5G-Advanced (3GPP Release 18) architectural changes include multi-access edge computing (MEC) architectural changes, network automation, and non-public networks (NPNs). It is important to note that even though these advancements provide substantial performance advantages, they destroy fixed-perimeter security models, providing a distributed attack surface. The use of current security assessment strategies, which are usually non-fluid and isolated, is inadequate to offer the required runtime security health assurance needed in such fluid environments. This study presents a new security assurance framework (SAF) that would be used to provide ongoing evidence-based protection on core, edge, and private network domains. This framework employs a four-layer architecture, including monitoring, analytics (LM), policy engine, and enforcement, to convert security periodically audited to a dynamic threat-control-metric evidence chain. A 96% attack detection rate and a 99.8% reduction in response time (with a mean of 20.1 s) are proven by validation on an emulated 5G-Advanced testbed (approximating Release 18 features using Open5GS (v2.7.2 Rel-17, community developed, Seoul, Republic of Korea and custom extensions) based on a design science research (DSR) paradigm. Although the overhead (13% CPU, 21.4% memory) is manageable, the findings prove that all-time, multi-domain assurance is crucial to the healthy functioning of 5G-Advanced and is a key roadmap to autonomous 6G security.
Egho-Promise et al. (Thu,) studied this question.