Open Radio Access Networks (O-RAN) are emerging as a disruptive technology, revolutionising traditional mobile network architecture and deployments in the current 5G and the upcoming 6G era. Disaggregation of network architecture, inherent support for AI/ML workflows, cloud-native principles, scalability, and interoperability make O-RAN attractive to network providers for beyond-5G and 6G deployments. Notably, the ability to deploy custom applications, including Machine Learning (ML) solutions as xApps or rApps on the RAN Intelligent Controllers (RICs), has immense potential for network function and resource optimisation. However, the openness, nascent standards, and distributed architecture of O-RAN and RICs introduce numerous vulnerabilities exploitable through multiple attack vectors, which have not yet been fully explored. To address this gap and ensure robust systems before large-scale deployments, this work analyses the security of ML-based applications deployed on the RIC platform. We focus on potential attacks, defence mechanisms, and pave the way for future research towards a more robust RIC platform.

翻译：开放无线接入网络（O-RAN）作为一种颠覆性技术正在兴起，它正在当前5G及即将到来的6G时代彻底改变传统移动网络架构与部署方式。网络架构解耦、对人工智能/机器学习工作流的原生支持、云原生原则、可扩展性以及互操作性等特性，使O-RAN对网络运营商在超5G和6G部署中极具吸引力。值得注意的是，在无线接入网络智能控制器上部署定制化应用程序（包括作为xApp或rApp的机器学习解决方案）的能力，为网络功能与资源优化带来了巨大潜力。然而，O-RAN与RIC的开放性、尚处萌芽期的标准以及分布式架构，也引入了可通过多种攻击向量利用的大量安全漏洞，这些漏洞尚未得到充分研究。为填补这一空白并确保大规模部署前系统的稳健性，本文分析了部署在RIC平台上的基于机器学习的应用程序的安全性。我们重点关注潜在攻击类型、防御机制，并为未来构建更健壮的RIC平台的研究铺平道路。