CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

UNIT I
EVOLUTION OF WIRELESS NETWORKS
Syllabus
Networks evolution: 2G,3G,4G, evolution of radio access networks, need for 5G. 4G
versus 5G, Next Generation core(NG-core), visualized Evolved Packet core(vEPC).

1. 1 Networks evolution: 2G,3G,4G

Today, technology has become an integral part of our life and has radically
changed our lifestyle. With the penetration of smartphones, and application of
services, we are now used to booking cars, transferring money, ordering food, and
booking our flight tickets, from almost anywhere be it from a park or from a moving
train. We can avail most services online, with the click of a button. All of this is made
possible by the growth of the wireless network infrastructure. While the wireless
networks were originally invented for helping people to communicate with each other
using voice, it has evolved to transfer data and support myriad services. Wireless
networks have become ubiquitous and have grown

in capacity over the years offering higher bandwidth and supporting more connections.
Today, wireless networks are not just connecting people, but also connecting
businesses and almost everything in the world. In this chapter, we will look at the
evolution of the wireless networks from 1G to 4G and understand the need for 5G
networks.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 1
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

1G Networks

FIGURE 1.2 - MOTOROLA DYNATAC PHONE

In 1983, the first-generation wireless network (also called as 1 G n e t w o r k )
was launched in US using the Motorola DynaTAC mobile phone. Later on, the 1G
technology was launched in other countries such as the UK and Canada. The 1G
technology was primarily used for making voice calls over wireless network. 1G
network was based on analog telecommunication standards. The voice calls in
1G network were transmitted using analog systems. Motorola DynaTAC 8000x is
the first commercial mobile phone that was used for making analog voice calls. The
phone looked almost like a cordless phone handset and weighed 1.75lb. In 1G, the
spectrum was divided into a number of channels, for users to make voice calls each
user gets a channel.
This had limitation on the number of users who can make simultaneous voice
calls. 1G technology faced other issues such as poor voice quality (due to
interference), mobile phones were huge and had poor battery life, the network
coverage was very limited. That led the researchers to come up with the 2G standards.
The key difference between 1G and 2G networks is that, 1G used analog standards
and 2G used digital standards.

2G Networks
In 1991, Global System for Mobile Communications (GSM) standard body
published the standards for 2G technology. 2G technology, was launched in 1992 and

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 2
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

had the ability to handle voice calls over digital systems. In addition to voice calls, 2G
also supported Short Messaging Services (SMS).
2G offered wider coverage when compared to 1G network. It enabled users to
send text messages to each other, over a wireless network. GSM network
architecture had 2 distinct layers - the Base Station Subsystem (BSS) and the Network
Switching Subsystem (NSS). The BSS had the base station and the base station
control function. The NSS had the core network elements. The core network elements
in the NSS were responsible for the switching of calls between the mobile and other
landline or mobile network users. In addition, the core network elements in the NSS
supported the management of mobile services including authentication and roaming.
European telecommunication Standards Institute (ETSI) established General Packet
Radio Service (GPRS), an Internet Protocol (IP) based mobile data standard, as an
enhancement to the 2G technology. The new service was called as 2.5G and it offered
56 - 114 Kbps data speed. 2.5G technology, eventually morphed into EDGE
(Enhanced Data Rates for GSM Evolution) and was ideal for email services. 2.5G
technology resulted in the growth of mobile phones such as Blackberry, which offered
mobile email services.

3G Networks
3G cellular services were launched in the year 2003. 3G was much more advanced,
when compared to 2G/2.5G and offered up to 2 Mbps speed, supporting location-
based services and multimedia services. It was ideal for web browsing. Apple, which
was known to be a computer maker, got into the mobile equipment business by
launching iPhone, with the advent of 3G. Android, the open source mobile operating
system became popular with 3G. With 3G, the 3GPP group standardized UMTS.
Universal Mobile Telecommunications System (UMTS) is a third generation Mobile
cellular system for networks based on the GSM standard. Developed and maintained
by the 3GPP (3rd generation Partnership Project).UMTS uses wideband code
division multiple access(W- DMA) radio access technology to offer greater spectral
deficiency and bandwidth to mobile network operators.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 3
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

FIGURE 1.3 - 3G ARCHITECTURE

UMTS specifies a complete network system, which includes the radio access network
(UMTS Terrestrial Radio Access Network, or UTRAN), the core network (Mobile
Application Part, or MAP) and the authentication of users via SIM (Subscriber Identity
Module) cards. 3G network architecture has three distinct entities:

1. User Equipment (UE): In 2G, the handsets were called as mobile phones or cell
phones, as they were predominantly used for making voice calls. However, in
3G, the handsets can support both voice and data services. Hence, the term User
Equipment or UE is used
to represent the end user device, which could be a mobile phone or a data terminal.

2. Radio Access Network (RAN): The RAN, also known as the UMTS Radio Access
Network, UTRAN, is the equivalent of the previous Base Station Subsystem (BSS) in
GSM. RAN includes the NodeB function and the Radio Network Controller (RNC)
function. The NodeB function provides the air interface. The RNC manages the air
interface for the overall network.

3. Core Network:
The core network is the equivalent of Network Switching Subsystem or NSS in
GSM and provides all the central processing and management for the system. Core
network has both circuit switched and packet switched network elements. 3G
core network architecture consists of the following functions:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 4
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Home Location register (HLR)

HLR is a database that contains all information about the subscriber including
their last known location. The HLR maintains a mapping between Mobile Station
International Subscriber Directory Number (MSISDN) and International Mobile
Subscriber Identity (IMSI). MSISDN is the mobile phone number used for making and
receiving voice calls and SMS. IMSI is used for uniquely identifying a SIM card and
the number is stored in the SIM card. Each network can have one or more physical or
logical HLRs. User equipment periodically updates its location details to the HLR, so
that calls can be routed appropriately to the user. Depending upon the
implementation, the HLR may also have an in-built Equipment identity register (EIR)
and Authentication Centre (AuC).

Equipment Identity Register (EIR)

The EIR is the function that decides whether a user equipment is allowed onto
the network or not. EIR is typically integrated with the HLR. EIR is used for blocking
or monitoring calls from stolen user equipment. Each user equipment is uniquely
identified through a number known as the International Mobile Equipment Identity
(IMEI). IMEI is exchanged by the user equipment at the time of registration with the
network. Thus, EIR identifies a stolen equipment
through its IMEI.

Authentication Centre (AuC)

AuC is used for storing a shared secret key, which gets generated and burned
in the SIM card at the time of manufacturing. AuC function is typically co-located
with the HLR function. AuC does not exchange the shared secret key, but would
run an algorithm on the International Mobile Subscriber Identity (IMSI), to generate
data for authentication of a subscriber / user equipment. Each IMSI is unique and gets
mapped to a SIM card.

Mobile switching centre (MSC)

MSC is responsible for functions such as routing calls and SMS messages. It
interfaces with the HLR for keeping track of subscriber location and does call
handovers, when the mobile subscriber moves from one location to
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 5
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

another. Gateway MSC (GMSC) is a function that is present either within or outside
of the MSC. A GMSC interfaces with the external networks such as the Public
Switched Telephone Network (PSTN), which is our legacy land line network.

Serving GPRS Support Node (SGSN)

SGSN is responsible for mobility management and authentication of subscribers
/ mobile devices in a GPRS network. It performs a role which is similar to the role
played by the MSC for voice calls. The SGSN and MSC are often co-located in the
network.

