D2.3 Risk Assessment, Requirements

This first draft of the Risk Assessment, Mitigation and Requirements deliverable mainly addresses the first two aspects, by proposing a risk assessment and mitigation approach for the selected 5G- ENSURE security use cases. This document is not investigating in this first version the intrinsic risks of new 5G infrastructure and network (which is not yet fully defined). Those investigations will be delivered in subsequent iterations of this document, in particular to address such security issues as those related to the 5G network segments and trust boundaries, 5G slicing concept (RAN and core level and interaction between slices) and issues related to the level of isolation and associated proofs needed, along with efficient remediation capabilities. This document takes the first steps towards the definition of a risk assessment and mitigation methodology to be followed for the specific task of evaluating the 5G security uses cases and architecture. Firstly we discuss and define terminology. This is essential, as common speech terminology can be quite inexact but in risk management we must be precise. We then review the state of the art in risk assessment and mitigation, understanding what existing methodology, or combination of, suits the evaluation of 5G-ENSURE proposed use cases. To understand 5G networks we must first understand the proposed architectural framework and its differences when compared to the previous 4G networks. We therefore introduce the conceptual 5G security framework proposed until the present moment within the 5G-ENSURE project (work ongoing). The Risk Management Context is then defined, looking first at the 5G assets and actors, which is followed by the identification of threats. The 5G-ENSURE risk evaluation methodology for use case analysis is also introduced with some possible approaches to risk likelihood estimation. Nevertheless, the methodology will be refined in the final version of this document (M24), after examination of each of the approaches, especially for factors such as risk severity, impact and the level of control of remediation. The core chapter provides an initial threat analysis of representative use cases defined by the 5G ENSURE project, after the threat description formalism (template) is introduced. As agreed by the 5G-ENSURE partners, the focus is made on the ‘internal’ threats in this draft document, i.e. those derived from 5G-ENSURE specific use cases are only analyzed in this first version, as they capture the very essence of security and privacy aspects of 5G networks as seen by the project. The chapter 6 gives some initial design recommendations with respect to the analyzed 5G threats. As this document is a “draft” risk assessment methodology, the next steps to be done are set out alongside the conclusions chapter. In particular, the final version of the deliverable ‘D2.3 Risk Assessment, Mitigation and Requirements’ will comprise the following parts: full threat analysis (including ‘external’ threats coming from other sources than 5G-ENSURE use cases), their categorization, prioritization with regard to severity and impact, complete mitigation and remediation recommendations, functional requirements and architectural options (towards T2.4), definition of relevant metrics for use of security monitoring, as well as penetration tests over the security testbed and gap analysis (related to WP4)

Terrestrial-satellite integration in dynamic 5G backhaul networks

This paper presents a dynamic backhaul network in order to face some of the main 5G challenges such as 100% coverage, improved capacity or reduction in energy consumption. The proposed solution, elaborated within the SANSA H2020 project, is based on the seamless integration of the satellite component in a terrestrial network capable of reconfiguring its topology according to the traffic demands. The paper highlights the benefits of this hybrid network and describes the technology enablers to bring it to the reality. Finally, the SANSA's network simulation framework based on ns3 is presented, jointly with a preliminary analysis of the routing and load balancing needs for a hybrid and dynamic network.Peer ReviewedPostprint (published version

Terrestrial-satellite integration in dynamic 5G backhaul networks

This paper presents a dynamic backhaul network in order to face some of the main 5G challenges such as 100% coverage, improved capacity or reduction in energy consumption. The proposed solution, elaborated within the SANSA H2020 project, is based on the seamless integration of the satellite component in a terrestrial network capable of reconfiguring its topology according to the traffic demands. The paper highlights the benefits of this hybrid network and describes the technology enablers to bring it to the reality. Finally, the SANSA's network simulation framework based on ns3 is presented, jointly with a preliminary analysis of the routing and load balancing needs for a hybrid and dynamic network.Peer Reviewe