By Herman Kannenberg - Head of Legal Affairs and Cyber Security, Huawei South Africa.
Huawei's 5G wireless and core network equipment (5G RAN gNodeB, 5G Core UDG,UDM,UNC,UPCF) and LTE eNodeB has passed the GSMA’s Network Equipment Security Assurance Scheme (NESAS) assessment.
The GSMA represents the interests of mobile operators worldwide, and a GSMA NESAS qualification is recognised across the telecommunications industry. Equipment with this certification has the confidence of ICT players, and the qualification makes for a more aligned mobile communications market – an important consideration for all regional markets.
NESAS is a standardised cybersecurity assessment mechanism jointly defined by GSMA and 3GPP (the Third Generation Partnership Project), with inputs from major global operators, vendors, industry partners and regulators. It provides an industry-wide security assurance framework to facilitate improvements in security levels across the mobile industry.
NESAS is a voluntary scheme through which network equipment vendors subject their product development and lifecycle processes to a comprehensive security audit against the currently active NESAS release and its security requirements. A summary of the independent audit reports of the NESAS assessment can be found at https://www.gsma.com/security/nesas-participating-vendors/.
GSMA NESAS ensures that the relevant equipment meets the Scheme’s 5G network security and reliability requirements. The integrated assessment process avoids fragmented assessments, while improving the transparency of security protection levels in the industry through visual and measurable results.
NESAS covers 20 assessment categories, defining security requirements and an assessment framework for 5G product development and product lifecycle processes. Additionally, it uses security test cases defined by 3GPP to assess the security of network equipment.
"GSMA NESAS is the latest approach in assessing the network security of mobile communications,” notes Devin Duan, Huawei Head of 5G E2E Cybersecurity Marketing. “In the 5G era, NESAS provides a standardised, effective cybersecurity assessment, which allows the communications industry to ensure fairness.”
“The Assessment is also a valuable reference for operators, equipment vendors, government regulators, and application service providers,” he says. “Huawei has always focused on technology-driven cyber security. We fully support NESAS, and invite the entire industry to jointly promote the development of a more aligned mobile communications market."
Cybersecurity assurance is a shared goal between Huawei, its customers, supervisory authorities and other stakeholders. Trust in cybersecurity has become a major global concern as the world becomes more digital.
Huawei believes that trust in the digital era must be based on verifiable facts, which should in turn be based on shared standards. Huawei supports GSMA and 3GPP in developing a standardised global security assessment. This idea has largely been accepted as an industry consensus, and to this end, Huawei urges the industry to widely adopt NESAS.
In Spain in May this year, Huawei also became the first company to receive a CCEAL4 + security certificate for a 5G product. The mark indicates that the product can offer wireless communications with total security and is another indication of Huawei’s commitment to showing leadership in the cybersecurity space.