According to a new global study report, “Toward a More Secure 5G World,” developed by the Business Performance Innovation (BPI) Network, in partnership with A10 Networks. The percentage of mobile service providers who say their companies are “moving rapidly toward commercial deployment” has increased significantly in the past year, climbing from 26 percent in a survey announced in early 2019 to 45 percent in the new survey. Virtually all respondents say improved security [1.] is a critical network requirement and top concern in the 5G era.

……………………………………………………………………………………………………………………………………………………

Note 1.  “Improved 5G security” is really an oxymoron, because there are no standards for 5G security.  In particular, no substantive work in ITU-T despite SG17 studying 5G security.  There are five work items under development by Q.6 in SG17 but nothing has been completed yet.

• X.5Gsec-q, Security guidelines for applying quantum-safe algorithms in 5G systems, started from March 2018

• X.5Gsec-t, Security framework based on trust relationship in 5G ecosystem, started from September 2018

• X.5Gsec-ecs, Security Framework for 5G Edge Computing Services, started from January 2019

• X.5Gsec-guide, Security guideline for 5G communication system based on ITU-T X.805, started from January 2019

• X.5Gsec-netec, Security capabilities of network layer for 5G edge computing, established recently September 2019

………………………………………………………………………………………………………………………………………………

The real 5G Security spec work seems to be taking place in 3GPP.  Here is text from 3GPP specification 23.501 (Release 16) on 5G Systems Architecture, related to 5G security (see reference below to download that spec):

5.10 Security aspects:

5.10.1 General

The security features in the 5G System include:

– Authentication of the UE by the network and vice versa (mutual authentication between UE and network).

– Security context generation and distribution.

– User Plane data confidentiality and integrity protection.

– Control Plane signaling confidentiality and integrity protection.

– User identity confidentiality.

– Support of LI requirements as specified in TS 33.126 [35] subject to regional/national regulatory requirements, including protection of LI data (e.g., target list) that may be stored or transferred by an NF.

Detailed security related network functions for 5G are described in TS 33.501.

……………………………………………………………………………………………………………………………………………………….

Early 5G networks are being designed in accordance with the non-standalone (NSA) 5G specification from 3GPP Release 15, However, 30 percent of respondents say they are already proactively planning to add standalone 5G, and another 9 percent say their companies will move directly to standalone. Standalone 5G will require a whole new network core utilizing a cloud-native, virtualized, service-based architecture. Many respondents say they are making significant progress toward network virtualization.

The respondents claim there is steady work toward virtualizing core network functions and a reexamination of the security investments they will need to protect their networks and customers.  But once again, there are no standards for that. The only real work here is being done by 3GPP in its “5G core” specification which is part of 3GPP Release 16.  Here is the complete list of 5G deliverables in 3GPP Release 16. One of the most important specs is #23.501 Systems Architecture for the 5G System.

“Our latest study indicates that major mobile carriers around the world are on track with their 5G plans, and more expect to begin commercial build-outs in the coming months,” said Dave Murray, director of thought leadership with the BPI Network. “While COVID-19 may result in some short-term delays for operators, the pandemic ultimately demonstrates a global need for higher speed, higher capacity 5G networks and the applications and use case they enable.”

Among key findings of the survey:

• 81% say industry progress toward 5G is moving rapidly, mostly in major markets, or is at least in line with expectations.
• 71% expect to begin 5G network build-outs within 18 months, including one-third who have already begun or will do so in 2020.
• 95% percent say virtualizing network functions is important to their 5G plans, and some three-quarters say their companies are either well on their way or making good progress toward virtualization.
• 99% view deployment of mobile edge clouds as an important aspect of 5G networks, with 65% saying they expect edge clouds on their 5G networks within 18 months.

“Mobile operators globally need to proactively prepare for the demands of a new virtualized and secure 5G world,” said Gunter Reiss, worldwide vice president of A10 Networks, a provider of secure application services for mobile operators worldwide. “That means boosting security at key protection points like the mobile edge, deploying a cloud-native infrastructure, consolidating network functions, leveraging new CI/CD integrations and DevOps automation tools, and moving to an agile and hyperscale service-based architecture as much as possible. All of these improvements will pay dividends immediately with existing networks and move carriers closer to their ultimate goals for broader 5G adoption and the roll-out of new and innovative ultra-reliable low-latency use cases.”

You can download this report at http://bpinetwork.org/thought-leadership/studies/77/download-report-toward-a-more-secure-5g-world

……………………………………………………………………………………………………………………………………………..

Challenges—the Security Mandate

The industry’s top 5G challenges:

• Heavy cost of build-outs (59%)
• Security of network (57%)
• Need for new technical skills (55%)
• Lack of 5G enabled devices (42%)

Importance of security to 5G:

• 99% rate security as important to their 5G planning, higher than even network reach and coverage or network capacity and throughput
• 97% say increased traffic, connected devices and mission-critical use case significantly increase security and reliability concerns for 5G
• 93% say their security investments are already being affected (52%) or are under review (41%) due to 5G requirements

Top Use Cases Expected to Power 5G Adoption

Next two years

• Ultra-high-speed connectivity (81%)
• Industrial automation & smart manufacturing (62%)
• Smart cities (54%)
• Connected vehicles

Next 5 to 6 years

• Smart cities (62%)
• Ultra-high-speed connectivity (59%)
• Connected Vehicles (57%)
• Industrial automation & smart manufacturing (42%)

“Mobile operators globally need to be proactively preparing for the demands of a new 5G world,” Reiss said.

About the BPI Network
The Business Performance Innovation (BPI) Network is a peer-driven thought leadership and professional networking organization reaching some 50,000 heads IT transformation, change management, business re-engineering, process improvement, and strategic planning. The BPI Network brings together global executives who are champions of change through ongoing research, authoritative content and peer-to-peer conversations. For more information, visit www.bpinetwork.org.

About A10 Networks:

A10 Networks provides secure application services for on-premises, multi-cloud and edge-cloud environments at hyperscale. Our mission is to enable service providers and enterprises to deliver business-critical applications that are secure, available and efficient for multi-cloud transformation and 5G readiness. We deliver better business outcomes that support investment protection, new business models and help future-proof infrastructures, empowering our customers to provide the most secure and available digital experience. Founded in 2004, A10 Networks is based in San Jose, Calif. and serves customers globally. For more information, visit www.a10networks.com and follow us @A10Networks.

SOURCE: BPI Network

………………………………………………………………………………………………………………………………………………..

References:

https://www.prnewswire.com/news-releases/mobile-telecom-industry-making-rapid-progress-toward-5g-including-increased-network-virtualization-according-to-new-survey-301065757.html

http://bpinetwork.org/thought-leadership/studies/77/download-report-toward-a-more-secure-5g-world

https://www.3gpp.org/dynareport/SpecList.htm?release=Rel-16&tech=4&ts=1&tr=1

https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3144