Gateway GPRS Support Node (GGSN)

GGSN acts as a gateway to the Internet. It connects the GPRS network with the
packet switched data network. GGSN receives data addressed to a given subscriber,
checks if the subscriber is active and then forwards the data to the SGSN serving
the particular subscriber. If the subscriber is inactive, the data is discarded. The
GGSN keeps a record of active subscribers and the SGSN they are attached to.
GGSN assigns a unique IP address to each subscriber. It also generates the call detail
records (CDRs), which are processed by the Charging Gateway Function (CGF) or
billing servers.

Charging Gateway Function (CGF)

CGF handles Call Detail Records (CDRs) generated by the GGSN in a GPRS
network. There are different types of CDRs processed by the CGF, based on the
network node that generates the CDR. For example, when a SGSN generates CDRs,
it is called S-CDR. When a GGSN generates CDRs, it is called G-CDR. One of the
key differences between S-CDR and G-CDR is, G-CDR would have insights into the
subscriber data transfers (for example, volume of data uploaded/downloaded by the
subscriber).
3G technology evolved over a period of time to offer higher speeds by
supporting a new standard called High Speed Packet Access (HSPA). Service
providers who offered 3G services with HSPA support called their services as 3.5G or
3G+. The 3.5G networks that supported HSPA standards were able to offer speeds
up to 7 Mbps. With the further evolution of HSPA standard (also called as Evolved
HSPA), 3G networks were able to offer speeds up to 42 Mbps.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 6
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

4G Networks
In 2012, 4G services were launched, with speeds of up to 12 Mbps. 4G is an all-IP
(Internet Protocol) network and it resulted in massive changes to the radio network
and the core network architecture.
In 4G network, the radio function is based on the Long Term Evolution (LTE) 3GPP
standards and the core network is based on the Evolved Packet Core (EPC) 3GPP
standards

FIGURE 1.4 - 4G ARCHITECTURE

One of the significant changes introduced by the Long Term Evolution (LTE)
standards in 4G networks, is the changes to the Base station functionality. In 3G, the
radio resources were centrally controlled by a node called Radio Network Controller
(RNC). LTE introduces a new function called the Evolved NodeB (eNodeB), which
manages the radio resource and mobility in the cell.

In order to meet the 4G LTE requirements, functions of the eNodeB not only
included the base station (NodeB) functions to terminate the radio interface but also
the functions of the Radio Network Controller (RNC) to manage radio resources. This
architecture is called Evolved UMTS Terrestrial RAN (E-UTRAN) architecture.
In 3G, the RAN function included the base station (Node B) and the antennas.
In 4G LTE architecture, the base station function is split into two key functions -
Baseband Unit (BBU) and Remote Radio Head (RRH). RRH is connected to BBU
through optical fiber. The BBU function is moved out from the cellsite and hosted
in a centralised location and called as Centralized RAN. The RRH function (i.e., the
antenna function) is deployed closer to the users in a distributed fashion. The RAN
architecture and the distribution of RRHs and BBUs is in FLuenced by several factors
such as quality of service, latency, throughput, user density and load demand. The
following are the key functional nodes/network elements in the LTE architecture:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 7
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Evolved Node B (eNB)

eNodeB is the entity that supports air interface and performs radio resource
management. It provides radio resource management functions such as IP header
compression, user data encryption, and routing the user data to the Serving Gateway
(SGW). The radio interface provided by eNodeB can be shared by several
operators by having separate MME, SGW & PDN Gateway.

Home Subscriber Server (HSS)

Home Subscriber Server (HSS) is a database for storing the subscriber pro file
and authentication information. MME downloads subscriber pro file information from
the HSS, when a user equipment/mobile device attaches to the network. HSS also
provides the subscriber pro file information to the IP Multimedia Subsystem (IMS) Core
function, at the time of the IMS registration.

Serving Gateway (SGW)

SGW serves as the mobility anchor for the user plane. It takes care of inter-
eNodeB handovers & User Equipment (UE) mobility between 3GPP networks. It is
responsible for routing/forwarding data packets between the eNodeB & Packet Data
Network Gateway (PDN GW).

Packet Data Network Gateway (PGW)

PDN GW provides the UE with connectivity to the external packet data networks
such as Internet. It serves as the anchor point for intra-3GPP network mobility, as well
as mobility between 3GPP and non-3GPP networks. It takes care of Policy and
Charging Enforcement Function (PCEF), which includes Quality of Service (QoS),
online/offline Flow based charging data generation, deep-packet inspection, and
lawful intercept.

Mobility Management Entity (MME)

MME manages mobility, UE identities and security parameters. It operates in
the Control plane and provides functions such as managing session states,
authentication, mobility with 3GPP 2G/3G nodes, and roaming.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 8
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Policy and Charging Rules Function (PCRF)

Policy and Charging Rules Function (PCRF) maintains the policy and charging
related controls for all the subscribers. For example, a subscriber’s quality of service
policy is stored in the PCRF server. The QoS policy can differ from service to service
for each subscriber. The QoS for an IMS bearer may be different from the QoS for an
Internet bearer for the same subscriber. Such differentiations in the QoS can be
enforced by setting rules in the PCRF server. In addition, PCRF also helps the service
providers in providing location-based services. PCRF allows a service provider in
setting Flow-based charging rules. For example, a service can be stopped, when the
credit limit for the service is reached. With higher data speeds, 4G technology allowed
users to watch high-definition video and play games online. Over a period of time,
multiple enhancements were made to 4G technology - LTE-M (LTE Category M1 for
Machines) allowed low powered IOT devices to connect to 4G networks and LTE-
Advanced standards offer a network speed of up to 300 Mbps.
Today, 4G offers adequate network speed for over-the-top services such as
online video, gaming and social media. However, it does not support the bandwidth
and latency needs of services such as Augmented Reality, Virtual Reality and
Autonomous Cars. This paved the path for 5G technology research.

1.2 Evolution of Radio Access Networks

The Radio Access Network (RAN) architecture has evolved across the different
generations of the wireless network, to support the bandwidth and scalability
requirements. RAN has two distinct units the Remote Radio Head (RRH) and the
Baseband Unit (BBU). One end of the RRH is connected to the antenna and the other
end to the BBU.
RRH acts as a transceiver converting the analog signals to digital signals and
vice versa. In addition, RRH also does

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 9
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

filtering of noise and amplification of signals. The Baseband Unit (BBU) provides
switching, traffic management, timing, baseband processing, and radio interfacing
functions. BBU is typically connected to the RRH using a Fiber link.
In the traditional 2.5G/3G networks, both the RRH and BBU functions remained
in the cell site, as part of the Base Transceiver Station (BTS). In the 4G network, BBU
function was moved out of the cell site to a centralized location. BBU function in a 4G
network is hosted in the Central Office and
is called as Centralized RAN. 4G architecture optionally supports the virtualization of
BBUs and when the BBU function is virtualized, it is also called as Cloud RAN or
Virtualized RAN. In a 5G network, virtualization of BBUs almost becomes mandatory
as it helps the service providers to scale the network to support the various use
cases.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 10
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

1.3 Need for 5G

Most of the previous generation wireless technologies (such as 3G and 4G)
were focused on increasing the speed of the wireless technology. 4G technology
initially supported speeds of up to 12 Mbps - which was adequate for online video
streaming and gaming services. However, 4G does not
address the technology needs of some of the emerging use cases, in the areas of
Internet of Things (IOT) and Virtual Reality.

