Innovative Coexistence: Design and Analysis of Underlay Signaling in 5G New Radio

Bondada, Kumar Sai

24 October 2023

Underlay signaling is a robust physical layer technique, allowing for transmitting a very low power signal in conjunction with the primary signals across the entire frequency band of the primary signals. The secondary users of the secondary network (i.e., a wireless network consisting of primary and secondary networks) primarily utilize the underlay, which increases spectral efficiency and improves the network capacity. This thesis focuses on underlay signaling in the context of the cellular (primary) network, where the underlay is an auxiliary channel made available to the primary users and the network, that is, the base stations and users of the cellular network. The current fifth-generation (5G) cellular networks are constructed using Orthogonal Frequency Division Multiplexing (OFDM) modulation. Hence, this thesis delves into the study of underlay coexistence with OFDM, specifically 5G, by performing extensive simulations and analytical analysis and investigating the impact of underlay signaling on the throughput performance of 5G networks. We develop the underlay signaling based on the frequency-domain spread spectrum and add the underlay signal prior to the Inverse Fast Fourier Transform (IFFT) operation of OFDM. Furthermore, we present a real 5G setup built on the srsRAN project, where we showcase a proof-of-concept demonstration of underlay coexistence with the 5G over the air, where the 5G base station transmits both 5G NR and underlay signal simultaneously. Through our research, we conclusively demonstrate that a low-data rate underlay signal can be successfully transmitted alongside the existing 5G signal. Our study concludes by carefully selecting the appropriate design parameters, such as the signal-to-interference power level (5G power in relation to underlay), spreading factor, and coding gain at which we can reliably detect and decode underlay signals having no impact on the 5G performance. The integration of underlay in 5G brings forth a multitude of benefits using underlay for military and tactical applications, massive Machine Type Communications (mMTC) alongside Ultra-Reliable Low Latency Communications (URLLC), and the offloading of crucial control information of 5G to the underlay channel. Thus, this underlay operates as a low-data rate error-free conduit, with the potential to provide Low Probability of Interception (LPI) and Low Probability of Detection (LPD) attributes and heightened reliability while concurrently transmitting with the 5G NR, bolstering the overall effectiveness of the communication. / Master of Science / Underlay signaling is a technique that allows for transmitting a low-power signal alongside the primary signals, occupying the entire frequency band of the primary signals. The secondary users of the secondary network (i.e., a wireless network consisting of primary and secondary networks) primarily utilize the underlay, which increases spectral efficiency and improves the network capacity. This thesis focuses on underlay signaling in the context of cellular (primary) networks where the underlay is an auxiliary channel made available to the primary users and network, that is, the base stations and users of the cellular network. The current fifth-generation (5G) cellular networks are constructed using Orthogonal Frequency Division Multiplexing (OFDM) modulation. OFDM is a multicarrier modulation scheme that divides the available frequency band into multiple narrow subcarriers, each carrying a portion of the data. The key advantage of OFDM is its ability to combat frequency-selective fading, where different frequencies experience different levels of fading and interference. By using many closely spaced sub-carriers, OFDM can effectively mitigate the impact of fading, allowing for robust and reliable communication even in challenging channel conditions. Thus, this thesis investigates the co-existence of underlay signaling and OFDM in 5G. We develop the underlay signaling based on the frequency-domain spread spectrum. Extensive simulations and analytical analysis are performed to understand the impact of underlay signaling on OFDM performance in terms of bit error rates and throughput. Additionally, a real 5G setup is presented, demonstrating a proof-of-concept of underlay co-existence with 5G NR, where the 5G base station transmits both 5G NR and underlay signal simultaneously. Through the research, it is conclusively demonstrated that a low-data rate error-free underlay signal can be successfully transmitted alongside the existing 5G signal. The integration of underlay in 5G brings forth a multitude of benefits using underlay for military and tactical applications, massive Machine Type Communications (mMTC) alongside Ultra-Reliable Low Latency Communications (URLLC), and the offloading of crucial control information of 5G to the underlay channel. Thus, this underlay operates as a low-data rate error-free conduit, characterized by its low interception and low detection attributes, enhancing reliability while concurrently transmitting with 5G NR, bolstering the overall effectiveness of the communication.

