An independent audit has confirmed full compliance of Ericsson 5G Core and transport technology development processes with new 3GPP/GSMA Network Security Assurance Schemes (NESAS) standards. Ericsson’s radio technology development processes were successfully audited in 2020.
FEB 02, 2021
The heightened value, scale and complex security challenges of emerging 5G enterprise use cases across industries such as manufacturing, ICT, public services, logistics and transport continue to underline the criticality of industry-wide security assurance within the product development lifecycle of mobile technologies.
The Network Equipment Security Assurance Scheme (NESAS), jointly defined by global standards organizations 3GPP and GSMA, was introduced in recent years to provide a common security assurance framework for secure product development and product lifecycle processes across the mobile industry. It uses 3GPP-defined security test cases for security evaluation of network equipment.
Security has long been fundamental to the research, design and development of Ericsson 5G Core and central to all Ericsson products and solutions, including the suite of mobile transport technologies. This was confirmed recently with the full audit of NESAS standard compliance for Ericsson 5G Core and transport technology development processes, in addition to Ericsson’s Radio Access Network processes which was successfully audited in 2020.
The full compliance of Ericsson 5G Core includes the audit of products: Ericsson’s Packet Core Gateway, Packet Core Controller, SGSN-MME, Cloud Core Subscription Manager, Cloud Core Exposure Server, Cloud Core Data-Storage Manager, Cloud Core Resource Controller and Service-Aware Policy Controller.
The audit is for the development processes followed for Ericsson’s implementation as specified by 3GPP. Ericsson’s implementation of these enumerated 3GPP network functions is achieved through products developed by the Packet Core product development unit and the Unified Data Management & Policy product development unit - part of the Ericsson Business Area Digital Services.
Ericsson Transport product portfolio focuses on providing high quality, reliable and secure communication channel for 5G networks and services. Continuous evolution of security aware processes is an integrated part of Ericsson Transport product development. Specific transport development processes were successfully audited including the Fronthaul 6000, MINI-LINK 6000, and Router 6000 portfolios.
David Bjore, Head of R&D Portfolio and Strategy, Digital Services, Ericsson, says: “We are pleased to add our 5G Core and transport technology suite to our portfolio of NESAS-compliant technology development processes. 5G networks will create a multi-trillion-dollar socio-economic impact in coming years which rightly makes network security a critical criterion for communications services providers, enterprises and national governments.”
He adds: “As such, the trustworthiness of our mobile technologies, and security assurance frameworks such as compliance with the NESAS standard, will continue to serve as the bedrock of our standardization and regulatory efforts, product design and implementation considerations, and research activities.”
Ericsson’s NESAS compliance processes underwent a complete audit by a GSMA-approved, independent auditor.
- Ericsson White Paper: Security in 5G RAN and core deployments
- Ericsson report: A guide to 5G network security
- Ericsson Blog: Security standards and their role in 5G
- Ericsson Blog: Your guide to end-to-end security when introducing 5G core
- GSMA Network Equipment Security Assurance Scheme (NESAS)