Nokia is launching an enhanced security program and establishing an advanced security testing and verification laboratory to address the security needs of 5G end-to-end (E2E) networks.
Nokia has a long-standing commitment to the Design For Security (DFSEC) process, which ensures that security is designed into every product from the start, undergoing rigorous security testing prior to commercial release.
DFSEC 2.0 will build on this leadership in security development by focusing on additional verification work in the areas of E2E identity management, network slicing and SDN security, virtualization, and OAM, including patch management.
To support collaborative research and development across the DFSEC 2.0 program, Nokia is opening the "Future X Security" (FXSec) Lab. Built as an extension of Nokia's Future X network lab in Nokia Bell Labs in Murray Hill, this lab will be open to communications service providers and industries to facilitate joint testing and verification of industrial automation solutions in private local area networks (LANs) and across public wide area networks (WANs).
Marcus Weldon, Corporate Chief Technology Officer and President of Nokia Bell Labs, says: "End-to-end 5G networks will fundamentally transform societies by providing ultra-high-speed wireless connectivity allowing massive, low latency ultra-reliable streaming data that will drive intelligent automation for a wide array of infrastructure, industries and enterprises. But with great opportunity comes significant security risk that must be addressed end-to-end, using an array of novel techniques and technologies. As the most trusted end-to-end solution provider in the 5G era, Nokia is taking a leadership position in defining and building advanced security solutions that will meet mission-critical needs, leveraging the deep and extensive security research and disruptive innovations from Nokia Bell Labs.
In building the new security approach for LAN and WAN, Nokia will be incorporating advanced research from Nokia Bell Labs to create Network Slicing Security Solutions that will ensure security and trustworthiness of the end-to-end network slices - the critical connectivity and service fabric for industrial applications in the 5G era. These security solutions are based on 7 key research areas:
- "Accountable Security" that provides failproof identification of industrial IoT devices in mobile and dynamic environments
- "Physical and Virtual Device Integrity Protection" that provides scalable device attestation (hardware, firmware and software) across the supply chain
- Artificial Intelligence enabled "Threat Detection and Mitigation for Network Slices"
- "Fine-grained Security Policy Management" which dynamically tailors network slice elements to meet specified security requirements
- "Dynamic data protection" which addresses the issue of data isolation across mobile devices, applications and slices
- "Microservice Behavioral Fingerprinting" that is a unique machine learning based anomalous behavior detection of third party and open-source 5G services
- Paradigm shift in design for security that provides run-time mitigation of potential security concerns with rapid feedback into development cycle using DevSecOps models
