OpenRAN Security

Is Open RAN secure? That depends on who you ask.

Executive summary

Is Open RAN secure? That depends on who you ask. Based on Rakuten Symphony’s experience securing the world’s largest fully virtualized Open RAN mobile network with Rakuten Mobile in Japan, our answer is unequivocally yes.

To put this recurring question to rest and, more importantly, help guide the industry toward enduring security strategies for next-gen networks being deployed around the world, we have created “The Definitive Guide to Open RAN Security.” In this paper we explain the changes from legacy RANs, what they mean and how to solve for a different open security landscape.

Open RAN security motivation

Mobile telecom networks are increasingly becoming disaggregated. Operators are using cloud infrastructure and operations to disaggregate software from the hardware it runs upon. Open RAN standards are architecturally disaggregating the radio access network (RAN) by standardizing growing numbers of what were previously proprietary protocols and interfaces. Increased disaggregation allows for more granular control systems, increasing efficiency of execution and diversity of vendor supply chain.

While increasing the accessible programmable surface area of the total system leads to more transparency and opportunity for introspection, it also increases the potential attack surface from a cyber-security perspective.

This guide addresses the potential planes of attack and recommended strategies to mitigate risk from a total software system, configuration, and operational point of view. It does not address physical security concerns.

Security doubts shouldn’t stand in the way of innovation and transformation. Risk will always be present and demands management, but not avoidance. To compete safely at the speed of cloud, telecom operators should evaluate industry best practices, collaborate with vendors and peers, and innovate, to set the best security and privacy strategies based on individual regulatory and market context.