Poster: Towards an Automated Security Testing Framework for Industrial UEs

• URL: http://arxiv.org/abs/2505.16300v1
• Date: Thu, 22 May 2025 06:54:38 GMT
• Title: Poster: Towards an Automated Security Testing Framework for Industrial UEs
• Authors: Sotiris Michaelides, Daniel Eguiguren Chavez, Martin Henze,
• Abstract summary: We report on our efforts to create an automated security testing framework for industrial UEs.<n>We aim to provide stakeholders with a fully automated-method to verify that higher-layer security protocols are correctly implemented.
• Score: 2.7082111912355877
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments, industrial UEs not only have to fully comply with the 5G specifications but also implement and use correctly secure communication protocols such as TLS. To ensure the security of industrial UEs, operators of industrial 5G networks rely on security testing before deploying new devices to their production networks. However, currently only isolated tests for individual security aspects of industrial UEs exist, severely hindering comprehensive testing. In this paper, we report on our ongoing efforts to alleviate this situation by creating an automated security testing framework for industrial UEs to comprehensively evaluate their security posture before deployment. With this framework, we aim to provide stakeholders with a fully automated-method to verify that higher-layer security protocols are correctly implemented, while simultaneously ensuring that the UE's protocol stack adheres to 3GPP specifications.

Related papers

• LLM Agents Should Employ Security Principles [60.03651084139836]
  This paper argues that the well-established design principles in information security should be employed when deploying Large Language Model (LLM) agents at scale.<n>We introduce AgentSandbox, a conceptual framework embedding these security principles to provide safeguards throughout an agent's life-cycle.
  arXiv  Detail & Related papers  (2025-05-29T21:39:08Z)
• ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Soft Tester UE: A Novel Approach for Open RAN Security Testing [2.943640991628177]
  This article introduces the Soft Tester UE (soft T-UE), a software-defined test equipment designed to evaluate the security of 5G and O-RAN deployments. The soft T-UE promotes the development of new security measures and enhances the capability to anticipate and mitigate potential security breaches.
  arXiv  Detail & Related papers  (2024-10-12T20:35:49Z)
• High-Security Hardware Module with PUF and Hybrid Cryptography for Data Security [1.8434042562191815]
  This research highlights the rapid development of technology in the industry, particularly Industry 4.0. Despite providing efficiency, these developments also bring negative impacts, such as increased cyber-attacks. This research proposes a solution by developing a hardware security module (HSM) using a field-programmable gate array (FPGA) with physical unclonable function (PUF) authentication and a hybrid encryption data security system.
  arXiv  Detail & Related papers  (2024-09-16T02:06:49Z)
• Secure Integration of 5G in Industrial Networks: State of the Art, Challenges and Opportunities [2.479074862022315]
  We describe the state-of-the-art and derive recommendations for the secure integration of 5G into industrial networks.<n>We identify opportunities to utilize 5G to enhance security and indicate remaining challenges.
  arXiv  Detail & Related papers  (2024-08-29T18:00:17Z)
• Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
  We present the first security assessment of the 5G core from a web security perspective. We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks. Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
  arXiv  Detail & Related papers  (2024-03-04T09:27:11Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• PASSION: Permissioned Access Control for Segmented Devices and Identity for IoT Networks [0.5991851254194097]
  This paper introduces a privacy-preserving method in the industry's IoT systems using blockchain-based data access control. It maintains event information confidentiality, integrity and authenticity.
  arXiv  Detail & Related papers  (2023-10-08T06:28:32Z)
• Emerging Technology and Policy Co-Design Considerations for the Safe and Transparent Use of Small Unmanned Aerial Systems [55.60330679737718]
  The rapid technological growth observed in the sUAS sector has left gaps in policies and regulations to provide for a safe and trusted environment in which to operate these devices. From human factors to autonomy, we recommend a series of steps that can be taken by partners in the academic, commercial, and government sectors to reduce policy gaps introduced in the wake of the growth of the sUAS industry.
  arXiv  Detail & Related papers  (2022-12-06T07:17:46Z)
• Data Heterogeneity-Robust Federated Learning via Group Client Selection in Industrial IoT [57.67687126339891]
  FedGS is a hierarchical cloud-edge-end FL framework for 5G empowered industries. Taking advantage of naturally clustered factory devices, FedGS uses a gradient-based binary permutation algorithm. Experiments show that FedGS improves accuracy by 3.5% and reduces training rounds by 59% on average.
  arXiv  Detail & Related papers  (2022-02-03T10:48:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.