2021 Press Releases

June 09, 2021

Addressing 5G Security with Threat Modelling - Synopsys

5G is fundamentally different from 4G, LTE, or any other network the telecommunications industry has ever seen before. It promises data rates 100 times faster than 4G, network latency of under 1 millisecond, support for 1 million devices/sq. km., and 99.999% availability of the network. The rollout of 5G will reach one-third of the global population by 2025, and the U.S., South Korea, and China are already at the forefront of 5G deployment.
But the benefits of the 5G network can also inadvertently enable attacks (such as DDoS attacks from compromised IoT devices) if proper security precautions aren’t taken. Securing 5G requires a holistic approach and deep security expertise. We explore the first step that needs to be taken to secure 5G.
5G security concerns
Along with tremendous promise, the 5G rollout also comes with a number of security concerns:

  • Network functions virtualisation (NFV): NFV enables network slicing by replacing network functions on appliances such as routers, load balancers, and firewalls with virtualised software instances that run on commodity hardware. Virtual network functions (VNFs) are utilised to run these functions as packaged software that sits on virtual machines (VMs). Virtualisation can lead to vulnerabilities such as denial of service and malware.

  • Software-defined networking (SDN). A complementary technology to NFV, SDN utilises network management to separate the control plane from the forwarding plane. SDNs enable programmable network controls and abstract the underlying infrastructure from the apps and network services. Centralised and controllable, SDNs provide the agility required to adapt to the evolving needs of 5G micro-services. However, SDNs are susceptible to attacks such as forwarding device attacks, control pane threats, API vulnerabilities, counterfeit traffic flows, and more.

  • Micro-services. The 5G core consists of a service-based architecture, and micro-services are essential in the development of this architecture. Micro-services are considerably more flexible, customisable, and agile than monolithic applications, and they are faster to develop and easier to maintain. Micro-services are often deployed over multiple VMs and/or clouds — which also means a much wider attack area. The APIs that link microservices can also be used to launch attacks, and applications that are built by coupling microservices evolve and change rapidly, increasing the risk of vulnerabilities being deployed into production.

Additionally, the cloud, virtualisation, containerisation, edge computing, and DevOps all play a vital role in the era of 5G:

  • The scale, elasticity, agility, responsiveness, and rich software functionality required for 5G applications and microservices can only be achieved in the cloud. Lower capital and operating expenses are additional benefits of being in the cloud.

  • Today NFV is done on VMs, and they will continue to be utilised in a 5G environment.

  • Containers will shoulder a bulk of the load in building and deploying 5G micro-services. They also offer the agility to spin up or spin down microservices and enable the DevOps culture that is necessary in the 5G era.

  • The 5G network promises latency as low as 1 millisecond, and 5G-powered applications will rely on low latency. Ultra-low latency can only be met by distributed edge computing that is closer to the end-user.

These technologies and methodologies provide flexibility, cost savings, ultra-low latency, high bandwidth, and agility, but they significantly increase the attack surface and add complex attack avenues that are harder to defend.
An expanded attack surface
As mentioned earlier, 5G offers a much wider attack surface and a combination of new attack avenues, including:

  • Millions of connected devices with considerably less security features

  • Weaker mobile/Wi-Fi/landline connectivity

  • Software-based NFVs with a higher number of software vendors and potentially more supply chain issues

  • Distributed edge computing

  • IoT, which requires updating software on millions of connected devices that are inherently not as secure

  • Reliance on cloud vendors for configuration

  • Unsecure container images, virtual networks for communication between containers, privileged flags, and isolation from hosts

5G also supports numerous mission-critical use cases such as smart cars, telemedicine, remote surgery, and more. For these use cases a lack of security is simply not an option — it could lead to potential loss of human life. Adding to this, the regulatory body of 5G (3GPP) has not yet mandated security features for network operators.
How threat modelling addresses security concerns
Given the multitude of new factors involved with 5G networks, the crucial first step in securing 5G is building a comprehensive threat model.
Threat modelling allows you to assess the risks facing your application along with the consequences of not addressing those risks. A good threat model enables security engineers to prioritise risks and address them according to the level of severity. Threat modelling experts leverage their experience to look beyond a simple predefined list of attacks and think about new types of attacks that may not have been a consideration for 4G or LTE networks.
Steps to developing a threat model for 5G:

  1. Define the different network and user side assets that are at risk of being attacked.

  2. Create a list of potential internal and external threat actors for each individual asset.

  3. Identify the actions that the threat actors could take to breach the assets at risk.

  4. Analyse the factors and form a list of threats prioritised by likelihood of success and risk to the business.

  5. Create an action plan to mitigate the identified threats.