Disaggregated and open radio access network (O-RAN) architectures offer benefits such as enhanced interoperability, improved coordination between nodes, and cost reduction. However, they also introduce new security challenges related to open interfaces and distributed control mechanisms. This work focuses on analysing vulnerabilities of SCTP, one most widespread solutions in these interfaces, which facilitates communication with RAN Intelligent Controllers (RIC). The analysis addresses two specific attacks: denial of service and identity spoofing. Both have been implemented and experimentally validated on the FlexRIC platform within the O-RAN architecture framework, going beyond the predominantly theoretical approaches found in the literature. Based on these experiments, we critically evaluate various security solutions proposed for SCTP. While some of these solutions offer partial mitigation capabilities, they also present structural, operational, and compatibility limitations that affect their overall effectiveness. These findings underscore the need to adopt more efficient transport protocols, capable of natively integrating adequate security features for O-RAN environments.
Choque et al. (Mon,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: