Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

White Paper (Draft)

[Project Description] 5G Cybersecurity: Preparing a Secure Evolution to 5G

Date Published: February 2020
Comments Due: March 31, 2020 (public comment period is CLOSED)
Email Questions to: 5G-security@nist.gov

Author(s)

Michael Bartock (NIST), Jeffrey Cichonski (NIST), Murugiah Souppaya (NIST)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) at NIST is seeking comments on a draft project description that describes several security considerations as industry is preparing for a migration to 5G technology. The NCCoE cybersecurity team will develop approaches and proposed solutions in collaboration with a Community of Interest, equipment vendors, and telecommunication providers. 

As 5G-based networks are deployed in our nation and across the world, there is great promise of positive changes in the way humans and machines communicate, operate, and interact in the physical and virtual world. 5G networks support increased cybersecurity protections through the addition of standards-based features and the increased use of modern information technologies. With cellular networks transitioning from 4G to 5G, it is important for organizations to understand and address the challenges, opportunities, and risks associated with the use of 5G networks.

The NCCoE is initiating an effort in collaboration with industry participants to demonstrate how the components of 5G architectures can be used securely to mitigate risks and meet industry sectors’ compliance requirements for a number of 5G use case scenarios. 5G standards have been designed to support use case-specific capabilities by way of network deployment options. The proposed proof-of-concept solution will integrate commercial and open source products that leverage cybersecurity standards and recommended practices to showcase 5G’s robust security features.

This project will result in a NIST Cybersecurity Practice Guide, a publicly available description of the practical steps needed to implement a cybersecurity reference design that addresses this challenge.

Abstract

Keywords

3GPP; 4G; 5G; 5G Non-Standalone; 5G Standalone; cloud; cybersecurity; Long-Term Evolution (LTE)
Control Families

None selected

Documentation

Publication:
Project Description

Supplemental Material:
Submit Comments (other)
Project homepage (other)

Topics

Security and Privacy
configuration management

Applications
communications & wireless