BSI launches certification program for 5G components

On July 1, the German Federal Office for Information Security (BSI) launched a new type of certification program for 5G components, aimed primarily at network equipment suppliers such as Huawei, Ericsson and Nokia. This enables equipment suppliers to have the security of their 5G products independently verified. Huawei and Ericsson are showing interest.

More security in the 5G network

The new certification program for 5G components operates under the Network Equipment Security Assurance Scheme Cybersecurity Certification Scheme – German Implementation (NESAS CCS-GI) scheme and is primarily aimed at network equipment suppliers such as Huawei, Ericsson and Nokia, explains the BSI.

As a result, they are able to have the IT security properties of their 5G products independently verified, thus fulfilling the certification requirement contained in the Telecommunications Act (TKG), which applies to all critical components in 5G networks.

“The certification enables a fast and reliable IT security statement for the tested products. This directly benefits users and increases cyber security in Germany,” says BSI President Arne Schönbohm.

Through the new evaluation scheme and the assistance of international bodies, the certification of components takes place not only at the national level, but also at globally active manufacturers.

Huawei and Ericsson show enthusiasm

Two of the largest equipment suppliers for 5G networks, Huawei and Ericsson have already commented positively on the new certification program. Ericsson is already in dialogue with the BSI and customers using its own network infrastructure and is already reviewing the requirements, Ericsson spokesman Martin Ostermeier is quoted as saying by Golem.de.

The standardization of the technology and the additional security that comes with it is important to the Swedish company and they “always meet requirements of national regulators”, Ostermeier added.

Patrick Berger, spokesman for Huawei Germany, also welcomes the BSI’s announcement. The company has supported NESAS as a global approach of the GSMA and 3GPP for years and sees the new certification guidelines as an essential component for greater cyber security.

It is now in talks with the relevant authorities and the respective mobile operators to clarify its own involvement in the implementation for the German market.

• Faster on the 5G network: Vodafone Giga 5G+ with more speed

Nokia Germany, on the other hand, have not yet answered Golem.de’s inquiry. ZTE no longer even has a direct contact for media, he said. The national scheme also serves as a model for a future European certification scheme under the Regulation (EU) 2019/881, the so-called Cybersecurity Act (CSA).