The present clause describes the general approach taken towards security functional requirements deriving from 3GPP specifications and the corresponding test cases, independent of a specific network product class.
It is assumed for the purpose of the present SCAS that a network product conforms to all mandatory security-related provisions in 3GPP specifications pertaining to it, in particular:
-
all 3GPP specifications of the 33-series (security specifications) that are pertinent to the network product class;
-
other 3GPP specifications that make reference to security specifications or are referred to from one of them.
3GPP has decided to develop test specifications for the UE in the TSs of the 34-series under the responsibility of Working Group RAN5. 3GPP saw, however, no need to develop test specifications for network elements. For network elements, 3GPP rather trusts that tests are run under the responsibility of the vendors.
Security procedures pertaining to a network product are typically embedded in non-security procedures and are hence assumed to be tested together with them.
It is the purpose of the present SCAS to identify security requirements from the EPS and 5G security architecture that require special attention in testing as they may:
-
lead to vulnerabilities when not satisfied;
-
not be captured through ordinary testing activity for non-security procedures;
-
address security-relevant failure cases and exceptions or 'negative' requirements of the kind: "The network product shall not…"
It is not an intention of the present document to provide an exhaustive set of test cases that would be sufficient to demonstrate conformance of all security procedures with the above-mentioned specifications.