Here is the list of factors that drive the need for 5G

technology:
 Internet of Things (IOT) will require an infrastructure that can handle several
billions of network devices connecting to the wireless network, and at the same
time energy efficient
 3D video and Ultra High-Definition Video streaming applications are hungry for
additional bandwidth
 Virtual Reality and Augmented Reality enabled gaming,
video streaming and industrial applications require sub millisecond
latencies.
 Network operators have immense pressure to upgrade their networks
continuously, to handle the growth in the mobile data traffic - and at the same
time, reduce operational expenses

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 11
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

 Enable new revenue streams for wireless service providers, by supporting new
applications and use-cases
In 2016, several service providers partnered with network equipment vendors to kick
start 5G trials. Starting 2018, 5G services were commercially launched by multiple
service providers across the globe.

1.4 4G versus 5G
4G network infrastructure is based on Long Term Evolution (LTE) architecture.
5G network infrastructure is based on 5G Next Generation Core (5G NG-Core)
architecture. There is a significant difference between both the technologies in terms
of speed, latency, frequency ranges of the spectrum, use cases that are supported,
support for network slicing, RAN architecture, and Core network architecture.
Table 2.1 captures the differences between 4G and 5G technologies.
Criteria 4G 5G
300-400 Mbps (lab) 40- 1000 Mbps (lab) 300-400 Mbps
Speed
100 Mbps (real world) (real world)
Latency 50 ms 1-2ms
Sub 6 GHz (5G macro optimized),
Frequency 2-8 GHz 3-30 GHz (5G E small cells) 30-100
GHz (5G Ultra Dense)
Enhanced Mobile Broadband
Voice over LTE Mobile Augmented Reality/Virtual Reality
Use Cases Broadband Online Video Internet of Things (IOT) Holographic
Online Gorning Calls Fixed Wireless Autonomous
Cars Robotic Surgeries
Network
No Yes
Slicing
Small Cells installed in almost every
Large Towers in
Cell Towers street comer, in addition to mobile
concentrated communities
towers
Service
Connection Oriented Service Oriented
Architecture

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 12
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Long Term Evolution Next Generation Core (NG-Core)

Architecture
(LTE) New Radio (NR)

1.5 Next Generation core (NG-core)

NG-Core for 5G is the equivalent of Evolved Packet Core (EPC) in a 4G network. 5G
NG-Core architecture supports virtualization and allows the user plane functions to be
deployed separately, from the control plane functions. In addition, the user plane and
control plane functions can be
scaled independently. 5G NG-Core supports both International Mobile Subscriber
Identity (IMSI) based and non-IMSI based identities for authentication of services.
NGCore has support for capabilities such as network slicing, which allows the partition
of network resources across different customers, services or use-cases.

Network Functions in NG-Core

5G NG-Core architecture comprises of the following network functions:
1. Authentication Server Function (AUSF)
2. Access and Mobility Management Function (AMF)
3. Data Network (DN)
4. Network Exposure Function (NEF)
5. Network Repository Function (NRF)
6. Network Slice Selection Function (NSSF)

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 13
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

7. Policy Control Function (PCF)

8. Session Management Function (SMF)
9. Unified Data Management (UDM)
10. User Plane Function (UPF)
11. Application Function (AF)
Authentication Server Function (AUSF)
AUSF acts as an authentication server, performing UE authentication using
Extensible Authentication Protocol (EAP). EAP is a popular protocol used in WiFi
networks for authenticating WiFi clients. In the 4G network, AUSF function was part of
the Home Subscriber Server (HSS) function.

Access and Mobility Management Function (AMF) -

Responsible for connection management, registration management and
mobility management (handling of reachability and idle/active mode mobility state). It
also takes care of access authentication and authorization. AMF also supports Lawful
intercept function for AMF events. In the 4G network, this function was part of the
Mobility Management Entity (MME).

Data Network (DN)

DN offers operator services, internet access and third party services.

Network Exposure Function (NEF)

NEF is a proxy or API aggregation point for the core network and provides
security when services or external application functions access the 5G Core nodes.
This is a new function introduced in 5G
architecture.

Network Repository Function (NRF)

NRF supports service discovery, and maintains/provides pro files of network
function instances. This is a new function introduced in 5G architecture.

Network Slice Selection Function (NSSF)

NSSF supports the selection of network slice instances to serve the User
Equipment (UE), based on the Network Slice Selection Assignment Information
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 14
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

(NSSAIs) con figured or allowed for a given UE. This is a new function introduced in
5G architecture.

Policy Control Function (PCF)

PCF provides a unified policy framework and shares policy rules to control plane
functions, to enforce them. It also accesses subscription information relevant for policy
decisions from the Unified Data Repository (UDR). PCF was part of the PCRF function
in the 4G network.

Session Management Function (SMF)

SMF provides session management, UE IP address allocation & management
and DHCP functions. It also provides traffic steering con figuration for User Plane
Function (UPF) for proper traffic routing. SMF function was split between the MME
and Packet Gateway (PGW) function in 4G network.

Unified Data Management (UDM)

UDM provides Authentication and Key Agreement (AKA) credentials, user
identification handling, access authorization and subscription management functions.
UDM was part of the HSS functionality in the 4G architecture.

User Plane Function (UPF) -

UPF provides packet routing and forwarding functions. In addition, it also
handles QoS services. UPF function was split between Serving Gateway (SGW) and
PGW in the 4G architecture. Separating the userplane from the control plane in both
SGW/PGW, enables the service providers to deploy the UPF closer to the network
edge. In 5G, UPF function can be deployed at the network edge, in addition to the
network core, to improve the network performance and to reduce latency.

Application Function (AF)

AF function is similar to the AF function in the 4G network. It interacts with the
5G core to provide services such as application in Fluence on traffic routing, accessing

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 15
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Network Exposure Function (NEF) and interacting with policy framework for policy
control.

1.6 Visualized Evolved Packet core(vEPC).

Virtual Evolved Packet Core (vEPC) is functionally similar to the physical EPC.
However, the way in which the EPC is deployed and managed is different from
physical EPC. A Virtual Evolved Packet Core (vEPC) is a framework for mobile
networks' voice and data processing and switching that is implemented by Network
Functions Virtualization (NFV), which virtualizes the functions of an Evolved Packet
Core (EPC).

There are two methods in which a Virtualized Evolved Packet Core (EPC) can
be deployed:
1. An all-in-one Virtual EPC (vEPC)
2. Standalone instances of MME, PGW, SGW, HSS and PCRF.
There are some pros and cons for each of these approaches. In an all-in-one
deployment model, it is easy to manage the vEPC instance as one entity. However, it
lacks mechanisms to individually scale one or more services. For example, if the
service provider wants to increase the number of PCRF instances, it can only be
achieved by creating multiple instances of the all-in-one vEPC.
In a deployment with standalone instances of the vEPC components, the
service provider can individually scale the components. For example, if there is a need
to increase the number of PCRF instances, it can be achieved by spinning one or
more instances of the PCRF application. This approach helps in optimizing the
resource utilization on the telco cloud and brings-in agility. However, there will be an
overhead involved in managing the standalone instances on the telco cloud. The
network equipment vendors can help offset this management overhead, by providing
a vEPC specific VNF manager along with the vEPC. Architecturally, the vEPC will
be different from that of a physical EPC. Following are some of the key architectural
differences between a physical EPC and a Virtual EPC:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 16
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

 A Virtual EPC may have one or more VMs for each of the components. For
example, a PCRF service may have multiple micro-services. Each of these
microservices may run on a separate VM or a Container, on the telco cloud.
 A subscribers session state information in a physical EPC may be stored in RAM
or transient memory in the hardware. A physical EPC achieves high availability
and reliability by deploying multiple physical instances of the EPC hardware.
However, in a Virtual EPC deployment, the vEPC instance may store the
session state information in a reliable database, for session continuity during
fail-overs.
 A physical EPC relies on the underlying hardware for data plane acceleration.
A Virtual EPC relies on software-based data plane acceleration technologies.

