Ericsson, Huawei, Nokia and ZTE, have successfully completed an assessment of their product development and lifecycle management processes using the GSMA’s Network Equipment Security Assurance Scheme (NESAS), which provides a security assurance framework to improve security levels across the mobile industry.
The NESAS scheme is a collaboration and jointly led by 3GPP and the GSMA, and is open to all vendors of network equipment products that support 3GPP defined functions.
“The GSMA recognises the support and participation of Ericsson, Huawei, Nokia and ZTE who have satisfied the scheme’s security requirements via an independent security audit and we congratulate them on achieving this important first step,” said Alex Sinclair, Chief Technology Officer, GSMA. “By committing to NESAS, vendors are helping network operators, and other stakeholders make informed decisions about secure product development. We look forward to others participating in the scheme, evidencing their commitment to good security practice by promoting a security-by-design culture within the industry.”
During the second stage of NESAS, vendors will submit network equipment products to qualified test laboratories for evaluation. This stage involves laboratories running security tests, defined by 3GPP, and checking that the products undergoing evaluation have been developed under the assessed development and lifecycle management processes. The evaluation concludes with the production, by the test laboratory, of a valuation report that records the test results. The report is provided to the vendor who can make it available to its customers and other stakeholders at its discretion.
https://www.gsma.com/newsroom/press-release/gsma-announces-progress-on-network-equipment-security-assurance-scheme/
The NESAS scheme is a collaboration and jointly led by 3GPP and the GSMA, and is open to all vendors of network equipment products that support 3GPP defined functions.
“The GSMA recognises the support and participation of Ericsson, Huawei, Nokia and ZTE who have satisfied the scheme’s security requirements via an independent security audit and we congratulate them on achieving this important first step,” said Alex Sinclair, Chief Technology Officer, GSMA. “By committing to NESAS, vendors are helping network operators, and other stakeholders make informed decisions about secure product development. We look forward to others participating in the scheme, evidencing their commitment to good security practice by promoting a security-by-design culture within the industry.”
During the second stage of NESAS, vendors will submit network equipment products to qualified test laboratories for evaluation. This stage involves laboratories running security tests, defined by 3GPP, and checking that the products undergoing evaluation have been developed under the assessed development and lifecycle management processes. The evaluation concludes with the production, by the test laboratory, of a valuation report that records the test results. The report is provided to the vendor who can make it available to its customers and other stakeholders at its discretion.
https://www.gsma.com/newsroom/press-release/gsma-announces-progress-on-network-equipment-security-assurance-scheme/