O-RAN establishes an advanced radio access network (RAN) architecture that supports inter-operable, multi-vendor, and artificial intelligence (AI) controlled wireless access networks. The unique components, interfaces, and technologies of O-RAN differentiate it from the 3GPP RAN. Because O-RAN supports 3GPP protocols, currently 4G and 5G, while offering additional network interfaces and controllers, it has a larger attack surface. The O-RAN security requirements, vulnerabilities, threats, and countermeasures must be carefully assessed for it to become a platform for 5G Advanced and future 6G wireless. This article presents the ongoing standardization activities of the O-RAN Alliance for modeling the potential threats to the network and to the open fronthaul interface, in particular. We identify end-to-end security threats and discuss those on the open fronthaul in more detail. We then provide recommendations for countermeasures to tackle the identified security risks and encourage industry to establish standards and best practices for safe and secure implementations of the open fronthaul interface.

翻译：O-RAN建立了一种先进的无线接入网络（RAN）架构，支持互操作、多供应商及人工智能（AI）控制的无线接入网络。其独特的组件、接口和技术使其区别于3GPP RAN。由于O-RAN在支持3GPP协议（目前为4G和5G）的同时，还提供额外的网络接口与控制器，其攻击面更为广泛。为使O-RAN成为5G Advanced及未来6G无线网络的平台，必须审慎评估其安全需求、漏洞、威胁及应对措施。本文介绍了O-RAN联盟在针对网络（尤其是开放前传接口）潜在威胁建模方面的现行标准化活动。我们识别了端到端安全威胁，并更详细地讨论了开放前传接口上的威胁。随后，我们针对已识别的安全风险提出了应对措施建议，并鼓励业界制定相关标准与最佳实践，以确保开放前传接口的安全可靠实现。