Is there anything new on Security for 6G Networks?
Date, hour and room to be defined
Organisers
- Antonio Skarmeta (Univ. de Murcia, 6G-IA Security WG chair, ES)
- Dhouha Ayed (Thales, 6G-IA Security WG cochair, )
Motivation and Background
6G networks must be resilient to new attack vectors and should be trusted to deliver the envisioned 6G use cases across several trustworthiness aspects including security, privacy, reliability, resilience, and safety. Even though the mentioned five aspects are considered in the design phase, the trustworthiness of the mobile network system is mostly dependent on implementation and configuration which requires common practices to be followed as well as a consistent monitoring and assessment to enhance the trustworthiness.
This workshop is organized by 6G-IA Security Working Group and 9 SNS projects: 6GCLOUD, MARE, ELASTIC, NATWORK, ROBUST-6G, UNITY-6G, iTrust6G, ENSURE-6G, SAFE-6G. Their representatives in the event will be sharing their views, achievements, and lessons learnt from their respective projects and the last white papers produced by the 6G-IA Security WG in order to identify the key challenges of future networks in terms of security and what are the enablers and architectural approaches required by these challenges. A special focus will be put on advanced techniques and solution designed by the projects for the future 6G networks. (‘The organisers are committed to boost the dissemination of workshop conclusions and findings by bringing them into future activities that they organise on a regular basis.
The purpose of this session is to raise awareness of the panorama of solutions in 6G security and identify new trends, needs and evolution of the actual architecture to support the new challenges of the 6G, such as the role of AI in 6G security.
Additionally, this workshop will look for cooperation with other stakeholders at European level like ENISA; ECSO and others that are key to prepare for the identification of the 6G security challenges and the R&I activities to be undertaken, ensuring a full alignment with the European policy landscape and calling for security and resilience.
Structure
The workshop will be organized around a set of key thematic areas structured in 2 technical sessions of 1h30 each, with the participation of 9 projects not focusing in project description but technical challenges and solutions for 6G and one prominent keynote speaker, followed by final remarks and conclusion session.
Introduction / Welcome
(15 mins) Welcome, Setting Scene and short presentation of the Security WG white paper, Antonio Skarmeta, Chair 6G-IA Security WG
Keynote: (20 mins) Tentative: Towards 6G Security Marnix Dekker ENISA
Session 1: Towards Security (projects invited):
4 Projects (15 mins) each
iTrust6G
Title: Security Programmability for Policy Enforcement Assurance
Abstract: The sixth generation of mobile network is expected to be marked by the openness to new stakeholders to deliver more robust, result and efficient networking capabilities: The incorporation of new infrastructure in the telecom continuum will maximise the connectivity and network resilience while the incorporation of open source communities as network technology provider promises to improve the serviceability and the usages of the telecommunication network. However, from a security and trust management perspective, the diversification of assets to protect represents an important challenge as their technical properties (e.g. different interfaces) and individual operational requirements (e.g. availability requirement) require differentiated enforcement modalities. In the meantime, the adoption of technologies such as confidential computing – praised for their positive impact for legal compliance – has limited the introspection options for security & trust management to identify and cope this technical heterogeneity.
In response to this dire statement, we propose to enact collaboration between security management layer and resources needing protection. Via security programmability, iTrust6G security orchestration constitutes a security management layer by exposing technically agonistic interfaces of security controls in charge of hardening resources to protect against anticipated threat, and response dynamically to threaten occurrence. Guarantees over the protection capabilities are reached by the deployment security controls located close or in-situ of network functions ensures adaptability across diverse scenarios while reducing security overheads. The validation of this approach is addressed in a use case of iTrust6G project, entitled “Programmable security-as-a-service”.
