YOU ARE AT:5GWhat is threat modeling for 5G cybersecurity?

What is threat modeling for 5G cybersecurity?

As operators and vendors collaborate to deploy 5G networks, it’s imperative they partner on cybersecurity with both governmental partners and the enterprise verticals poised to benefit from the next generation of cellular technologies.

Through this collaborative process, the entire ecosystem of stakeholders need to lend equal focus to developing innovative new services and protecting those new services from bad actors looking to exploit vulnerabilities and hidden functionality. 

5G rollout is outpacing projections and operators are working to quickly commercialize new services that will help return on the massive investment of a generational upgrade. As networks and services evolve, “Network security needs to continuously evolve in order to address new potential security risks coming from the open internet and the development of new services,” according to a Huawei whitepaper. “Operators need to be alert and always one step ahead of possible security threats.” 

Developing a threat model

A key step in cybersecurity best practice and staying a step ahead of bad actors is engaging in what’s called threat modeling. According to the Open Web Application Security Project (OWASP), threat modeling includes the following steps. 

  • Define desired business outcomes and take into account applicable compliance requirements. 
  • Establish a clear understanding of application design to identify potential risks in a given dataflow. 
  • Model the applicable system, including trusted boundaries, internal and external actors, and available assets. 
  • Correlate threats with potential entry points. 
  • Project the potential impacts of specific types of attacks. 

Design, develop and test

For its design phase, Huawei’s threat modeling incorporates the attack tree and privacy impact assessment with its STRIDE program–Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. 

In the development phase, Huawei applies secure coding standards based on industry best practices developed by CERT, CWE, SANS and the aforementioned OWASP. 

When in the testing phase, Huawei uses test cases based on the threat model “to verify the effectiveness of the threat mitigation measures designed.” Independent third party testing and verification is also central to the process that Huawei describes as a “many eyes and many hands” approach. 

Securing a network slice

In its current form, 5G is largely an enhanced mobile broadband service being sold to consumers. But as the standard matures in Release 16 and Release 17, operators will deliver network slices in service of vertically-tailored applications. In addition to secure mechanisms applied to core, RAN and other network elements, network slices themselves will require a new approach to cybersecurity. 

Huawei contemplates a three-fold approach to securing virtualized slices: 

  • Operators should be able to isolate slices physically, based on virtual machines being used, or at the applicable virtual firewalls. More granularly, specific CPUs, storage elements and tenant resources should be able to be isolated.
  • Slice access security to ensure the operator and the end user have the appropriate levels of access and control. 
  • And slice management security uses bi-directional authentication and authorization to ensure communication integrity and confidentiality. 

To this point of collaboration among all stakeholders, the Huawei whitepaper concludes, “Based on successful experience for 4G security, controlling 5G security risks is achieved through joint efforts of all industries. To control risks in the 5G lifecycle, we need to continuously enhance security solutions through technological innovation and build secure systems and networks through standards and ecosystem cooperation.” 

This is part of a series examining 5G cybersecurity. For more information, explore the following materials: 

ABOUT AUTHOR