The 5G networks can act as a vehicle to drive the digitalization phase for realizing a gigabit networked society. They use Service-Based Architecture to enable different use-case scenarios for example future critical communications services, such as Next Generation Nodnett (NGN) in Norway will be moving towards 5G networks. The complex 5G networks are vulnerable to cyber-attacks due to the increasing level of network softwarization approach, a requirement to support less secure legacy networks, and the adoption of web-centric protocols for the core network signaling. In addition, the security requirements of NGN are different than of 5G networks, hence it is crucial to understand their threat landscape from the attacker's perspective.
There is also a need for threat modeling methods and tools to effectively identify and address emerging risks in multi-generational 5G networks. Existing threat modeling approaches have limited scope to accommodate new security paradigms and varying degrees of trust assumptions of 5G networks. Moreover, it is almost impossible to validate threat modeling approaches by performing cyber security exercises and assess vulnerabilities on operational 5G as this could lead to unacceptable risk. Therefore, one of the best approaches to address the above issues is to combine threat modeling science together with a cyber range concept to enhance the cyber-resiliency of 5G-enabled critical communications and eventually other use-cases as well.
The project delivers a 5G cyber range platform empowered with tools for risk and threat assessment, cyber-attack simulation, evaluation and demonstration of defensive solutions for NGN. The project includes a Norwegian mobile operator, authorities responsible for cellular networks and security, research institutes, and universities. The proposed approach could be a future best practice for the Norwegian telecom industry to address cyber security challenges.