Practical Security Analysis and Measures for 5G Private Industrial Standalone (SA) Deployments

Inhalt:
The standardization of the fifth generation of mobile communications has been completed, and the expansion of the 5G system is currently being driven forward. In addition to public mobile networks, the 5G mobile network standard foresees privately operated systems. Private 5G systems are started to be deployed and operated in industrial and academic environments using off-the-shelf components like standard computing hardware, software-defined radios, and open-source software with costs below 10k EUR. 5G systems are extensible and scalable due to the service-oriented architecture of the distributed 5G system. Especially in industrial deployment, the demand for security of networks is high, for example, to protect in-house data. In this paper, we present a security analysis for 5G systems from different possible attack points from the operator’s perspective. We conduct selected attacks to highlight and demonstrate weakness on our private indoor 5G testbed at the University of Applied Sciences in Lübeck. From the results of the security analysis and attacks, we derive measures to improve the security of the 5G system. Finally, we verify the effectiveness of the measures by additional tests.