Fraunhofer AISEC brings cybersecurity expertise to secure and trusted 6G mobile networks

The market launch of the new mobile communications standard 6G is forecast for around 2030. 6G networks are expected to improve on the existing 5G networks not only because of their special performance and sustainability, but also because of their trustworthiness. In order for Europe to play a decisive role in the development and introduction of the technical standards for 6G and thus ensure its sovereignty in this key technological field, a total of 29 companies and research institutions are cooperating in the BMBF research project “6G-ANNA”. The Fraunhofer Institute for Applied and Integrated Security AISEC is contributing its cyber security expertise in the fields of “Confidential Computing” and “Code Analysis”. In this way, the overall IT system is to be designed as a zero-trust architecture and faulty codes are to be detected and corrected as early as the development process. “6G-ANNA” has a volume of 38.4 million EUR and runs until mid-2025.

6G continues a technological trend that had already begun with the 5G mobile radio standard: functionalities of the mobile radio network are increasingly implemented as freely available software that runs on virtualised hardware provided via cloud computing. Mobile-specific hardware components and proprietary software, on the other hand, are on the retreat. One example is the Radio Access Network (RAN). Here, antennas capture the mobile radio signals and convert them into digital data packets for further processing.

The switch to open software components creates flexibility and saves on costly hardware. At the same time, a complex, distributed and virtualised IT system is created that must be protected against attacks and made trustworthy. In the “6G-Access, Network of Networks, Automation & Simplification (6G-ANNA)” project funded by the Federal Ministry of Education and Research (BMBF), Fraunhofer AISEC is further developing methods and solution approaches from cyber security research for this purpose.

Confidential computing for zero-trust architectures
One focus of the AISEC research work is the topic of “Confidential Computing”. The term stands for technologies that ensure the confidentiality and integrity of data during transmission, processing and storage. This includes, among other things, the so-called “remote attestation” for checking the integrity of virtual machines. This ensures that only authentic software is used and that proof of the integrity of the virtual machines is provided. Data is only exchanged after the integrity has been successfully attested.

Among other things, “GyroidOS” is used – a secure solution for container virtualisation that runs on virtualised hardware and virtualised operating systems. Container virtualisation uses internal functions of the operating system to run applications isolated from each other on the same host system. Through corresponding functionalities of the operating system, “GyroidOS” protects the integrity and authenticity of the data in the container. In addition, the confidentiality of data at the container boundaries is guaranteed. “With this, we are bringing ‘Confidential Computing’ into future 6G architectures,” says Sascha Wessel, head of the “Secure Operating Systems” department at Fraunhofer AISEC.

Automated code analysis for network software
For secure communication, encryption, compliance and certification of software, the regulations of the responsible authorities and institutions apply – in Germany, for example, the requirements from the Technical Guideline TR-02102-1 [BSI-22] of the Federal Office for Information Security (BSI) on encryption. Fraunhofer AISEC’s code analysis tool “Codyze” checks whether these requirements are met. The advantage: automated security checks already during development shorten development cycles. “We are developing ‘Codyze’ further for ‘6G-ANNA’ and expanding it for 6G,” says Christian Banse, head of the “Service and Application Security” department at Fraunhofer AISEC. In the process, “Codyze” is to be expanded above all to include further fields of application beyond secure encryption. “For example, ‘Codyze’ will become a static code analysis tool for compliance with relevant standards and guidelines of software components in 6G networks,” says Banse. In addition, “Codyze” is to be extended to analyse other programming languages besides C++ and Java in which software components for 6G networks are written.

Higher data rates, faster response times and improved positioning accuracy
The new mobile phone generation 6G promises higher data rates, faster response times and improved localisation accuracy. This makes it interesting for concrete applications such as