At the i14y Lab Summit 2023 during one session we also took a closer look at issues of security in Open RAN. Experts Hanna Bogucka from Rimedo Labs and Carsten Rossenhövel from EANTC together with moderator Heiko Lehmann of Deutsche Telekom explored the current state of security in Open RAN and the methods that will ensure the protection of both operators and users.
Defending the Future: The Importance of Security in Open RAN Development
Explore the current landscape of Open RAN security as well as the future challenges, opportunities, and role of RIC (RAN Intelligent Controllers) in safeguarding networks and users.
The Role of Openness in Security
In the world of security, attackers invariably target the weakest link. So, in Open RAN as anywhere else, understanding where to focus security efforts is paramount.
Hanna Bogucka highlighted that Open RAN introduces various threat vectors due to its open interfaces and the intelligence inherent in future networks. While this intelligence opens new opportunities, it also presents new challenges. Security in Open RAN includes privacy, storage, processing, and more. It's crucial to consider all these elements collectively, as overlooking any can potentially compromise network security.
Carsten Rossenhövel emphasized that the attack surface doesn't necessarily increase with Open RAN - it changes. The real-world threats often stem from everyday vulnerabilities like weak passwords and open ports. Rossenhövel stressed the need for public access links to be encrypted, starting with fundamental security measures.
The panel also discussed whether an open ecosystem might actually enhance security. Carsten Rossenhövel pointed out that testing open interfaces has been common practice in the wireline industry, where protocols are well-known. Firewalls are designed to operate within these parameters. He argued that it's riskier to keep things closed. As Open RAN is still in its early stages, integrating security testing into test campaigns could prove beneficial.
Hanna Bogucka presented an interesting perspective on security challenges. She saw security not only as a challenge but also as an opportunity. Transparency in Open RAN allows equipment providers and service providers to develop new security methods quickly. With open interfaces, access to crucial parameters becomes possible, leading to the creation of specialized applications (xApps and rApps) for security management.
RAN Intelligent Controllers and Threat Mitigation
Regarding the question what role the RIC (RAN Intelligent Controller) could play in Open RAN security, Hanna Bogucka proposed that an intelligent controller could apply xApps and rApps to handle security issues efficiently. By having them closer to end-users, the network can better address various types of threats.
Carsten Rossenhövel expressed the practical need for necessary interfaces to implement such a solution. The capability of xApps to analyze user equipment (UE) behavior and radio unit (RU) behavior was discussed as a way to inspect and address potential threats.
In summary, the open dialogue highlighted that security is a multifaceted challenge and opportunity in Open RAN development. Transparency, intelligent controllers, and proactive testing are key to safeguarding both networks and end-users in this evolving ecosystem.
For a deeper dive into this critical discussion on Open RAN security, watch the full recording of the open dialogue from the i14y Lab Summit 2023.
Subscribe to the i14y Lab newsletter to get your monthly update on what’s going on in the lab, upcoming events, and other network disaggregation news.