Enabling Secure 5G Standalone (SA) Core Deployments
White Papers
Introduction
5G SA introduces a fundamentally new, cloud-native, service-based core architecture that enables exceptional performance, agility, and dynamic service delivery. It marks a departure from legacy 4G LTE and 5G Non-Standalone (NSA) models, offering enhanced flexibility and scalability to support diverse use cases through features like network slicing and rapid service innovation.
Challenges in 5G SA Core Validation
This architectural change brings new challenges. The disaggregated 5G SA Core, with its many Network Functions (NFs) and interfaces, increases both testing complexity and the attack surface. Operators must ensure interoperability, performance, and security across evolving 3GPP standards.
End-to-End (E2E) Validation
End-to-end validation is essential to simulate realistic UE-to-Core traffic, including signaling (N1/N2), data (N3/N6), inter-slice mobility, handovers, and attach/detach events. E2E testing also uncovers vulnerabilities during load and state transitions.
Isolated Network Function Testing
Isolated testing of key NFs such as AMF, SMF, and SBA nodes supports deep validation of protocol compliance, scalability, and resilience. Security testing in this context includes TLS mutual authentication, SUPI/SUCI protection, and authorization enforcement.
User Plane Function (UPF) Testing
The paper also highlights the importance of UPF testing in complex topologies (e.g., intermediate UPFs, ULCL, MEC). Objectives include session continuity during mobility, traffic steering accuracy, QoS enforcement, and detection of spoofed or malformed packets.
Solution: Keysight’s P8900S LoadCore
To meet these demands, Keysight’s P8900S LoadCore provides a cloud-native, protocol-aware solution for full-core simulation, NF isolation, E2E testing, and security validation. It can emulate thousands of gNBs, millions of UEs, and stress-test SBA interfaces under real-world conditions.