Huawei cleared to provide equipment for UK 5G
The UK government has reached a final decision permitting Huawei and other “high risk vendors” to participate in the nation’s 5G rollouts, albeit at a limited capacity.
Based on a comprehensive review from the National Cyber Security Centre, the government has introduced a new security regime for 5G networks and other critical infrastructure.
Under the new regime, companies classified as high-risk vendors will be excluded from providing equipment for all safety-related and safety-critical aspects of critical national infrastructure such as 5G networks, and from security-critical network functions.
These vendors will be allowed to provide equipment for “other network functions”, but only up to a cap of 35%.
To use the terms most commonly used in the controversy over Huawei’s involvement in national 5G networks, this means Huawei will be excluded from providing equipment for the 5G network core, but will be able to provide equipment for the radio access network (RAN).
The US and Australian governments have banned Huawei from participating in their respective nations’ 5G rollouts using the justification that the architecture of 5G networks means there is no longer a meaningful enough distinction between the core and edge components of a 5G network.
But in a blog post, NCSC Technical Director Dr Ian Levy said while the distinction between the 5G edge and core is less clear, the agency can and has delineated the sensitive network functions that high-risk vendors should be excluded from.
The NCSC has meanwhile justified the 35% cap as being necessary to “properly balance ... two different security and resilience risks; the first being the risk associated with HRVs, the second being the need for a diversity of supply in the market”.
But reports suggest that the decision could be an attempt at a compromise position aimed at placating the US, which has been pushing its allies to ban Huawei outright from 5G deployments, while still allowing Huawei a limited role in the rollouts.
On Twitter, former US Speaker of the House of Representative Newt Gingrich nevertheless called the UK government’s decision “a major defeat for the United Statees [sic]”.
“How big does Huawei have to get and how many countries have to sign with Huawei for the US government to realise we are losing the internet to China? This is becoming an enormous strategic defeat,” he said.
Huawei by contrast has welcomed the decision despite the cap on participation. In a statement, Huawei Australia Director of Corporate and Public Affairs said the decision supports the company’s repeated arguments that former Prime Minister Malcolm Turnbull’s decision to exclude Huawei from Australian 5G rollouts was based on incorrect advice.
“This decision by the UK government proves beyond doubt that there is a way to manage security on 5G networks without excluding vendors simply for being from a certain country,” he said.
“It also demonstrates that the Turnbull government was given incorrect advice that the Core and Radio networks cannot be separated on 5G — that is completely incorrect as the UK operators are now doing it in the real world.”
Mitchell said the UK government’s decision will allow the nation’s operators to deploy 5G faster at a lower cost.
“By comparison, here in Australia we will all be paying more for inferior 5G technology and millions will wait much longer to get 5G or miss out altogether — especially in rural and regional Australia.”
The decision does not change Huawei’s classification — NCSC has always considered Huawei to be a high-risk vendor. But foreign Secretary Dominic Raab told the UK House of Commons that in making the decision, the GCHQ’s National Cyber Security Centre has conducted the most detailed study of the security precautions needed to protect 5G anywhere in the world.
“And it is also because of the work of the Huawei Cyber Security Evaluation Centre Oversight Board, established by NCSC, that we know more about Huawei, and the risks it poses, than any other country in the world,” he said.
Accordingly, the government has decided against the need for a complete ban.
The NCSC’s guidance also includes a number of other limitations on high-risk vendors, such as advising operators not to use more than one such vendor in any given network.
Besides the new limitations on high-risk vendors, the government’s new 5G security regime introduces new Telecoms Security Guidance for the industry to follow. This guidance will “at the earliest opportunity” be augmented with the introduction of a legislative regime that will be overseen by UK telecoms regulator Ofcom, Raab said.
The government has also committed to a three-pronged strategy aimed at diversifying the telecommunications supply chain, he added.
This strategy will involve seeking to entice established vendors to expand to the UK market, supporting the emergence of new market entrants, and promoting the adoption of open, interoperable standards that will reduce barriers to entry.
Ericsson's latest Mobility Report forecasts that total 5G connections will grow to 4.4bn by...
In a digitally dependent world where you can order anything from a pizza to a car online, poor...
Australian enterprise is investing heavily into mobile technology and security, but new research...