In a vEPC, the data plane is scaled by using technologies such as SRIOV

(Single Root Input/ Output Virtualization). SRIOV partitions a physical network
interface card into multiple Virtual Network Interface Cards (vNICs) and provides direct
access to the physical NIC, bypassing the hypervisor layer. Virtual EPC also leverages
several advancements in the data plane acceleration such as the Data Plane
Development Kit (DPDK) and FD.io (fast data input/ output).

PART-A Questions

1. What is the first mobile wireless phone? Which vendor manufactured it?
Motorola DynaTAC 8000x is the first commercial mobile phone that was used for
making analog voice calls. The phone looked almost like a cordless phone handset
and weighed 1.75lb.

2.What are the various use cases supported by different generations of wireless
technology?
Some of the key 5G use cases are:
Enhanced Mobile Broadband (eMBB)
Fixed Wireless Broadband Services
Robotic Surgery
Autonomous Cars

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 17
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Massive Internet of Things (IOT) Services

Live TV
Virtual Reality / Augmented Reality
Private Wireless Network for Enterprises
Holographic Calls

3. How much speed does 4G provide? What are the core architecture of 4G?
In 2012, 4G services were launched, with speeds of up to 12 Mbps. 4G is an
all-IP (Internet Protocol) network and it resulted in massive changes to the radio
network and the core network architecture.
In 4G network,
• The radio function is based on the Long Term Evolution (LTE) 3GPP
standards and
• The core network is based on the Evolved Packet Core (EPC) 3GPP
standards

4. Write short notes on Evolved Node B (eNB) .

eNodeB is the entity that supports air interface and performs radio resource
management. It provides radio resource management functions such as IP header
compression, user data encryption, and routing the user data to the Serving Gateway
(SGW).The radio interface provided by eNodeB can be shared by several operators
by having separate MME, SGW & PDN Gateway.

5. Why do we need 5G?

Internet of Things (IOT) will require an infrastructure that can handle several
billions of network devices connecting to the wireless network, and at the same time
energy efficient 3D video and Ultra High Definition Video streaming applications are
hungry for additional bandwidth Virtual Reality and Augmented Reality enabled
gaming, video streaming and industrial applications require sub milli second
latencies Network operators have immense pressure to upgrade their networks
continuously, to handle the growth in the mobile data traffic - and at the same time,
reduce operational expenses.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 18
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

Enable new revenue streams for wireless service providers, by supporting new
applications and use-cases

6. What is 5G? How much speed does 5G support?

5G is the fifth-generation wireless technology, standardised by the 3rd
Generation Partnership Project (3GPP). 5G supports upto 1 Gbps speed, 1-10
milliseconds latency and scales to several millions of network devices. 3GPP
standardised 5G technology as part of their Release 15 specifications, in 2018.

7.What are the differences between 4G and 5G? ( Any Four)

8.What are the characteristics of 5G?

Spectrum: 5G supports a wide range of spectrums from low bands below 1 GHz, to
mid bands from 1 GHz to 6 GHz, to high bands 24 / 30 GHz to 300GHz.
• Bandwidth: 5G supports up to 1Gbps throughput, today. However, the
industry aims to support a peak data rate of 10 Gbps.
• Programmability: 5G can be customized to meet the requirements of a
diverse set of use-cases and deployments.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 19
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

• Latency: 5G supports 1 – 2 milliseconds latency, which enables use-

cases such as mobile gaming, augmented reality and virtual reality.
• Virtualization: 5G infrastructure is built on virtualized network functions
such as Virtual RAN, Virtual EPC and Virtual IMS.
• Connection Density: 5G aims to provide connectivity to nearly 1 million
devices in an area of 1 square Kilometer.

9. How has the RAN evolved across the different generations of wireless
networks?

10.What is Core Network?

The core network is the equivalent of Network Switching Subsystem or NSS in
GSM and provides all the central processing and management for the system. Core
network has both circuit switched and packet switched network elements.

Part-B’
1. Explain the various use-cases supported by different generations of wireless
technology.
2. Explain the key differences between 4G and 3G systems.
3. Discuss the key functions of radio access networks.
4. Differentiate LTE-M and LTE-A
5. Explain the frequency spectrum ranges supported by 5G.
6. Explain the benefits of NFV.
7. Identify the role of NFVI in NFV.
8. Explain the building blocks of virtualized RAN.
9. Explain the significance of Control plane in 5G.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 20
 CEC331 4G/5G Communication Networks Unit -1 EVOLUTION OF WIRELESS NETWORKS

10. Explain the significance of Data plane in 5G.

11. Explain the 4G voice call set-up procedure with a neat flow diagram.
12. Explain network function virtualization in aligned with 5G technology with an
example.
13. Explain the next generation core functions in 5G.
14. Explain the evolution of different wireless networks from 1G to 5G with key
parameters.
15. Explain Voice over LTE with a neat sketch.
16. Explain the 4G architecture and its associated components with a neat sketch.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 21
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

UNIT II
5G CONCEPTS AND CHALLENGES
Syllabus
Fundamentals of 5G technologies, overview of 5G core network architecture,5G
new radio and cloud technologies, Radio Access Technologies (RATs), EPC for 5G.

2.1 Fundamentals of 5G technologies

5G is the fifth-generation wireless technology, standardized by the 3rd
Generation Partnership Project (3GPP). 5G supports up to 1 Gbps speed, 1-10
milliseconds latency and scales to several millions of network devices. 3GPP
standardized 5G technology as part of their Release 15 specifications, in 2018.

5G brings significant changes to speed, latency and scale. 5G services are expected
to make a huge impact on service providers, businesses, consumers and the society
at large. 5G is not just an evolution from 4G technology - it is revolutionary. The most
visible changes in 5G are on the radio - 3GPP de fined the new radio specification
called 5G New Radio (5G NR) for 5G services. However, 3GPP also has revamped
the core network infrastructure to support the speed, latency and scalability
requirements of 5G, by introducing 5G Next Generation Core (5G NG-Core). The 5G
NG-Core will be the heart of the 5G network and acts as an anchor point for multi-
access technologies. It delivers a seamless service experience across fixed and
wireless access technologies.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 22
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

2.1.1 Characteristics of 5G
There are a few key characteristics of 5G technology, that are notably different from
the previous generation wireless technologies.
 Spectrum: 5G supports a wide range of spectrums from low bands below 1
GHz, to mid bands from 1GHz to 6 GHz, to high bands 24 / 30 GHz to 300 GHz
(also, known as millimeter-wave).
 Bandwidth: 5G supports up to 1Gbps throughput, today. However, the industry
aims to support a peak data rate of 10 Gbps.
 Programmability: 5G can be customized to meet the requirements of a diverse
set of use-cases and deployments (for ex., a high-bandwidth and latency
agnostic mobile broadband use-case to a low bandwidth and latency sensitive
Industrial IOT use- case). This is achieved through capabilities such as network
slicing
 Latency: 5G supports 1 2 milliseconds latency, which enables use-cases such
as mobile gaming, augmented reality and virtual reality.
 Virtualization: 5G infrastructure is built on virtualized network functions such
as Virtual RAN, Virtual EPC and Virtual IMS. It enables services providers to
dynamically scale the network infrastructure to meet the demands of the
customers.
 Connection Density: 5G aims to provide connectivity to nearly 1 million
devices in an area of 1 square kilometre.
2.1.2 5G Use Cases
2G technology was for phone calls and SMS services. 2.5G or EDGE
technology was for email services, 3G technology was for web, 4G technology was for
video and 5G is for use cases that we cannot possibly imagine.
5G technology caters to the needs of multiple industries such as the following:
* Public Safety
* Broadcasting / Media Delivery
* Automotive Industry (Public Transport Systems)
* Aeronautical (Drones)
* Health / Wellbeing
* Utilities
* Education
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 23
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

