[Shenzhen, China, December 22, 2020] Huawei’s 5G RAN gNodeB and LTE eNodeB has passed 3GPP’s Security Assurance Specifications (SCAS) testing. It was performed by DEKRA, the first security test laboratory in Europe accredited for SCAS testing. The report has been released on the GSMA website (Link). After passed GSMA’s Network Equipment Security Assurance Scheme (NESAS) audit (Link), and 3GPP’s SCAS testing, Huawei becomes the first 5G and LTE vendor to pass the GSMA’s NESAS evaluation officially. NESAS provides the right kind of standards for communications industry, it is authoritative, customized, efficient, unified open, global and constantly evolving.
After the development and product lifecycle processes successfully audited, Huawei's 5G and LTE products have been evaluated with security tests defined by 3GPP, and the testing against those requirements allows the level of security of network products to be objectively measured. DEKRA, the first accredited NESAS Security Test Laboratory in Europe, performed security testing on Huawei’s 5G RAN gNodeB and LTE eNodeB. The tests include network product general security, air interface security, and basic vulnerability testing, such as data and information protection, air interface ciphering and integrity protection, robustness and fuzz testing. According to the report, all the tests mentioned above are 100% passed.
NESAS/SACS is a standardized cybersecurity assessment mechanism. It was jointly defined by GSMA and 3GPP, the telecom industry’s leading standards-setting organizations. To create NESAS/SACS, they consulted carriers, vendors, regulators, and industry partners around the world. NESAS/SACS was designed specifically for the mobile industry. It delivers threat analysis, definitions for critical assets, security assurance methodology, and general security assurance requirements. The integrated assessment process avoids fragmented assessments and conflicting security assurance requirements in different markets. Meanwhile, it's always open to feedback from different stakeholders, and it will keep evolving with regular new releases.
Trust is built on facts，which must be verifiable，and verification must be based on common standards. For 5G networks, NESAS/SACS provides the right kind of standards: customized, authoritative, global, efficient, unified, open, and constantly evolving. Huawei，the active participant，supports GSMA and 3GPP in developing a global standardized security evaluation, and urges the industry to widely adopt NESAS/SCAS to promote sustainable development on this global network security standards.