Analysis of Feasible Solutions for Railway 5G Network Security Assessment

doi:10.12142/ZTECOM.202503007

ZTE Communications ›› 2025, Vol. 23 ›› Issue (3): 59-70.DOI: 10.12142/ZTECOM.202503007

• Review • Previous Articles Next Articles

Analysis of Feasible Solutions for Railway 5G Network Security Assessment

XU Hang¹(), SUN Bin¹, DING Jianwen¹, WANG Wei²

^1.Beijing Jiaotong University, Beijing 100044, China
^2.ZTE Corporation, Shenzhen 518057, China

Received:2024-01-26 Online:2025-09-25 Published:2025-09-11
About author:XU Hang (22125067@bjtu.edu.cn) received his BE degree in communication engineering from China University of Petroleum in 2022. He is currently working toward a master's degree at the State Key Laboratory of Rail Traffic Control and Safety, Beijing Jiaotong University, China. His research interests include network security and 5G-R.
SUN Bin received his BS and MS degrees in electronic engineering from Beijing Jiaotong University, China in 2004 and 2007, respectively. From 2007 to 2015, he served as an R&D manager with Beijing Liujie Technology Co., Ltd. He is currently an assistant researcher with the School of Electronic and Information Engineering, Beijing Jiaotong University. His main research interest is the interconnection and interworking of the core network for dedicated railway mobile communication systems.
DING Jianwen received his BS and MS degrees from Beijing Jiaotong University, China in 2002 and 2005, respectively. He is currently a professor of engineering with the School of Electronic and Information Engineering, Beijing Jiaotong University. He received the second prize for progress in science and technology from the Chinese Railway Society. His research interests include broadband mobile communications and personal communications, dedicated mobile communication systems for railway, and safety communication technology for train control systems.
WANG Wei is the LTE-R technical director and a railway wireless communication system expert at ZTE Corporation, with rich experience in the GSM-R system design. He has a deep understanding of GSM-R and LTE-R and has undertaken several major railway-related projects on wireless communication systems.
Supported by:
the Fundamental Research Funds for the Central Universities(2025JBXT010);NSFC(62171021);the Project of China State Railway Group(N2024B004);ZTE Industry?University?Institute Cooperation Funds(l23L00010)

Abstract

Abstract:

The Fifth Generation of Mobile Communications for Railways (5G-R) brings significant opportunities for the rail industry. However, alongside the potential and benefits of the railway 5G network are complex security challenges. Ensuring the security and reliability of railway 5G networks is therefore essential. This paper presents a detailed examination of security assessment techniques for railway 5G networks, focusing on addressing the unique security challenges in this field. In this paper, various security requirements in railway 5G networks are analyzed, and specific processes and methods for conducting comprehensive security risk assessments are presented. This study provides a framework for securing railway 5G network development and ensuring its long-term sustainability.

Key words: railway 5G network, 5G-R, information security, risk assessment, penetration testing

XU Hang, SUN Bin, DING Jianwen, WANG Wei. Analysis of Feasible Solutions for Railway 5G Network Security Assessment[J]. ZTE Communications, 2025, 23(3): 59-70.

Figures/Tables 7

References 16

[1]	ZHONG Z D, GUAN K, CHEN W, et al. Challenges and perspective of new generation of railway mobile communications [J]. ZTE technology journal, 2021, 27(4): 44–50. DOI: 10.12142/ZTETJ.202104009
[2]	China National Railway Group. General technical requirements for railway 5G private mobile communication (5G-R) system (preliminary): TJ/DW 246-2022 [S]. China National Railway Group, 2022
[3]	3GPP. Security architecture and procedures for 5G system release 15 (V15.3.1): 3GPP TS 33.501 [S]. 3rd Generation Partnership Project, 2018
[4]	GUO Y M, ZHANG Y. Study on core network security enhancement strategies in 5G private networks [C]//Proc. IEEE 21st International Conference on Communication Technology (ICCT). IEEE, 2021: 887–891. DOI: 10.1109/icct52962.2021.9657934
[5]	LI P Y, LIU J W. Security architecture and key technologies for super SIM-based 5G End-Cloud System [J]. ZTE technology journal, 2023, 27(1): 13–19. DOI:10.12142/ZTETJ.202301004
[6]	SURESHSAH R T, BALASUBRAMANIAM M, DAS D. Novel 5G and B5G network architecture and protocol for multi SIM devices [C]//Proc. IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT). IEEE, 2021: 1–6. DOI: 10.1109/conecct52877.2021.9622360
[7]	ZHANG X Q, HE Y M. Information security management based on risk assessment and analysis [C]//Proc. 7th International Conference on Information Science and Control Engineering (ICISCE). IEEE, 2020: 749–752. DOI: 10.1109/ICISCE50968.2020.00159
[8]	ALIMZHANOVA Z, TLEUBERGEN A, ZHUNUSBAYEVA S, et al. Comparative analysis of risk assessment during an enterprise information security audit [C]//Proc. International Conference on Smart Information Systems and Technologies (SIST). IEEE, 2022: 1–6. DOI: 10.1109/SIST54437.2022.9945804
[9]	WEI L, ZHA X, DAI F F. Network security interoperability towards cloud-network convergence [J]. ZTE technology journal, 2023, 27(1):7–12. DOI:10.12142/ZTETJ.202301003
[10]	SZARVÁK A, PÓSER V. Review the progress of threat and risk assessment on 5G network [C]//Proc. IEEE 20th Jubilee World Symposium on Applied Machine Intelligence and Informatics (SAMI). IEEE, 2022: 353–358. DOI: 10.1109/SAMI54271.2022.9780829
[11]	KANG H Y, XIAO Y H, YIN J. An intelligent detection method of personal privacy disclosure for social networks [J]. Security and communication networks, 2021: 5518220. DOI: 10.1155/2021/5518220
[12]	PATEL K. A survey on vulnerability assessment & penetration testing for secure communication [C]//Proc. 3rd International Conference on Trends in Electronics and Informatics (ICOEI). IEEE, 2019: 320–325. DOI: 10.1109/icoei.2019.8862767
[13]	XIE X Q, YU X G, YU Y X, et al. Penetration test framework and method of 5G cyber security [J]. Journal of information security research, 2021, 7(9): 795–801
[14]	SARIKONDA M, SHANMUGASUNDARAM R. Validation of firmware security using fuzzing and penetration methodologies [C]//Proc. IEEE North Karnataka Subsection Flagship International Conference (NKCon). IEEE, 2022: 1–5. DOI: 10.1109/NKCon56289.2022.10126524
[15]	SHARMA D, KHAN O, MANCHANDA N. Detection of ARP spoofing: a command line execution method [C]//Proc. International Conference on Computing for Sustainable Global Development (INDIACom). IEEE, 2014: 861–864. DOI: 10.1109/IndiaCom.2014.6828085
[16]	YU X G, LI Y H, QIU Q. 5G security: a cybersecurity treasure trove for the age of digital intelligence (in Chinese) [M]. Beijing: Publishing House of Electronics Industry, 2023

