Opening Critical Infrastructure: The Current State of Open RAN Security

6 months ago AndyC

RRHs are usually located close to antennas, often mounted on the cell tower. The BBUs used to be co-located with the cell-tower but current infrastructure has them located further away, at a central site.

Opening Critical Infrastructure: The Current State of Open RAN Security

RRHs are usually located close to antennas, often mounted on the cell tower. The BBUs used to be co-located with the cell-tower but current infrastructure has them located further away, at a central site. The evolution of RAN is shown in this diagram from Analysys Mason.

Virtualized RAN (vRAN) is a virtualized BBU that runs on commercial off-the-shelf hardware. In a disaggregated vRAN design, the BBU is split into two components, the central unit (CU) and the distributed unit (DU).

Open RAN

Despite virtualization and disaggregation, RAN architecture remained relatively closed (that is, most components had to come from the same vendor to ensure compatibility). When the network architecture is closed, operators usually need to pay huge costs to a single vendor to purchase equipment and technology.

O-RAN architecture aims to achieve interoperability and flexibility by adopting open standards, interfaces, and protocols. Open RAN breaks the closed nature of the system, allowing operators to choose equipment and software from different suppliers, therefore achieving a higher degree of network customization (for example, purchasing the CU from one vendor, then getting the DU from another). This allows for greater participation from second- and third-tier equipment manufacturers.

O-RAN is more than just open interfaces — it enables open access to next-generation RANs through artificial intelligence-based control. An open interface between local network entities and the RIC can facilitate real-time sensing and management of and reaction to radio resources. However, due to its open-standard nature, O-RAN is inherently more vulnerable to attacks and additional threats, so designing appropriate security mechanisms is a key issue.

O-RAN Alliance

The O-RAN ALLIANCE, an open technical organization consisting of mobile operators, vendors, research organizations, and academic institutions that strive for the advancement of the Open RAN concept, has devised a set of Open RAN specifications.

The Alliance previously collaborated with the Linux Foundation to develop a reference implementation for the specification, called the O-RAN SC. The O-RAN SC specification is open-source, with code contributions coming from top RAN vendors like Ericsson, Nokia, Samsung, Radisys, and AT&T. Given this collaborative effort, it is more likely that many vendors will incorporate O-RAN SC code into their commercial products.

O-RAN architecture

The O-RAN Alliance provides an overview of the O-RAN architecture on their website. Note that it is not necessary to understand all the components in the diagram for the purpose of this write-up. Figure 3 shows how O-RAN fits into the 5G network topology.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , ,

More Stories

Top ITSM Certifications for 2024

Top ITSM Certifications for 2024

2 hours ago AndyC
Sophos NDR support for certified hardware deployments

Sophos NDR support for certified hardware deployments

2 hours ago AndyC
US AI Experts Targeted in SugarGh0st RAT Campaign

US AI Experts Targeted in SugarGh0st RAT Campaign

3 days ago AndyC
A Human-Centric Security Approach, Supported by AI

A Human-Centric Security Approach, Supported by AI

3 days ago AndyC
Black Basta Ransomware Struck More Than 500 Organizations Worldwide

Black Basta Ransomware Struck More Than 500 Organizations Worldwide

3 days ago AndyC
Get on Cybersecurity Certification Track With 5 Off These Courses

Get on Cybersecurity Certification Track With $145 Off These Courses

3 days ago AndyC

You may have missed

<div>Transgrid's Lumea seeks closer ties with cellular network planners</div>

Transgrid’s Lumea seeks closer ties with cellular network planners

1 hour ago AndyC
AFP uses cloud, SASE to upgrade reach and capability

AFP uses cloud, SASE to upgrade reach and capability

1 hour ago AndyC
<div>AEC checks Meta AI's handling of election questions</div>

AEC checks Meta AI’s handling of election questions

1 hour ago AndyC
Request for Comments: Mobile Payments on COTS (MPoC) v1.1

Request for Comments: Mobile Payments on COTS (MPoC) v1.1

1 hour ago AndyC

How to Safely Date Online

2 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.