NTIA Hears Complaints Industry Needs 5G Security Guidance
NTIA heard complaints Thursday during a virtual “listening session” on 5G security about a lack of guidance on security threats. Much talk was on open radio access networks (ORAN), a continuing focus at the FCC (see 2012110036). The session was scheduled under the Trump administration.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Open and transparent standards are critical to the 5G supply chain, said Evelyn Remaley, NTIA associate administrator-Office of Policy Analysis and Development. “It is only through cooperation with industry, and our international partners, that we can accelerate the global transition toward an open 5G network architecture and build a diverse 5G ecosystem.”
Smaller carriers are dealing with FCC requirements they replace equipment from Huawei and ZTE to receive USF support (see 2006300078), said Alexi Maltas, Competitive Carriers Association general counsel. CCA members cite “the need for clear, ongoing dialogue with the government about security threats,” he said. They asked for years about the threat from Chinese equipment and components in other network gear, he said: “They felt like it took years to get clear direction,” he said. The result was “paralysis” for some providers. Carriers are “still waiting” for a list of approved vendors, Maltas said.
“Providers absolutely need to know in advance” about security concerns, said Tamber Ray, NTCA regulatory counsel. They don’t want to find themselves in a similar position when they install network equipment “to only find out later that it’s a threat to national security,” she said. Industry needs to share concerns with government about equipment or software “that just seems off” but needs feedback from the government, she said.
The sector is working to make 5G networks secure, said Chris Boyer, AT&T vice president-global public policy. “5G will be the most secure network architecture we’ve deployed,” he said: “That’s not to say it’s going to be perfect and there won’t be things that need to be done. … There are always going to be issues, as we know, with cybersecurity.” Concerns remain about the low number of vendors for network equipment, he said.
AT&T is happy with Nokia and Ericsson, but “there is a concern about is the supply chain diverse enough and sustainable for the long haul,” Boyer said. ORAN helps and has been an AT&T focus, he said: “It will take time … especially for big players like an AT&T who have embedded infrastructure and investment.”
U.S. equipment makers are absent from most of the 5G ecosystem, said John Roese, Dell Technologies global chief technology officer. “We have a strong semi-conductor ecosystem and exceptionally strong operators” but “no at-scale providers of 5G” gear in the U.S. Roese said the U.S. needs to address the lack of homegrown players: The gap in network suppliers “creates vulnerabilities and it will actually slow innovation.”
5G specifications have been released by standards groups, with other guidance from government, and that can be confusing, said Jason Boswell, Ericsson North America head-security network product solutions. “Complexity is often said to be the enemy of security,” he said: “We need harmonization and alignment with what industry is doing in the multiple silos of requirements across government.” The U.S. needs to accelerate the deployment of stand-alone 5G networks and position itself for 6G, Boswell said. Spend more on government R&D, he said.