Addressing vRAN Security

5G vRAN uses a cloud native 5G architecture to enable an elastic environment where network, compute, and storage services can expand and contract as needed in an automated way. This approach creates an environment where functions can be hosted as software services that are dynamically instantiated on-demand in different network segments. However, these elastic environments of the network can be exposed to potential cyber threats, creating a weakness in the interface configuration, the integrity and confidentiality of the controller, and more.  

Samsung offers a cloud security measure that can defend such threats using an authentication process for all services and interfaces. This security feature provides strong protection by preventing an unauthorized command request. This built-in security measures and utilizes the number of verification processes to ensure safe and reliable cloud native services for mobile operators.  

5G Networks can be flexible and programmable by virtualizing functions and services previously implemented in hardware. To expedite time-to-market, many vendors leverage open source software. The open source approach provides access to high-quality software that not only lowers software development costs but also increases the reliability of the code, as there are communities of resources developing and testing the software.

One of the concerns currently with pundits is that open source software can introduce vulnerabilities into their products. Poorly written code can leave gaps that attackers can use to invade a system, which was the case with the Equifax breach, where more than 145 million user records were breached in 2017. 

The vulnerability in open source would make it a prime target of threats, but ironically, it could also be the remedy for these threats. Over the years, Samsung has been actively conducting security testing on open sources against various threats. As a part of these efforts, Samsung contributes to an open source community, where all companies test and report back on any issues or minor problems so the community can jointly resolve the reported issues. Combining joint effort with open source community and Samsung's static analysis solution, the company utilizes swift patches to networks for any open source vulnerabilities. On the product front, Samsung implemented a robust development process to identify and resolve any security vulnerabilities early on.

With the scalability of the network and the lower latency demands offered by 5G, it is expected that mobile operators will utilize an end-to-end architecture. One of the benefits of this end-to-end approach is Multi-access Edge Computing (MEC). The MEC brings the computing process closer to the user and as a result, it is able to increase the data traffic speed and support ultra-low-latency services. 

The MEC, due to its distributed architecture, offers many advantages but it also poses a potential vulnerability with the fact that it inevitably increases attack surfaces from cell sites to the 5G Cores. 

At Samsung, protecting the 5G networks from security and cyber threats and eliminating vulnerability are our top priorities. Samsung’s vRAN centralizes its components, minimizing physical security points to just the cell site and data center. The mobile operator can concentrate security measures at these points. Samsung complies with industry security standards and operates the process with principles of security by design so that vRAN solutions can ensure protection for mobile operators. In addition, the company’s solutions have capabilities to mitigate damage to the network operating environment with fast feedback on security issues. 

Defense against threats in vRAN architecture is an important issue. Samsung understands the security issues mobile operators are facing when implementing vRAN. To mitigate such issues, Samsung uses a variety of inspection and security approaches to protect from malicious software, and maintains accurate inventory of open source.

For security by design, Samsung receives and manages notifications about vulnerabilities found in industry and tracks patch availability for open sources and 3rd party products. Samsung performs tests of all software included in vRAN to continually detect, identify, and eliminate vulnerabilities that can cause threat vectors before deployment.

Samsung strives to provide mobile operators with safe, secure, and reliable vRAN solutions that continue to meet their 5G deployment needs.