INTACT, ENSURE-6G, ResilMesh
Title LLM-Enhanced Explainable Network Monitoring and CTI Reporting
A pentesting tool orchestrates LLM-guided attack campaigns (network, service, and LLM-app layer). It will be combined with:
AI-native Red–Blue Loop for 6G Security is an integrated security fabric that couples automated AI-driven penetration testing, telecom-focused cyber threat intelligence, and AI-based anomaly detection into a continuous protection cycle for 6G networks. The proposed framework embeds an LLM-guided “red team” and an explainable, adaptive “blue team” directly into the management and orchestration layers of future AI-native 6G architectures, enabling fast discovery, explanation, and mitigation of emerging threats in complex, softwarized infrastructures.
UNITY-6G
Title: Trust-as-a-Service in 6G Resource Management using DLT: Opportunities and Challenges
Abstract:
6G networks are inherently heterogeneous, integrating terrestrial and non-terrestrial networks, softwarized RAN and core, and slices spanning diverse verticals. In such a setting, the challenge is not only to allocate spectrum, compute, and transport efficiently, but to ensure that stakeholders can trust both the allocation decisions and the AI/ML mechanisms that drive them. Shared infrastructures, cross-operator slices, and dynamic capacity leasing make trust and trust management essential for 6G resource management. Building on unified architecture (converging Non-Terrestrial, Terrestrial and Non-Public Networks), this paper focuses on trustworthy resource management and explores decentralized trust, emphasizing transparency and automation through technologies such as Distributed Ledger Technology (DLT).
DLT-based trust management, reputation tracking, and tamper-evident control-plane events (e.g., OFFER, COMMIT, RELEASE etc) can allow allocation decisions and AI-driven actions to be audited. We argue that trustworthy resource allocation must be enforced consistently across several domains: (i) spectrum and RAN resources spanning TN/NTN; (ii) compute, storage, and transport in the edge–cloud continuum; (iii) service-based control functions and microservices (e.g., slice admission control, policy and charging functions, and exposure services); and (iv) multi-stakeholder, automated SLAs between providers and tenants (e.g., cross-operator capacity leasing, settlement, and penalty enforcement). We identify opportunities to embed trust in cross-domain slice admission and scaling, programmable resource marketplaces, SLA compliance monitoring, “trust-as-a-service” interfaces, and trusted model exchange for AI/ML-based optimization. At the same time, realizing this vision raises 6G challenges: increasing automation while limiting overhead, preserving confidentiality and model integrity, defining trust models that support standardization of inter-domain interfaces, and aligning on-chain incentives with off-chain AI optimizers. We position DLT-based trust management as a key component for resource management and AI/ML orchestration in 6G and outline the proposed principles to inform future architectures.
NATWORKS
Title: Net-Zero self-adaptive activation of distributed self-resilient augmented services
Abstract:
The Net-Zero framework consists of multiple innovations spanning across various network layers, such as: (i) Secure-by-design Federated Kubernetes Compatible Orchestrator (sFORK), as a cloud-native middleware platform that provides federated orchestration of 6G slices over multi-domain edge-cloud ecosystems; (ii) Wirespeed traffic analysis in the 5G transport network along with LLM-Enhanced Explainable Network Monitoring and CTI Reporting to aggregate multiple AI explainability techniques, facilitate alert management and exploit Cyber Threat Intel; (iii) An efficient and sustainable Moving Target Defense (MTD) framework that enhances the security of virtual network operator (VNO) resources across cloud-to-edge continuum via novel techniques such as container and VM migration; (iv) Mitigation of Web Assembly (WASM) module tampering at runtime to produce a modification of WASM runtime for the measurement of the WASM module; (v) AI-powered anti-jamming solutions based on modulation scheme identification and outlier detector that integrates both jamming detection and reaction (or countermeasures).
Session 2: New research area for 6G Security :
5 project (15 mins)
ROBUST-6G
Title: Cyber-physical threat detection and mitigation in 6G-enabled IoT environments: From use cases to security pillars
Abstract: The proposal with this workshop slot would be to address security challenges related to highly dynamic IoT ecosystems with high levels of vulnerability. It aims to address the new cyber-physical security challenges in 6G-enabled IoT environments through a representative use case focused on threat detection and mitigation. Three scenarios are considered: small and medium-sized office environments, smart buildings, and smart agriculture, highlighting their specific threat surfaces and operational limitations; three examples widely recognized as entry points for cyber attackers. This workshop provides a space to identify the key requirements for effectively addressing these threats, including real-time situational awareness, security-aware orchestration systems, and AI-based security mechanisms. It also proposes presenting holistic security solutions and analyzing their main characteristics, structured around fundamental security pillars such as trust, resilience, adaptability, and automation, with the aim of supporting secure and reliable 6G IoT implementations.
