Tuesday, 1 February 2022

Bug hunting in 5G Networks and Devices

Pentests or Penetration testing is ethical hacking that is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. They are performed to identify weaknesses or vulnerabilities, including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.

Sébastien Dudek, Founder and Security Engineer at PentHertz did a presentation at No Hat conference 2021. The outline of his talk says:

Expected to be released in 2021, we only see the early stage of 5G-NR connectivity in rare places around the world and we cannot talk yet about "real 5G" as current installations are put on the Non-Standalone mode (NSA) using 4G infrastructures. But in the meantime, it is important to get prepared for this upcoming technology and ways we can practically simulate real-world attacks in the future, with Standalone (SA) mode-capable devices and networks. In this presentation, we will see how to conduct practical security assignments on future 5G SA devices and networks, and how to investigate the protocol stack. To begin the presentation, we briefly present the differences with 2G-5G in terms of security applied to security assessment contexts, i.e. the limit we are left with, and how to circumvent them. Then we see how a 5G-NR security testbed looks like, and discuss what type of bugs are interesting to spot. Third, we make more sense about some attacks on devices by showing attacks that could be performed on the core side from the outside. Finally, we briefly introduce how we could move forward by looking at the 5G protocol stack and the state of the current mean.

Slides are available here and the video is embedded below:

A post on their website also looks at penetration of standalone 5G core. The post contains a video as well which can also be directly accessed here.

A new white paper from 5G Americas provides nearly annual updates around the topic of security in wireless cellular networks. The current edition addresses emerging challenges and opportunities, making recommendations for securing 5G networks in the context of the evolution to cloud-based and distributed networks. 

Additionally, the white paper provides insight into securing 5G in private, public, and hybrid cloud deployment models. Topics such as orchestration, automation, cloud-native security, and application programming interface (API) security are addressed. The transition from perimeter-based security to a zero-trust architecture to protect assets and data from external and internal threats is also discussed.

Related Posts

Tuesday, 25 January 2022

3GPP Release-18 Work Moves Into Focus as Release-17 Reaches Maturity

In early December 2021, 3GPP reached a consensus on the scope of 5G NR Release-18. With the 3GPP Rel-17 functional freeze set for March 2022, Release-18 work is moving into focus. This is being billed as a significant milestone marking the beginning of 5G Advanced — the second wave of wireless innovations that will fulfil the 5G vision. Release 18 is expected to build on the solid foundation set by 3GPP Releases 15, 16, and 17, and it sets the longer-term evolution direction of 5G and beyond.

(click on the image to enlarge - PDF here)

The 3GPP Release-18 page has a concise summary of all that you need to know, including the timeline. For anyone interested in going through features one-by-one, start navigating from here, select Rel-18 from the top.

For others who may be more interested in summary rather than a lot of details, here are some good links to navigate:

  • Nokia whitepaper - 5G-Advanced: Expanding 5G for the connected world (link)
  • Paper by Ericsson researcher, Xingqin Lin, 'An Overview of 5G Advanced Evolution in 3GPP Release 18' (link)
  • Marcin Dryjański, Rimedo Labs - 3GPP Rel-18: 5G-Advanced RAN Features (link)
  • Bevin Fletcher, FierceWireless: Next 3GPP standard tees up 5G Advanced (link)

As always, Qualcomm has a fantastic summary of 5G evolution and features in 3GPP Release-18 on their page here. The image above nicely shows the evolution of 5G from Release-15 all the way to Release-18. The image below shows a summary of 3GPP Release-18, 5G-Advanced features.

They also hosted a webinar with RCR wireless. The webinar is embedded below.

The slides can be downloaded from GSA website (account required, free to register) here.

Related Posts

Tuesday, 18 January 2022

3GPP 5G Non Terrestrial Networks (NTN) Standardization Update

We have looked at 5G Non Terrestrial Networks (NTN) in many different posts in our blogs. If you are new to this topic then this tutorial with a video is a good place to start or just follow this IEEE Comsoc article or this short update from R&S here.

Nicolas Chuberre is the rapporteur of the NR_NTN_solutions work item (TSG RAN) and of the FS-5GET study item (WG SA1) from Thales Alenia Space. In the October 2021 issue of 3GPP Highlights newsletter, he along with Munira Jaffar, Lead delegate representing EchoStar and Hughes Standards in ESOA (EMEA Satellite Operators Association) Standards Working Group, wrote a summary of 'Status of NTN & Satellite in 3GPP Releases 17 & 18'.

Quoting from the article:

The approval of normative activities on Non-Terrestrial Networks (NTN) in Rel-17 has generated growing interest in the topic. The Rel-17 NTN work items are supported by a wide range of vendors (terminal, chipset, network), as well as service providers from both the mobile and space industries and vertical user groups including ESOA.