Aspect	5G‑R Network	Railway 5G PNI‑NPN
Construction department	Railway Department	Operators
Carried services	Critical services such as operational safety, running, and service tasks	Non-critical services like passenger communication services and general data transmission
Network frequency band	Independent frequency band for railways	Shared operator frequency bands
Network architecture	Closed, independent network architecture specific to railways	Public 5G network architecture
Performance requirements	High reliability, low latency, high speed, and high security	General performance requirements

Aspect	5G‑R Network	Railway 5G PNI‑NPN
Construction department	Railway Department	Operators
Carried services	Critical services such as operational safety, running, and service tasks	Non-critical services like passenger communication services and general data transmission
Network frequency band	Independent frequency band for railways	Shared operator frequency bands
Network architecture	Closed, independent network architecture specific to railways	Public 5G network architecture
Performance requirements	High reliability, low latency, high speed, and high security	General performance requirements

Security Aspects	5G‑R Network	Railway 5G PNI‑NPN
Privacy protection	Industry-tailored privacy protection	Customer data privacy enforcement
Network isolation	Granular network segmentation	Service-level isolation enforcement
Security auditing	Strict audit and monitoring protocols	Comprehensive periodic audits
Reliability	Railway-operation-specific reliability	High-availability service maintenance
Attack protection	Industry-specific threat mitigation	Specific railway attack prevention
Data encryption	Mandatory strong encryption standards	End-to-end data encryption implementation
Updates & patches	Frequent security patch deployment	Timely critical update application

Security Aspects	5G‑R Network	Railway 5G PNI‑NPN
Privacy protection	Industry-tailored privacy protection	Customer data privacy enforcement
Network isolation	Granular network segmentation	Service-level isolation enforcement
Security auditing	Strict audit and monitoring protocols	Comprehensive periodic audits
Reliability	Railway-operation-specific reliability	High-availability service maintenance
Attack protection	Industry-specific threat mitigation	Specific railway attack prevention
Data encryption	Mandatory strong encryption standards	End-to-end data encryption implementation
Updates & patches	Frequent security patch deployment	Timely critical update application

Aspect	5G‑R network	Railway 5G PNI‑NPN
Focus of evaluation	Internal network structure, terminal equipment vulnerabilities, and internal threat prevention	External boundary defence, external connection protection, and boundary security
Assets and devices	Critical railway communication equipment and internal network critical components	Railway-specific equipment and public network critical components
Security measures	Internal network isolation, access control, and internal encryption	Firewall, intrusion detection, and external encryption
Vulnerability identification	Internal vulnerability scanning, risk assessment, and internal penetration testing	External defence strategy assessment and simulated attack testing
Network interconnectivity	Internal communication security, private network isolation, and internal data transmission protection	External connection security, data transmission encryption, and external communication reinforcement
Threat focus	Internal threats and leakage risks, internal access control, and internal permissions management	External attacks and threat prevention; integrity protection of external communication data
Testing focus	Terminal equipment vulnerabilities, core network vulnerabilities, and access network weaknesses	Effectiveness of external defence strategy, network boundary stability, and external security vulnerabilities

Analysis of Feasible Solutions for Railway 5G Network Security Assessment

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 16

Related Articles 1

Recommended Articles

Metrics