Some of the key 5G use cases are:

* Enhanced Mobile Broadband (eMBB)
* Fixed Wireless Broadband Services
* Robotic Surgery
* Autonomous Cars
* Massive Internet of Things (IOT) Services
* Live TV
* Virtual Reality / Augmented Reality
* Private Wireless Network for Enterprises
* Holographic Calls

2.2 Overview of 5G Core Network Architecture

Building a wireless network that supports a diverse set of services is quite
challenging. The scope for 5G goes beyond just supporting mobile handheld devices.
5G architecture should support use cases that were not handled by the previous
generation wireless technologies.

2.2.1 5G System Architecture

5G architecture is developed based on the following key aspects:
* Support for service-based architecture and service-based interfaces
* Built on network virtualization principles
* Support for mechanisms to logically partition the network into slices
* Expose network functions through Application Programming Interfaces (APIs) to
third parties (vendors, partners and customers)
* Support both backward & forward compatibility with networks

5G architecture consists of two sets of critical network supporting the 5G New

Radio (NR) speci fication. NG-Core includes several network functions that provide
services such as authentication, mobility management, policy control and network
slicing. Communication between network functions use simpli fied HTTP based
RESTful APIs. functions - Next Generation Radio Access Network (NGRAN) and Next
Generation Core Network (NG-Core). NGRAN includes the Radio Access Network
(RAN) function hosted on the service provider cloud and the antennas,
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 24
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

The initial 5G launches were based on Non-Standalone (NSA) architecture -

where the 5G radio infrastructure, will still rely heavily on the 4G core infrastructure for
various services. The 5G Standalone (SA) architecture will support both the 5G NR
and 5G NG-Core specifications, providing an end-to-end 5G infrastructure.

2.2.2 5G Deployment Architectures

4G consists of two significant architectural components – the Long-Term
Evolution (LTE) for the access network and Evolved Packet Core (EPC) for the core
network. However, 4GÕs access and core network components cannot interwork with
other legacy network components belonging to the previous generation wireless
networks. However, 5G provides interoperability with 4G networks. Considering the
huge investment that has gone in to build 4G networks and the huge investment
required to build a 5Gnetwork, it makes logical sense for the 5G and the 4G networks
to interwork with each other. It also provides a migration path for the customers. 5G
architecture supports both a Standalone Architecture (SA) and a Non-Standalone
Architecture (NSA) implementation.
The NSA implementation allows 5G network to interwork with 4G network. The
SA implementation is an end-to-end 5G network. The initial deployments of 5G will
adopt the non-Standalone architecture.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 25
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

Standalone Architecture (SA)

Standalone architecture uses only one radio access technology either 4G or 5G.
The radio cells connect to either a 4G EPC or a 5G Core. Architecturally, deploying
a standalone solution is simple for service providers. However, it involves a lot of costs
as an end-to-end 5G network infrastructure has to be deployed. When a user
equipment switches between 5G and 4G networks, service continuity is achieved
through inter-generation handovers.

In a standalone architecture, there are three deployment options:

* Option 1: Wireless service is provided by 4G LTE eNodeB and 4G EPC. This
deployment option is supported by the existing 4G networks. It supports higher
bandwidths of up to 400 Mbps and is adequate for mobile broadband needs. Some
service providers are marketing this as 5GE (5G Evolution).
* Option 2: Wireless service is provided by 5G NR gNodeB and 5G NG-Core. This is
a full end-to-end 5G
service and it will take a few years for networks to adopt this deployment model.
* Option 5: Wireless service is provided by enhanced 4G LTE ng-eNodeB (Next
Generation eNodeB, which can communicate with the 5G NG-Core) and 5G NG-Core.
This deployment option will be helpful for service
providers during the migration from a full 4G network to a full 5G network.

Non-Standalone Architecture (NSA)

3GPP release 15 standardized the Non-Standalone (NSA) mode of deployment. In
NSA mode, 5G networks will be supported by existing 4G infrastructure. For example,

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 26
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

a 5Genabled smartphone will be able to connect to the network using 5G radio cells
for data-throughput improvements but

will still use 4G radio cells for regular low-throughput data transfers. NSA uses a
capability called dual-connectivity, defined by the 5G NR standards where a given UE
consumes radio resources provided by at least two different network points for
example, 5G gNB and 4G eNB. NSA enables service providers to deploy 5G, without
much of disruption to their existing networks and services. It also helps the service
providers to leverage the investments done in the 4G network.

In a non-standalone deployment, there are three deployment options:

* Option 3: 4G LTE eNodeB acts as the master node and 5G NR en-gNodeB
(enhanced gNodeB, which can
communicate with the 4G EPC) acts as the secondary node. Both of these RAN
functions connect to the 4G
EPC. Option 3 deployments will be helpful in scenarios where the UE can connect to
the large 4G cell towers
for ubiquitous access to Internet services, and connect to a 5G small cell for high data
throughput.

* Option 4: 5G NR gNB acts as the master node and 4G LTE ng-eNB acts as the
secondary node. Both of these RAN functions, connect to the 5G Core. Option 4 will
be helpful in scenarios where 5G NR coverage is high, for providing mobile broadband
services. 4G is used as a fallback option, in areas where 5G NR coverage is not
available. This deployment option, may not be very relevant in the short term, where
4G coverage is higher than 5G NR coverage.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 27
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

* Option 7: 4G LTE ng-eNodeB acts as the master node and 5G NR acts as the
secondary node. Both of these RAN functions communicate with the 5G NG-Core.
Option 7 builds on top of Option 5. The need for Option 7 is very limited in the short
term, as it bene fits only the mobile broadband use-cases.

2.3 5G New Radio and Cloud Technologies

5G New Radio (5G NR)

One of the significant changes to the 5G architecture is the radio specification. 5G
introduces a new radio specification called 5G New Radio (5G NR).

Some of the key changes to the radio function in 5G are:

 Spectrum: 5G supports a wide range of spectrums from low bands below 1 GHz, to
mid bands from 1 GHz to 6 GHz, to high bands 24 / 30 GHz to 300 GHz. This high
band is called as millimeter-wave.
 Latency: 5G NR supports lower latencies less than 10 milli seconds
 Beamforming: 5G NR supports a large number of multiple input multiple output
(MIMO) antennas, which would allow it to work in a high interference environment
through a technique called beamforming. It enables 5G radios to provide both
coverage and capacity.
 Interworking with 4G: Coexistence with LTE (by supporting LTE NR), by bringing
an overlay network, in cases where 5G coverage is not available.
 5G Spectrum: In order to achieve high speed and scalability, 5G supports a wide
range of spectrums from low bands below 1 GHz, to mid bands from 1 GHz to 6 GHz,
to high bands 24 / 30 GHz to 300 GHz (also, known as milli-meter-wave or mmWave).
Lower frequencies typically travel long enough and can propagate deeper than
higher frequencies. Lower frequencies offer a better coverage.
Higher frequencies will travel short distance, however can offer higher
bandwidth. 5G has to offer both better coverage and higher speeds - and hence,
millimeter wave is very important for 5G to offer higher speeds. In addition to deploying
large towers, 5G will also require service providers to deploy a large number of small
cell towers - to meet the speed and latency requirements. 5G promises ubiquitous
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 28
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

wireless coverage by supporting both licensed and unlicensed spectrums. 5G NR-

U is called Unlicensed Spectrum. 3GPP has categorized the use of 5GHz and 6GHz
spectrum bands as 5G NR-U. The use of unlicensed spectrum significantly reduces
the cost of deploying 5G networks.

