How DARPA Leverages Open Source to Secure 5G
LF Networking | 10 April 2023
This post is based on a presentation by Tejas Patel, program manager in the information innovation office at DARPA, given during ONE Summit North America 2022.
When DARPA set out to explore the future of 5G, we asked ourselves, “how can DARPA have an outsized effect on the networking community?”
For us, the answer was quite simple: Focus on making security easy and readily available.
So the next natural question was “how” we accomplish this goal.
We did this by breaking the problem down into three parallel efforts across the random core:
- The first is the Open Programmable Accelerators for 5G or OPA 5G effort focusing on creating a 5G reference waveform implementation.
- The second is the Pronto effort focusing on self-healing networks. This effort leverages commercially- available p four programmable switches to accomplish two things. First, it allows for real time line rate monitoring within network telemetry. Second, this telemetry allows for deploying formally verified corrective code into the network to correct apparent behaviors.
- The third is the Open Programmable Secure 5G or “Ops 5G” effort, focused on adding security to core networks by recognizing that future networking equipment will be built upon commodity hardware. Over time, we expect these components not just to be extensions to 5G software but baked into it from the get-go.
The final question we asked ourselves in how to run these programs was what we should build upon?
DARPA is in the business of running research projects lasting between three and four years, not in long-term sustainment. This meant that greenfield development was out of the question.
Instead, we turned to the Linux Foundation to build upon the 5G Super Blueprint, leverage their existing relationships with the open source community, and utilize the Linux Foundation’s proven track record for enabling long term sustainment and evolution of open source projects.
Key touch points between DARPA & the 5G Super Blueprint / GOV OPS-5G:
- Peloton Labs is focusing on remote attestation of user equipment and Distributed Denial of Service mitigation of core infrastructure USCI.
- USC-ISI is focusing on secure network slicing, and the core pronto is focusing on Closed Loop Control that spans all the way from the user edge to the core network.
- And finally, we have Software Radio Systems creating an open source 5G waveform.
By itself, open source software is not useful; the value comes from how the source code is developed.
To that end, we have SRS focusing on developing functionalized software versions of 5G handsets and base stations, emphasizing ease of readability, flexibility, and modularity. This allows anyone to audit the code base and have confidence in the software stack. This is particularly important given the growth of tunable network parameters. As we have moved from 2G, 3G, all the way to 5G, having an open source implementation allows anyone to tune these parameters and see exactly what effect this tuning has. No longer are we in the world of blackbox testing.
This is particularly important to the DoD as we often find ourselves not just in unknown environments but potentially hostile environments, and being prepared for hostility is often the difference between life and death for our deployed service members.
Watch Tejas Patel’s entire presentation on the LFN YouTube channel, and stay tuned for more examples of how LFN is deployed.
Similar Articles
Browse Categories
Cloud Computing Compliance and Security Open Source Projects 2024 Linux How-To LF Research Open Source Ecosystem and Governance Blog Diversity & Inclusion Research Newsletter Data, AI, and Analytics linux blog Training and Certification Linux Cross Technology Cloud Native Computing Foundation cybersecurity software development Announcements Decentralized Technology Legal OpenSearch Sustainability and Green Initiatives cloud native generative AI lf events Finance and Business Technology Networking and Edge cncf industries Emerging Technology Health and Public Sector Interoperability Kubernetes Topic: Security Web Application & Development amazon web services aws community tools confidential computing challenges decentralized AI decentralized computing eBPF funding japan spotlight kernel license compliance openssf ospo research survey skills development state of open source tech talent