In a recently published report on Open RAN security, the EU highlights the risks of combining devices from different suppliers and calls for more regulation of the supply chain. A 5G Open RAN network provides a method for deploying radio access networks based on open interfaces, and networks are already being deployed.

The report ('Cybersecurity of Open Radio Access Networks') is prepared by EU member states with the support of the European Commission and ENISA, the EU Agency for Cybersecurity. The paper examines the cybersecurity implications of Open Radio Access Networks (RAN). In the coming years, this next-generation 5G network architecture will provide an alternative way to deploy radio access protocols for 5G networks based on open interfaces.

For the European Union, the timely deployment of secure 5G networks is a high priority. The EU member states have developed a coordinated approach to cybersecurity for 5G networks with help from the European Commission and ENISA. This project resulted in EU members jointly assessing the main risks related to 5G networks ('EU Coordinated Risk Assessment') and defining a comprehensive and risk-based approach in the EU 5G Toolbox adopted in January 2020.

In light of Open RAN's importance in the evolution of 5G and 6G architectures, member states of the EU have undertaken an in-depth analysis of its security implications to complement the coordinated risk analysis of 5G. The NIS Cooperation Group will continue to monitor and assess the 5G supply chain as new trends and developments emerge.

The EU report can be found here.

Photo credit: Scott Webb