not have developed a service that has connected to a communications network or the internet before…Almost all IoT services are built using endpoint device and service platform components that contain similar technologies to many other communications, computing and IT solutions. In addition to this, the threats these different services face, and the potential solutions to mitigate these threats, are usually very similar, even if the attacker’s motivation and the impact of successful security breaches may vary.’
“With the growing importance of information and communication technologies to our lives and to our organizations, it’s becoming increasingly obvious that we need to have objective and transparent means for customers, stakeholders and citizens to know which products are worthy of trust,” Purdy concluded. “It’s very important to develop a framework…that can apply to the global supply chain and all products.”