By Darren Cummings – President, Performance Defense
This is the second article in a five-part series exploring applications of 5G technology for the defense industry.
5G technology offers the ability to revolutionize defense operations. However, it also carries significant security risk factors, such as:
- Nascent Technology: While 5G networks have been around for a few years, the development of 5G devices lags behind. The relative immaturity of most 5G technology means that significant security research is necessary to identify and remediate potential vulnerabilities and other bugs.
- Software Dependency: 5G networks are designed to be more software-based and cloud-native than their predecessors. With this reliance on software comes increased risk associated with implementation errors and cyberattacks.
5G networks and devices are a vital component of the DoD’s technology strategy. However, to be useful, these devices also need to be secure and cyber resilient.
5G Security Testing Certification
One of the main roadblocks to the development of secure 5G devices is the lack of infrastructure that can be used to effectively test them. 5G network deployment is still in its early stages, and some mobile carriers have not yet fully rolled out their 5G technology. As a result, the testing that can be performed using publicly-available infrastructure is limited and makes it difficult to test and certify the full capabilities of 5G devices.
The use of 5G testbeds, such as the one operated by the NineTwelve Institute, is an essential part of the security testing and certification process for 5G-capable devices. This testbed offers rapid development and validation of 5G-ready solutions compatible with applicable defense certification requirements. With full control over the operating environment and greater support for 5G capabilities, these testbeds can provide a more realistic assessment of 5G devices’ capabilities and their security against cyber threats.
In addition to identifying and remediating potential vulnerabilities in 5G-compatible devices, 5G solutions used for defense purposes should be pre-certified against relevant standards. This makes it easier to evaluate if the solutions are fit for purpose and can help to streamline the defense acquisitions process.
For example, the components of 5G-compatible solutions used for defense purposes may need to comply with the requirements of DoD Instruction 5200.44, Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN). This Instruction states “In applicable systems, integrated circuit-related products and services shall be procured from a trusted supplier accredited by the Defense Microelectronics Activity (DMEA) when they are custom-designed, custom-manufactured, or tailored for a specific DoD military end use (generally referred to as application-specific integrated circuits (ASICs)).”
Compliance with this, other requirements of the DoD Trusted Foundry Program, and application-specific certification requirements out-of-the-box, may be essential for 5G devices to be applied to their intended purpose. Rigorous security testing against applicable requirements is an essential component of compliance with these regulations.
5G Security is Essential to 5G Success
The cybersecurity resiliency of 5G devices is vital to their ability to meet the needs of the defense industry. Cybersecurity is intrinsically linked with each of the “3 C’s” of 5G-capable devices:
- Connectivity: 5G devices used for defense must have consistent, reliable, and high-performance network connectivity to fulfill their role. Denial of Service attacks, vulnerability exploits, and other cyber threats can degrade or destroy devices’ connectivity and ability to operate.
- Computing: For rapid decision making, IoT devices commonly leverage computing power deployed at the network edge. If these resources are rendered unavailable or corrupted by a cyberattack, devices may be unable to function or act in undesirable ways.
- Certification: All technology used by the government and defense sector must be compliant with numerous, rigorous standards. A core component of these standards is ensuring that devices and the sensitive data that they have access to is properly protected against unauthorized access and exposure.
Promises & Pitfalls of 5G Technology
5G networks and devices promise significant benefits. With improved network speeds, latency, and bandwidth, 5G networks offer network connectivity to IoT devices in locales where other options are infeasible or unavailable. This network access can be invaluable for advancing the technological and strategic goals of the defense sector.
However, 5G technology is still in its infancy, and deploying untried and untested 5G solutions can create more problems than it solves. The success of 5G-capable devices for defense applications relies on these devices being thoroughly tested to ensure they meet or exceed applicable requirements for security against cyber threats.