Huawei has announced that their 5G wireless and core network equipment has passed the Global System for Mobile Communications (GSMA)’s Network Equipment Security Assurance Scheme (NESAS).
The NESAS, jointly defined by 3GPP and GSMA, provides an industry-wide security assurance framework to facilitate improvements in security levels across the mobile industry. NESAS defines security requirements and an assessment framework for secure product development and product lifecycle processes, as well as using 3GPP defined security test cases for the security evaluation of network equipment.
NESAS boosts the industry’s confidence in telecom network equipment, making it a practical choice for the industry and an important consideration for all regional markets, to jointly promote the development of more aligned mobile communications market. It is a voluntary scheme through which network equipment vendors subject their product development and lifecycle processes to a comprehensive security audit against the currently active NESAS release and its security requirements. The summary independent audit reports of the NESAS assessment can be found here: https://www.gsma.com/security/nesas-participating-vendors/
GSMA NESAS, which is widely accepted in the industry, ensures that the relevant equipment
- Meets the Scheme’s 5G network security and reliability requirements.
- The integrated assessment process avoids fragmented assessments and their resulting costs, while improving the transparency of security protection levels in the industry through visual and measurable results.
- NESAS covers 20 assessment categories, defining security requirements and an assessment framework for 5G product development and product lifecycle processes.
- Additionally it uses security test cases defined by 3GPP to assess the security of network equipment.
“GSMA NESAS is the latest approach in assessing the network security of mobile communications. In the 5G era, NESAS provides a standardized and effective cyber security assessment, which allows the communications industry to ensure fairness. The Assessment is also a valuable reference for stakeholders, such as operators, equipment vendors, government regulators, and application service providers. Huawei has always focused on technology-driven cyber security. We welcome NESAS with full support and collaboration. We also invite the entire industry to jointly promote the development of a more aligned mobile communications market.” – said Devin Duan, Head of 5G E2E Cybersecurity Marketing, Huawei.
Huawei says cybersecurity assurance is a shared goal between Huawei, customers, supervisory authorities, and other stakeholders. Trust in cybersecurity has become a major global concern as the world becomes more digital. The company says it believes that trust must be based on verifiable facts, which should, in turn, be based on shared standards. The company also says it believes that this is an effective way to build trust in the digital era.
In their release, the company says, “Huawei supports GSMA and 3GPP in developing a global standardized security assessment, an idea that has largely been accepted as an industry consensus. NESAS promotes this concept, and as such, Huawei urges the industry to widely adopt NESAS.”
Prior to passing GSMA NESAS, Huawei also passed the 5G cyber security test by China’s IMT-2020 (5G) Promotion Group. These test specifications are based on the 3GPP international standards for 5G security assurance.