Security of 5G-V2X: Technologies, Standardization and Research Directions

Cellular-Vehicle to Everything (C-V2X) aims at resolving issues pertaining to the traditional usability of Vehicle to Infrastructure (V2I) and Vehicle to Vehicle (V2V) networking. Specifically, C-V2X lowers the number of entities involved in vehicular communications and allows the inclusion of cellular-security solutions to be applied to V2X. For this, the evolvement of LTE-V2X is revolutionary, but it fails to handle the demands of high throughput, ultra-high reliability, and ultra-low latency alongside its security mechanisms. To counter this, 5G-V2X is considered as an integral solution, which not only resolves the issues related to LTE-V2X but also provides a function-based network setup. Several reports have been given for the security of 5G, but none of them primarily focuses on the security of 5G-V2X. This article provides a detailed overview of 5G-V2X with a security-based comparison to LTE-V2X. A novel Security Reflex Function (SRF)-based architecture is proposed and several research challenges are presented related to the security of 5G-V2X. Furthermore, the article lays out requirements of Ultra-Dense and Ultra-Secure (UD-US) transmissions necessary for 5G-V2X.Comment: 9 pages, 6 figures, Preprin

A Model Based Framework for Service Availability Management

High availability of services is an important requirement in several domains, including mission critical systems. The Service Availability Forum (SA Forum) is a consortium of telecommunications and computing companies that defines standard middleware solutions for high availability. Availability Management Framework (AMF) manages the high availability of services by coordinating their application components according to redundancy models. To protect these services, AMF requires a configuration, i.e. a representation of the organization of the logical entities composing an application under its control. AMF configuration design is error-prone and tedious if done manually, due to the complexity of the AMF domain. This PhD thesis explores the effective design and analysis of AMF configurations, proposing a model-based management framework that facilitates this process. We propose a domain-specific modeling language that captures AMF domain concepts, relationships, and constraints, facilitating the management of AMF configurations. We define this language by extending UML through its profiling mechanism, capturing the concepts of AMF configurations and the description of the software for which the configuration will be generated. We introduce a new approach for the automatic generation of AMF configurations based on our UML profile using model transformation techniques. This approach consists of a set of transformations from the software description entities into AMF configurations while satisfying the requirements of the services to be provided as well as the constraints of the deployment infrastructure. We also propose a third-party AMF configuration validation approach consisting of syntactical and semantic validations. Syntactical validation checks the well-formedness of third-party configurations by validating them against AMF standard specification requirements captured in our UML profile. Semantic validation focuses on ensuring the runtime protection of services at configuration time (the SI-Protection problem). SI-Protection has combinatorial aspects and results in an NP-hard problem for most redundancy models, which we have tackled by devising a heuristic-based method, overcoming its complexity. We present proofs of concepts by using different available technologies: IBM Rational Software Architect (RSA) for implementing our UML profiles, Eclipse environment for developing a prototype tool for validating third-party configurations, and Atlas Transformation Language (ATL) for developing a prototype implementation of our model-based configuration generation approach

You have been warned: Abusing 5G's Warning and Emergency Systems

The Public Warning System (PWS) is an essential part of cellular networks and a country's civil protection. Warnings can notify users of hazardous events (e.g., floods, earthquakes) and crucial national matters that require immediate attention. PWS attacks disseminating fake warnings or concealing precarious events can have a serious impact, causing fraud, panic, physical harm, or unrest to users within an affected area. In this work, we conduct the first comprehensive investigation of PWS security in 5G networks. We demonstrate five practical attacks that may impact the security of 5G-based Commercial Mobile Alert System (CMAS) as well as Earthquake and Tsunami Warning System (ETWS) alerts. Additional to identifying the vulnerabilities, we investigate two PWS spoofing and three PWS suppression attacks, with or without a man-in-the-middle (MitM) attacker. We discover that MitM-based attacks have more severe impact than their non-MitM counterparts. Our PWS barring attack is an effective technique to eliminate legitimate warning messages. We perform a rigorous analysis of the roaming aspect of the PWS, incl. its potentially secure version, and report the implications of our attacks on other emergency features (e.g., 911 SIP calls). We discuss possible countermeasures and note that eradicating the attacks necessitates a scrupulous reevaluation of the PWS design and a secure implementation