Underlay Signalling

5G New Radio

Spreading

srsRAN Project

Detection of Denial of Service Attacks on the Open Radio Access Network Intelligent Controller through the E2 Interface

Radhakrishnan, Vikas Krishnan

03 July 2023

Open Radio Access Networks (Open RANs) enable flexible cellular network deployments by adopting open-source software and white-box hardware to build reference architectures customizable to innovative target use cases. The Open Radio Access Network (O-RAN) Alliance defines specifications introducing new Radio Access Network (RAN) Intelligent Controller (RIC) functions that leverage open interfaces between disaggregated RAN elements to provide precise RAN control and monitoring capabilities using applications called xApps and rApps. Multiple xApps targeting novel use cases have been developed by the O-RAN Software Community (OSC) and incubated on the Near-Real-Time RIC (Near-RT RIC) platform. However, the Near-RT RIC has, so far, been demonstrated to support only a single xApp capable of controlling the RAN elements. This work studies the scalability of the OSC Near-RT RIC to support simultaneous control signaling by multiple xApps targeting the RAN element. We particularly analyze its internal message routing mechanism and experimentally expose the design limitations of the OSC Near-RT RIC in supporting simultaneous xApp control. To this end, we extend an existing open-source RAN slicing xApp and prototype a slice-aware User Equipment (UE) admission control xApp implementing the RAN Control E2 Service Model (E2SM) to demonstrate a multi-xApp control signaling use case and assess the control routing capability of the Near-RT RIC through an end-to-end O-RAN experiment using the OSC Near-RT RIC platform and an open-source Software Defined Radio (SDR) stack. We also propose and implement a tag-based message routing strategy for disambiguating multiple xApps to enable simultaneous xApp control. Our experimental results prove that our routing strategy ensures 100% delivery of control messages between multiple xApps and E2 Nodes while guaranteeing control scalability and xApp non-repudiation. Using the improved Near-RT RIC platform, we assess the security posture and resiliency of the OSC Near-RT RIC in the event of volumetric application layer Denial of Service (DoS) attacks exploiting the E2 interface and the E2 Application Protocol (E2AP). We design a DoS attack agent capable of orchestrating a signaling storm attack and a high-intensity resource exhaustion DoS attack on the Near-RT RIC platform components. Additionally, we develop a latency monitoring xApp solution to detect application layer signaling storm attacks. The experimental results indicate that signaling storm attacks targeting the E2 Terminator on the Near-RT RIC cause control loop violations over the E2 interface affecting service delivery and optimization for benign E2 Nodes. We also observe that a high-intensity E2 Setup DoS attack results in unbridled memory resource consumption leading to service interruption and application crash. Our results also show that the E2 interface at the Near-RT RIC is vulnerable to volumetric application layer DoS attacks, and robust monitoring, load-balancing, and DoS mitigation strategies must be incorporated to guarantee resiliency and high reliability of the Near-RT RIC. / Master of Science / Telecommunication networks need sophisticated controllers to support novel use cases and applications. Cellular base stations can be managed and optimized for better user experience through an intelligent radio controller called the Near-Real-Time Radio Access Network (RAN) Intelligent Controller (RIC) (Near-RT RIC), defined by the Open Radio Access Network (O-RAN) Alliance. This controller supports simultaneous connections to multiple base stations through the E2 interface and allows simple radio applications called xApps to control the behavior of those base stations. In this research work, we study the performance and behavior of the Near-RT RIC when a malicious or compromised base station tries to overwhelm the controller through a Denial of Service (DoS) attack. We develop a solution to determine the application layer communication delay between the controller and the base station to detect potential attacks trying to compromise the functionality and availability of the controller. To implement this solution, we also upgrade the controller to support multiple radio applications to interact and control one or more base stations simultaneously. Through the developed solution, we prove that the O-RAN Software Community (OSC) Near-RT RIC is highly vulnerable to DoS attacks from malicious base stations targeting the controller over the E2 interface.

srsRAN

Denial of Service

Open Source

Radio Access Network

Open RAN

RAN Control

Kubernetes

SCTP

USRP

SDR

UE

4G

LTE

5G

eNB

gNB

EPC