Skip to main content

Open RAN – "as secure as closed systems"

How secure is Open RAN architecture for future mobile networks? IT security experts from the University of Passau and the Fraunhofer Heinrich Hertz Institute (HHI) addressed this question in a study conducted within the framework of the research cluster "6G-RIC".

So far, the software and hardware used in a radio mast are supplied by a mobile phone vendor and incompatible with any other software and hardware. This is due to change with the "Open Ran" concept. RAN is short for radio access network and this technology provides access to the fast 5G network. To keep this access open is the purpose of the O-RAN Alliance – a global community of mobile operators, vendors as well as research and academic institutions.

"It is hoped that this will lead to more competition, more innovation and, last but not least, to less dependence on China," says Professor Stefan Katzenbeisser who holds the Chair of Computer Engineering at the University of Passau. He is also involved, together with his team of early career researchers, in the BMBF’s "6G Research and Innovation Cluster (6G-RIC)" coordinated by the Fraunhofer Heinrich Hertz Institute (HHI). German policymakers are pinning high hopes on Open RAN architecture. Last year, however, the German Federal Office for Information Security (BSI) sounded the alarm in a security analysis. In a press release, the BSI pointed out that "O-RAN architecture has yet to adequately specified on the basis of the security-by-design principle and entails some security risk".

In a whitepaper published within the scope of the BMBF’s "6G-RIC", researchers at the University of Passau and Fraunhofer HHI analysed the problems identified by the BSI and presented their findings in June 2022 at the European Conference on Networks and Communications:

Show external content

When viewing external content, data is transmitted to third parties.

Show

"We have come to the conclusion that Open RAN concepts, such as O-RAN, are as secure as traditional 5G systems, " says Felix Klement, an early career researcher working with Professor Katzenbeisser. Open systems also have a clear advantage in terms of transparency: "As external researchers, we get to have a look at the system's inner workings, whereas, with closed systems, we have no choice but to believe the respective network operator."

Specific measures to improve security

Felix Klement finds the concerns articulated by the BSI to be essentially accurate. However, it is not the task of the O-RAN Alliances to impose "security-by-design" specifications. Rather, their job is to lay down general conditions on the basis of which an open radio access network is able to operate. Individual developers would be responsible for the specific configuration of the relevant security designs. He draws the following bottom line: "We find Open RAN architecture to be very promising and forward-looking."

To make sure it stays that way, researchers at the University of Passau and Fraunhofer HHI proposed the following measures in their whitepaper to improve the security of Open RAN:

  • Mandatory encryption using strong cryptography
  • Exploration of the possibilities offered by post-quantum cryptography that is hard to decrypt even with the use of quantum computers
  • Protection of cloud infrastructure against malicious vendors, for example through mandatory access control and security requirements
  • Definition of privilege and role concepts for interface communication and clear rules for the implementation of security concepts
  • Integration of suitable technologies for the improvement of user privacy

The research hub "6G-RIC" is one of four nationwide hubs selected by the Federal Ministry of Education and Research (BMBF) to conduct research into the coming generation of "6G" mobile technology. These hubs are trans-regional associations comprising several universities and research institutions that have decided to pool their technology development skills and accelerate the discovery-to-application process.

At the University of Passau, this topic forms an integral part of cybersecurity, a field establishing itself in the research focus of digitalisation: Working across two faculties, computer science researchers and legal scholars have come together to analyse technical procedures and legal issues. Under the supervision of Professor Katzenbeisser, a team of researchers is researching IT security in everyday digitalisation within the framework of the research cluster "ForDaySec", which is funded by the Bavarian Ministry of Science.

 

More information:
- Link to original study
- Website of the BMBF research cluster "6G-RIC"
- BSI press release on Open RAN

Prof. Dr. Stefan Katzenbeisser

Professor Stefan Katzenbeisser

researches cyber security and technical data protection

How can critical infrastructures in a networked world be protected against cyber attacks?

How can critical infrastructures in a networked world be protected against cyber attacks?

Professor Stefan Katzenbeisser holds the Chair of Computer Engineering at the University of Passau. He researches cyber security in embedded systems,  critical infrastructures and technical data protection. He is spokesperson of the research cluster "ForDaySec - Security in everyday digitalisation", which is funded by the Bavarian Science Ministry. Besides participating in research projects on secure mobility, he is also involved in the research initiative "6G Research and Innovation Cluster (6G-RIC)". Since November 2023, Professor Katzenbeisser has been a representative of the DFG Review Board “Security and Dependability, Operating, Communication and Distributed Systems”.

Projects related to Cybersecurity

Playing the video will send your IP address to an external server.

Show video