MARE
Title: Softwarizing security provisioning in 6G ecosystems
Abstract: The continuous evolution of the different baseline technologies building a 6G ecosystem, makes security provisioning to become more and more challenging. This assessment is supported by two key factors. The first, the advent of these technologies makes difficult to determine the real attack surface 6G systems must deal with. The second, systems heterogeneity, the disaggregation concept and the legacy 5G networks, are pushing for a software based approach. In this context an innovative strategy (defined within the MARE project) resides on proposing a specific 6G Security Plane (SP). This SP will be based on a set of Security Functions, dynamically composed leveraging a set of DOTs, as a set of security assets (under the “connecting the dots paradigm”), either proactively or reactively dealing with a predicted or detected incident respectively. The SF will be composed to specifically deal with any kind of attack on any network segment. Innovation: A novel dynamic and adaptive strategy for securing 6G systems based on the definition of a Security Plane.
6GCLOUD
Title: AI/ML support for secure and distributed computing in the Continuum
Abstract: IoT devices and the emergence of 6G in our daily lives are bringing new data-driven and increasingly autonomous scenarios. Next generation networks and the strength of the distributed computing paradigm (edge/cloud) are transforming how services are provisioned, mainly when solutions focus on collaboration and aggregation of resources provided by different entities or organisations, that becomes essential to satisfy the most demanding computation and storage service requirements. However, it also entails challenges such as infrastructure and technologies heterogeneity, which directly impacts infrastructure management and especially security, that usually tends to be relegated to a second place. In this talk we will describe the use an Intent based/policy-based orchestration paradigm for dealing with heterogeneity, allowing users to request service deployments securely without requiring knowledge about the underlying distributed infrastructure, and how the AI/ML framework as anew plane can support the dynamic management of the security in the 6G and the continuum
SAFE-6G
Title: AI-Enabled User-Centric Trustworthiness Provision
Abstract: The transition to sixth-generation (6G) mobile networks introduces a fully software-defined, cloud-native architecture spanning from central clouds to far-edge micro–data centers, delivering unprecedented flexibility but also enlarging the attack surface and elevating risks to confidentiality, integrity, and availability. Existing 5G security measures remain fragmented, addressing privacy, resilience, reliability, safety, and security in isolation and lacking a unified metric for end-to-end trust. This work introduces trustworthiness as a holistic, multidimensional metric that aggregates user-specified requirements across five pillars—Safety, Security, Privacy, Resilience, and Reliability—into a single Level of Trustworthiness (LoTw). We present a proof-of-concept AI-enabled Cognitive Coordinator that captures user intents via a natural-language chatbot and uses BERT-based regression heads to map them to LoTw, demonstrating a user-centric approach to trustworthiness provisioning and validating the feasibility of a unified Trustworthiness definition for future 6G systems.
ELASTIC
Title: Orchestration of confidential workload on edge-cloud continuum
The proposal for this workshop slot is to present how ELASTIC implements privacy-preserving architecture-agnostic efficient and secure execution environment using confidential computing and privacy-enhancing technologies. The architecture ensures secure and trustworthy services in the context of a programmable platform accessed by multi-stakeholders and tenants including vertical industries as users, and a secure host-neutral infrastructure where multiple infrastructure providers are involved in the deployment, hosting and orchestration of the network service. The solution enables lightweight and secure FaaS orchestration by leveraging an efficient usage of Wasm-isolated containers with fast deployment and booting time and low bandwidth requirements.
(10 mins) Concluding Remarks
Dhouha Ayed, 6G-IA Security WG co-chair
