Opening Critical Infrastructure: The Current State of Open RAN Security

RRHs are usually located close to antennas, often mounted on the cell tower. The BBUs used to be co-located with the cell-tower but current infrastructure has them located further away, at a central site. The evolution of RAN is shown in this diagram from Analysys Mason.

Virtualized RAN (vRAN) is a virtualized BBU that runs on commercial off-the-shelf hardware. In a disaggregated vRAN design, the BBU is split into two components, the central unit (CU) and the distributed unit (DU).

Open RAN

Despite virtualization and disaggregation, RAN architecture remained relatively closed (that is, most components had to come from the same vendor to ensure compatibility). When the network architecture is closed, operators usually need to pay huge costs to a single vendor to purchase equipment and technology.

O-RAN architecture aims to achieve interoperability and flexibility by adopting open standards, interfaces, and protocols. Open RAN breaks the closed nature of the system, allowing operators to choose equipment and software from different suppliers, therefore achieving a higher degree of network customization (for example, purchasing the CU from one vendor, then getting the DU from another). This allows for greater participation from second- and third-tier equipment manufacturers.

O-RAN is more than just open interfaces — it enables open access to next-generation RANs through artificial intelligence-based control. An open interface between local network entities and the RIC can facilitate real-time sensing and management of and reaction to radio resources. However, due to its open-standard nature, O-RAN is inherently more vulnerable to attacks and additional threats, so designing appropriate security mechanisms is a key issue.

O-RAN Alliance

The O-RAN ALLIANCE, an open technical organization consisting of mobile operators, vendors, research organizations, and academic institutions that strive for the advancement of the Open RAN concept, has devised a set of Open RAN specifications.

The Alliance previously collaborated with the Linux Foundation to develop a reference implementation for the specification, called the O-RAN SC. The O-RAN SC specification is open-source, with code contributions coming from top RAN vendors like Ericsson, Nokia, Samsung, Radisys, and AT&T. Given this collaborative effort, it is more likely that many vendors will incorporate O-RAN SC code into their commercial products.

O-RAN architecture

The O-RAN Alliance provides an overview of the O-RAN architecture on their website. Note that it is not necessary to understand all the components in the diagram for the purpose of this write-up. Figure 3 shows how O-RAN fits into the 5G network topology.