There are two types of NR-U implementations:

* Licensed Assisted Access (LAA) NR-U
* Standalone NR-U

2.31. Licensed Assisted Access (LAA):

In the LAA deployment, service providers aggregate the licensed spectrum with
the unlicensed spectrum to provide wireless services to customers. The point of
aggregation can be a small cell which supports the licensed and unlicensed
frequencies. Alternatively, the mobile device can establish dual connectivity, one with
the macro-cell operating in the licensed spectrum and the other with the small-cell
which is operating in the unlicensed spectrum. LAA in 5G is very similar to how LAA
is implemented in 4G LTE network. LAA can help service providers in boosting the
capacity of the network.

2.3.2 Standalone NR-U:

5G NR-U standalone implementation is unique and it may appear to be
competing with existing WiFi technology (which is using the 5GHz frequency). 5G NR-
U standalone implementations will help to accelerate the deployment of 5G in private
networks such as enterprises and industries. This will eliminate the overhead for
enterprises to maintain a separate WiFi network for wireless connectivity. 5G NR-U
standalone deployments can support IOT use cases in enterprises, industries and
communities.
5G NR supports Dynamic Spectrum Sharing (DSS), a new standard introduced
in 5G, that helps service providers to migrate from 4G LTE to 5G NR, without a
noticeable service quality degradation to customers. Dynamic Spectrum Sharing
allows the service providers to share spectrum between their 4G and 5G users. For
example, a 4G user can use a given spectrum for 10 milliseconds and the same
spectrum can then be taken by a 5G user for 1 millisecond. Dynamic allocation of
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 29
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

spectrum, improves the utilisation of the spectrum across 4G and 5G services.

Traditionally, when service providers migrated from 3G to 4G, they carved out a chunk
of the 3G spectrum anddedicated that to 4G. This may starve the users in the 3G
network. However, Dynamic Spectrum Sharing enables a smoother migration from 4G
to 5G. Initially, it is expected that more users will be in 4G and very few users will be
in 5G. Over the next few years, the ratio between 4G and 5G users will change. More
and more users are expected to migrate to 5G. Based on the capacity needs, the
network can dynamically allocate spectrum to users. This would result in speedy
services to both 4G and 5G users.

2.4 Cloud And 5G Mobile Networks

What is 5G?
5G is a short expression for “5th generation mobile system network, " a new global
standard in wireless communication technology. 5G has been developed purposely to
support the virtual connection of everything and everyone. Known as the Internet of
Things (IoT), with the new 5G technology, devices, objects, and machines will be able
to interconnect. Compared to the 4G technology, 5G is about 100 times faster.
5G wireless technology is meant to offer the following benefits to users −
 To deliver large data at relatively high speeds
 To be more reliable
 Capable of a massive network capacity
 It has a very low latency
 Increased availability
 More positive user experiences

The 5G solution has been optimized to produce higher performances while

connecting new industries. With 5G network technology, there shall be improvements
in cloud−based gaming, traffic systems, self−driving vehicles, e−health, etc. As a new
technology, 5G is expected to help us create a more sustainable, safer, and smarter
future.
Types of 5G network
When it comes to the 5G network, there are three main types. These are
 Low band 5G − This is 20% faster than 4g LTE networks.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 30
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

 Mid band 5G − This is nearly six times faster than the 4G LTE.
 Mm Wave High band 5G − This is nearly 10 times faster than 4G networks.
 Increased Accessibility − Using a 5G network with cloud computing will close any
bandwidth gap across different regions. It will also enhance the availability of cloud
computing solutions in remote locations.
 IoT Connectivity − Blending both technologies will lead to a high−speed network with
low latency. This way, IoT devices, and systems can easily access cloud solutions.
This connectivity will lead to improved business digitization and automated
machines.
 Better Work Connectivity − When cloud computing is driven by the 5G technology,
remote working systems are enhanced. There will be no delays or technical
difficulties, giving organizations the ability to work from any location.
 Improved Security Systems − Hacking is always a threat to cloud solutions. When
powered by 5G, this will upgrade the system’s security protocol. With 5G, attacks can
be identified easily as hybrid cloud environments are much safer.
 Supports Edge Computing − Driving cloud computing solutions using 5G network
systems will enhance edge computing. With edge computing, remote systems are
enhanced while a lesser bandwidth is consumed.
 Easy Access to Customers − With cloud technology and 5G, it becomes possible for
machines to communicate easily with each other. This way, communications will be
more reliable as businesses have faster customer access.

What is Cloud Technology?

Cloud technology is a type of technology that supports users to be able to store
and access their programs and data using the internet. This is against using a hard
drive to store and access programs and data. With cloud technology, any business
can access powerful IT and software infrastructure to grow and expand further. The
technology also gives them the capability to compete with much bigger companies.
With cloud technology, businesses can utilize the latest solutions without investing in
expensive IT equipment and hardware.

Why Cloud Computing with 5G?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 31
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

Cloud computing is a commercial technology that many businesses depend on

to access the latest solutions in the IT industry. With cloud computing, businesses can
access the best IT solutions without necessarily buying any expensive and
space−consuming hardware. With the help of 5G technology, service providers of
cloud computing will be able to provide a more efficient solution for businesses. The
following are the benefits of 5G to cloud−hosted solutions –
1. Faster Transfer of Data − One of the benefits of deploying the 5G technology is its
fast data transfer rate. With the 5G technology, cloud computing helps accelerate the
data streaming process.

2. Uninterrupted Storage − Cloud computing supported by uninterrupted storage will

support many businesses as they perform complex operations requiring
space−consuming hardware. Rather than choose on−premise solutions (which can be
expensive), many businesses prefer cloud solutions.

3. Reliability with Large Data − 5G for cloud computing is important, especially in big
data. Many companies deal with large sets of data all the time. They will prefer to
transfer all of these data on time. This way, large quantities of data can be transferred
easily and in real−time. Enhanced Productivity − Due to the efficiency and
effectiveness of the 5G technology, businesses will be more productive.

Impact of cloud on 5G
5G systems and cloud−hosted solutions are some of the changing technologies
in the IT industry. Using both technologies together will lead to a bigger world full of
opportunities and innovations. There are many benefits of using both technologies
together.
With 5G, cloud computing will be advanced through continuous software
updates. These updates will include application and network releases. The frequency
of technology will need to be aligned with the operation to prevent glitches in
interoperability. The cloud needs more development to become fully compatible with
5G. For the best experience, both technologies can be developed further for more
efficiency.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 32
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

2.5 Radio Access Technologies (RATs)

Radio Access Network (RAN) and Radio Access Technology (RAT)
RAT – Radio access technology
The underlying physical connection method for a radio-based communication
network. Modern phones may support several RATs in one device such as Bluetooth,
Wi-Fi, NFC (Near-Field Communications), and 3G, 4G or LTE, and 5G.
In a radio access network (RAN), radio sites provide radio access and coordinate
resource management across radio sites. Devices are wirelessly connected to the
core network, the RAN transmits its signals to various wireless endpoints, and the
signals travel with traffic from other networks.