Automatic generation of upgrade campaign specifications

The increasing reliance on computing systems has greatly impacted the customers' expectations from such systems; for which the need for reliable and highly available services has become an essential requirement. This has led service providers to seek for new ways to supply robust services in order to sustain their advantage in today's highly competitive markets. A highly available system is defined as a system that is up and running 99.999% of the time. To gain such availability, a solution that has been widely employed is the usage of redundant components. However, solutions used in the past are proprietary and as a result applications had no portability from one platform to another. The Service Availability Forum (SAF), a consortium of several computing and telecommunication companies, promotes standardized solutions for building highly available systems in which Commercial-Off-The-Shelf (COTS) building blocks can be used. The SAF middleware has many services each of which has a specialized role so that the whole middleware can manage the redundant components within the system to fulfill the service availability. Like any other system, a SAF system may go through several upgrade and downgrade processes during its lifetime. Though due to the high availability requirement, a SAF system ought to be upgraded while ensuring minimum service interruption. Among the SAF middleware services, the Software Management Framework (SMF) is responsible for this live upgrade. In order for the SMF to perform an upgrade the road map of this migration, which is known as the Upgrade Campaign Specification, should be provided. However, due to the number of entities involved in an upgrade campaign and the complexity of the relationships among these entities, manual calculation of various steps of an upgrade campaign specification is time consuming and error prone. In this thesis, we have devised an approach for automatic generation of upgrade campaign specifications to upgrade redundant entities of SAF systems. We have categorized possible upgrade variations into three main scenarios which consist of manipulating current entities of the system, removing or adding new ones. For each scenario we have recognized different criteria that impact the service availability. For each criterion, according to the different upgrade methods introduced by SMF, we have devised solutions to minimize the service availability interruption during the course of an upgrade. Finally, we have created a prototype tool that supports the generation of upgrade campaign specification algorithms for each scenario. We have applied our approach to a case study to demonstrate its applicability

A Framework for Requirements Decomposition, SLA Management and Dynamic System Reconfiguration

To meet user requirements, systems can be built from Commercial-Off-The-Shelf (COTS) components, potentially from different vendors. However, the gap between the requirements referring to the overall system and the components to build the system from can be large. To close the gap, it is required to decompose the requirements to a level where they can be mapped to components. When the designed system is deployed and ready for operations, its services are sold and pro-vided to customers. One important goal for service providers is to optimize system resource utilization while ensuring the quality of service expressed in the Service Level Agreements (SLAs). For this purpose, the system can be reconfigured dynamically according to the cur-rent workload to satisfy the SLAs while using only necessary resources. To manage the re-configuration of the system at runtime, a set of previously defined patterns called elasticity rules can be used. In elasticity rules, the actions that need to be taken to reconfigure the sys-tem are specified. An elasticity rule is generally invoked by a trigger, which is generated in reaction to a monitoring event. In this thesis, we propose a model-driven management framework which aims at user re-quirements satisfaction, SLA compliance management and enabling dynamic reconfiguration by reusing the design information at runtime. An approach has been developed to derive automatically a valid configuration starting from low level requirements called service configurations. However, the service configurations are far from requirements a user would express. To generate a system configuration from user requirements and alleviate the work of designer, we generate service configurations by de-composing functional user requirements to the level where components can be selected and put together to satisfy the user requirements. We integrated our service configurations gen-erator with the previous configuration generator. In our framework, we reuse the information acquired from system configuration and dimen-sioning to generate elasticity rules offline. We propose a model driven approach to check the compliance of SLAs and generate triggers for invoking applicable elasticity rules when system reconfiguration is required. For handling multiple triggers generated at the same time, we propose a solution to automatically correlate the actions of invoked elasticity rules, when re-quired. The framework consists of a number of metamodels and a set of model transfor-mations. We use the Unified Modeling Language (UML) and its profiling mechanism to de-scribe all the artifacts in the proposed framework. We implement the profiles using Eclipse Modeling Framework (EMF) and Papyrus. To implement the processes, we use the Atlas Transformation Language (ATL). We also use the APIs of the Object Constraint Language (OCL) in the Eclipse environment to develop a tool for checking constraints and generating triggers

