The new mobile communications standard 6G is expected to be launched on the market around 2030. 6G networks should be an improvement on the existing 5G networks, not only due to their exceptional performance and sustainability, but also because of their trustworthiness. To ensure that Europe plays a decisive role in the development and introduction of technical standards for 6G, thereby securing its sovereignty in this key technological field, a total of 29 companies and research institutions are now cooperating as part of the "6G-ANNA" research project run by the German Federal Ministry of Education and Research (BMBF). The Fraunhofer Institute for Applied and Integrated Security AISEC is contributing its cybersecurity expertise in the fields of 'Confidential Computing' and 'Code Analysis'. On the one hand, the aim is to design the overall IT system as a zero-trust architecture and, on the other hand, to detect and correct faulty codes as early as in the development stage. The "6G-ANNA" project has a budget of €38.4 million and runs until mid-2025.

6G continues a technological trend that started with the 5G mobile communications standard: Mobile network functionality is being increasingly implemented as freely available software running on virtualized hardware made available via cloud computing. Mobile-specific hardware components and proprietary software, however, are in decline. One example is the Radio Access Network (RAN). Here, antennas capture the mobile radio signals and convert them into digital data packets for further processing. 

The switch to open software components provides flexibility and saves on costly hardware. At the same time, a complex, distributed and virtualized IT system is created that needs to be protected from attacks and made trustworthy. In the project "6G-Access, Network of Networks, Automation & Simplification (6G-ANNA)", funded by the German Federal Ministry of Education and Research (BMBF), Fraunhofer AISEC is refining methods and approaches from cybersecurity research. 

Confidential computing for zero-trust architectures

One priority in AISEC’s research is the topic of 'confidential computing'. The expression is used to describe technologies that ensure the confidentiality and integrity of data when they are transmitted, processed and stored. This includes, among other things, what is known as 'remote attestation' for assessing the integrity of virtual machines. This ensures that only authentic software is used and that proof of the integrity of the virtual machines is provided. Data are only exchanged after integrity has been successfully attested.

Among other things, "GyroidOS", a secure solution for container virtualization that runs on virtualized hardware and virtualized operating systems, is used. Container virtualization uses internal operating system functions to run applications on the same host system in isolation from each other. "GyroidOS" protects the integrity and authenticity of the data in the container using the appropriate functions of the operating system. In addition, confidentiality of data is ensured at the container boundaries. "In this way, we are introducing ‘Confidential Computing’ into future 6G architectures," says Sascha Wessel, Head of the Secure Operating Systems Department at Fraunhofer AISEC. 

Automated code analysis for network software

Secure communication, encryption, compliance and certification of software are governed by the regulations of the relevant authorities and institutions — in Germany, for example, the requirements of the Technical Guideline TR-02102-1 [BSI-22] of the German Federal Office for Information Security (BSI) regarding encryption. Fraunhofer AISEC’s code analysis tool "Codyze" checks whether these requirements are met. The benefit: Automated security checks carried out during development shorten development cycles. "In ‘6G-ANNA’, we are refining ‘Codyze’ and expanding it for 6G," says Christian Banse, Head of the Service and Application Security Department at Fraunhofer AISEC. "Codyze" is to be expanded to include further fields of application beyond secure encryption. "This will see ‘Codyze’ become a static code analysis tool for compliance with relevant standards and guidelines of software components in 6G networks," says Banse. In addition, "Codyze" is to be extended alongside C++ and Java for the analysis of other programming languages that are used to write software components for 6G networks.

Higher data rates, faster response times and improved location accuracy 

The new mobile communications generation 6G promises higher data rates, faster response times and improved location accuracy. This makes it appealing for specific applications such as the remote-controlled use of robots or autonomous driving, but also for simplifying interaction between humans and technology in general.

Click here for more information about 6G-ANNA: 

Website of the Federal Ministry of Education and Research concerning 6G-ANNA (in German)

Website of the Secure Operating System department 

Website of the Service and Application Security department