Mobile radio access networks and 5G evolution
5G networks are part of national critical infrastructure, and are designed to be very flexible, so that they can be adopted to cater to a wide range of use case scenarios. To achieve this flexibility, network intelligence and security have to be managed across the network. This further increases the complexity of the network.
The device, such as a smartphone, a tablet device, a router etc. which is also called the User Equipment.
The Radio access network (RAN), which uses radio frequencies to provide wireless connectivity to the devices.
The core network (CN), which provides coordination between different parts of the access network and also provides connectivity to the internet.
The transport network, which provides connectivity between the RAN and the CN.
The baseband, which provides a set of computer-intensive signal processing functions that makes wireless communication possible. To enable the high computational power required, the baseband uses tailor-made electronics that delivers extremely high data processing speeds. To realize the full potential, it also houses extremely sophisticated software with several million lines of code – nearly four times as much as Mars Curiosity rover – to provide efficient wireless communication that constantly pushes the boundaries of efficient and secure use of spectrum.
This includes functions such as:
- signal processing for using multiple antennas
- signal processing for detecting and correcting errors in the wireless transmission
- signal processing to ensure that the wireless transmission is secure
- managing the wireless resources efficiently between different devices in the network
- and more
The radio, which converts digital information into signals that can be transmitted wirelessly and that ensures that the transmitted signals are in the right frequency bands and have the right power levels.
The antennas, which radiate the electrical signals into radio waves (see 1 in Figure 1).
New functional splits
First, for the higher bands, 5G antennas are integrated with the radios (2 in the figure 1). Furthermore , significant parts of baseband HW (hardware) and SW (software) are integrated with the antenna. The higher integration enables highly capable and efficient implementations of massive MIMO, beam forming and beam tracking that are necessary to efficiently use the comparatively high 5G frequencies. This is not possible to do with traditional passive antennas. Some of the 5G antennas integrated with radios pack high computational capability, and include several billion transistors. In addition, 5G also provides improved performance in the lower bands and in classic radios.
Secondly, some functionality that today is placed in the basebands can be virtualized, i.e. the functions operate on Commercial OffThe-Shelf HW, (3 in the figure 1) and can be implemented at the CN sites, rather than at the base station site, for example. For industrial and enterprise 5G applications this is foreseen to be a major deployment case. In fact, some RAN functions can be deployed on the same cloud infrastructure already in 4G, and is further considered for 5G deployments to fully utilize a cost optimized deployment and to leverage low latency capabilities. This means that RAN software can be deployed on the same infrastructure as Core software and managed as a single solution. Hence, 5G RAN and 5G Core are critical, sensitive and significant from a security point of view.
Thirdly, the radio access network is increasingly SW dependent. A base station has millions of lines of code. New SW based functionality is continuously added to enable new use cases, such as Internet-of-Things, or to enable greater capacity and coverage as mobile traffic continues to grow. In many cases, the SW needs to be consistently upgraded across the entire network. This means that not only Core network sites but also baseband and antenna-integrated radios are increasingly SW dependent on compiled code.
In fact, the software complexity of RAN in a baseband exceeds that of Boeing 787 aircraft.
Introduction of AI and modernized operating models
In addition to new functional splits, the number of radio base stations are increasing and the SW is becoming more complex, In response, AI is increasingly used across the network to secure optimal performance. AI and Machine Learning is used with central network management and orchestration as well as in individual base stations to optimize traffic and load balancing.
Also, a key feature of the 5G system is to provide an enhanced form of network slicing. Just like several lanes (virtual roads) can be equipped on a road with each lane supporting a different characteristic of traffic like high-speed lane, bus-lane etc., network slicing allows different virtual networks with different characteristics to run on one physical network. Among others, better granularity and unprecedented scale to meet a high degree of isolation/security from a range of different “lanes” such as manufacturing, public utility etc. can be ensured. 5G RAN will be slice aware and capable to monitor and control traffic per network slice.
5G is designed to be very flexible and to offer the best performance to a wide range of applications. To enable and support the wide range of use cases, the 5G network architecture requires that the different functions described above are flexibly placed within the network.
This consequently creates scenarios where parts of the RAN and CN functions are geographically co-located. In addition, the intelligence of the network is typically distributed across the network.
Therefore, the deployment possibilities are numerous, and this further makes all the components of the RAN and the CN vital in terms of network performance.
Three aspects of security:
1 — Confidentiality
Which ensures no unauthorized entity can read the communication. To ensure wireless communication is confidential it is encrypted, and the encryption is done hop-by-hop in the network. So, at both RAN and CN, the unencrypted information is available.
2 — Integrity
Which ensures no unauthorized entity can modify the communication. To ensure this wireless communication is integrity protected, integrity is also implemented hop-by-hop in the network. So, the information is available at both RAN and CN to be tampered with.
3 — Availability
Which ensure that communication service is available uninterrupted to the users. This also has to be ensured at both the RAN and CN level, as both can contribute to service discontinuity.
So, both RAN and CN are equally vital in terms of security. A secure network also requires that functions are securely deployed, properly implemented, and do not contain components with malicious intent. If that assumption fails, security does not follow.