A Holistic Cybersecurity Testing Framework for 5G Radio Access networks

The 5G Open Radio Access Networks (O-RAN) architecture, while open, intelligent, and flexible, possesses a wide array of security vulnerabilities. Since O-RAN has introduced new components and interfaces, such as those between various O-RAN nodes or Network Functions, the attack surface has expanded, creating significant risks to security and data privacy. Manual testing of security and privacy properties (e.g., confidentiality, integrity, availability) and functional correctness of O-RAN is highly inefficient and error-prone. To overcome these challenges, this project proposes a holistic and automated cybersecurity testing framework for O-RAN. The project first sets out by developing testing methods to uncover vulnerabilities of 5G O-RAN and by evaluating the impact of radio interface attacks so that suitable countermeasures may be taken through enhancements or customizations in the RAN design. Another key objective of this project is to develop testing methods to automatically detect privacy violations in O-RAN systems to identify vulnerabilities and weaknesses that may expose sensitive UE and RAN information or compromise data privacy. In summary, this project will develop a novel and comprehensive cybersecurity testing framework and demonstrate its effectiveness using 5G O-RAN Proof-of-Concept (PoC) testbeds.