5G networks will be more secure than the 4G infrastructure they will replace. But that is no reason for complacency. The challenges are well understood and industry is leading the effort to complete the internationally recognized standards on which 5G assurance will depend. The carriers are working to strengthen their ability to prevent, detect, and mitigate inevitable malicious cyber activity, says Andy Purdy.
There have been few more hotly anticipated new technologies in recent years than 5G. Much more than an incremental improvement on previous mobile network technologies, 5G – the fifth generation of wireless communications – together with the Internet of Things (IoT), promises to transform how we live and how businesses and governments operate, and will spur huge economic growth for those countries and organizations that work to proactively leverage the technology to innovate.
It is understandable that some are deeply worried that the pervasive nature of the new devices and services that 5G will exacerbate current cyber-security concerns. To those people I say worry not, the benefits of 5G/IoT far outweigh the risks. But it is critically important that the private sector, in collaboration with government, strengthen efforts to refine and implement a security framework for 5G and IoT that leverages internationally recognized standards and best practices and develops and implements conformance programs to make the multi-vendor environment that is cyberspace, one that is risk-informed, open, and transparent, and one that provides an objective basis for trust by customers, users, and governments in the available products and services that flow from a global ICT supply chain. While the nature of the security challenge will invariably increase, with a shared commitment to transparency and accountability, so too will the industry’s capabilities to deal with them.
5G has been designed to be more secure than previous mobile networks, both during the transition from 4G, and after 5G is fully deployed. These strengths are harmonized through global industry standards, some of which are still being finalized, effectively creating an appropriate security framework for 5G. It’s been a huge industry-wide effort that befits the multi-vendor 5G ecosystem, and it will provide the basis for an objective and transparent basis for trust through risk assessment, conformance reviews, and risk mitigation by the carriers who run the networks, and those that they rely on.
For Huawei, our customers and our industry, ensuring cyber security and privacy assurance are enduring commitments. As a leading ICT player, Huawei has more than 170 dedicated security engineers working in research and development to help ensure our 5G solutions are secure, and providing input to various standards efforts. These teams have been instrumental in collaborating with competitors, carriers, and others to create the new global standards, technologies, and methodologies for the global 5G infrastructure security.
Many of these experts are even today fully engaged working alongside colleagues from across the global industry in the creation of 5G security standards through 3GPP, the global 5G industry standards body. These 3GPP standards are designed to make 5G as secure as possible. No one is pretending that the work of the 3GPP is complete yet; each new release of the 3GPP standard will include further developments designed to strengthen 5G security. We do know that 5G networks will be more secure than any previous generation of mobile network.
Highways and byways
Central to the standards-setting work of the 3GPP to date is the definition of security standards for what we are called ‘standalone’ and ‘non-standalone’ 5G architectures. Telecoms networks are usually viewed in two domains: “core” and “access”. Think of core networks as the fast and wide motorways that connect major cities, while the access networks are the smaller roads you take when you leave the motorway to arrive at your destination.
The 3GPP security standard, through technologies such as stronger encryption and an architecture that anonymizes (hides) data as it crosses from the core network to the access and back again, the ‘identity’ of the data transmitted over the networks will be the protected, a significant security enhancement.
There is more work to do in defining the standards for additional 5G services within the 3GPP process. This standards work is underway within 3GPP for how best to secure the ‘Internet of Things,’ sometimes called ‘machine-to-machine’ communications, and is widely expected to be included in the next release of the 3GPP 5G standard, anticipated to be finalized by collaborative agreement by the end of 2019.
Work is also ongoing to formulate the security standards for 3GPP compliant chipsets, necessary for all connected devices, as well as the various devices like smartphones, connectivity modules for connected, automomous vehicles, and industrial robots.
5G: a platform for growth
5G will introduce 10Gbps peak use data speeds – significantly higher mobile connections than are possible with 4G today — allowing us to download more content much faster. However, the benefits of 5G exceed additional raw speed. 5G will be the midwife of the mass market “internet of things,” where ‘machines’ will connect to machines.
We will connect our home security systems, our vehicles, our valuables, and our lives to the internet. These connections will create oceans of data that will be analysed by supercomputers in data centres creating new intelligence and automation. 5G will also help to usher in the era of artificial intelligence.
Farmers will connect biometric sensors to their livestock or embed sensors in their fields which, in turn, will provide scientific insight on animal biology and soil composition to help farmhands maximize productivity and increase milk and crop yields. Trials in China last year provided farmers with a 50% increase in milk yields from dairy herds, equal to more than $400 per year in extra milk sales per cow.
Industries will become more intelligent by allowing business decisions to be based on real-time data and automation. As a result, industries – from manufacturing and supply chain, and financial services to retail — will become more efficient with lower costs, by automating repetitive, mundane tasks, and collecting relevant data in real-time from light-weight deployed sensors.
Autonomous driving will become feasible for the mass market, while cities will become safer and more efficient as authorities gain better real-time insight on traffic flows, electricity usage, and the delivery of services, and healthcare and education. Alongside these social and business efficiencies, the growth of the Internet of Things is predicted by McKinsey, the consulting firm, to add between $3.9 trillion and $11.1 trillion to the global economy yearly, by 2025.
5G promises a better life, a better environment better businesses, and more effective governments. Beginning with limited full deployment of 5G in 2020, we can expect to see 5G services become available in many countries around the world. We are still in the early days of the 5G revolution. We have more work to do in the never-ending task of keeping our data, our privacy, and our services secure, available, and untainted. Bad actors will always try to exploit vulnerabilities for their own advantages.
But government officials can be confident that through the work of 3GPP, the innovation of vendors and the collaboration across the industry worldwide, we can improve the security and address the vulnerabilities.
Andy Purdy is a senior cyber executive at Huawei Technologies and a former U.S. cyber security lead at the US Department of Homeland Security.