Periodic Reporting for period 1 - INSPIRE-5Gplus (INtelligent Security and PervasIve tRust for 5G and Beyond)
Reporting period: 2019-11-01 to 2021-04-30
The communications infrastructure is essential for the functioning of a society and its economy, even more so since all the other critical infrastructures largely depend on it, including energy and water production and distribution, transports, health, public services, defence and finance. Its importance will grow exponentially with the advent of new 5G services that introduce massive and/or real-time M2M and IoT communications. Today, even short outages of the communications can have important negative impacts on society. These failures can be due to natural causes, malfunctioning but also due to deliberate cyber-attacks.
The objective of INSPIRE-5Gplus is to make a revolutionary shift in the 5G and beyond security vision by progressing 5G Security and by devising a smart, trustworthy and liability-aware 5G security platform for future connected systems, while contributing to its realization. To perform such advancements, two main approaches are followed: 1) leveraging existing assets such as Trusted Execution Environments (TEEs), Remote Attestation, and end-to-end liability management, and 2) introducing novel solutions/paradigms exploiting the potential of new trends including zero-touch management (ZTM), SD-SEC models, AI/ML techniques, and Blockchains. Through its objectives, INSPIRE-5Gplus will deliver unique assets to achieve intelligent and trusted multi-tenancy across infrastructure whilst also improving the control of systems and vulnerabilities.
• Identification of a set of architectural functional requirements based on the identified UCs.
• Definition of a High Level Architecture (HLA) of a zero-touch end-to-end smart network and service security management framework that enables not only protection but also addresses trustworthiness and liability in managing 5G network infrastructures across multiple domains.
• Identification of the security enablement technologies having the potential to significantly contribute to 5G security evolution. Example of explored enablements: Trusted Execution Environments, Distributed Ledger Technologies, Liability and Root Cause Analysis, enablements related to network automation & zero touch management, SSLAs, and Multi-Domain security policies management.
• Identification of security enablers and assets from previous projects on which future 5G may leverage for security as well as a set of novel advanced enablers.
• Nine security test cases (TCs) have been selected to demonstrate the INSPIRE-5Gplus enablers.
• INSPIRE-5Gplus KPIs for security, trust and liability, and their relationship with the 5GPPP KPIs have been defined with a baseline of assessment criteria which should be fulfilled by the enablers of the INSPIRE-5Gplus.
• An integration and verification environment, whose objective is to integrate and verify the nine TCs is available.
All these advancements are implemented in innovative security enablers and a set of models that are necessary for achieving dynamic and automated security orchestration in virtualised and software defined networking environments.
The analysis of duality between trust and liability concepts has led to the identification of the trust mechanisms and techniques to address threats and risks related to trust with a set of models and mechanisms for enabling liable end-to-end delivery and operation of 5G services. Methods and solutions to manage trust and liability in a multi-domain, multi-party, and multi-tenant context have also been defined leading to innovative trust and liability enablers.
INSPIRE-5Gplus has achieved strong presence at 5G PPP level with participation to nine working groups. Relevant contributions have been proposed to major standardisation bodies in the telecom and communication area, such as ETSI, ITU, IETF, and IEEE. 32 papers have been accepted or published, and many events (workshops, conferences and webinars) have been organized. Individual and joint exploitation plans have been defined detailing innovative features, market potential, and IPR issues. All these advancements contribute to the following strategic impacts: definition of security 5G network architecture and of core technological components, adaptability of security to dynamic and intensive communication infrastructures, solutions for the security, trust and liability management of multi-tenant/ multi-domain virtualised networks, and novel business models enabling security, trust and liability. In addition, INSPIRE5Gplus addresses important societal issues by greatly improving security and trust that are needed to obtain the safety and privacy of citizens; ensure the security of the society and its organisations; and, obtain the acceptance of the new applications that will improve the way of life and the correct functioning of all the EU institutions.