table of contents

• Commitment to 5G network security
• Security Concerns in 5G Infrastructure
• 5G security guidelines
• 5G historical background and discussions on international standardization
• Security cases in 5G utilization use cases
• Security Approach in 5G Applications

*The content of this article is also available in the video.

Commitment to 5G network security

The 5G network is one of the most important ICT technologies for the realization of a digital society, which is currently being promoted mainly by the Digital Agency. Various demonstration experiments are being conducted for its utilization, but the current situation is that there is little public information about security, and it is difficult to get an opportunity to learn about it. Therefore, we will look at the use cases for its utilization from security initiatives related to 5G network infrastructure.

 First, let's look at the network security that carriers are working on. Here, we will look at security concerns in 5G and efforts to formulate 5G security guidelines, while touching on the evolution of security due to the shift from LTE to 5G.

 In terms of specifications in 5G, it can be said that it is based on the idea of zero trust (trust nothing), which is currently a major security trend. For example, the security of terminal base stations is designed on the assumption that physical security cannot be ensured. In addition, instead of completely trusting other carriers, a firewall-like intervening device is used for communication between carriers, and the authentication results are verified at the headquarters for subscriber authentication at the roaming destination. Security is being strengthened based on a review of the trust model.

As for the security of the wireless section, since the era of 3G / 4G, encryption and tampering detection have been implemented for control signals, and user traffic has been encrypted. are participating in

In addition, to strengthen the protection of subscriber privacy, we will support encryption of subscriber IDs, authentication for connecting to 5G and additional authentication for connecting to the outside via 5G, so-called secondary authentication, and provision of a dedicated network. Currently, various security enhancements such as network slicing are being implemented.

Security Concerns in 5G Infrastructure

Security concerns, of course, remain despite the various measures implemented by carriers. The background to this is that the use of 5G in various social industries and mission-critical fields has increased the demand for infrastructure security. In addition, there will be various technological changes in 5G, such as the use of virtualization technology and open source, so it will be important to promote security measures more than ever in light of these changes. Especially in recent years, supply chain risks have been called out, so comprehensive threat analysis and countermeasures are required.

Under such circumstances, investigations and studies to ensure security in 5G networks have been promoted as a project of the Ministry of Internal Affairs and Communications. As part of this, external trends were surveyed, including overseas, and security issues were examined after building a verification environment. Based on surveys and verifications, guidelines are being formulated for the secure construction and operation of 5G infrastructure.

Regarding security verification, not only the specifications of the 5G core, but also a wide range of verification targets, including environments such as virtualization platforms and edge computing built on top of the 5G system, are based on the security specifications. We carry out operation checks and verification of vulnerabilities. From the verification, we extracted key points for building and operating the 5G network securely. In this verification, many problems such as implementation problems such as resistance to DoS attacks, security issues of virtualization infrastructure including containers, and supply chain risks such as demonstration of embedding malicious functions into 5G core network functions were identified. knowledge has been acquired.

Based on this knowledge, guidelines were developed based on the threats found in the verification environment and the results of threat analysis on the desk.

5G security guidelines

The actual 5G security guidelines are primarily aimed at 5G system operators, although they also contain recommendations for some suppliers. The guidelines aim to provide comprehensive guidance to ensure the security of 5G systems in practice, taking into account not only technical aspects but also people and process aspects. As for how to use the specific guidelines, they can be used as a starting point for securely deploying 5G systems, and present security threats and related security measures in a structured manner.

This time, we have summarized the threat analysis and countermeasures as a guideline, but the ITU-T (International Telecommunication Union Telecommunication Standardization Sector) is working to formulate a standardization roadmap. We aim to make recommendations for international standardization. These guidelines should serve as a reference for 5G operators worldwide to improve the security baseline of their 5G networks.

5G historical background and discussions on international standardization

Here, we will look at use cases that utilize the 5G network, but before looking at specific use cases, let me touch on the historical background again.

