Spirent circle logo

The Essentials of 5G MEC Security Assurance


Multi-access edge computing (MEC) introduces rich complexity into the 5G equation, drastically expanding the threat surface. A holistic understanding of the range of threat vectors in 5G MEC solutions is essential for developing a comprehensive testing strategy. Spirent SecurityLabs’ recognized expertise in 5G security provides a proven methodology for 5G MEC security testing.

Multi-access edge computing represents a game-changing capability in 5G environments for organizations, delivering faster speeds and enhanced bandwidth, thereby fostering a new level of products and services for their customers.

Alongside 5G, MEC has emerged as an amplified means of delivering the ultra-low latency and high bandwidth that enterprises value and that is crucial for existing and emerging use cases such as autonomous vehicles and smart cities. As well, the cutting-edge of advantage in cloud and next-gen mobile gaming, requiring the lowest latency and highest performance possible for users – in essence defining the next generation of networking – is powered by MEC.

To achieve that capability, a new level of rich complexity is introduced into the 5G equation, and with that comes a drastically expanded threat surface which must be accounted for with comprehensive end-to-end security coverage. Understanding the range of threat vectors and factors associated with MEC solutions offers insight into comprehensive testing strategy requirements to assure validation of the entire MEC solution so 5G it can deliver on its promise.

Security threats to 5G via MEC

One of the fundamental characteristics of MEC solutions is that they are largely open environments for third parties to enable better performance for users. MEC data centers will host a large variety of stakeholders, applications, application programming interfaces (APIs), data, and technologies, which will constantly interact.

MEC data at rest and in transit represent expanded security vulnerabilities

It’s that multivariate and open environment which can be so easily abused, exploited, or misused. Each of these component parts have their own security concerns and they must each be secured, as well as the way they communicate. Applications, for example, should be logically separated, while data needs to be segmented appropriately and their interactions must be policed and monitored.

There are a range of threats that a MEC data center could face when it goes live. A successful attack on a MEC solution could lead to exploitation of any of the technologies, data, and users within the MEC ecosystem and can even be a vector for a broader attack on 5G core networks or the broader supply chain. The categories where vulnerabilities may exist in 5G MEC solutions are described in the following sections.

Abuse of assets

A first point of concern is that the internal assets of the MEC data center might be abused by attackers, co-opting the architecture of MEC solution to their own ends. These threats include:

  • Zero-day vulnerabilities

  • Tampering and exploitation

  • Availability and performance degradation

  • API exposure

  • Component manipulation

Supply chain compromise

The MEC ecosystem fundamentally connects users, technologies, enterprises, vendors, customers and 5G networks. Attacks that enable a compromise of the broader supply chain and affect the users and systems within it include:

  • Development manipulation

  • Source code manipulation

  • Update/distribution manipulation

  • System image compromise

  • Software component replacement

  • Counterfeit sales

  • Shipment interdiction

Misconfigurations and weak security controls

Improper or poorly implemented security controls are an enduring challenge for MEC solutions. When attackers find those gaps, they will exploit them. These gaps can also lead to accidental unauthorized access and exposure of information and APIs by otherwise legitimate actors. Vulnerabilities include:

  • Manipulation of target environment

  • Compromise of network integrity

  • Misconfiguration of software

  • Tampering with security controls

Platform security and integrity

The security and integrity of the MEC platform relies on the resilience of the tools and processes that protect and manage it. This is the starting point when planning and developing MEC security and understanding the associated list of potential vulnerabilities. Platforms include:

  • Operations, Administration and Management (OA&M) Security

  • User authentication

  • Encryption

  • Key and certificate management systems

  • Cryptographic algorithms

Application security

MEC solutions host a large variety of web applications, and through software vulnerabilities in those applications, serious threats can arise if authentication or access controls are not properly managed. The entry points in applications can present vulnerabilities which permit a range of cyber intrusions where attackers can gain unauthorized access to data, elevate their privileges, and exploit a variety of MEC components and internal assets.

One of the main characteristics of a MEC solution is that it can open itself to third parties to host their services. Opening those APIs to third parties also presents the potential for vulnerability exploitation on numerous levels.

Assessment strategies for 5G MEC security

A wide range of threats must be understood and ultimately mitigated if 5G and MEC’s true potential is to be realized. Security will be a firm expectation for all stakeholders in the MEC ecosystem. In order to assure them of a MEC solution’s trustworthiness, rigorous and comprehensive testing in both the development and live environments is crucial.

Recognizing that MEC solutions are architected in multiple ways, where individual implementations vary in a variety of bespoke environments, Spirent SecurityLabs has many years of experience delivering testing solutions in this space. This includes a special focus on 5G security. With this extensive background, SecurityLabs created of a set of essential testing strategies to assess the security posture of the MEC solution – whether public or private – before deployment, to identify and prioritize vulnerabilities.

Focused on Network Functions (NFs) the testing strategy includes, but is not limited to, the steps found below. This assessment model has been utilized with a number of major North American Tier 1 operators:

  • MEC Security Architecture Review

  • Network Penetration Test

  • Host Security Assessment

  • Kubernetes Security Audit

  • MEC Application and API Penetration Test

Accounting for new cybersecurity frameworks

Any testing strategy for 5G MEC security should also account for the new cybersecurity frameworks which have come out since the emergence of 5G, which resulted in more sophisticated threats and a broader threat surface. This elevated the urgency and importance of holistic security and necessitated employing new frameworks of security management. They include:

  • Secure Access Secure Edge (SASE): A cloud-centric distributed security architecture securing users and applications as opposed to subnetworks and IP resources

  • Zero Trust and Zero Trust Network Access (ZTNA): Eliminating the notion of trust, necessitating that access must be granted for each application transaction

  • Transport Layer Security (TLS): Use of encryption targeted at preventing malicious unauthorized altering of transmitted data between endpoints and eavesdropping

  • Mutual authentication: Where the sender and recipient must verify the other party is genuine and trusted

The testing strategy described above is covered in greater detail and much more, in the associated white paper on this topic.

Qualifications for comprehensive 5G MEC testing

Recognizing the significant list of requirements for holistic 5G MEC security, organizations at times see the benefit of supplementing their inhouse capabilities with a qualified testing partner. This option often provides subject matter expertise to augment in-house testing teams, as well as saves on costs due to the elimination of ramp-up time required for expert testing in this space. A test partner who has a full spectrum understanding of the nuances and complications of 5G network infrastructures and the variety of MEC implementations, are key elements of a qualified testing partner.

Learn more, read the white paper The Fundamentals of Ensuring 5G MEC Security.

Like our content?

Subscribe to our blogs here.

Blog Newsletter Subscription

Sameer Dixit

VP, Security Consulting

Sameer is Vice President of Security Consulting at Spirent Communications, leading the Spirent SecurityLabs ethical hacking and security research team. Sameer is recognized a leader in cyber security, with 20 years’ of experience in penetration testing and security research. Sameer has contributed research for leading industry groups such as OWASP and CTIA, and regularly contributes on security-related topics to leading publications and outlets such as Security Week, Business Insider, ZDnet, SC Magazine and Security Boulevard. He has also spoken at cyber security conferences such as DefCon, CyberSecurity Chicago, BlockCon, MilCis, Arm Tech Con, SINET Innovation Summit and IoT Slam etc. on security trends related to the emerging web, mobile communications, IoT, Cloud, 5G and the automotive industry. Prior to Spirent, Sameer has worked for a number of leading security companies, including Trustwave-SpiderLabs and Cenzic Inc., where he led the incident response, penetration testing, vulnerability scanning and managed security testing services team.