Viavi outlines private Open RAN benefits and security complexities
Beyond macro public networks, Open RAN could also support the variety of deployment configurations necessary for private enterprise networks. But just as Tier 1 operators have to guard against security incidents to stave off financial and reputational damage, the same logic applies to private networks. Viavi Marketing Manager Owen O’Donnell drove home the point that increasingly complex networks bring increasingly complex cybersecurity machinations.
“Many private networks will be built using Open RAN architectures whose open interfaces increase the number of potential threat surfaces that could be vulnerable to attack,” O’Donnell said. “Good security starts at the design stage by ensuring that network elements are able to withstand common threats…5G private networks are seen as the way forward for connectivity and scale and speed and security, replacing LAN connections and Wi-Fi. When connecting devices in a smart factory, 5G is said to offer flexibility, control, latency, bandwidth and security improvements over the existing alternatives. While this is very much a true statement, 5G does bring with it complexities that we need to be aware of.”
O’Donnell focused his discussion on the security implications of the increased attack surface that comes with Open RAN networks, the need to consider how internet of things devices also increase the attack surface, and interworking a private 5G network implementation with legacy 3G/4G networks.
To the disaggregated, multi-vendor network Open RAN piece, O’Donnell said, “It introduces new components like [open radio units] and [distributed units] and [central units] and [RAN Intelligent Controllers]. “They’re entering the mobile networks all potentially from different vendors, which increases the risk of diverse levels of security among those components. It’s unclear whether newcomers in the Open RAN ecosystem might prioritize innovation over security in the short term, and considering that these different components will be interconnected, there is an increased risk that one vulnerable component—the weakest link—jeopardizes security of the overall network.”
In the larger private networks conversation, IoT is important in that the network-enabled digital transformation requires the conversion of analog devices to digital for data streaming purposes. “Devices used for industrial IoT are often optimized for a specific task with design driven by cost efficiency. With these devices, there is very little software processing capability due to emphasis on long battery life, and so the lack of security software on these devices means they can often be used to hack into a network.
“And finally,” O’Donnell said, “3G/4G interconnect. So while 3GPP are securing 5G networks by beefing up the standards, previous generations will be used for several years and attacks via interconnected interfaces will continue and will be more complex and difficult to detect as threat actors increasingly focus on defense evasion.”
Bottomline, O’Donnell said, “Open RAN…is a major contributor to expanding the threat surface with disaggregation, with new architecture, new elements, new interfaces, new specifications, new vendors, and again, the use of open source code.”
