The second day of CW TEC: Engineering 5G Private Networks featured presentations on security and early deployment lessons from Spirent, Pelion, QinetiQ, AttoCore, Cambridge Consultants and the University of Bristol. Here are some of the key takeaways.
1. The maritime sector appears to be leading the way when it comes to 5G private networks
A number more maritime case studies were referenced in today’s presentation, with both AttoCore and the Smart Internet Lab working on the 5G Logistics project, funded by DCMS. This private network is being implemented across a number of different locations in Bristol – at Avonmouth Docks, at a nearby innovation centre, and on the road network. One of the key aspects of the project is tracking trucks from the port to the innovation campus and monitoring their capacity with a view to optimising the amount of goods per vehicle.
Derek from Cambridge Consultants also focused on ports in his case study, outlining potential applications such as remote controlled or autonomous cranes, environmental monitoring, CCTV, predictive maintenance and condition monitoring, safety (push to talk, man down) and navigation. He believes that it will be a single use case – such as CCTV – that will encourage the port to adopt 5G on top of their existing connectivity platform, but once installed the enterprise will steadily deploy more applications on that platform until a complete digital transformation has occurred.
2. Applying for shared access license is easy
As we learned yesterday, and it was reiterated again today, access to spectrum is key to the ability to deploy 5G private networks. In the “Lessons Learned from Early Deployment” track, Steve Coppins from AttoCore reflected on his experience of applying for a shared access license, and found it really simple. The form is technical and woudn’t be able to be completed by someone off the street, but even though Ofcom is still at the beginning of the process of giving spectrum to enterprises, the process works well. Typically the only reason for rejection is asking for medium power in urban areas.
3. Testing is essential for network security
While 5G has increased the size and complexity of the cellular landscape, and in doing so it has introduced new threats, it is a standard that is being built with added security enhancements from the get-go. It offers a unified authentication framework, stronger air interface security subject to mutual authentication, enhanced user privacy protection, enhanced cryptographic algorithms…to name a few.
Nevertheless, all our security experts at CW TEC agree that the main way to mitigate any threat to a 5G private network is to test, test, test. Spirent insisted that these tests must be realistic, based on realistic traffic loads and involving the entire spectrum of potential attacks that a network could encounter. Testing must continue throughout the lifecycle of the network so that as bad actors become more sophisticated and the network is upgraded, vulnerabilities are identified before an attack is successful.
QinetiQ’s solutions to enhancing private 5G resilience also have a heavy focus on regular testing of hardware, software, firmware and infrastructure, and they recommend deploying test and reference networks.
4. 5G is a small part of the security challenge in a private network architecture
Resilience is needed across all layers of the technology stack, including the physical infrastructure (locked doors are just as important to private network security as firewalls) and user management (two factor authentication, anyone?).
At the start of the security session the chair, Francesca Serravalle from Colt Technology Services, conducted a poll of delegates, a large majority of which agreed that the biggest security risk to 5G private networks is the range and volume of IoT devices.
Mohsen from Pelion focused on this in his talk, mentioning recent figures that suggest there are 5,400 attacks per month targeted at IoT devices, and that not enough is being done to secure these end devices. They are being designed to be as small and low-cost as possible, which often results in less CPU and RAM space to support device security and regular firmware updates. For a 5G enabled IoT to be successful, trust needs to be built into these devices from scratch and the ecosystem needs to communicate and collaborate to identify and solve potential vulnerabilities early.