With the project MANTRA5G (“Modular, Adaptive and iNteroperable Test fRAmework for 5G/6G”), TÜVIT followed the call for funding “Cyber security and digital sovereignty in 5G/6G communication technologies” and coordinated the project as consortium leader. The aim was to develop an innovative 5G test framework.
Lower latency times, higher transmission speeds, better network stability: 5G brings all of this with it. As a result, the fifth generation of mobile communications is also increasingly being used in critical infrastructures. In order to provide the best possible protection against cyber attacks and to strengthen confidence in the IT security of 5G mobile radio components, the 3rd Generation Partnership Project (3GPP) and the GSM Association (GSMA) have developed the Network Equipment Security Assurance Scheme, or NESAS for short. With NESAS CCS-GI (Cybersecurity Certification Scheme - German Implementation), there is also a national certification scheme from the German Federal Office for Information Security (BSI). However, corresponding tests require complex test setups and high hardware requirements. In addition, the 5G telecommunications components to be tested are often highly heterogeneous. At the same time, however, legal framework conditions are increasingly demanding tests.
MANTRA5G built on this initial situation: As part of the project, TÜVIT investigated the question of what requirements must apply to a test system that enables the efficient testing of critical 5G components in accordance with the NESAS test scheme and the NESAS CSS-GI certification scheme. The specified security tests according to NESAS and NESAS CCS-GI stipulate that 5G components must be evaluated in the overall context of a 5G network. For this reason, one focus of the project was on analyzing the necessary test interfaces and triggers for different product classes of the 5G core network. A second aspect was preliminary investigations into the automation of test sequences. “As a recognized evaluation body for NESAS CCS-GI, we are familiar with the challenges associated with testing 5G components,” says Lisa Schmidt, IT security consultant at TÜVIT. “This led to the idea of developing a universally applicable test framework that will enable time- and cost-efficient testing in the 5G area in the future.” In this context, the TÜVIT experts created their own 5G test environment. This involved using the open source tools “Open5Gs”, “free5GS” and “UERANSIM”, which were tested for their suitability. In addition, they were supported by project partner Exceeding Solutions, which contributed to the implementation of a corresponding demonstrator.
As part of the project, the TÜVIT experts were able to deepen their knowledge of 5G components and their interaction with each other and identify challenges when testing 5G components. In addition, they successfully achieved their goal of developing a universal test platform demonstrator and proved its feasibility. Further development will entail considerable effort, meaning that comprehensive background knowledge is required. At the same time, the open source tool “Open5GS” used should also be developed further in the future.