Model Driven Upgrade Campaign Specification Generation and Evaluation

Oussama Jebbar High availability is an important non-functional requirement for carrier grade services. The applications/systems providing and protecting such services undergo frequent upgrades which makes meeting this requirement very challenging. A system upgrade is the migration process from the system’s current configuration to a new one. This migration may include configuration changes, installation and removal of software, etc.. The Service Availability Forum (SAF) published a set of standards that describe a high availability enabling middleware for Commercial-off-the-shelf (COTS) components based systems. In such a middleware, the Software Management Framework (SMF) is the service responsible for orchestrating the upgrades. These upgrades are performed according to a road map called an upgrade campaign specification. The Availability Management Framework (AMF) is another service defined in the SAF standards and which is responsible of managing the availability of the services and the service providers. To take a SAF compliant system from one configuration to another, one has first to come up with an upgrade campaign specification for that purpose. Moreover, there are multiple upgrade campaign specifications that can take the system from the same source configuration to the same target configuration, but they differ in the duration they take and the service outage they may induce. Designing an upgrade campaign specification for a SAF compliant system is not a straight forward process. Indeed, this is an error prone task that becomes more challenging when the system and the set of changes to perform get larger. Besides, selecting which upgrade campaign specification to apply among all the valid ones is either expensive (running the same upgrade campaign specification on a replica of the real system), or tedious (evaluating, comparing and selecting upgrade campaign specifications manually). In this thesis we propose automation as a solution to ease and minimize human intervention in the design and evaluation of upgrade campaign specifications. We devise a model driven approach to automatically generate upgrade campaign specifications. Our approach consists of several activities in order to ensure the SAF compliance of the generated upgrade campaign specification on one hand. On the other hand, we use the dependencies between system components to apply a set of rules that can improve the quality of the upgrade campaign specification by avoiding some of the unnecessary service outage. These rules include rules to order changes to be performed as well as a set of heuristics that make use of the dependencies. We also address the upgrade campaign evaluation related issues. We extend an existing discrete event systems based simulation approach for upgrade campaign evaluation. We expose the limitations of a random simulation as its results are unreliable for comparison. To overcome these limitations we define best case and worst case scenarios that we use to guide upgrade campaign simulations to see how the upgrade campaigns perform in edge cases. We also devise a method for upgrade campaign specification selection/elimination based on applicability checks according to two criteria: the maintenance window, and the acceptable outage during this window. Finally, we implemented prototypes for upgrade campaign specification generation and evaluation

Evaluation of concepts for gNodeB satellite backhaul using open-source 5G frameworks

The connection of remote 5G base stations, also termed gNodeB, is a recent topic in the evolution of mobile networks. In particular the growing communication capabilities of modern satellite networks seem attractive for this task. In this master thesis, concepts for the satellite backhaul are implemented and evaluated using open-source 5G frameworks

Automated AMF Configuration Difference Generation

Many domains require computer clusters to meet clients’ service level expectations. As cluster size increases, component failure becomes more likely. Rapid failure recovery is required to maintain high availability. The SA Forum has created specifications enabling management of multi-vendor solutions. These long-lived systems require tailored upgrade campaigns to keep their configuration up-to-date. Passed works on SA Forum’s Availability Management Framework (AMF) have created an automated AMF configuration generator and upgrade campaign generator. However, to generate an upgrade campaign for an already configured cluster based on a new target configuration, a configuration difference generator is needed. Furthermore, while Distinguished Names (DNs) usually uniquely identify object in a configuration, configuration generators do not guarantee that DNs in the new configuration will match. DN modification is not possible in a system without object replacement, causing service loss. Non-DN based inter-configuration object association is needed to restore old DNs. Our objective is to devise a technique to perform difference generation with limited knowledge of DNs and to find what data is needed to achieve this. To accomplish this, we analyse the AMF configuration model, then propose assumptions in a top down approach based on maintaining service availability during upgrade. We propose a two phase technique that first associates objects in-between configurations and then outputs the differences. We have implemented a tool that implements this technique on the Eclipse Platform and integrates with MAGIC’s Automated Upgrade Campaign Generator. We then present a case study based on the PHASE example