Work Package 1: Project management and coordination

WP1 is responsible to ensure timely execution of all other WPs, with the required effort and with the aim of obtaining high quality results. It will coordinate and supervise the work along with the WP leaders, providing continuous support. More concretely, WP1 will
• Provide efficient overall project coordination, including overseeing progress and handling reporting
• Early monitoring any issues/challenges and ensuring resolution of any problems.
• Ensure diligent and precise financial management.
• Ensure that the work of the different WPs is well coordinated.
• Assure that planned deliverables and publications are provided timely, adhering to a good quality standard.
Development of a communication and interaction strategy with other projects and with the EC.

 Work Package 2: Requirements Analysis

This WP will provide an analysis of the security requirements and the standardization activities in 5G networks. Its main objectives:
• identification of relevant stakeholders and their roles
• overview of 5G security from the perspective of standards development
• monitoring of 5G security-related activities in standards development organizations and recording of existing and approved standards, and those under-development
• overview of 5G security-related documents published by fora, associations, research institutes and governments
• Perform Gap analysis on 5G security
• Roadmap on the application of the SCAS/SECAM specification on the 5G-TACTIC building blocks and relevant processes definition
• Definition of the 5G-TACTIC security architecture and its main building blocks

 Work Package 3: Development of the 5G Cybersecurity Toolbox

• Develop a complete SECAM evaluation process that will be used to provide reasonable security assurance that the 5G-TACTIC building blocks including RAN and CORE operate as expected and enable MNOs to determine the required level of security of network products
• Develop an evaluation methodology (based on SECAM) to analyse, test and assess cybersecurity aspects of Open RAN solutions provided by ACC and BBRAN as well as open source 5G NR and CN implementations.
v For the RAN, investigate vulnerabilities in gNBs, while for the CN test and verify cyber-security aspects and vulnerabilities of VNFs.
• Complement the EU 5G toolbox through the development of both technical measures and support actions that can mitigate identified vulnerabilities and threats.
• Technology solutions and enhancements will be proposed to protect the system from weak authentication mechanisms and threats against the O-RAN interfaces
• Investigate AI/ML techniques to detect threats to RIC controller and DoS attacks that may compromise the system.
• Address and mitigate CN risks.

 Work Package 4: Development of Supporting Infrastructure and Lifecycle Management for the 5G Cybersecurity Toolbox

• Develop a complete SECAM evaluation process that will be used to provide reasonable security assurance that the 5G-TACTIC supporting infrastructure (network, compute elements and orchestration layer) operates as required.
• Analyse, test and assess cybersecurity aspects of the 5G supporting infrastructure (underlying network infrastructure and control) as well as the overlay Lifecycle Management (LCM) tools. The analysis will target cybersecurity aspects in SDN controlled transport network, Multi-Access Edge Computing, Network Slicing and MANO.
• Development of mitigating measures for the 5G supporting infrastructure and the Lifecycle Management tools.

 Work Package 5: Demonstration and Piloting Activities (integration and testing)

• Define the details of the scenarios for the different pilots and capacity building exercises to be executed in order to validate the 5G-TACTIC building blocks
• Undertake the preparatory and configuration actions for the pilot development.
• Implementation required to realize the 5G end-to-end pilots including the corresponding interface and subsystems adopted and extended in 5G-TACTIC.
• Perform end-to-end assessment of security compliance.

 Work Package 6: Training Activities for 5G stakeholders

The following activities should be considered:
• information sharing between different 5G actors;
• adopting a holistic approach to security training and awareness among the employees, including employees at all levels of the organisation;
• ensuring that security training is continuous, regular and frequently updated.
• Provide key personnel with relevant training and material on security issues.
• Implement a program for training, making sure that key personnel have sufficient and up-to-date security knowledge.
• Organise trainings and awareness sessions for personnel on security topics important for your organisation.
• Test the security knowledge of personnel.
• Provide technical training on specialised 5G topics

Work Package 7: Supporting Actions, Dissemination and Exploitation

• Raise awareness regarding the project activities, outcomes and results and facilitate stakeholder engagement.
• Enable cross-fertilisation between communities with expertise in 5G technologies/networks and cybersecurity.
• Enable knowledge and know how transfer from the technical community to National regulation and cybersecurity authorities.
• Support standardisation-related activities establishing a two-way influence between SDOs and the project work to guarantee overall viability and coherence of the project results, support market relevance of the project outcomes and influence technology advancements.
• Facilitate exploitation of the project output and results in support of the relevant EU industry and legislation framework