Security Aspects of 5G for Industrial Networks

5G security as an integral part of secure industrial operations.

Intro

Executive Summary

5G is an enabler of both telecommunications and industrial use cases. The security requirements of telecommunications networks are well defined and have been widely published. This white paper concentrates on the security needs of industrial networks. Drawing on the use cases and network deployment models already developed within 5G-ACIA and other organizations,

The paper focuses on the security requirements of operational technology (OT) companies, the current OT security frameworks and standards utilized and how 5G security features would complement the existing OT security toolbox. 

The paper concludes with an outlook that security requires a holistic approach where industrial network security is achieved through secure deployment and operation of networks as much as their secure specification and  implementation. Hence, benefiting from the ongoing cooperation between OT companies and ICT companies, as exemplified through the work of 5G-ACIA.

Key messages

Insight and Vision

Security requirements of public mobile telecommunication networks (public land mobile networks, PLMNs) have been extensively worked on, and the associated security features and functions have been specified by 3GPP as part of its standardization process for 5G and its predecessors…

  • OT networks are traditionally physically isolated
  • Strict perimeter protection and access control are used
  • Confidentiality of processes, operational data, users and equipment are paramount
  • Data flows to the outside are restricted (usually, only for maintenance)
  • Sensitivity to physical layer jamming
  • Within a single perimeter, a single trust domain of users, processes, data and equipment is maintained and 5G telco operator would not be part of this trust domain
  • Higher layer, E2E encryption & integrity protection is used
  • State-of-the-art authentication mechanisms, as well as secure hardware components for credentials storage & processing generally not used
  • Regulatory compliance and associated certifications are major business imperatives
  • Brown-field OT networks: equipment and processes with long lifecycles, brings the need to maintain interoperability between legacy OT and 5G security mechanisms.

 

OPC-UA Framework (IEC 62541) provides E2E security, agnostic to the underlying communication system and includes cryptographic protocols, certificate management, transport & application layer security. It helps establish defense-in-depth as an OT strategy where security features from 5G and other networking technologies would integrate with.

 

A 3GPP defined, highly isolated, 5G Standalone NPN (SNPN), with trust domains similar to legacy OT deployments, flexible authentication methods and credentials management as well as low effort for OT network regulatory compliance, would be a close match to isolated, legacy OT networks.
In addition to the 3GPP-defined 5G security toolbox, establishment of implementation guidelines, best practices and security profiles play a key role in building operational security in industrial 5G networks.

 

conclusion

Retrospect and Outlook

3GPP 5G security features generally provide robust support for OT network deployments. These security features together form a toolbox that allows OT companies to address the varying security risks of the multiple OT 5G  deployment scenarios described in this paper. 

The OT domain is characterized by the interdependence of companies with various industry roles, such as manufacturers, integrators and operators. 

The 5G security toolbox may be used differently by each of these. Additionally, as much as technology specifications and requirements, the OT field is characterized by operational and implementation-related requirements specific to each field deployment. IEC 62443 standards and OPC-UA framework provide a good basis for 5G security features to integrate with. It has been demonstrated that 5G security features form a toolbox that both OT and PLMN operators can use to manage the risks in the OT networks of the future.

We have awoken your interest?

Do you want to learn more about this future-oriented topic? Please download or share the 5G-ACIA white paper as a PDF file.

Relevant white papers

5G-ACIA_Whitepaper_CoverGraphics_Industry4.0_Blue_1920x1080
Using Digital Twins to Integrate 5G into Production Networks
5G becomes an important part of the infrastructure of the factories due to its performance, flexibility and tailored solutions for factory automation and connected industries. 5G-ACIA has worked on how industrial 5G system is integrated within factories following the I4.0 principles. Asset Administration Shell (AAS) is a key component of the Industrie 4.0 architecture to ensure integration across system boundaries and interoperability across the value chains. It supports the notion of working with “digital twins” of all assets of a factory. Two new types of digital twins (AAS) are proposed with respect to the 5G architecture called 5G network AAS comprising of 5G Radio Access Network and 5G Core Network and an independent AAS model for the 5G User Equipment (5G UE AAS). ...
5G-ACIA_Whitepaper_CoverGraphics_Interface_Blue_1920x1080
Exposure of 5G Capabilities for Connected Industries and Automation Applications
This white paper describes the functional requirements for exposing the capabilities of non-public 5G systems to industrial factory applications. Via exposure interfaces, industrial applications can access and can manage 5G service capabilities. Industrial applications also monitor e.g. the QoS of communication services and the network status. Due to the generic nature of the exposed capabilities, it is also possible to support other use cases that share the requirements of industrial factory applications. Examples include control applications for rail transportation, electrical power distribution, and central power generation. ...
5G-ACIA_Whitepaper_CoverGraphics_TSN_Blue_1920x1080
Integration of 5G with Time-Sensitive Networking for Industrial Communications
The white paper looks at the standards specified for 5G by 3GPP and the standards specified for Time-Sensitive Networking by IEEE and describes how these two standard technologies can be integrated for industrial communication. ...

Designing 5G for Industrial Use

Key 5G capabilities pave the way for perfecting Industry 4.0 communication and IIoT connectivity

Key Enabler for Industrial 5G

High-performance features of 5G enhance its potential for a wide variety of industrial communication channels and applications

Making Industrial 5G happen

For core use cases, industrial 5G will evolve into a key wireless communication technology and standard

Usage of industrial 5G

A wide variety of white papers explain in detail how industrial 5G will migrate to and be integrated in connected industries and automation

Endorsed testbeds

The capabilities and performance of 5G in actual industrial applications are evaluated and validated with endorsed testbeds

Showcases

Industrial 5G demos for various industry scenarios and resolutions are presented, showing how they maximize performance and reliability

About us

5G-ACIA unites key stakeholders for advancing the standardization and regulation of 5G in the industrial domain

Mission

5G-ACIA ensures that the special interests and needs of the industrial domain are adequately considered in connection with 5G standardization and regulation

Structure

5G-ACIA is run and operated by a board, working groups, and an office

Working groups

A plenum makes plans and decisions on how to handle different work items and essential topics

Legal entity of 5G-ACIA

5G-ACIA is a working group of ZVEI

Global partners

5G-ACIA is a global association and central forum with associated partners worldwide

Benefit

Joining 5G-ACIA makes you an Industrial 5G initiator with access to valuable insights and knowledge

Members

Global member organizations from diverse domains are the key to the success of 5G-ACIA and Industrial 5G

How to become a member

5G-ACIA is happy to receive and answer your queries

News

All of the latest announcements, reports, and information are available here

Press releases

All recent press releases are available here

Events

Join upcoming events and review past ones

Publications

Key 5G-ACIA messages and publications for SDOs and observers worldwide

Webinars

Join 5G-ACIA and learn about its work designing the framework for industrial 5G

Media

Media and materials to inspire you and promote Industrial 5G

Showcases

Industrial 5G Demos and resolutions are explained under different industrial scenarios by providing highest levels of performance and reliability

Share the content

Facebook
Twitter
LinkedIn
Email
Print