CSRIC Gets Updates on Virtualization, 911 Over Wi-Fi
The six Communications Security, Reliability and Interoperability Council working groups are getting started, and they updated the larger group Wednesday during a quarterly virtual meeting. Most reported they're organizing, with work to start in early 2022. The meeting was the second by the FCC group, reshaped by Chairwoman Jessica Rosenworcel (see 2104150056) with an emphasis on 5G security.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Co-Chair John Roese, chief technology officer of Dell Technologies, said the Leveraging Virtualization Technology to Promote Secure, Reliable 5G Networks WG will look at how “vendor-agonistic” 5G solutions could “foster a broader ecosystem and a superior 5G environment.” Carriers face more “attack surfaces” as they open the architecture of networks, he said. The subpanel will look “which funds could be made available to promote” virtualization, he said. Another focus is obstacles to virtualization “and along the way try to look at ways to increase vendor diversity and encourage interoperability,” Roese said. The group will look more broadly “at how virtualization has proliferated across the tech stack,” the lessons learned and best practices, he said.
The goal of the 911 Service Over Wi-Fi WG is finding consensus, said co-Chair Mary Boyd, Intrado vice president government & external affairs. The subgroup will look at voice and text, under normal conditions and during disasters, she said. “We’re going to look at security issues as well -- this is a theme with a lot of the working groups today,” she said: “We’re going to look at the missing standards, timelines and any costs it’s going to take to implement 911 over Wi-Fi.” Boyd said she has had more volunteers come forward than she has seen on previous 911 CSRIC WGs.
New CSRIC member Harold Feld, Public Knowledge senior vice president, said the 911 WG should look at consumer privacy. “That’s just going to be a natural thing that we have to consider.” Boyd responded: “In most of the 911 issues that I’ve worked on throughout my career, privacy is one issue that we’ve always discussed.”
The 5G Signaling Protocols Security WG is looking at risks in HTTP2 signaling protocol, to keep them from also becoming part of next-generation HTTP3, said co-Chair Brian Daly, AT&T assistant vice president-standards and industry alliances. Threats include slow-read attacks, “which call on malicious clients to read responses very slowly,” dependency-cycle attacks and stream-multiplexing abuse, he said: “Our task is to research these, as well as identify any other vulnerabilities and attack vectors identified by industry.”
The Leveraging Mobile Device Applications and Firmware to Enhance Wireless Emergency Alerts WG is looking at how popular apps can make alerts work better, said co-Chair Francisco Sanchez, deputy homeland security & emergency management coordinator in Harris County, Texas. “Researchers have found that allowing WEA to leverage the mapping capabilities of popular smartphone applications can help reduce the amount of time the public spends trying to confirm that the emergency alert is relevant.” Mobile devices' suite of accessibility features could make WEAs “more accessible to individuals with access and functional needs,” he said.
The goal of the Promoting Security, Reliability, and Interoperability of Open Radio Access Network Equipment WG is to add new information and research, said co-Chair Mike Barnes, Mavenir chief security officer. “We do not want to just duplicate information that’s already there.” CSRIC will next meet March 30, with reports due next year and in 2023.