Radio Access Technology or (RAT) is the underlying physical connection method for
radio-based communication networks.

Many modern cell phones support multiple RATs in one device, such as
Bluetooth, Wi-Fi and GSM, UMTS, LTE or 5G NR. More recently, RAT has been used
to discuss heterogeneous wireless networks. It is used when the user device is
choosing between the types of RATs used to connect to the Internet. This is typically
similar to access point selection in an IEEE 802.11 (Wi-Fi) based network.
The new technology will use the Open Radio Access Network (O-RAN). This
O-RAN technology provides a more open radio access network architecture than
currently offered by telecommunications companies. It will increase interoperability
between different vendors and create a more efficient network.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 33
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

A traditional radio access network (T-RAN) is a radio access network (RAN)

that has been in use since the advent of cellular technology. It includes the base
station (BS) that establishes the connection with the sector antennas. These antennas
cover a small area according to their capacity and can only handle the reception and
transmission of information within this small area. The physical connection method of
the wireless communication network; WiFi, Bluetooth, 4G, LTE, etc. Multi-RAT
(Multiple Radio Access Technology) networks and most mobile devices support Multi-
RAT. Mobile devices can connect to multiple cellular networks. For example, cell
phones can often connect to 2G, 3G, and LTE networks.
Cell phones use radio waves to communicate by converting your voice and data
into digital signals to send as radio waves. In order for your phone to connect to the
network or the Internet, it first connects through the RAN. RAN uses radio transceivers
to connect you to the cloud. Most base stations (aka transceivers) are primarily
connected to the mobile core network via fiber optic backhaul.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 34
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

The RAN provides radio access and assists in coordinating network

resources between wireless devices. Devices are primarily connected to cellular
networks via LTE or 5G NR connections. Silicon chips in the core network and user
equipment such as cell phones or laptops help make the RAN work.
2.6 EPC for 5G.
What is EPC in LTE ?
The EPC represents the Core of an LTE network. It is formed by multiple nodes, the
main ones being MME,GW, PGW S and HSS. This nodes offer multiple functionality
like mobility management, authentication, session management, setting up bearers
and application of different Quality of Services.
Like the 4G Evolved Packet Core (EPC), the 5G Core aggregates data traffic from
end devices. The 5G Core also authenticates subscribers and devices, applies
personalized policies and manages the mobility of the devices before routing the
traffic to operator services or the Internet.

The key components of EPC are:

● Mobility Management Entity (MME) - manages session states

and authenticates and tracks a user across the network.

● Serving Gateway (S-gateway) - routes data packets through the access network.

● Packet Data Node Gateway (PGW) - acts as the interface between the LTE
network and other packet data networks; manages quality of service (QoS) and
provides deep packet inspection (DPI).

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 35
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

● Policy and Charging Rules Function (PCRF) - supports service data flow
detection, policy enforcement and flow-based charging.

While the EPC and 5G Core perform similar functions, there are some major
differences in that the 5G Core is decomposed into a number of Service-Based
Architecture (SBA) elements and is designed from the ground-up for complete control
and user plane separation. Rather than physical network elements, the 5G Core
comprises pure, virtualized, software-based network functions (or services) and can
therefore be instantiated within Multi-access Edge Computing (MEC) cloud
infrastructures.

This new architecture will give operators the flexibility they need to meet the diverse
network requirements of all the different 5G use cases, going well beyond high speed
fixed wireless or mobile broadband services. And at the heart of the new 5G core
architecture is cloud native software design.

To illustrate just how the 5G core network will be different from today’s EPC, here
are some of the new 5G network functions that you’ll need to need to know about:

● User Plane Function (UPF). Emerging from Control and User Plane
Separation (CUPS) strategies defined within non-standalone 5G New Radio
specifications, the 5G core UPF represents the evolution of the data plane
function of the Packet Gateway (PGW). This separation allows data forwarding
to be deployed and scaled independently so that packet processing and traffic
aggregation can be distributed to the network edge.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 36
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

● Access and Mobility Management Function (AMF). With the 4G EPC

mobility Management Entity (MME) decomposed into two functional elements,
the AMF receives all the connection and session information from end user
equipment or the RAN but only handles connection and mobility management
tasks. Anything to do with session management is forwarded to the Session
Management Function (SMF)

● Session Management Function (SMF). A fundamental component of the 5G

SBA, the SMF is responsible for interacting with the decoupled data plane by
creating, updating and removing Protocol Data Unit (PDU) sessions and
managing session context within the UPF. Decoupling other control plane
functions from the user plane, the SMF also performs the role of Dynamic Host
Configuration Protocol (DHCP) server and IP Address Management (IPAM)
system.

The core network is the most important domain in the mobile network starting from
2G and 3G while the MSC and SGSN are the main functions there to EPC or Evolved
packet Core, then EPC+ in 4G network and finally 5GC or 5G Core in 5G Network.

However, there are many differences between EPC, EPC+, and 5GC especially
in the features, upgrades and main interfaces as below

● EPC (Evolved Packet Core)

o Reference Point Interfaces, Sx interfaces.
o Proprietary protocol like Diameter,S1AP,eGTP for each interface.
o Possibility of deploying DECOR.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 37
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

o Some Nodes/NFs should be upgraded prior to 5G NSA Deployment.

● EPC+
o Reference Point Interfaces, Sx interfaces including Sxa, Sxb, and Sxc
depending on CUPS.
o Proprietary protocol like Diameter,S1AP,eGTP-C,eGTP-U for each
interface.
o Possibility of deploying DECOR.
o Some Nodes/NFs should be upgraded prior to 5G NSA Deployment.
● 5GC (5G Core)
o Service-based interfaces for CP function group (Nsmf, Namf..etc) using
HTTP/2 based REST APIs.
o Reference point interfaces for UP NFs and their interconnections ( e.g.
N1, N2, N4, and N9) using proprietary interfaces such as EPC.

2.7 Evolution of core Networks evolve to 5GC from EPC

How does core network evolve to 5GC from EPC？
EPC (Evolved Packet Core) has ever been the crucial part of 4G LTE. While
with the ongoing innovation of the telecommunication industry, 5GC (5G Core
Network) defined by 3GPP turns to a rising star in core network field.
Compared with the earlier generations, 5G deployment can carry both EPC
and 5GC in its actual implementation. What’s more, 5G deployment also introduced
5GC in SA (Standalone) mode and EPC or 5GC in NSA (Non-standalone) mode,
which makes it more complicated to explore the best evolution roadmap from EPC to
5GC.
However, we are always facing both opportunities and challenges. Difficulties
may be the chance to develop. Let’s see four paths of evolution adapted to specific
scenario.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 38
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

2.7.1. 5G SA Network Deployment

Option 2 refers to deploy 5G NR (New Radio) with 5GC in 5G SA network

deployment.
When the coverage of 5G is too limited to cover the whole service area, the re-
orientation and inter-RAT transformation between LTE/EPC and NR/5GC should be
supported under this circumstance.
Advantage:
To make better use of the competence of 5G, we just need to upgrade the existing
EPC to complete the interconnection between EPC and 5GC with this solution.
2.7.2. 5G NSA Network Deployment

While evolving to 5G NSA mode, Option 3 should always be the best choice.
The picture above depicts the dual connectivity of Option 3. This option enables UE
access simultaneously through LTE or NR, and supports the LTE NSA architecture
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 39
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

based on LTE.
Advantage:
There is no need to deploy 5GC in early period of 5G deployment. By implementing
this network architecture, the control interface of S1 is only provided to LTE eNodeB,
while the user plane interface of S1 can be provided to eNodeB and NR gNodeB at
the same time.
Therefore, the traffic flows in EPC should be classified.

