The Importance of Threat Modeling for 5G Security

5G. While fundamentally different from 4G, LTE or any other network that the telecommunications industry has ever seen, it promises data rates 100x faster than 4G, network latency of under 1 millisecond, support for 1 million devices/sq. km., and 99.999% network availability

Predictions show that the rollout of 5G will reach one-third of the global population by 2025, and the U.S., South Korea, and China are already at the forefront of its deployment.

As with any new technology, the benefits may also present potential attack vectors if proper security measures aren’t considered. Let’s take network functions virtualization (NFV) as an example. NFV enables network slicing by replacing network functions on appliances such as routers, load balancers, and firewalls with virtualized software instances that run on commodity hardware. Virtual network functions (VNFs) are utilized to run these functions as packaged software that sits on virtual machines (VMs). Virtualization can lead to vulnerabilities such as denial of service and malware.

A complementary technology to NFV, software-defined networking (SDN) utilizes network management to separate the control plane from the forwarding plane. SDNs enable programmable network controls and abstract the underlying infrastructure from the apps and network services. Centralized and controllable, SDNs provide the agility required to adapt to the evolving needs of 5G microservices. However, SDNs are susceptible to attacks such as forwarding device attacks, control pane threats, API vulnerabilities, counterfeit traffic flows, and more.

The 5G core consists of a service-based architecture, and microservices are essential in the development of this architecture. Microservices are considerably more flexible, customizable, and agile than monolithic applications, and they are faster to develop and easier to maintain. Microservices are often deployed over multiple VMs and/or clouds—which also means a much wider attack area. The APIs that link microservices can also be used to launch attacks, and applications that are built by coupling microservices evolve and change rapidly, increasing the risk of vulnerabilities being deployed into production.

Cloud, virtualization, containerization, edge computing and DevOps play additional roles in the era of 5G. The scale, elasticity, agility, responsiveness, and rich software functionality required for 5G applications and microservices can only be achieved in the cloud. Lower capital and operating expenses are additional benefits of being in the cloud. Today NFV is carried out on VMs, and they’ll continue to be utilized in a 5G environment. Additionally, containers will shoulder a bulk of the load in building and deploying 5G microservices. They also offer the agility to spin up or spin down microservices and enable the DevOps culture that is necessary in the 5G era.

Again, the 5G network promises latency as low as 1 millisecond, and 5G-powered applications will rely on low latency. Ultra-low latency can only be met by distributed edge computing that is closer to the end user. These technologies and methodologies provide flexibility, cost savings, ultra-low latency, high bandwidth, and agility, but they significantly increase the attack surface and add complex attack avenues that are harder to defend.

With its sweeping rollout there are a variety of new attack vectors that must be accounted for across the broad-reaching attack surface. As millions of connected devices will rely on the 5G network, one concern is that software-based NFVs will be used by many software vendors – presenting potential software supply chain security lapses. Additionally, reliance on cloud vendors for configuration presents security concerns, as do unsecured container images, and virtual networks for communication between containers.

We must also consider that 5G supports numerous mission-critical use cases such as smart cars, telemedicine, remote surgery, and more. For these, a lack of security is simply not an option—it could lead to potential loss of human life. Adding to this, the regulatory body of 5G (3GPP) has not yet mandated security features for network operators.

Given the multitude of new factors involved with 5G networks, the crucial first step in securing 5G is building a comprehensive threat model. Threat modeling allows you to assess the risks facing your application along with the consequences of not addressing those risks. A robust threat model enables security engineers to prioritize risks and address them according to the level of severity. Threat modeling experts leverage their experience to look beyond a simple predefined list of attacks and think about new types of attacks that may not have been a consideration for 4G or LTE networks.

Developing a threat model for 5G (conveniently) involves 5 key steps:

1. Define the different network and user-side assets that are at risk of being attacked.

2. Create a list of potential internal and external threat actors for each individual asset.

3. Identify the actions that the threat actors could take to breach the assets at risk.

4. Analyze the factors and form a list of threats prioritized by likelihood of success and risk to the business.

5. Create an action plan to mitigate the identified threats.

Once the threat model is established, conducting penetration testing based on the threat model will uncover a great many security gaps and would be the logical next step in the process for securing the 5G network.

About the Author

Chai Bhat is security solutions manager at Synopsys Software Integrity Group. Synopsys technology is at the heart of innovations that are changing the way we live and work. The Internet of Things. Autonomous cars. Wearables. Smart medical devices. Secure financial services. Machine learning and computer vision. These breakthroughs are ushering in the era of Smart, Secure Everything―where devices are getting smarter, everything’s connected, and everything must be secure.

Featured image: ©APchanel