Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

Security Threats and Potential Security Requirements in 5G Non-Public Networks for Industrial Applications

  • Received : 2020.10.15
  • Accepted : 2020.11.03
  • Published : 2020.11.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we address security issues in 5G non-public networks for industrial applications. In contrast to public networks that offer mobile network services to the general public, 5G non-public networks provide 5G network services to a clearly defined user organization or groups of organizations, and they are deployed on the organization's defined premises, such as a campus or a factory. The main goal of this paper is to derive security threats and potential security requirements in the case that 5G non-public networks are built for discrete and process industries according to the four deployment models of 5G-ACIA (5G Alliance for Connected Industries and Automation). In order to clarify the scope of this paper, we express the security toolbox to be applied to 5G non-public networks in the form of the defense in depth concept. Security issues related to general 5G mobile communication services are not within the scope of this paper. We then derive the security issues to consider when applying the 5G-ACIA deployment models to the industrial domain. The security issues are divided into three categories, and they are described in the order of overview, security threats, and potential security requirements.

본 논문에서는 산업 애플리케이션을 위한 5G Non-Public Network에서의 보안 이슈를 다룬다. 일반 대중에게 모바일 네트워크 서비스를 제공하는 공공 네트워크와는 달리, 5G Non-Public Network는 명확하게 정의된 사용자 조직이나 조직들의 그룹에게 5G 네트워크 서비스를 제공하며, 캠퍼스나 공장과 같이 사용자 조직이 지정한 영역 내에 구축된다. 본 논문의 주목적은 5G-ACIA (5G Alliance for Connected Industries and Automation)에서 제안한 네 가지 구축 모델에 따라 5G Non-Public Network가 이산 산업 및 공정 산업을 위하여 구축될 경우 고려되어야 할 보안 위협 및 잠재적 보안 요구사항을 도출하는 것이다. 본 논문의 범위를 명확하게 하기 위해 먼저 5G Non-Public Network에 적용할 보안 툴박스를 심층 방어 개념으로 표현한다. 일반적인 5G 이동통신 서비스와 관련된 보안 이슈는 본 논문의 범위에 포함되지 않는다. 그 다음, 산업 도메인에 5G-ACIA의 구축 모델을 적용할 때 고려해야 할 보안 이슈를 도출한다. 도출된 보안 이슈들은 세 가지 범주로 나뉘며 각각의 보안 이슈들은 개요, 보안 위협 및 잠재적 보안 요구사항의 순서로 서술된다.

Keywords

References

  1. J. Navarro-Ortiz, P. Romero-Diaz, S. Sendra, P. Ameigeiras, J. J. Ramos-Munoz and J. M. Lopez-Soler, "A Survey on 5G Usage Scenarios and Traffic Models," IEEE Communications Surveys & Tutorials, vol. 22, no. 2, pp. 905-929, 2020, doi: 10.1109/COMST.2020.2971781.
  2. J. Kim, S. Kim, "An Efficient Session Management Scheme for Low-latency Communications in 5G Systems," Journal of the Korea Society of Computer and Information, Vol. 25, No. 2, pp. 83-92, Feb. 2020. https://doi.org/10.46407/kjci.2020.10.103.83
  3. 3GPP TS 22.261 v16.11.0: "Service Requirements for the 5G System; Stage 1," March 2020.
  4. M. Wollschlaeger, T. Sauter and J. Jasperneite, "The Future of Industrial Communication: Automation Networks in the Era of the Internet of Things and Industry 4.0," IEEE Industrial Electronics Magazine, vol. 11, no. 1, pp. 17-27, March 2017, doi: 10.1109/MIE.2017.2649104.
  5. 5G-ACIA White Paper: "5G Non-Public Networks for Industrial Scenarios," July 2019.
  6. N. Papakonstantinou, J. Linnosmaa, A. Z. Bashir, T. Malm and D. L. V. Bossuyt, "Early Combined Safety - Security Defense in Depth Assessment of Complex Systems," 2020 Annual Reliability and Maintainability Symposium (RAMS), Palm Springs, CA, USA, 2020, pp. 1-7, doi: 10.1109/RAMS48030.2020.9153599.
  7. 3GPP TS 23.251 v16.0.0: "Network Sharing; Architecture and Functional Description," July 2020.
  8. K. Goztepe, R. Kilic, and A. Kayaalp, "Cyber Defense in Depth: Designing Cyber Security Agency Organization for Turkey," Journal of Naval Science and Engineering, Vol. 10, No. 1, pp. 1-24, 2014.
  9. 5G-ACIA White Paper: "Security Aspects of 5G for Industrial Networks," May 2020.
  10. 3GPP TR 33.819 v16.1.0: "Study on Security Enhancements of 5G System (5GS) for Vertical and Local Area Network (LAN) Services," July 2020.
  11. R. E. Navas, H. L. Bouder, N. Cuppens, F. Cuppens, G. Z. Papadopoulos, "Demo: Do Not Trust Your Neighbors! A Small IoT Platform Illustrating a Man-in-the-Middle Attack," Proceedings of the 17th International Conference on Ad Hoc Networks and Wireless, pp. 120-125, September 2018.
  12. P. Porambage, Y. Miche, A. Kalliola, M. Liyanage and M. Ylianttila, "Secure Keying Scheme for Network Slicing in 5G Architecture," 2019 IEEE Conference on Standards for Communications and Networking (CSCN), GRANADA, Spain, 2019, pp. 1-6, doi: 10.1109/CSCN.2019.8931330.
  13. 3GPP TR 33.825 v16.0.1: "Study on the Security of Ultra-Reliable Low-Latency Communication (URLLC) for the 5G System (5GS)," Oct. 2019.
  14. Huawei, "5G Scenarios and Security Design," November 2016.