CyberSecIdent IV "Security framework for 5G network based on multiple providers: specification, implementation and development of evaluation process", 2021-2024. NCBiR. Project cost: 8 M PLN.

The objective of the project is to specify, implement and evaluate (basic scheme) an end-to-end security framework for 5G networks based on multi-provider infrastructure, which assumes different providers at the hardware level, at the virtualization platform and at the 5G software level.

5G multi-provider networks is a different approach to 5G development than the classical one, where the hardware provider, having a dominant position in the market, sells the full infrastructure with hardware and software (called purpose-built network). 5G multi-provider approach joints 5G-agnostic commercial offthe-shelf (COTS) hardware, which is properly virtualized and, on it, a 5G software (SW) ecosystem is developed (called multi-provider network).

This technology increases potential competition (which, on its part, reduces the problem of trustiness of one big provider) and opens the market to small players such as software providers. This is a big possibility for Polish companies in order to enter in the telco market.

The objections to this technology are that it is less efficient, requires more interoperability work, and requires new models for accountability and end-to-end network security for the whole heterogeneous infrastructure. Therefore, we will develop a Security framework providing a common reference model for Cloud infrastructure providers and 5G Service Providers that will consider security requirements of critical elements of the 5G such as slicing, Lawful Interception and Interoperability network. In the framework of this project we will develop the evaluation methodology following the new normative EN ISO/IEC DIS 15408-4 Evaluation Criteria for IT security (this norm will appear at the beginning of 2021) for multi-vendor infrastructure.