<center><i class="fa fa-edit"></i> 5G: OPEN RAN </center>

# <center><i class="fa fa-edit"></i> 5G: OPEN RAN </center> ###### tags: `Internship` :::info The goal is to and understand how O-RAN ALLIANCE deals with security challenges **Resources:** [The O-RAN ALLIANCE Security Task Group Tackles Security Challenges on All O-RAN Interfaces and Components](https://www.o-ran.org/blog/2020/10/24/the-o-ran-alliance-security-task-group-tackles-security-challenges-on-all-o-ran-interfaces-and-components) ::: # OUTPUT ## What makes O-RAN different? Open RAN develops **Software Defined Networking (SDN)** and **Network Function Virtualization (NFV)** techniques by disaggregating the functions of a traditional RAN. ## O-RAN characteristics - Speed service introduction and innovation, - Introduce intelligence into RAN control, - Enable interoperability among RAN components from different sources, - Improve supply chain security, - Reduce network OPEX and CAPEX costs. ![](https://i.imgur.com/sIyMzvh.png) ``` O-RAN architecture ``` ## O-RAN interface advantages - Disaggregation improves security agility, adaptability and resiliency; - Security updates and the introduction of new security functions to the RAN can be implemented by modifying a single software component; - Network functions such as the Near Real-Time RIC, O-CU-CP, O-CU-UP, and O-DU, implemented as containerized microservices can leverage cloud native security advances; - Hardware resource isolation, automatic reconfiguration, and automated security testing, which can improve both open source vulnerability management and security configuration management. ## O-RAN challenges - The disaggregation of functions increases the RAN threat surface; - The increase of the Open RAN dependence on secure development practices within open source communities; - The use of AI in the RAN may lead to unanticipated consequences as it has in other domains; - The increasing likelihood of attacks by compromised devices; - The open fronthaul interface operating the lower layer split (LLS) interface (Due to the separation of the O-DU and O-RU) will cause potential new attack surface in the RAN. ## O-RAN solutions *O-RAN ALLIANCE Security Task Group (STG) collaborates with O-RAN ALLIANCE Working Groups (WGs) to tackle security challenges on all O-RAN interfaces and components, based on the 3GPP security design practices.* ### STG solutions: - **Build threat model**: to robust security requirements and solutions. - **Study the threats to LLS interface**: to gain a thorough understanding that will drive the specification of security controls on the interactions between O-DU and O-RU. - **Leverage existing O-RU security capabilities and investigating additional capabilities**: to secure the open fronthaul interface between the SMO and O-RU. - **WG2, WG3 and the STG specify app authenticity controls**: to ensure that x/rApps cannot introduce vulnerabilities into the RAN. - **Require the O-RAN Software Community (OSC) to adopt industry best practices in the OSC development pipeline**. - **Leverage and build upon the 3GPP catalogue of security assurance requirements**. ![](https://i.imgur.com/KL2gcZE.png) ``` PARTIAL VIEW OF THE EXISTING O-RAN SECURITY CONTROLS AND COMMUNITY’S PROGRESS ``` ## Conclusion - O-RAN ALLIANCE follows 3GPP, IETF to deploy and operate Open RAN with the same level of confidence as a 3GPP defined RAN.