GSMA’s Network Equipment Security Assurance Scheme (NESAS) has given a pass mark to Huawei’s 5G wireless and core network equipment, LTE eNodeB.
For Huawei, the positive rating makes it a practical choice for the industry and an important consideration for all regional markets, to jointly promote the development of a more aligned mobile communications market.
NESAS is a standardized cybersecurity assessment mechanism jointly defined by GSMA and 3GPP, together with major global operators, vendors, industry partners and regulators. It provides an industry-wide security assurance framework to facilitate improvements in security levels across the mobile industry.
It is a voluntary scheme through which network equipment vendors subject their product development and lifecycle processes to a comprehensive security audit against the currently active NESAS release and its security requirements.
“Huawei has always focused on technology-driven cybersecurity. We welcome NESAS with full support and collaboration. We also invite the entire industry to jointly promote the development of a more aligned mobile communications market,” said Devin Duan, Head of 5G E2E, Headed.
The company also said it views cybersecurity assurance as a shared goal with customers, supervisory authorities, and other stakeholders. With more of the global population going digital, the premium placed on trust has grown over time.
Trust, Huawei says, must be based on verifiable facts, which should, in turn, be based on shared standards. GSMA NESAS, which is widely accepted in the industry, ensures that the relevant equipment meets the Scheme’s 5G network security and reliability requirements.
The integrated assessment process avoids fragmented assessments and their resulting costs while improving the transparency of security protection levels in the industry through visual and measurable results. NESAS covers 20 assessment categories, defining security requirements and an assessment framework for 5G product development and product lifecycle processes. Additionally, it uses security test cases defined by 3GPP to assess the security of network equipment.