Based on guidance from its Technical Advisory Committee (TAC) and a 2021 report by AdaptiveMobile Security (AMS), the 5G Security Test Bed created and executed two tests to investigate and verify a network slicing scenario outlined in the AMS report.

Access the full technical report, highlights summary, and one-pager.

Both use cases defined in the report are niche cases that are extremely difficult to execute in practice, and only one was confirmed to be executable, while the other was automatically corrected by the network’s existing controls.

  • Test Case 1: Access to Unauthorized Network Slice by Modifying Slice ID. In this hypothetical case defined by AMS, a compromised user device could leverage existing permission to access a specific 5G network function that is accessible on an authorized slice, create a connection to another network function shared by another slice, and use that to gain access to data on the other slice. The Test Bed confirmed the scenario and reported its findings to 3GPP, leading to updated technical standards that resolved the potential issue and strengthened 5G network security.
  • Test Case 2: 5G Network Override to Reroute Mis-Provisioned User Slice. In this case defined by the Test Bed, a mis-provisioned, mis-configured, or otherwise manipulated user device attempts to provision itself for a slice different from the one defined and authorized by the network operator. The Test Bed demonstrated the scenario and successfully verified that 5G’s existing security features mitigated the issue—the network recognized that the network slice was incorrectly provisioned, overrode the invalid request, and directed the traffic to the correct slice.

Thanks to these tests—the first to validate and assess these theoretical cases on a live 5G network—the 3rd Generation Partnership Project (3GPP) updated the 5G technical specifications found in TS 33.501, Release 18, conclusively verifying and addressing the scenario. The 5G Security Test Bed’s work directly enabled stronger international standards for network slicing, enhancing 5G security.

Full Technical Report
Highlights Report
One Pager

 

The Technical Report includes the full technical details of the tests, their execution, and results. The Highlights Summary is a shorter paper highlighting the key points of the main paper and is meant for non-technical audiences who are interested in some level of detail. The One-Pager provides a very high-level summary of the test cases and their applications.