# O-RAN Security Task Group--Study Notes ###### tags: `Wireless communications course` :::spoiler **Guide Links** [TOC] ::: ## Goal Leverages Software Defined Networking (SDN) and Network Function Virtualization (NFV) techniques by disaggregating the functions of a traditional RAN 1. Interoperability in different devices 2. Reduce OPEX and CAPEX costs 3. Security for increasing devices ## Groups ### STG(Security Task Group) The Security Task Group is a part of the IEEE 802.1 Working Group. 1. specifying and recommending modern, security solutions 2. Threat modeling and risk analysis 1. threat modeling: critical asset identification 2. risl analysis: data sensitivity analysis ### TIFG(Test and Intergration Focus Group) 1. Simplifying the evalution of security of O-RAN deployment ### OSC(O-RAN software Community) 1. adapt Linux CII(Core Security Infrusture Initiative) 2. Use CIS(Center Software Community), such as docker, k8s to secure O-RAN software platform. ## Vulnerability 1. Unprotected interface be exploitable slove: 1. Protect by cipher(TLS or SSH) 2. Mutual authentication (X.509 certificate) 2. Protential attack caused by O-DU and O-RU seperation solve: use AI and ML analysis to augment security and capabilities