Vast potential, but better security needed.
Vast potential, but better security needed.
5G is fast — faster than 4G, which is faster than 3G, which was, of course, faster than 2G. 5G is anywhere from 10 to 100 times faster than a typical 4G connection, depending on whether you’re citing theory or practical reality.
But speed is not its only selling point. Promotions for the next-generation 5G cellular technology also note that it has 1,000 times the capacity of 4G and delivers 10 times less latency. Latency is another type of ‘faster’; as in, you can do more things in real time.
Still, those are not the only reasons to be excited about 5G. Kimm Yeo, Synopsys senior product marketing manager for the fuzzing tool Defensics said that the general public tends to perceive 5G as “just another mobile broadband speed enhancement,” though it is much more.
5G WILL GROW FROM US$5.54 BILLION TO US$668 BILLION. IN OTHER WORDS, THE 5G INDUSTRY WILL HAVE A 122% ANNUAL GROWTH.
IMPLICATIONS — AND IMPACTS — OF 5G
Yeo said the implications of 5G for consumers, businesses, and nations go well beyond speed; it “will have a significant impact on convenience, privacy, safety, and security.”
Indeed, the potential is staggering. Yeo said one forecast is that from 2020 to 2026, 5G will grow from US$5.54 billion to US$668 billion. In other words, the 5G industry will have a 122% annual growth rate.
“We are talking emerging use cases beyond imagination,” Yeo said. She noted that at the commercial and industrial level, 5G offers a new way to monitor the performance of critical operations that require high-speed, ultra-reliable, low- to zero-latency performance.
Examples of those include critical surgery, smart surveillance, and utility management, massive machine-to-machine communications such as vehicle-to-vehicle, smart cities, and smart traffic.
The consumer level includes wearables, digital lifestyles, and “entertainment beyond imagination — it’s a really broad range,” she said.
That is a technological leap that will “transform all business models. It will redefine entertainment, communication, and how businesses and consumers connect to the internet globally.”
Not to mention that the Internet of Things (IoT) is forecast to include more than 75 billion devices by 2025.
COMPANIES LEADING THE WAY WITH 5G
The leading edge of companies getting on the 5G train includes global network equipment and services providers such as Ericsson and Huawei. “That means products and the infrastructure to support them,” Yeo said. “We have seen a ramp-up of activities in the past year, even among the mobile carriers, with 5G plans from AT&T, T-Mobile, and Verizon. And it is not going to stop here. It won’t be long before other adjacent industry players such as device makers, chipset firms, and cloud/edge computing look into supporting 5G.”
“Cloud / edge computing providers looking to offload the cellular network traffic and bring the capability faster and closer to the content source and users will find 5G helps to further reduce latency and improve overall performance and quality,” she said.
The growth in 5G compatibility is well underway. “In just six months, from last March to October, GSA [Global Mobile Suppliers Association] reported that the number of devices that will support 5G had grown from 38 to 172, from 71 vendors,” she said. “They’re not all commercially rolled out yet, but we’re not just talking mobile devices. It’s also PCs, laptops, tablets, drones, routers, robots, displays — everything that requires it.”
5G SECURITY AND STANDARDS
Of course, as is the case with any next-gen technology, there are risks and uncertainties. Among uncertainties, “the jury is still out with regard to cellular vs. wireless rate of adoption — 5G vs. Wi-Fi 6,” Yeo said.
Also, 5G standards are relatively young. Yeo said the specifications are “still evolving and being defined by standards bodies such as 3GPP [3rd Generation Partnership Project].”
“We are actively monitoring and tracking the evolving specifications as defined by 3GPP to ensure that Defensics gets updated accordingly,” she said.
And then there is security. Greater connectivity means a greater attack surface. Yeo said 5G will bring more security risks than the current generation of cellular technology. “In recent years, we have seen some of the potential exploits with 4G LTE,” she said, noting that about a year ago, a team of South Korean researchers found 36 security vulnerabilities in networks through the use of fuzz testing, described in this white paper by Synopsys.
“With the coming increase in connectivity and smart everything, it’s going to open the door to more attack surfaces that will be very difficult to anticipate and prevent,” she said.
WITH THE COMING INCREASE IN CONNECTIVITY AND SMART EVERYTHING, IT’S GOING TO OPEN THE DOOR TO MORE ATTACK SURFACES THAT WILL BE VERY DIFFICULT TO ANTICIPATE AND PREVENT.
HOW TO REDUCE 5G ATTACK SURFACES
Attacks can affect both national security and consumer privacy. “That’s why it is not enough to rely on traditional application security testing tools, which detect only known (reported and recorded) vulnerabilities,” Yeo said. There are solutions to build security into 5G, such as 5G protocol fuzzing with Defensics.
Fuzzing involves inputting massive amounts of random data to a test subject. The goal is to crash a system, equipment, or a service and thereby expose unknown vulnerabilities.
“Fuzzing is a great way to perform negative testing, as you can enter an unlimited number of random, malformed inputs to test the robustness, safety, and security of systems, apps, and services before they are released,” Yeo said. “It is used to uncover any unknown vulnerabilities and potential zero-day attacks that can lead to product recalls, brand damage, litigation, and more, not to mention taking considerable time and money to repair and replace.”
The good news is that Synopsys is already working with major network communications equipment and services providers on that kind of testing.
“Security is coming to the forefront for policymakers,” Yeo said. “They recognize that 5G is going to be higher risk, and they know there is no way to catch an unknown. You don’t know what you don’t know, so you need to fuzz.”