The Rel-17 NTN and satellite work items in Technical Specification Group (TSG) RAN and TSG SA have been progressing towards the goal of satellite inclusion in 3GPP technical specifications. The focus is on transparent payload architecture with FDD systems where all UEs are assumed to have GNSS capabilities. The normative phase includes adaptation to the physical & access layer aspects, radio access network and system architecture, radio resource management, and RF requirements for targeted satellite networks operating at LEO, MEO or GEO orbits.

With an expected completion date of March 2022, the 3GPP Rel-17 specifications will support New Radio (NR) based satellite access deployed in FR1 bands serving handheld devices for global service continuity. Equally exciting, the 3GPP Rel-17 specification will support NB-IoT and eMTC based satellite access to address massive Internet of Things (IoT) use cases in areas such as agriculture, transport, logistics and many more. 

This joint effort between mobile and satellite industries will enable the full integration of satellite in the 3GPP ecosystem and define a global standard for future satellite networks. This will address the challenges of reachability and service continuity in unserved/underserved areas, enhance reliability through connectivity between various access technologies, and improve network resilience and dependability in responding to natural and manmade disasters.

Upon completion of Rel-17 the long-awaited standard for satellite networks serving handheld devices should be in place by 2022, with commercial product availability expected sometime in 2024. Including satellite as part of the 3GPP specifications will support the promise of worldwide access to 5G services and drive explosive growth in the satellite industry. 

Looking ahead, ESOA members and other NTN stakeholders have started discussions during the 3GPP Rel-18 June workshop and are continuing to work on a further list of enhancements for both NR-NTN and IoT-NTN to be considered in Rel-18. Plans are also underway to further define the enablers for NR based satellite access in bands above 10 GHz to serve fixed and moving platforms (e.g., aircraft, vessels, UAVs) as well as building- mounted devices (e.g., businesses and premises). The goal of these efforts is to further optimize satellite access performance, address new bands with their specific regulatory requirements, and support new capabilities and services as the evolution of 5G continues.

At Mobile Korea 2021, Nicolas Chuberre gave a talk on '3GPP NTN standardization: past, current and future'. The talk nicely summarizes Release-17 progress and the features planned for 3GPP Release-18. His talk is embedded below:

Related Posts:

Tuesday, 11 January 2022

An Introduction to Minimization of Drive Testing (MDT)

Over the last few years, Ralf Kreher has done some fantastic posts on Minimization of Drive Testing (MDT) on this blog (links at the bottom of this post). To complement that, here is a basic introductory tutorial looking at what exactly is meant by MDT and how it's done. 

Video embedded below:

The slides from the presentation are available here.

Please check out our 3GPP SON Series videos here.

Related Posts:

Tuesday, 4 January 2022

What is RF Front-End (RFFE) and why is it so Important?

As more technologies, frequency bands, antennas, etc., are crammed in our smartphones and tablets, it becomes essential for these devices to keep performing despite what technologies and spectrum are in use at any instant of time. This requires specialist design of the RF front end in our devices. Wikipedia explains it as:

In a radio receiver circuit, the RF front end, short for radio frequency front end, is a generic term for all the circuitry between a receiver's antenna input up to and including the mixer stage. It consists of all the components in the receiver that process the signal at the original incoming radio frequency (RF), before it is converted to a lower intermediate frequency (IF). In microwave and satellite receivers it is often called the low-noise block downconverter (LNB) and is often located at the antenna, so that the signal from the antenna can be transferred to the rest of the receiver at the more easily handled intermediate frequency.

Qualcomm is very active in this area as can be seen from the chart in the Tweet above. Back in October, Qualcomm announced ultraBAW, their new generation of micro acoustic filter technology that expands their RF front-end (RFFE) portfolio and opens up new 5G services and applications. They have a short intro video explaining RFFE:

It is also interesting to see from the Tweet above that on an average baseband + RFFE + connectivity chips cost Apple nearly $55 per device.

The analyst firm CCS Insight have also done some good work explaining RFFE and their analyst Wayne Lam has written a few detailed articles on this topic. Here are the links if you want to read further:

  • Advances in RF Front-Ends Made 5G Phones Possible (link)
  • Advances in 5G RF Front-Ends Lead to Longer Battery Life (link)

Their RFFE videos playlist is embedded below.

Also worth noting that a good modem and RF front-end, especially with 5G, can make a lot of difference in what speeds and coverage you can get

Related Posts:

Monday, 27 December 2021

Top 10 Posts for 2021 and Top 5 Videos

Here are the top posts from this year, from most popular to the tenth most popular, in descending order of popularity:

1. A look at 5G Applications, Application Functions & Application Servers, April 2021

2. Different Types of RAN Architectures - Distributed, Centralized & Cloud, July 2021

3. AT&T Cybersecurity Experts Provide 5G Security Overview, July 2021

4. Qualcomm Explains 5G mmWave Future & Integrated Access and Backhaul (IAB), September 2021

5. 5G RAN Functional Splits, March 2021

6. O-RAN Introduction for Beginners, June 2021

7. Network Slicing using User Equipment Route Selection Policy (URSP), November 2021

8. Positioning in 5G networks, April 2021

9. An Early View of 3GPP Release-18 5G-Advanced Topics, October 2021

10. Introduction to 5G Reduced Capability (RedCap) Devices, July 2021

In addition, the following two posts from last year made it in the top 10 as well, so including them below:

