REDHAWK for VITA 49 Development in Open Radio Access Networks

Theodore Phillip Banaszak (9720671)

16 December 2020

This thesis establishes the need for a standardized, interoperable, front end interface to support the development of open RAN technologies, and establishes the viability and desirability of the VITA 49 interface standard as the alternative to other interface technologies. The purpose of this work is to propose a testbed platform for the further development for VITA 49 as a standard frontend interface as other current testbeds are not designed not as well suited to the VITA 49 standard or open RAN architecture. The VITA 49 interface standard provides a packetized interface between the front-end and the digital back-end of a split architecture system in a way that enables hardware interoperability between and within vendor supplies. The VITA 49 Radio Transport standard is ideally appropriate for integration into SDRs [12] due to its flexibility and metadata support. The REDHAWK platform is an integrated development environment which is used to develop a radio system that utilizes a remote radio unit to send and receive signals which transmits it using the VITA 49 protocol to the base band unit for processing. It was found that REDHAWK is better than GNURadio for this purpose, and that VRT technology is a much better than the current CPRI Standard as it provides an open standard, that enables a flexible, scalable interface that enables long-term growth.

Wireless Communications

wireless

redhawk

vita 49

open ran

o-ran

vrt

AI-Enabled and Integrated Sensing-Based Beam Management Strategies in Open RAN

Dantas, Ycaro

23 August 2023

The growing adoption of millimeter wave (mmWave) turns efficient beamforming and beam management procedures into key enablers for 5th Generation (5G) and Beyond 5G (B5G) mobile networks. Recent research has sought to optimize beam management in modern Radio Access Network (RAN) architectures, where open, virtualized, disaggregated and multi-vendor environments are considered, and management platforms allow the use of Artificial Intelligence (AI) and Machine Learning (ML)-based solutions. Moreover, beam management represents some fundamental use cases defined by Open RAN Alliance (O-RAN). This work analyses beam management strategies in Open RAN and proposes solutions for codebook-based mmWave systems inspired by two use cases from O-RAN: the Grid of Beams (GoB) Optimization and the AI/ML-assisted Beam Selection. For the GoB Optimization use case, a scenario subject to constraints on the use of the full GoB due to overhead during beam selection is considered. An Advantage Actor Critic (A2C) learning-based framework is proposed to optimize the GoB, as well as the transmission power in a mmWave network. The proposed technique improves Energy Efficiency (EE) and ensures fair coverage is maintained. The simulations show that A2C-based joint optimization of GoB and transmission power is more effective than using Equally Spaced Beams (ESB) and fixed power, or the optimization of GoB and transmission power disjointly. Compared to the ESB and fixed transmission power strategy, the proposed approach achieves more than twice the average EE in the scenarios under test, and it is closer to the maximum theoretical EE. In the case of the AI/ML-assisted Beam Selection use case, the overhead during beam selection is addressed by a multi-modal sensing-aided ML-based method. When using sensing information sources external to the RAN in a multi-vendor disaggregated environment, such methods must account for privacy and data ownership issues. A Distributed Machine Learning (DML) strategy based on Split Learning (SL) is proposed to this end. The solution can cope with deployment challenges in novel RAN architectures and is applied to single and multi-level beam selection decisions, where the latter considers hierarchical codebook structures. With the proposed approach, accuracy levels above 90% can be achieved, while overhead decreases by 85% or more. SL achieves performance comparable to the centralized learning-based strategies, with the added value of accounting for privacy and data ownership issues.

beamforming

beam management

o-ran

open ran

integrated sensing

machine learning

reinforcement learning

distributed learning

Detection of Denial of Service Attacks on the Open Radio Access Network Intelligent Controller through the E2 Interface

Radhakrishnan, Vikas Krishnan

03 July 2023

Open Radio Access Networks (Open RANs) enable flexible cellular network deployments by adopting open-source software and white-box hardware to build reference architectures customizable to innovative target use cases. The Open Radio Access Network (O-RAN) Alliance defines specifications introducing new Radio Access Network (RAN) Intelligent Controller (RIC) functions that leverage open interfaces between disaggregated RAN elements to provide precise RAN control and monitoring capabilities using applications called xApps and rApps. Multiple xApps targeting novel use cases have been developed by the O-RAN Software Community (OSC) and incubated on the Near-Real-Time RIC (Near-RT RIC) platform. However, the Near-RT RIC has, so far, been demonstrated to support only a single xApp capable of controlling the RAN elements. This work studies the scalability of the OSC Near-RT RIC to support simultaneous control signaling by multiple xApps targeting the RAN element. We particularly analyze its internal message routing mechanism and experimentally expose the design limitations of the OSC Near-RT RIC in supporting simultaneous xApp control. To this end, we extend an existing open-source RAN slicing xApp and prototype a slice-aware User Equipment (UE) admission control xApp implementing the RAN Control E2 Service Model (E2SM) to demonstrate a multi-xApp control signaling use case and assess the control routing capability of the Near-RT RIC through an end-to-end O-RAN experiment using the OSC Near-RT RIC platform and an open-source Software Defined Radio (SDR) stack. We also propose and implement a tag-based message routing strategy for disambiguating multiple xApps to enable simultaneous xApp control. Our experimental results prove that our routing strategy ensures 100% delivery of control messages between multiple xApps and E2 Nodes while guaranteeing control scalability and xApp non-repudiation. Using the improved Near-RT RIC platform, we assess the security posture and resiliency of the OSC Near-RT RIC in the event of volumetric application layer Denial of Service (DoS) attacks exploiting the E2 interface and the E2 Application Protocol (E2AP). We design a DoS attack agent capable of orchestrating a signaling storm attack and a high-intensity resource exhaustion DoS attack on the Near-RT RIC platform components. Additionally, we develop a latency monitoring xApp solution to detect application layer signaling storm attacks. The experimental results indicate that signaling storm attacks targeting the E2 Terminator on the Near-RT RIC cause control loop violations over the E2 interface affecting service delivery and optimization for benign E2 Nodes. We also observe that a high-intensity E2 Setup DoS attack results in unbridled memory resource consumption leading to service interruption and application crash. Our results also show that the E2 interface at the Near-RT RIC is vulnerable to volumetric application layer DoS attacks, and robust monitoring, load-balancing, and DoS mitigation strategies must be incorporated to guarantee resiliency and high reliability of the Near-RT RIC. / Master of Science / Telecommunication networks need sophisticated controllers to support novel use cases and applications. Cellular base stations can be managed and optimized for better user experience through an intelligent radio controller called the Near-Real-Time Radio Access Network (RAN) Intelligent Controller (RIC) (Near-RT RIC), defined by the Open Radio Access Network (O-RAN) Alliance. This controller supports simultaneous connections to multiple base stations through the E2 interface and allows simple radio applications called xApps to control the behavior of those base stations. In this research work, we study the performance and behavior of the Near-RT RIC when a malicious or compromised base station tries to overwhelm the controller through a Denial of Service (DoS) attack. We develop a solution to determine the application layer communication delay between the controller and the base station to detect potential attacks trying to compromise the functionality and availability of the controller. To implement this solution, we also upgrade the controller to support multiple radio applications to interact and control one or more base stations simultaneously. Through the developed solution, we prove that the O-RAN Software Community (OSC) Near-RT RIC is highly vulnerable to DoS attacks from malicious base stations targeting the controller over the E2 interface.

srsRAN

Denial of Service

Open Source

Radio Access Network

Open RAN

RAN Control

Kubernetes

SCTP

USRP

SDR

UE

4G

LTE

5G

eNB

gNB

EPC