Virtualisation is a fundamental building block of 5G and while not the only way of implementing a 5G network, it is nevertheless the primary implementation method being pursued to some degree (great or small) by all operators and manufacturers. Furthermore, virtualisation is being applied to earlier 3GPP architectures (e.g. LTE) and part virtualised networks containing a mixture of physical, containerised and virtualised network functions will be common place for most operators for the foreseeable future.

The present document considers the consequences of virtualisation on 3GPP architectures, in order to identify threats and subsequent security requirements. 3GPP function security relies on the underlying implementation technology and physical environment being secure. In legacy deployments, physical rack security and separation implicitly provides underlying security. Many legacy physical security requirements are not formally documented in 3GPP standards and rely on proprietary domain knowledge by 3GPP operators and manufacturers. Legacy core network security models also assume that threats primarily apply at the edge of the function or network only, where the network or physical network functions are exposed by external interfaces. To provide equivalent security in virtualised deployments, the underlying infrastructure needs to provide minimum security capabilities, in a standardized form, which can be requested and or consumed at the 3GPP layer. This is necessary since virtual functions need to co-exist in shared virtualisation environments and the legacy physical security models do not address the new threat vectors introduced by virtualisation. While a number of the key issues identified in the present document may not necessarily fully be within the scope of 3GPP to resolve, in order to implement 3GPP functions securely, it is necessary for 3GPP to set requirements that may be addressed outside 3GPP. The present document identifies security requirements which need to be addressed outside of 3GPP in order for 3GPP to specify fully secure virtualised 3GPP functions. The present document identifies extensions to 3GPP security capabilities which are required to provide direct, explicit, security visibility of the underlying virtualised infrastructure platform to the 3GPP layer. It also identifies extensions to 3GPP functions to make use of such capabilities. The wider requirements captured within the present document are intended to allow external groups such as ETSI or open-source groups to develop any necessary capabilities and fill identified standardization gaps. Identification of requirements for the standardization of the overall security framework (e.g. top to bottom, 3GPP, NFVI, hardware, SDN) and minimum-security capabilities which should be used by a virtualised implementation to meet Critical National Infrastructure (CNI) or other regulatory requirements are outside the scope of the present document. Since there is no single approach to virtualisation, the security threats and risks will vary depending on the deployment use case and virtualisation technology choices. The present document considers both virtualisation threats and risks, that apply to specific implementations (e.g. Virtual Machine or Container based) and more generic threat and risks that apply in all use cases.