The need to assure the integrity of the 5G network and that the data traversing it is safe and secure has compelled a group of industry and government organizations to work on supply chain standards that can be operationalized in both the public and private sectors.
ATIS recognized early on the importance of the 5G supply chain as a key foundational link in delivering assured 5G networks. This insight resulted in the establishment of the 5G Supply Chain Working Group (5G/SC WG) in 2019 at the request of the Department of Defense in consultation with other government agencies. This 5G/SC WG is applying Supply Chain Risk Management (SCRM) principles in the development of supply chain standards for trusted 5G networks and services.
The objectives are to establish a common assurance framework for trusted 5G networks; develop or identify standards to be applied to 5G systems; and evaluate audit/certification options for ICT solution providers, infrastructure and endpoint device OEMs. Starting with a handful of participants in 2019, the working group has grown to over 50 participants. There is an open invitation to other companies, academic institutions and government agencies to join and contribute.
With the recent release of the ATIS white paper “ATIS 5G Supply Chain Standard: Creating the Foundation for Assured 5G Networks,” ATIS offers an early view into the framework and associated standards that will lead to assured 5G networks.
ATIS has determined that the path toward assurance is a progression from awareness to insight and ultimately to assurance as the threat environment is constantly changing. As such, the ATIS 5G/SC WG has identified an end-to-end view of the 5G supply chain ecosystem and its related lifecycle. This high-level view classifies the multiple functions that exist within each stage of the lifecycle from design to post-operation, acknowledging that these stages are not sequential but a continuous flow of functions and processes.
This work helped to formulate a 5G supply chain framework with a multi-layered view that assesses threats and vulnerabilities and applies the appropriate controls at each level of the model architecture. This framework can be applied to any 5G supply chain component, sub-component or software.
The ATIS 5G/SC WG is currently developing the detailed controls and requirements across the supply chain lifecycle. The draft standard is intended for delivery in early 2022.
5G networks are playing an increasingly important role across many segments of the public and private network. That’s why the ATIS 5G/SC Working Group is bringing attention to the unique requirements of the 5G network and its associated use cases to develop standards and best practices that will apply a standardized approach for detecting and addressing security threats within the supply.
Learn more about the ATIS 5G/SC Working Group.