With the features of 5G advanced wireless communication services such as ultra-high speed, versatility, ultra-low latency, ultra-high reliability, and ultra-coverage, a wide variety of use cases are envisioned. Structurally, you can imagine installing IoT devices on the edge side and creating a system using the cloud at the far end. There is a lot of discussion in standardization about how to structure and architect that system. Specifically, the cyber-physical system (CPS) being promoted by the Ministry of Economy, Trade and Industry, as well as the real world being simulated by mapping it to the digital world and fed back to the real world, as well as digital twins, have become a hot topic.

As the number of things that can be done with 5G increases, security issues will naturally arise as the system becomes more complex and sophisticated. In particular, it is undeniable that threat analysis becomes difficult because many stakeholders such as IoT vendors, cloud vendors, telecommunications carriers, and application vendors are involved. In addition, we are now in an era where we need to discuss security from various aspects, such as the complexity of introducing security measures to reduce threats, system maintenance and operation, and the increasing security issues in each area such as the cloud, IoT, and AI. You can say that there is.

Let's take a look at the Korean use case for 5G. Not only are various applications created by expanding mobile coverage, but also remote control usage such as connected cars and telemedicine as mission-critical areas, and home IoT where IoT enters the home. Various things are being realized, such as massive IoT such as smart cities and smart grids.

As various use cases emerge, what kind of things are being discussed in the standardization bodies? Regarding system structuring in SC27/WG4, a conceptual model of CPS is being discussed, sensing various information from the physical layer where IoT devices and various devices are located, sending the observed data upwards, and classifying and structuring the data. Discussions are underway to integrate the analysis and management and then feed the results back to the physical layer. In this CPS conceptual model, we have created the structure of operation tier, interface tier, and analysis tier.

Digital twins are also being discussed for use in smart cities. Discussions are progressing on the process of building a smart city by virtualizing it in a virtual space, and then by designing and coordinating the structure while proceeding with various verifications.

Security cases in 5G utilization use cases

Here, we will look at the potential threats while introducing some examples of 5G utilization.

[Telemedicine]

Kyushu University, Kagoshima University, and others are conducting demonstration experiments for telesurgery using the surgical support robot "Da Vinci". In terms of security, integrity, non-repudiation, confirmation of the other party, availability, etc. are necessary, and this is an example of how 5G makes remote surgery safer.

When thinking about telemedicine, the most important thing is the patient's life, and from a safety point of view, the surgical robot that actually performs the surgery is important. From an attacker's point of view, it will have the greatest impact, so attacks that cause communication interference and malfunction of surgical equipment can be considered.

Use case : Telemedicine

In telemedicine in particular, safety is effective in conjunction with security. It can be said that this is an area where attacks have not yet emerged, as the system configuration and where it can be infiltrated have not been sufficiently verified. If you think about it simply, it is enough to stop the equipment to disrupt the site, so DoS attacks that lead to communication jamming should be extremely dangerous, and that is the priority of threats. I see it getting higher.

[Safety support for connected cars]

While 5G is being standardized, discussions on cars are progressing considerably, and there is a lot of discussion about how to design applications that utilize 5G. While there are concepts that are becoming more sophisticated with telematics, security is becoming more and more important. In actual demonstration experiments between the EU and China, various sensors are installed in cars and people, data is sent to the cloud environment of familiar mobiles, integrated analysis is performed, and dangerous information is provided to users. Efforts are being made to alert This is a use case where a wireless base station called RAN near the car makes good use of mobile edge computing called MEC to enable high-speed response.

 

​5G safe driving applications are running on this MEC, but from the perspective of the infrastructure side, applications that normally run on the cloud will run on the edge of the carrier's infrastructure or in the vicinity, so illegal The impact on others may increase as an app that operates within the carrier's infrastructure. Here, like cloud security, control such as isolation is required to prevent certain apps from affecting other apps.

Also, when linking edge computing with mobile infrastructure, communications that normally pass through the 5G CORE will be directed to the MEC, so collaboration between the CORE and the MEC is necessary. This interface is specified as a standard, but it is necessary to ensure the security of the interface part, including the implementation side.

