NGIatlantic.eu A Collaborative platform for EU-US 'Next Generation Internet' experiments: "Experiment on security features of mobile network infrastructure", 2022. H2020. Project cost: 320,000 PLN.

This project will focus on the education of a generation of engineers that will consider security aspects as one of the most valuable features of the Next Generation Internet. The aim is to share knowledge on security assessment among US and EU universities, so that future engineers may adopt visions of cybersecurity based on risk assessment for intended use and information from cyber threat intelligence.

In this experiment, we will measure the security features of example 5G infrastructure and will propose a security baseline for 5G networks built in the cloud. The context of the experiment is the security level provided by the Telco Cloud infrastructure hosting the Virtual Network Functions (VNFs) and/or Cloud Native Functions (CNFs), which build the 5G network for Slice Tenants (which deploy critical and/or broadband applications).

We see a trend in the market to bring the network functions in whatever format to Cloud virtual infrastructures in a very complex and distributed Data Centres topology (Edge, Regional, Central), deployed not only on private clouds but also on public ones like Amazon Web Services, Google Cloud or Microsoft Azure. Even in on-prem operator sites, there are already offers from the big IaaS actors offering fully equipped racks, including the virtual infrastructure managed by them.

Our basic scenario will include requirements of critical Unmanned Aerial Vehicles (UAV) platform(as the Slice Tenant) hosted by the US partner, the requirements for the Cloud Provider (where 5G will be installed), and for the Carrier Service provider (providing the 5G network software) and the outcome will be the specification of clearly separated security levels and security assurance levels, that will have interest to the (US and EU) Regulators for certification purposes.

The Next Generation Telecom and its Cloud industry are more vulnerable to potential attacks than other IT infrastructures due to its ubiquitous nature and vital role in digitalization. In addition atomized infrastructure introduces added potential attack vectors, ranging from the potential exposure of virtualization platforms through network slicing, connectivity of unknown underlying (e.g., private cloud), and the apparition of vulnerabilities in new network functions developed by third-party software developers.

Our aim is to experiment with a 5G infrastructure used by a Vertical (UAV applciation) and measure security level of the infrastructure and the network (including slices tenancy). The experiment and overall measuerments will need to be aligned with Standardization bodies like 3GPP and ETSI NFV. It will serve as an enabler for new 5G use cases business development (e.g., drones, eHealth, Smart Cities, online Education, etc.), setting a sound trust level among the multiple stakeholders with evidence of security due care and due diligence.