Resilience and Security - 6G für Mensch, Umwelt & Gesellschaft

Resilience and Security

The goal is to create a resilient and secure 6G system that detects attacks and contingencies (failures, overloads, etc.), absorbs them flexibly, recovers in a timely and sustainable manner, or compensates for impaired functionality through transformation. To this end, a novel, holistic resilience-by-design and security-by-design approach is being pursued, in which resilience and security (including privacy, with a focus on availability) are incorporated into system design from the outset and integrated as a core component of 6G systems. The new resilience and security solutions for 6G will be developed at all relevant system levels:

technology and hardware,
6G RAN/edge, and
6G core/cloud. Their interaction will be optimized taking into account Device/RAN/Edge/Core/Cloud convergence as well as 6G apps in a holistic and end-to-end (E2E) view

The solutions each include

“self-awareness” that ensures anomalies, misbehaviors, attacks, etc. are detected autonomously and automatically,
self-reconfiguration capability that enables rapid and agile, reactive or proactive adaptation for optimization and healing, and
self-protection mechanisms that anticipate attacks and impending resilience degradation. Furthermore,
cryptoagility is pursued, i.e., the design of a security architecture for coupling “classical” crypto, quantum key distribution (QKD), and postquantum crypto to achieve an end-to-end minimum security level for crypto deployment in 6G

For resilience and security, softwareization, programmability and AI are part of the solution, as they enable the necessary reconfigurability, modularity, agility, elasticity, and relocation and modification of functionalities, but they also pose new challenges.

Project goals

Integrated overall concept for resilience/security-by-design
- Requirements, threat analysis and metrics across all system levels, user involvement
- Monitoring, AI-based anomaly detection and attack detection for all system levels.
- E2E resilience, security, and trust approach for ultradynamic, organic 6G networks
- Joint security/resilience consideration for device/RAN/edge/core/cloud convergence under zero-trust assumptions; evaluation in concert with resilience-critical 6G apps
Resilience/security-by-design for technology and hardware
- Evaluation of resilience and reliability of BiCMOS technology for 6G deployed in WP 5
- Design of new architectures and methods for operating “self-aware” and reconfigurable hardware (analog and digital, sensing and communications): AI analysis of PHY layer status (internal and environment), threat detection, remediation through real-time reconfiguration
Resilience/security-by-design for 6G RAN/Edge
- RAN/Edge programmability and connectivity to 6G core/6G apps and thereby software-defined mechanisms for resilience and security (failure, overload, attacks, segmentation, etc.)
- Development of new methods (distributed, proactive, anticipatory, offline/online learning) for “self-aware” and reconfigurable, “app-aware” resource management and adaptive choice of transmission mechanisms
- Design of energy-efficient, latency-minimizing methods for PHY security (including sensor authentication, link integrity monitoring) and PHY privacy, incl. empirical security analyses
- Novel software-defined methods for device/RAN/edge security (anomaly detection, attack detection, isolation, segmentation), including federated learning (privacy, multi-party)
Resilience/security-by-design for 6G core/cloud
- Design of customized, composable, software-defined resilience and security mechanisms (adaptation 6G core, scaling, geo-balancing, hot-standby, load balancing, attack isolation)
- Exploit heterogeneous and shared resources through flexible, scalable orchestration and automation between device/RAN/edge/core/cloud tiers to increase resilience
- Design resilient, efficient, low-overhead attack detection techniques for 6G core, AI-based attack detection for programmable switches in the data plane, network data synthesis
- Forensics-based root cause identification and learning for future network adaptations
6G in the quantum age
- Post-quantum cryptography options for 6G
- Key management in 6G and algebraic cryptography
- Aspects of quantum communications, quantum error correction for transmission of quantum information, and in particular quantum key exchange “over-the-air”
- Crypto-agility for 6G: Designing an integration of “classical” cryptography, post-quantum cryptography, and QKD in 6G

Role in project

Cross-sectional task, flows into overall architecture, experimental fields and OpenLabs
Programmability and AI are part of the solution on the one hand and pose new challenges on the other hand

Results and achievements

Begin initial analysis of applications and requirements, appropriate evaluation methodology, and corresponding Key Performance Indicators (KPIs):

Requirements analysis for resilience/security-by-design
Threat analyses regarding failures, attacks
Confidentiality of (meta-)data (security/privacy)
Metrics across all system levels, user involvement
Monitoring, AI-based anomaly detection and attack detection for all system levels
E2E resilience, security, and trust approach for ultra-dynamic, organic 6G networks
Joint security/resilience consideration for device/RAN/edge/core/cloud convergence under zero-trust assumptions
Evaluation in interplay with resilience-critical 6G apps