The Open Radio Access Network (RAN) is a networking paradigm that builds on top of cloud-based, multi-vendor, open and intelligent architectures to shape the next generation of cellular networks for 5G and beyond. While this new paradigm comes with many advantages in terms of observatibility and reconfigurability of the network, it inevitably expands the threat surface of cellular systems and can potentially expose its components to several cyber attacks, thus making securing O-RAN networks a necessity. In this paper, we explore the security aspects of O-RAN systems by focusing on the specifications and architectures proposed by the O-RAN Alliance. We address the problem of securing O-RAN systems with an holistic perspective, including considerations on the open interfaces used to interconnect the different O-RAN components, on the overall platform, and on the intelligence used to monitor and control the network. For each focus area we identify threats, discuss relevant solutions to address these issues, and demonstrate experimentally how such solutions can effectively defend O-RAN systems against selected cyber attacks. This article is the first work in approaching the security aspect of O-RAN holistically and with experimental evidence obtained on a state-of-the-art programmable O-RAN platform, thus providing unique guideline for researchers in the field.

翻译：开放式无线接入网络（O-RAN）是一种基于云化、多厂商、开放且智能的架构构建的网络范式，旨在塑造面向5G及未来通信的下一代蜂窝网络。虽然这一新范式在网络的可观测性与可重构性方面具有诸多优势，但它不可避免地扩大了蜂窝系统的攻击面，并可能使其组件暴露于多种网络攻击之下，因此保障O-RAN网络的安全性势在必行。本文聚焦于O-RAN联盟提出的规范与架构，全面探讨O-RAN系统的安全特性。我们以整体视角审视O-RAN系统的安全防护问题，涵盖用于连接不同O-RAN组件的开放接口、整体平台以及用于监控与网络的智能机制等层面。针对每个重点领域，我们识别潜在威胁，探讨应对这些问题的相关解决方案，并通过实验证明此类方案如何有效防御特定网络攻击对O-RAN系统的侵害。本文是首项从整体视角并结合最先进可编程O-RAN平台实验证据来研究O-RAN安全性的工作，从而为该领域研究人员提供了独特的指导性参考。