5G Phase 2 Security:Industrial IOT and 5G – how’s going together?

IOT and IIOT

IIOT is an eco-system of devices, sensors, actuators, applications for monitoring, analysing data and taking prompt action in proactive manner – in other words it provides visibility of operation by enhancing performance KPI, effective fault management and hence reduce Trouble to resolve time.

IOT in a simple term connected devices that can work for or against you! – just kidding

Under the hood it is IIOT adaptation that is critical for running cost effective business with operation inside visibility for business and it also helps you to run home appliance using IOT devices – for example voice command for switch on/off light, fan etc.

Quick recap of URLLC

Ultra-reliable low latency Communications (Robotics, Factory Automation): Ultra-reliable low latency communications (URLLC) focuses on mission critical services such as augment and virtual reality, tele-surgery
and healthcare, intelligent transportation and industry automation. Traditionally over a wired connection, 5G offers
a wireless equivalent to these extremely sensitive use cases. URLLC often requires the mobile core User Plane Function (UPF) to be located geographically closer to then end user in a Control and User plane Separation (CUPS) architecture to achieve the latency requirements.

Fig 1: URLLC in 5G phase 2 security map

Time-Sensitive Networking and URLLC ?

Older networking technologies such as synchronous optical networking (SONET) and synchronous digital hierarchy (SDH) were limited to time-division multiplexing (TDM) and individual point-to-point connections, resulting in systems that were highly complex, difficult, costly, and time-consuming to configure and manage. They were also physically substantial, making them a poor fit for use in automotive, aerospace, and other applications where space and weight requirements are key considerations.

Ethernet technology has been a great improvement over these older technologies because as a packet-based networking technology it eliminates hard-wired point-to-point connections, instead sending data from a source to a destination in packets via the best-available path over a network. This offers greatly improved functionality, scalability for bursts of data traffic, better cost/bit and cost of ownership, and fewer physical requirements. However, the inability to ensure that a specific packet will arrive at its destination at a specific time (i.e., the inability to control latency) has limited use in real-time communications.

TSN reduces latency to millisecond or nanosecond levels by incorporating the concept of deterministic data transport, in which the paths data packets travel between given nodes are determined in advance. TSN provides an upper bound on the end-to-end latency, and prevents frame loss due to buffer congestion. If necessary, the transmission of other data traveling on those paths can be pre-empted at the required times as well.

Fig 2 : IEEE TSN Profile

Security aspects of 5G URLLC

URLLC needs to support both high reliability and low latency.

  1. In order to ensure the high reliability, redundant transmission in 5G systems is supported on multiple user plane data paths, something that can hardly be achieved by single path on user plane.
  2.  Accordingly, the applicable security mechanisms for supporting redundant transmission cover all aspect of the communication, including PDU session establishment, handover. As for low latency aspect,
  3. the other important requirements for URLLC include QoS Monitoring to assist URLLC service and optimization for handover procedure, both of which are addressed. The security considerations in this case are covered as well. Moreover, additional security aspects of control plane or user plane optimizations for ensuring the high reliability and reducing latency are also considered together during the whole study and are reflected in the present document.

Key Threat points and Risk mitigation approaches

Security for redundant transmission

Support of security for high reliability by redundant data transmission in user plane

UP security policy handling for multiple PDU sessions established for redundant data transmission

Security policy for URLLC service

Security aspect of low latency handover procedure

Retaining AS security keys for redundant data transmission in user plane

QoS monitoring protection

Acceleration of authentication and key agreement procedure for low latency

Security aspect of low latency Re-authentication procedure

UP security performance for low latency

IIOT and data redundancy

IIOT has very strict demands on data transmission The support for Ultra-Reliable and Low Latency (URLLC) communication is significantly enhanced by improvements both in the RAN and the core network . One feature of particular interest for the security context is redundancy of data paths and was published in 3gpp rel 15 and rel 16

Fig 3 : 5G Control plane and user plane with application view point

Solution Approach

This is the solution of redundant user plane paths based on dual connectivity

The solution will enable a terminal device to set up two redundant PDU Sessions over the 5G network, so that the network will attempt to make the paths of the two redundant PDU sessions independent whenever that is possible.

Fig 4 : 5G Redundant channel for Ultra-Reliable and Low Latency (URLLC)

Impact of RAN

redundant user planes are indicated for a pair of PDU Sessions.

Set up dual connectivity in such a way that both the MgNB and the SgNB have an independent PDCP entity for handling the two independent user plane paths.

To achieve the use plane redundancy, one PDU session is setup as MN terminated MCG bearer, the other PDU session (of the pair) is setup as SN terminated SCG bearer.

To ensure independent paths, the bearer type change of MN terminated MCG bearer to SCG bearer or split bearer may be disallowed. The bearer type change of the SN terminated SCG bearer to MCG bearer or split bearer may be disallowed.

If the PDCP duplication is to be used, the lower layer resources should be ensured to be isolated, e.g. using other frequency.

Security for redundant data transmission

When two redundant data is transmitting, it is necessary to make separation between multiple redundant PDU sessions handled between UE and gNB. The KUR key is introduced in this proposal for securing the redundant data transmission. KUR key gets refreshed for different PDCP counts when there is a redundant data transmission.

NOTE:     KUR key should be the specific key for the URLLC services based on Dual Connectivity architecture. Particularly, if there are only two redundant data transmission PDU sessions of multiple PDU sessions, the specific key KUR key should be used to identify the URLLC services.

Fig 5 : Redundant architecture function viewpoint

Fig 6 : Security context derivation procedure

Conclusion

Attempt to simplify IIOT, IOT and 5G ,how it is related, we have also covered IEE prospect of TSN and related IOT to TSN, 3GPP rel 16 has provided details scenarios for managing urllc communication which is a new segment in 5G area- associated security threat and solution approach

In the upcoming blogs we will cover

Ran Security: False base station protection

Ran security: Mobile proximity service.

Happy learning!

Authors