Workshop: Addressing 6G Cybersecurity and Privacy challenges (IEEE CAMAD 2024)

Cybersecurity and Privacy are of utmost importance in beyond-5G and future 6G network. 6G concepts will continue evolving towards release 21+ 3GPP, also leveraging developments from European SNS JU initiative. To address cybersecurity challenges in advance is paramount while system is designed. Key trends of the 6G landscape, in addition to their obvious technical and business value, as expected, are accompanied with a drastic increase in the attack surface compared to legacy cellular network infrastructures. Such trends which introduce additional security implications are:

• Disaggregation and cloud-native paradigm, expanding to the enhanced-SBA with full network virtualization. Disaggregation with a ‘cloud-native’ approach from RAN to Edge to Core, also continuing the virtualization trends (e.g. NFV/SDN)
• Multi-vendor and multi-stakeholder models introduce more complexity to manage in a multidomain environment. Zero touch security management over multidomain and disaggregated networks.
• Network openness and exposure APIs for 3rd party applications. 
• Secure, trusted and privacy-preserving environment for supporting the next generation of trustworthy continuum computing 6G services.
• More “intelligent network”, AI adoption for both aspects; i) Smart network management and more autonomous (including secure lifecycle management) and ii) Security threat analysis and reaction (including policies and applying mitigation actions). Trustworthy in networks.
• Smooth combination of public MNOs with other access technologies with special attention to NPN (private networks)
•  Edge-cloud continuum adding the so-called extreme edge (Robots, IoT, etc) to the Management & Orchestration (control plane) scope. The 6G Network is expected to integrate heterogeneous resources with the inclusion of far-edge and extensive Edge nodes usage. 

Regardless on impressive new 6G connectivity KPIs (in terms of bandwidth, latency, reliability, energy efficiency), the 6G system design and its future operation should comply highest standards of cybersecurity and privacy as a critical shared infrastructure. Moreover, in the 6G multi-actor pluralistic environment, privacy is pivotal, not only for the end users, but also for all involved stakeholders; and it needs to be considered as a key requirement in all technologies of the network stack, including security mechanisms.

The use and application of AI and network digital twins (DTs) for the identification, analysis and mitigation of attacks is a key part of the proposed workshop discussion. The workshop will introduce latest technical advances and concepts around cybersecurity in 6G addressed within three SNS JU projects (HORSE, PRIVATEER and RIGOROUS). From flagship Hexa-X-II project, the architectural aspects and their impact on 6G security will be introduced together with some other key topics such as physical layer security and quantum safe 6G infrastructure. Moreover, the security and privacy aspects are particularly discussed with respect to the most highlighted 6G use case families identified in Hexa-X-II project. The concept of key value indicators (KVIs) such as social and environmental sustainability and their role in defining new 6G end-to-end system on trustworthy infrastructure will be presented as the latest updates to the research community.

This workshop aims at bringing together top researchers in both areas of cybersecurity and 6G network under the umbrella of the EU SNS JU projects to share their ideas and research results, and hence create an opportunity for synergy with other projects acting a acts as central discussion hub for European research. In this workshop, special focus will be given novel approaches and strategies to deal with cybersecurity issues.

A round table with 4 invited experts in the second part of the workshop. We are requesting a 5′ position pitch (in advance) about challenges and key questions posed to participants (as indicated below). In addition, the new SNS phase-2 projects addressing security & privacy topics are also invited to introduce their initial approach. The overall goal of the workshop is to discuss common technical roadmaps, necessary actions to impact WGs and precisely SDOs, and inter-project opportunities for collaboration as well.

Workshop structure

The workshop is originally planned as a FULL DAY workshop and it will be structured as follows in 4 sessions of 1h30min each:

Session 1 – 1h30: 

• Keynote presentation (25min) with Q&A (5min) for setting the scene.  Diego Lopez (Telefonica) – Confirmed speaker.
• Then three relevant technical presentations (60’) as a result of 2-pages position paper each;
  • “Should we sacrifice privacy for security?” Presenter: Maria Christopoulou, NCSRDemokritos from PRIVATEER (15’  +5’Q&A)
  • “Using Network Digital Twins to detect, study and mitigate network attacks” Presenter Antonio Pastor, Telefonica, from HORSE (15’ + 5’Q&A)
  • “AI-driven Automated Security Orchestration, Trust Management, and deployment” – Presenter: Jorge Bernal University of Murcia from RIGOROUS (15’ +5’Q&A) 

Coffee Break

Session 2: 1h30: 

Technical panel of 6G cybersecurity  topics

• Round table with interactive discussion of 4 panelists + moderator and audience participation
• Selected panelist from SNS JU Stream B 01 04 projects (HORSE, PRIVATEΕR, RIGOROUS, and flagship HEXA_X-II)

