Domestic 5G development at core of US communications security plan

New NTIA document outlines White House 5G security goals, which promote home-grown R&D and call for continuous risk assessment and management.

5G light trails
PLEJ92 / Getty Images

In late March, during the first phase of the coronavirus lockdown, the White House issued a little-noticed document entitled The National Strategy to Secure 5G of the United States, which articulates a “vision for America to lead the development, deployment, and management of secure and reliable 5G communications infrastructure worldwide, arm-in-arm with our closest partners and allies.” The document was the White House’s effort to comply with the Secure 5G and Beyond Act, which required the president to” develop a strategy to ensure the security of next generation mobile telecommunications systems and infrastructure in the United States.”

The Act also required the president to submit within 180 days an implementation plan developed in consultation with a host of government departments and agencies. In May, the Commerce Department’s National Telecommunications and Information Administration (NTIA) began a proceeding to receive comments on how it might implement the vision of the White House Strategy, with the comment period ending on June 25. Early this week, NTIA posted the comments it received from 80 organizations, corporations and interested individuals.

Key 5G security objectives

The seven-page White House document is a bare bones overview of strategic objectives, painting only broad-brush strokes on how to achieve the 5G security objectives it outlines. The goals of the strategy are to:

  • Facilitate domestic 5G rollout: Pointing to an FCC strategy to facilitate American superiority in 5G technology, the National Strategy also aims to work with the private sector on more R&D to facilitate domestic 5G rollout.
  • Assess the risks and identify core security principles for 5G infrastructure: The strategy says that in partnership with state, local and tribal governments as well as private sector partners, the government will “seek to continuously identify and characterize economic, national security, and other risks posed by cyber threats to and vulnerabilities in 5G."
  • Manage the economic and national security risks from the use of 5G infrastructure: The strategy primarily relies on the federal Acquisition Supply Chain Security Act of 2018, which “creates a unified, whole-of-government approach to protecting Federal systems from supply chain risks in covered articles” as well as Executive Order (E.O.) 13873, “Securing the Information and Communications Technology and Services Supply Chain,” signed in May 2019.
  • Promote responsible global development and deployment of 5G infrastructure: The White House says the US will participate in international 5G security principles through frameworks, such as the Prague 5G Security Conference, and continue working with relevant standards-setting 5G organizations with the private sector. The administration also plans to “work with the private sector, academia, and international government partners to adopt policies, standards, guidelines, and procurement strategies that reinforce 5G vendor diversity to foster market competition.”

US aims to retake lead in 5G development

“It’s critically important that the United States and, on a broader level, the West get 5G right and lead the world in this development,” Senator Mark Warner (D-VA), Vice-Chair of the Senate Intelligence Committee, said this week during a webinar on 5G security strategy hosted by US Telecom. “Unfortunately, I would argue through a variety of twists and turns in the wireless industry over the past 20 years on the equipment side, we no longer have an American provider on 5G.”

The United States was “so used to leading in wireless; we're so used to setting the rules, the protocols, the procedures, the standards,” Warner said. “Suddenly, over the last five to seven years, more specifically the last couple of years, we’ve seen that normal western and American-specific dominance really be questioned by an emerging China.”

Warner, who is well-versed in mobile technology and business, having founded a top wireless company, Nextel, that he later sold to Sprint, is particularly concerned right now by the Chinese communist party’s control over telecom technology. He worries even more about the precedent that China’s dominance in telecom technology might establish for future innovation.

“I fear what’s playing out in 5G is the blueprint for what will be happening with China in artificial intelligence, quantum computing, and a host of other areas,” he said.” It is a preview of what may be, in a sense, the technology arms race of the future.”

Software-dependent systems seen as more secure

One idea Warner embraces to improve 5G security is to “move away from a closed, hardware-dependent system and move to a software-dependent system” that plays to the strength of American companies. In particular, Warner is promoting a bill he introduced in January, the so-called O-RAN bill, which requests $1 billion in federal funds to invest in open radio access network technology. The goal of jumpstarting the software alternative is to help American companies develop technology that is price-competitive with Chinese telecom tech companies such as industry leader Huawei.

The good news for Warner is that the O-RAN bill was added to must-pass legislation, the National Defense Authorization Act, which will pass by the end of the year. The bad news, he said, is that the Senate appropriators dramatically cut back on his request, whittling R&D funding for the initiative down from $750 million to $50 million for the first year. Funding for collaboration with international partners was likewise slashed, down from a requested $500 million to only $25 million.

Meanwhile, NTIA is plowing through the 80 sets of comments it received on the White House strategy. Commenters range from telecom giant AT&T to New York City to concerned citizens worried over the latest conspiracy theory that 5G is a technology that will be used to control the people. NTIA hopes to soon produce a summary of the comments it has received, Evelyn Remaley, Associate Administrator, Office of Policy Analysis and Development, NTIA, said during the US Telecom webinar.

Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies