Huawei 5GC: The First to Pass 3GPP SCAS Testing and then Passes the GSMA NESAS Evaluation
[Shenzhen, China, May 29, 2021] Huawei's UNC, UDG, UPCF, and UDM passed the 5G Core (5GC) Security Assurance Specifications (SCAS) testing defined by 3GPP. The testing was performed by SGS Brightsight in the Netherlands. Furthermore, the test report has been released on the GSMA website (Link). After passing GSMA's security assessments of vendor development and product lifecycle processes (Link) and 3GPP's SCAS testing, Huawei 5GC has now become the first to pass the GSMA's complete NESAS evaluation.
As for the evaluation itself, NESAS is a standardized cybersecurity evaluation, which has been collectively outlined by GSMA and 3GPP, along with main international carriers, equipment vendors, industry companions, and regulators. The NESAS include security assessments of vendor development and product lifecycle processes and Security Assurance Specifications, it acts as a mobile industry-wide network security evaluation framework that is efficient and open to evolution. It objectively measures how secure a network product is. The NESAS offers the mobile industry threat analysis, definitions for critical assets, a methodology for security assurance, and general security assurance requirements. The unified design of the evaluation process avoids lopsided evaluation and conflicting security assurance requirements in different markets. In addition, it will always be open to feedback from different stakeholders, and will keep evolving with regular releases.
SGS Brightsight was founded in the Netherlands 35 years ago and is staffed with more than 100 experienced professionals. It is the world's largest cyber security evaluation lab, with evaluation results recognized worldwide. SGS Brightsight performed the security testing on Huawei's UNC, UDG, UPCF, and UDM, covering general security, service function security, transmission security, and O&M security. According to the report, all the tests mentioned were passed at 100%.
Belief in products should be primarily based on verifiable details which, should also be based primarily on shared standards. NESAS offers standardized security mechanisms applicable to the communications trade. It is acknowledged for its excellence and customization, for being environment friendly, for being unified, open and global, and also for its commitment to everlasting evolution. Huawei is as an active participant, and is dedicated to supporting GSMA and 3GPP in developing a globally standardized security evaluation. As such they urge others in the industry to undertake NESAS to promote their sustainable development as global network security standards.