Back to search

IKTPLUSS-IKT og digital innovasjon

Raksha: 5G Security for Critical Communications

Alternative title: Raksha: 5G-sikkerhet for kritiske kommunikasjonsnett

Awarded: NOK 16.0 mill.

The introduction of 5G in mobile networks represents a paradigm shift which requires new approaches for dealing with security threats. The softwarization of network functions, the requirements to support less secure legacy networks, and the adoption of web-centric protocols give 5G an increasing attack surface which must be controlled. In the future, the Next Generation Critical Communication (NGCC) networks will be moving towards high-speed public 5G networks and eventually turning them into a part of national critical infrastructure. Also, security requirements are generally stricter for NGCC networks than for 5G, hence it is crucial to understand how this may influence the threat landscape. There is a need for new threat modeling methods and tools to effectively identify and address emerging risks in multi-generational 5G networks. Moreover, it is difficult to validate threat modeling approaches by performing security exercises and pentesting on operational 5G networks, as this could lead to unacceptable risk. The project objective is to improve the security of 5G-enabled NGCC networks (Nødnett in Norway) that emergency organizations such as police, health, fire, and rescue services use. The project seeks to investigate the application of threat modeling science together with a cyber range concept for simulating realistic 5G inherited risks to the NGCC network and validate countermeasures. The project aims to identify and analyze security vulnerabilities proactively in 5G to stay ahead of the attackers. The project delivers a 5G cyber-range platform empowered with tools for risk assessment, attack simulation, evaluation, and demonstration of defensive solutions for NGCC. The project includes a Norwegian mobile operator, authorities responsible for cellular networks and security, research institutes, and universities. The proposed approach could be a future best practice for the Norwegian telecom industry to address cyber security challenges.

The 5G networks can act as a vehicle to drive the digitalization phase for realizing a gigabit networked society. They use Service-Based Architecture to enable different use-case scenarios for example future critical communications services, such as Next Generation Nodnett (NGN) in Norway will be moving towards 5G networks. The complex 5G networks are vulnerable to cyber-attacks due to the increasing level of network softwarization approach, a requirement to support less secure legacy networks, and the adoption of web-centric protocols for the core network signalling. In addition, the security requirements of NGN are different than of 5G networks, hence it is crucial to understand their threat landscape from the attacker's perspective. There is also a need for threat modeling methods and tools to effectively identify and address emerging risks in multi-generational 5G networks. Existing threat modeling approaches have limited scope to accommodate new security paradigms and varying degrees of trust assumptions of 5G networks. Moreover, it is almost impossible to validate threat modelling approaches by performing cyber security exercises and assess vulnerabilities on operational 5G as this could lead to unacceptable risk. Therefore, one of the best approaches to address the above issues is to combine threat modeling science together with a cyber range concept to enhance cyber-resiliency of 5G enabled critical communications and eventually other use-cases as well. The project delivers a 5G cyber range platform empowered with tools for risk and threat assessment, cyber-attack simulation, evaluation and demonstration of defensive solutions for NGN. The project includes a Norwegian mobile operator, authorities responsible for cellular networks and security, research institutes, and universities. The proposed approach could be a future best practice for the Norwegian telecom industry to address cyber security challenges.

Publications from Cristin

No publications found

No publications found

Funding scheme:

IKTPLUSS-IKT og digital innovasjon