NIST Wants Help Demonstrating Security Compliance in 5G  

Alexander Supertramp/

The new project will help develop interoperability among various components of the emerging network architecture.

The National Institute of Standards and Technology is looking for organizations to contribute products and expertise they’ve developed for implementing cybersecurity standards into fifth-generation networking technology toward creating a special publication of best practices. 

“The expected outcome will demonstrate how the components of the 5G architecture can provide security capabilities to mitigate identified risks and meet industry sectors’ compliance requirements,” reads a NIST notice set to publish in the Federal Register Wednesday. “Participating organizations will gain from the knowledge that their products are interoperable with other participants' offerings.”

Interoperability of security features for 5G networking technology—components such as switches and routers, virtualization software, and those capable of detecting false base stations—has become integral to the success of U.S. cybersecurity policy as the country ditches complete gear kits from Chinese telecommunications providers Huawei and ZTE.

High-profile bipartisan legislation has proposed spending $1.2 billion on work related to the project NIST is embarking on.

“The proposed proof-of-concept solution will integrate commercial and open source products that leverage cybersecurity standards and recommended practices to demonstrate the use case scenarios and showcase 5G’s robust security features,” the NIST notice reads. “This project will result in a publicly available NIST Cybersecurity Practice Guide as a Special Publication 1800 series, a detailed implementation guide describing the practical steps needed to implement a cybersecurity reference implementation.”

Challenging mindsets focused on protecting proprietary information, the document establishes any parties wishing to participate in the project will commit to providing “access for all participants’ project teams to component interfaces and the organization's experts necessary to make functional connections among security platform components.”

NIST will accept letters of interest on a first-come, first-serve basis. After 30 days, assuming the agency collects enough of these, the collaboration will begin. 

The end result will be a demonstration of all the security features of the various network components working together and a new special publication in NIST’s 1800 series

NIST specifically advises the product would be useful for organizations drafting requests for information or proposals.