Although it is not directly related to 5G, it is necessary to pay attention to car hacking in terms of threats. Car hacking has been a hot topic in cybersecurity since around 2014, and there have been reports of car navigation systems becoming an intrusion point in the past. The car navigation system itself is equipped with a 3G / 4G interface, and can communicate with smartphones via Wi-Fi or Bluetooth. On the other hand, the car navigation system is connected to the in-vehicle network (CAN: Controller Area Network) called campus, which communicates with chips in the engine, tires, brakes, etc., and there is a risk that the car navigation system will be used as a starting point for intrusion into the car.

In another case, there was a problem with the authentication part on the cloud, and when a car talked to the cloud or viewed information from a smartphone, it was possible to remotely control it by simply sending the last five digits of the correct vehicle identification number. There is also a case that it will be. When this becomes 5G, it is expected that each part in the car will be able to communicate with 5G, so there will be more threats related to hacking.

[Home IoT]

In the home IoT use case, a standard called MATTER that allows devices from different manufacturers to communicate with each other will be deployed from 2022, and it is expected that the number of connected devices will increase. 5G is expected to realize a more connected world, and the massive IoT should spread.

Of course, there are also threats in the home IoT. In the use case of a system that can unlock a door remotely, in an environment where an IoT device with an unlock button is connected via a wired LAN to an IoT device with a mechanism that physically unlocks the door. did. With this mechanism, when you press the unlock button, a special packet flows, but the communication itself is encrypted with SSL, so even if you look at it, you can't understand the contents. However, the secret key itself used in SSL can be extracted directly from the firmware, and by analyzing that information, we succeeded in extracting the secret key. As a result of verification, it became clear that the password can be obtained from the packet for unlocking, and it can be unlocked by impersonating an IoT device and sending it.

Examples of door unlocking systems

If the number of applications that utilize 5G as well as conversations between IoT devices increases, such as MATTER, it is quite possible that such problems will increase.

Security Approach in 5G Applications

When considering countermeasures from these use cases, it is an effective means to generalize threats and then consider countermeasures against threats for each Tier in the CPS conceptual model mentioned above. In many use cases, there is a sensor group as an edge system, data is collected in a cloud data network by communication methods such as 5G, and the structure is such that it is fed back to the output edge system.

as a specific threat. Data leakage, spoofing, data tampering, hijacking, and malfunctioning are common threats. Among these, in the 5G area, the encryption and tampering detection mechanisms are stronger than those of LTE, and we believe that sufficient countermeasures have been taken to prevent eavesdropping, spoofing, and data tampering by third parties. . However, as long as radio waves are used, threats such as DoS and jamming cannot be avoided. Of course, the risk of being jammed by illegal radio waves naturally remains.

Threat generalization (example)

Although it is difficult to cover all threats, it is necessary to keep in mind the threats that can occur from each component and proceed with future countermeasures.

Regarding the discussion of security, for example, while there is a movement to separate the connection between the sensors brought into the car and the CAN, if the packet size is small and the speed is slow, the threat will suddenly increase if CAN is changed to Ether. Especially. It is necessary to respond well to both the story of trying to make it sophisticated and the story of being dangerous. In that sense, there is no doubt that the design method in design will become more important.

Therefore, what we should consider is identifying the risks, including the assets we have and the scenarios of cyberattacks, and then setting priorities with reference to the many countermeasures proposed in the international standards, and identifying abnormalities in operations. It is to ensure comprehensive security management, including monitoring of detection. There are many areas of security that are difficult to tackle on your own because of the wide range of areas, but it is not possible to continue business while leaving flaws in the system. After clarifying the current situation, it is necessary to consider it thoroughly.

Security for the establishment of business solutions (apps) in the 5G era

As you know, in the process of promoting business and implementing social functions using 5G infrastructure, the situation is becoming more complicated than the external environment. Although measures for 5G itself are progressing, risks such as data leaks, falsification, and spoofing are still emerging as shown in the use cases, and there is no doubt that it is necessary to consider measures for authentication in applications.

In any case, when considering this new 5G business, it is important to return to the basics of security, Secure by Design, and make good use of frameworks and standardization that serve as guidelines when deciding priorities. will become

＼You can watch the contents of this article in the video／
Available immediately after registration