Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Advanced Security Architectures for Next Generation Wireless

Summary

The Advanced Security Architectures for Next Generation Wireless (ASA-NGW) seeks to enhance emerging security standards and guidance efforts for 5G/6G Open RAN and Core technologies, advance the application of Zero Trust networking principles to 5G networks, and evaluate the status of leading open-source software platforms for 5G. 

O-RAN ALLIANCE LOGICAL ARCHITECTURE
O-RAN Alliance Architecture

O-RAN technologies seek to transform radio access networks from single vendor solutions based upon proprietary appliances to a disaggregated network architecture of components and functions, with standardized open interfaces, and designed to be deployed in virtualized and cloud native environments.   If successful, O-RAN technologies will create an open market for RAN products and services, reduce barriers to entry and spur innovation by evolving to software-based components operating on commodity hardware, and enable wireless network infrastructure to become distributed and dynamic systems that exploit centralized and edge computing infrastructure dynamically optimize performance, reduce operating expenses, and increase resilience.

While the desire for O-RAN technologies from the USG and the mobile service operator’s community is clear, there are many challenges to developing the consensus standards and testing programs necessary to ensure that multi-vendor O-RAN networks are interoperable, secure, and resilient.

 

Description

 

The primary goals of the project are to assess, improve and expedite emerging O-RAN security standards and testing process to a level suitable for USG use in mission critical networks.   Near term objectives are to (1) evaluate the O-RAN alliance testing and certification processes, and the current state of O-RAN Test and Interoperability Centers (OTICs), (2) evaluate current O-RAN security requirements and test specifications, (3) develop gap analyses of the suitability of existing O-RAN security requirements and testing processes for use by the USG, and (4) develop contributions to O-RAN specifications to address identified gaps and supplemental USG centric guidance to augment industry standards where necessary.

Project Advanced Security Architectures for Next Generation Wireless graphic

We will augment our standards research and participation with laboratory experimentation using a 5G Open Testbed developed in FY23.  We will evaluate multiple 5G RAN and Core open source implementations against emerging security specifications and evaluate the implementation of O-RAN test methods against these implementations.

We will work primarily with the O-RAN Alliance, OTIC labs, and ATIS as necessary. We also collaborate within Government in interagency working groups (IWGs) focused on issues of 5G security and resilience for Federal systems. 

Our initial focus is enhancing the security of virtualized, cloud native, O-RAN functions.  We see this area as having both the greatest potential to increase overall network security[1] and the greatest potential risk[2] to the eventual commercial viability of O-RAN technologies.  NIST staff will actively engage in the O-RAN alliance working groups on security (WG11), cloud infrastructure (WG11), near-real-time radio intelligent controller (WG3) and testing and integration working groups.   


[1] CSRIC VIII Report on How Virtualization Technologies Can be used to Promote 5G Security and Reliability - https://www.fcc.gov/file/24519/download

Major Accomplishments

See  Additional Technical Details (below) for a complete listing of our contributions.

  • NIST in collaboration with AT&T, MITRE, and Rakuten sponsored a O-RAN Alliance approved new work item to develop a Zero Trust Architecture for O-RAN cloud orchestration and management functions.  
  • The new work item seeks to align O-RAN cloud security with the NIST guidance on zero trust architecture and emerging industry standards (IETF and other) for identity and credentialing of virtualized workloads.  If successful, this effort will significantly enhance the security posture of emerging O-RAN standards and resulting product offerings.

Advanced Security Architectures for NextGen Wireless

Product

Reference

Proposal

Rose S., et_al., Zero Trust Architecture (ZTA) for O-RAN, WG11-2023-08 Work Item Description, January 2024.

  • Collaborators: Rakuten, AT&T, MITRE, Nokia, Ericsson, Deutsche Telekom, Dell

Presentation, Invited

Rose S., Borchert O., Zero Trust Archtecture, ATIS TOPS Enhanced Zero Trust and 5G Meeting Series, February 2023.

Report

Montgomery D., et. al. members of CSRIC 8 Working Group 3, Report on How Virtualization Technology Can Be Used to Promote 5G Security and Reliability, Communications Security, Reliability, and Interoperability Council VIII, December 2022.

  • Collaborators: ANDRO Computational Solutions, LLC, AT&T, Altiostar Networks, CTIA, Cisco, Comtech Telecommunications Corp., Cox Communications, Cybersecurity and Infrastructure Security Agency (CISA ECD), Dell Technologies, Dell Technologies, Ericsson, FCC, FirstNet, Hewlett Packard Enterprise, Intel Corporation, Mavenir, Microsoft Corporation, Motorola Solutions, NTIA, National Security Agency (NSA), Nokia, Palo Alto Networks, Qualcomm Incorporated, Rural Wireless Association, T-Mobile USA, Verizon

Collaborators = ANDRO Computational Solutions, AT&T, Altiostar Networks, CTIA, Cisco, Comtech Telecommunications Corp., Cox Communications, Cybersecurity and Infrastructure Security Agency (CISA ECD), Dell, Dell Technologies, Deutsche Telekom, Ericsson, FCC, FirstNet, Hewlett Packard Enterprise, Intel Corporation, LLC, MITRE, Mavenir, Microsoft Corporation, Motorola Solutions, NTIA, National Security Agency (NSA), Nokia, Palo Alto Networks, Qualcomm Incorporated, Rakuten, Rural Wireless Association, T-Mobile USA, Verizon 

 

 

Created January 6, 2024, Updated January 29, 2024