Collaborative Research: SaTC: CORE: Medium: Enabling Practically Secure Cellular Infrastructure

The global cellular telecommunications system is critical infrastructure for billions of users, providing a ubiquitous platform for Internet connectivity that supports a wide range of use cases for both consumers and industry. We are now on the cusp of widespread adoption of 5G technology. While 5G is widely marketed for its gigabit per second rates and ultra-low latency, it also fundamentally changes the internal network architecture, providing dynamic provisioning of software-defined services that offer enhanced control to network tenants including virtual operators and enterprises. However, these major architectural changes expose 5G systems to new adversaries and threats, and the ability to reason about the many technical components that comprise these systems is critical. The goal of this work is to aid mobile network operators in deploying cellular systems that are assured to be secure, through the development of tools and techniques that extract, model, and analyze the security-sensitive logic of the source and binary code existing within the cellular network infrastructure.

This project seeks to address the broad research challenge of translating security-critical requirements of cellular network infrastructure into program analysis tools to assess those requirements for a given implementation. Rather than strictly identifying traditional software flaws (e.g., memory safety), this project focuses on the discovery of logic vulnerabilities within three key aspects: cryptographic protocols, access control, and core functionality. Each aspect presents unique challenges and opportunities to advance the state-of-the-art. While prior work has studied the cellular cryptographic protocols themselves, vulnerabilities can emerge when developers fail to correctly implement assumptions made by formal proofs (e.g., secure randomness and verification of cryptographic values). Simultaneously, the disaggregation of traditional cellular system components into microservices running in cloud environments increases the attack surface for core functionality, particularly as the number and complexity of network tenants grows. As such, specification and enforcement of access control between 5G core network functions is critical to the security of the deployment. Finally, every computing system represents an ecosystem of software components and dependencies. Backdoors and logic bombs can have significant consequences when they exist within such critical infrastructure. This project will assess these considerations within a combination of open source and proprietary 5G implementations and generalize the knowledge for assessment of implementations deployed by cellular providers.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.