Panelists to debate are invited. The different panelists should answer “in advance” some of the following questions in either a 3-slide elevator pitch or 1-page statement abstract to be introduced in 5 minutes before going for open discussion:

Some examples of key questions to address:

• Are there new attacks and threats expected in 6G networks? (beyond ‘classic’ attacks DDoS DNS amplification, end-points/Api exposure – RNAA attack, interception, etc)
• Which cybersecurity threats are associated to the complete disaggregation & virtualization of network? Is this increasing the surface for attacks?
• Which should be the cybersecurity research priorities for 6G network evolution? 
• What are the main challenges in distributed Security control and management?
• Let’s discuss the role of AI as a double sword in a source to be attacked (e.g. data poisoning attack) in autonomous networks and the AI usage to analyze and react to attacks (e.g. attack analysis and prevention).
• From research to standardization impact. Let’s discuss concrete PoCs, work items and experience reports that can be submitted to relevant WGs. 
• Where are the standardisation opportunities within ENISA / ETSI / ECSO WGs?
• What is the impact of established and upcoming regulatory frameworks such as EU Cybersecurity Act, EU AI Act, NIS 2 etc.?
• About operational challenges and policy, should the 6G-cybersec operation look like similar “5G cybersecurity toolbox & recommendations” that foresees strategic measures to foster a sustainable 5G suppliers and reduce long-term dependency? Other approaches to make things operational?
• Do the envisaged technical enablers for 6G introduce new opportunities and capabilities for innovative security controls?

Lunch   

Session 3: 1h30 

• Second keynote:  Keynote presentation (25min) with Q&A (5min) for context on second part. Industrial speaker candidate is being contacted at the time of submitting the workshop proposal from THALES representative (TBC) 

• Then three technical presentations from HEXA-X-II security and privacy enablers and research topics.
  • “Impact on architectural trends on 6G security” Presented by Pawani Porambage VTT (15’ +5’Q&A)
  • “Role of Physical Layer Security in 6G” by Bin Han RPTU (15’ +5’Q&A)
  • “Roadmap for Quantum safe 6G infrastructure” by Telefonica representative (15’ +5’Q&A)

Coffee break     

Session 4: 1h30 

• Three relevant technical presentations (60’) of the new phase-2 Stream B-01-04 (started in Jan’24). A 2-pages position paper shall be requested with slideset.
  • iTrust Presentation of key research topics – Shuaib Siddiqui – i2cat technical manager (15’ +5’Q&A)
  • SAFE-6G Presentation of key research topics – Speaker (TBC) (15’ +5’Q&A)
  • ROBUST6G Presentation of key research topics – EricssonTK (TBC) (15’ +5’Q&A)

Finally, the workshop will address collaboration opportunities and synergies (30’) among all SNS JU projects within 6G-IA SEC WG – discussion. These 7 projects support this workshop together with the SNS-JU Cybersecurity Working Group

We have identified key people for the Workshop Technical Programme Committee:

• Antonio Skarmeta – University of Murcia (co-chair of 6G IA SEC WG)
• Pascal Bisson – THALES  (co-chair of 6G IA SEC WG) 
• Orazio Toscano – Ericsson
• Josep Martrat – EVIDEN/ATOS 
• Antonio Pastor – Telefonica 
• Georgios Gardikis – Space Hellas
• George Xilouris – NCSR Demokritos 
• Jorge Bernal – University of Murcia
• Pawani Porambage – VTT
• Fabrizio Granelli – CNIT
• Bin Han – RPTU Kaiserslautern-Landau
• Hans D. Schotten – RPTU Kaiserslautern-Landau
• Panos Trakadas – NKUA

The promotion of the workshop will be supported through dissemination teams of 3 SNS proposer projects in Stream B-01-04  and Hexa-X-II project from stream B 01-05 that will work together to promote it in both EU R&D 6G and cybersecurity communities. 

The goal is to cross-fertilise the two communities and discuss common research roadmaps, priorities and standardisation opportunities. A special news entry will be in the SNS JU website and also promoted by these SNS website projects. In addition, special campaign in social networks (X and LinkedIn) from projects accounts to multiply the impact. 

The workshop will be announced and promoted via the already established communication channels of the participating projects, including web, twitter, Linkedin profiles and dissemination portals from Stream B-01-04 (phase1) 6G secure services and flagship B-01-05:

• HORSE
• PRIVATEER – https://www.privateer-project.eu/
• RIGOROUS – https://rigourous.eu/
• HEXA-X-II – https://hexa-x-ii.eu/

Website of the workshop: https://camad2024.ieee-camad.org/addressing-6g-cybersecurity-and-privacy-challenges

Website of the event: https://camad2024.ieee-camad.org/