⦿ EPS Fallback in 5G Standalone Deployments, Feb 2020

⦿ Positioning Techniques for 5G NR in 3GPP Release-16, October 2020

In addition to the above, we have a very popular and active YouTube channel, here are the top 5 videos that we posted this year: 

1. 5G Radio Access Network Architecture: The Dark Side of 5G, January 2021

2. Webinar: 5G Security Briefing, March 2021

3. Beginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition, June 2021

4. 6G Training Course Part 1: Introduction, January 2021

5. Beginners: Connecting Underground Railway Network, June 2021

Do you have a favourite 3G4G blog post or video? Please feel free to add in comments.

Related Posts

Monday, 20 December 2021

Impact of 5G on Lawful Interception and Law Enforcement.

At Telecoms Europe 5G 2021 event, David Anstiss, Senior Solutions Architect, SS8 Networks gave a talk on Impact of 5G on lawful interception and law enforcement. The talk provided an insight in​to how 5G is impacting lawful interception, and the challenges faced by intelligences agencies as they work with communication service providers to gather information, to safeguard society.

The talk, followed by Q&A is embedded below:

You may also find this blog post titled, 'Five Challenges of Gathering Digital Evidence in a 5G World' by David Anstiss, interesting.

Related Posts:

Monday, 13 December 2021

5G & AI Powered Smart Hospitals

5G Telehealth has been one of the main driving use cases for upgrading the infrastructure. While some use cases definitely make sense, some others like remote surgery will most likely never happen, at least the way it's depicted today.

At the GSMA Mobile 360 APAC - 5G Industry Community Summit, Michael Fung, Chief Information Officer from CHUK Medical Centre presented a nice talk detailing how they see 5G & AI powered hospitals of the future. The video of his talk is embedded at the bottom of this post.

There have also been some other discussions on 5G & healthcare recently. Here are the links if you want to explore this topic further:

The US FDA recently published a one pager looking at how Service level agreements (SLAs) can enable 5G-enabled medical device use cases by documenting how a medical device communication requirement is met by the unique characteristics of 5G networks and the roles and responsibilities of the stakeholders involved in offering safe and effective 5G-enabled healthcare to patients.

IEEE Access has a detailed paper on this topic by the same authors. Quoting from the abstract:

Service level agreements (SLAs) can enable 5G-enabled medical device use cases by documenting how a medical device communication requirements are met by the unique characteristics of 5G networks and the roles and responsibilities of the stakeholders involved in offering safe and effective 5G-enabled healthcare to patients. However, there are gaps in this space that should be addressed to facilitate the efficient implementation of 5G technology in healthcare. Current literature is scarce regarding SLAs for 5G and is absent regarding SLAs for 5G-enabled medical devices. This paper aims to bridge these gaps by identifying key challenges, providing insight, and describing open research questions related to SLAs in 5G and specifically 5G-healthcare systems. This is helpful to network service providers, users, and regulatory authorities in developing, managing, monitoring, and evaluating SLAs in 5G-enabled medical systems.

Here is the video from GSMA 5G Industry Community Summit Part 2:

Related Posts:

Tuesday, 7 December 2021

What will 5G Standalone deliver?


Surely you have heard me talk about the benefits of 5G Standalone and why is it needed. At Telecoms Europe 5G 2021, Dr. Kim K Larsen, CTIO, T-Mobile Netherlands, presented a talk on what exactly will 5G Standalone deliver. The video of his talk and slides are embedded below.

If mobile economics is an area of interest, you may want to check out his old blog posts which are quite detailed. Here.

Related Posts:

Tuesday, 30 November 2021

Will Wi-Fi Help 3GPP Bring Reliable Connectivity Indoors?

I have argued a few times now that it would make much more sense to be able to make access and core independent of each other. 3GPP 5G Standards already have a feature available from Release-16 onwards that enables this with 5G Core, Standalone networks.

We use our smart devices currently for voice and data communications. When we are indoor, many times the data goes over Wi-Fi. This is what tempted operators to move to WiFi for voice solution as well. Many operators are now enabling Voice of WiFi in their network to provide reliable voice coverage indoors.

While this works currently without any issues, when operators start offering new native services and applications, like XR over 5G, the current approach won't help. When our devices are connected over Wi-Fi at present, they are unable to take advantage of operator core or services. With access and core independence, this will no longer be an issue.

I gave a short (15 mins) virtual presentation at 5G Techritory this year. I argued not just for WWC but also looked at what 5G features have a potential for revolution. It's embedded below.

Related Posts: