Given its global nature, and the connections it creates between ICT and non-ICT sectors, 5G critically depends on standards to ensure interoperability, security, privacy and data protection.
Standards allow the existence of open markets for both the final customers, who want to use different services from different providers, and providers wanting to use different products from different suppliers to reduce costs and accelerate time to market. From an economic perspective, standards and the way they are implemented will make one of the most meaningful contributions to the 5G PPP programme, helping pull different technologies under one umbrella as 5G becomes increasingly reliant on standards, with a focus on interconnection and interoperability.
Lack of timely technical solutions may endanger the growth of 5G-enabled products and services and put at risk the privacy and liberty of citizens. Yet progress on standardisation of 4G/LTE has been hindered because of the difficulty in creating consensus on fundamental architectural issues related to security, e.g. the placement of the user data encryption.
The 5G-ENSURE Standardisation Plan is aimed at ensuring contributions to 5G standardisation are both timely and targeted, with partners pursuing an industry-led approach and by downstreaming relevant research results into the standardisation process.
The 5G security standardisation plan focuses on:
- contributions to the most relevant standards bodies, particularly 3GPP and ETSI.
- monitoring of on-going studies on 5G standardisation.
The ultimate goal is help create some kind of harmonisation within the standardisation ecosystem.
5G-ENSURE has also undertaken actions with other standards bodies to share project results of interest. The on-going collaboration with NIST is one example of this.
5G-ENSURE standardisation activities aim to drive the specification of new networks in such a way that security is built in from the design phases and not appended later as an add-on feature. The strategy is to provide relevant standards groups with a set of security and privacy requirements derived from the threat analysis of 5G use cases in a timely manner and may be used to build the new 5G security architecture. Taking into account a set of security, privacy and liability issues and addressing them directly in the standardisation and regulation processes will ensure a 5G network which is "Secure by Design".
Network and systems security are fundamental elements of the economic growth that 5G will bring through improved services, higher data rates, new interfaces, and new business models. As critical infrastructures, Telcos need to be increasingly resilient agains some of the most severe cyber threats. Standards clearly have a critical role to play here, too. Privacy aspects also require timely and targeted actions, as stressed by the EU Privacy Mandates (e.g. M/530) and the General Data Protection Regulation (GDPR).
At the 5G PPP programme level, 5G-ENSURE is making a concerted effort to build consensus and transfer knowledge across the 5G PPP, including pre-standardisation consensus, and through its leadership of the Security WG established in March 2016 and other relevant Work Groups.