This page is fully or partially automatically translated.

  • Whitepaper
  • Network and Application Security

5G Security

The security of 5G networking is challenging mobile operators and industrial sites to take advantage of the innovations of the new mobile communications.

itsa 365: View of a city with 5G in the sky
With the introduction of 5G, a wide range of applications for industry and public authorities will become possible. Industry 4.0 will really take off. Networked robots will be able to exchange information reliably with short latency and coordinate their work effectively. The use of a large number of energy-saving and battery-powered sensors will enable fully automated production operations and, through the availability of their data, an increase in efficiency. Real-time capable data exchange and broadband communication capabilities are particularly necessary for vehicles in automated logistics. This, too, can only be realized with 5G radio technology. 

These technical possibilities and the associated economic interests in the "factory of the future" often cause safety considerations to take a back seat, which can usually lead to high consequential costs if safety gaps are exploited and lead to downtimes in production operations. 

For example, IoT end devices such as simple sensors can already exchange status information via signaling mechanisms in favor of energy efficiency, which opens up the possibility of attacks to manipulate the data. To counteract this, authentication requests, especially for inexpensive sensors, should be specially checked and the integrity of simple sensor systems should be guaranteed by an extended security concept. 

Also the future integration of many sensors into complex IT systems by mass pre-configuration via eSIM allows cyber attacks by pretending a different identity and the possibility to spread false status information from manipulated end devices to control units. Inverse SIM locks, which link a SIM configuration to a specific predefined and cataloged device, can prevent or even eliminate unnoticed manipulation of end devices. 

The IT architecture of a 5G network differs significantly from the IT in previous mobile networks. Cloud-based networks with their modern and efficient technologies create a higher flexibility in the network which also increases the performance as edge clouds at the base station. In the area of security, new risks arise here, both in the operation of applications and in the operation of the computing clusters themselves. For example, it is possible to compromise the entire computing cluster through weak points in virtualization. But also the unauthorized access to data and the corresponding data outflow would be conceivable. These risks can only be prevented with appropriate technical measures, such as monitoring network traffic at the virtualization level.
With service-oriented architecture concepts, the processing units are encapsulated in so-called containers, which provide certain features on demand. A continuous development and integration process (CI/CD process) is particularly advantageous for the developers and operators of the IT platform in order to adapt to new requirements as quickly as possible. Each build process creates a gateway for manipulated or corrupted code snippets, which can enter operational use unnoticed. Information security requirements must be checked for compliance from the very beginning. Efficient vulnerability management (CVE scoring) of the integrated software libraries should be an integral part of every development process. Also in operations, an agile method for evaluating the IT security of the active software must be created to implement an efficient CI/CD process. The necessary close integration of IT security management with software development should be firmly established during the development process.
 

A document on this subject is available in German. Would you like to read it? Switch to the German view.