Security Aspects of 5G for Industrial Networks

5G security as an integral part of secure industrial operations.


Executive Summary

5G is an enabler of both telecommunications and industrial use cases. The security requirements of telecommunications networks are well defined and have been widely published. This white paper concentrates on the security needs of industrial networks. Drawing on the use cases and network deployment models already developed within 5G-ACIA and other organizations,

The paper focuses on the security requirements of operational technology (OT) companies, the current OT security frameworks and standards utilized and how 5G security features would complement the existing OT security toolbox. 

The paper concludes with an outlook that security requires a holistic approach where industrial network security is achieved through secure deployment and operation of networks as much as their secure specification and  implementation. Hence, benefiting from the ongoing cooperation between OT companies and ICT companies, as exemplified through the work of 5G-ACIA.

Key messages

Insight and Vision

Security requirements of public mobile telecommunication networks (public land mobile networks, PLMNs) have been extensively worked on, and the associated security features and functions have been specified by 3GPP as part of its standardization process for 5G and its predecessors…

  • OT networks are traditionally physically isolated
  • Strict perimeter protection and access control are used
  • Confidentiality of processes, operational data, users and equipment are paramount
  • Data flows to the outside are restricted (usually, only for maintenance)
  • Sensitivity to physical layer jamming
  • Within a single perimeter, a single trust domain of users, processes, data and equipment is maintained and 5G telco operator would not be part of this trust domain
  • Higher layer, E2E encryption & integrity protection is used
  • State-of-the-art authentication mechanisms, as well as secure hardware components for credentials storage & processing generally not used
  • Regulatory compliance and associated certifications are major business imperatives
  • Brown-field OT networks: equipment and processes with long lifecycles, brings the need to maintain interoperability between legacy OT and 5G security mechanisms.

OPC-UA Framework (IEC 62541) provides E2E security, agnostic to the underlying communication system and includes cryptographic protocols, certificate management, transport & application layer security. It helps establish defense-in-depth as an OT strategy where security features from 5G and other networking technologies would integrate with.

A 3GPP defined, highly isolated, 5G Standalone NPN (SNPN), with trust domains similar to legacy OT deployments, flexible authentication methods and credentials management as well as low effort for OT network regulatory compliance, would be a close match to isolated, legacy OT networks.
In addition to the 3GPP-defined 5G security toolbox, establishment of implementation guidelines, best practices and security profiles play a key role in building operational security in industrial 5G networks.

Presentation by the experts during the Hannover Fair 2021

Play Video


Retrospect and Outlook

3GPP 5G security features generally provide robust support for OT network deployments. These security features together form a toolbox that allows OT companies to address the varying security risks of the multiple OT 5G  deployment scenarios described in this paper. 

The OT domain is characterized by the interdependence of companies with various industry roles, such as manufacturers, integrators and operators. 

The 5G security toolbox may be used differently by each of these. Additionally, as much as technology specifications and requirements, the OT field is characterized by operational and implementation-related requirements specific to each field deployment. IEC 62443 standards and OPC-UA framework provide a good basis for 5G security features to integrate with. It has been demonstrated that 5G security features form a toolbox that both OT and PLMN operators can use to manage the risks in the OT networks of the future.

We have awoken your interest?

Do you want to learn more about this future-oriented topic? Please download or share the 5G-ACIA white paper as a PDF file.

Relevant white papers

Industrial 5G Edge Computing – Use Cases, Architecture and Deployment
5G edge computing provides reliable, low-latency communication and data processing on enterprise premises enabling many future industrial use cases. The architecture of such networks is made from standard components and their deployment is flexible to fit different use cases...
Industrial 5G Devices – Architecture and Capabilities
5G enables reliable, low-latency, high-bandwidth data transmission, making it a key technology for the future of industrial communications. The introduction of 5G to factories and a wide range of other industrial facilities is also creating a need for industrial devices that support the 5G standard....
abstracted constructor with tablet in his hand
5G QoS for Industrial Automation
Distributed industrial applications rely on the quality of service (QoS) of the underlying communications system, which has to meet the application requirements in each case. Some industrial use cases pose highly demanding communication requirements and are therefore quite sensitive to any changes in the QoS. 5G supports comprehensive mechanisms for defining, implementing, controlling, policing, and monitoring QoS. These mechanisms cover both dynamic QoS management for packet-level traffic differentiation within a single-device connection and management of the overall performance of 5G networks. This white paper addresses industrial automation professionals wishing to leverage 5G QoS features in their applications....

Share the content