2.7.3.Introduce 5GC in NSA Network Deployment

In essence, Option 7 is the introduction of 5GC in Option 3.

Advantage:
The eLTE (enhanced LTE) after Release-15 access to the new 5GC with the control
and user interfaces, whereas gNodeB only has the user interface connected to 5GC.
So Option 7 can be smoothly upgraded in 5GC deployment, which could provide
better function than SA Option 2.
However, it’s unnecessary to evolve to Option 7 if the deployment of SA Option 2
becomes the mainstream option.
2.7.4. Maturity of 5G NR deployment

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 40
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

Once the 5G NR deployment becomes mature, the existing LTE eNodeBs in SA

deployment may be replaced by NR gNodeBs.
In NSA mode, Option 3 and Option 7 can be upgraded to Option 4 which can also
adapt to the LTE NSA network architecture applied in dual connectivity.

Advantage:
With the requirement of 5G NR providing continuous coverage, the control plane
always set in 5G NR to fully achieve massive and strong function for users.

The rapid rising of 5GC has become an irresistible tendency. As a prominent mobile
core network provider, IPLOOK always keeps pace with the innovation of core
network. IPLOOK also constantly develops the path to provide converged core
network for our customers. Nowadays, IPLOOK can support seven available options
of 5GC deployment with various configuration according to 3GPP.

Part-A
1. What are the fundamentals of 5G technology?
 It supports service-based architecture and service-based interfaces
 Buit on network virtualization.
 It supports for logically partition by the network slicing
 Interact with multiple application by API (Application Programming interfaces)
 Support forward /backward compatibility with network

2. Write the characteristics of 5G new Radio?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 41
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

Spectrum: 5G supports a wide range of spectrums from low bands below 1 GHz, to
mid bands from 1 GHz to 6 GHz, to high bands 24 / 30 GHz to 300 GHz. This high
band is called as millimeter-wave.
Latency: 5G NR supports lower latencies less than 10 milli seconds.
Beamforming: 5G NR supports a large number of multiple input multiple output
(MIMO) antennas, which would allow it to work in a high interference environment
through a technique called “beamforming”. It enables 5G radios to provide both
coverage and capacity.
Interworking with 4G: Coexistence with LTE (by supporting LTE NR), by bringing
an overlay network, in cases where 5G coverage is not available.

3. What is meant by RAT and Multi RAT?

RAT: The underlying physical connection method for a radio-based communication
network. Modern phones may support several RATs in one device such as Bluetooth,
Wi-Fi, NFC (Near-Field Communications), and 3G, 4G or LTE, and 5G.
Multi RAT: The physical connection method of the wireless communication network;
Wi-Fi, Bluetooth, 4G, LTE, etc. Multi-RAT (Multiple Radio Access Technology)
networks and most mobile devices support RAT is known as Multi RAT.

4.Write short notes on 5G cloud technology.

Cloud technology is a type of technology that supports users to be able to store and
access their programs and data using the internet. This is against using a hard drive
to store and access programs and data. With cloud technology, any business can
access powerful IT and software infrastructure to grow and expand further. With cloud
technology, businesses can utilize the latest solutions without investing in expensive
IT equipment and hardware.
The following are the benefits of 5G to cloud−hosted solutions
 Faster Transfer of Data ,
 Uninterrupted Storage
 Reliability with Large
 Data Enhanced Productivity

5.5G Use Cases

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 42
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

5G technology caters to the needs of multiple industries such as the following:

* Public Safety
* Broadcasting / Media Delivery
* Automotive Industry (Public Transport Systems)
* Aeronautical (Drones)
* Health / Wellbeing
* Utilities
* Education
6. What is RAT?
RAT – Radio access technology
The underlying physical connection method for a radio-based communication
network. Modern phones may support several RATs in one device such as Bluetooth,
Wi-Fi, NFC (Near-Field Communications), and 3G, 4G or LTE, and 5G.

7.What is EPC in 5G core?

The EPC(Evolved Packet Core) proceeds with the session initiation
process. The MME sends a “Create Session Request” to the Serving Gateway. The
Serving Gateway sets up a tunnel with the PDN Gateway (PGW). As part of
establishing the tunnel, the PGW downloads policy information from PCRF and
applies them on the subscriber context.

8. Why Cloud Computing with 5G?

1. Faster Transfer of Data
2. Uninterrupted Storage
3. Reliability with Large Data

9. Write the Impact of cloud on 5G Technology.

5G systems and cloud−hosted solutions are some of the changing technologies
in the IT industry. Using both technologies together will lead to a bigger world full of
opportunities and innovations. There are many benefits of using both technologies
together.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 43
 CEC331 4G/5G Communication Networks Unit -2 5G CONCEPTS AND CHALLENGES

With 5G, cloud computing will be advanced through continuous software

updates. These updates will include application and network releases. The frequency
of technology will need to be aligned with the operation to prevent glitches in
interoperability. The cloud needs more development to become fully compatible with
5G. For the best experience, both technologies can be developed further for more
efficiency.

10. What is EPC in LTE ?

The EPC represents the Core of an LTE network. It is formed by multiple
nodes, the main ones being MME,GW, PGW S and HSS. This nodes offer multiple
functionality like mobility management, authentication, session management, setting
up bearers and application of different Quality of Services.
Like the 4G Evolved Packet Core (EPC), the 5G Core aggregates data traffic
from end devices. The 5G Core also authenticates subscribers and devices, applies
personalized policies and manages the mobility of the devices before routing the
traffic to operator services or the Internet.

Part-B
1. What are the fundamentals, characteristics and use cases of 5G technologies?
2.Briefly explain the concept of Radio Access Technology (RAT) in 5G networks
3. Explain the 5G cloud technology and its impact of cloud on 5G.
4. Explain in detail about EPC for 5G.
5. With neat sketch explain the 5G System Architecture
6. How does core network evolve to 5GC from EPC？

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 44
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

UNIT III
NETWORK ARCHITECTURE AND THE PROCESSES
Syllabus
5G architecture and core, network slicing, multi access edge computing(MEC),
visualization of 5G components, end-to-end system architecture, service
continuity, relation to EPC, and edge computing. 5G protocols: 5G NAS,NGAP,
GTP-U, IPSec and GRE.

3.1 5G architecture and core

3.1.1 5G Network Architecture and Core
The primary goal of previous mobile network generations was to offer fast,
reliable mobile data services to network users. 5G has broadened this scope to offer
a wide range of wireless services delivered to the end user across multiple access
platforms and multi-layer networks.
5G creates a dynamic, coherent, and flexible framework of advanced
technologies to support a variety of applications. 5G utilizes a more intelligent
architecture, with Radio Access Networks (RANs) no longer constrained by base
station proximity or complex infrastructure. 5G leads the way towards disaggregated,
flexible, and virtual RAN with new interfaces creating additional data access points.
3.1.2 5G Architecture 3GPP
The 3rd Generation Partnership Project (3GPP) covers telecommunication
technologies including RAN, core transport networks and service capabilities. The
3GPP has provided complete system specifications for 5G network architecture which
is much more service oriented than previous generations.
Services are provided via a common framework to network functions that are
permitted to make use of them. Modularity, reusability, and self-containment of these
network functions are additional design considerations for the 5G network architecture
described by the 3GPP specifications.

3.1.3 5G Spectrum and Frequency

Multiple frequency ranges are now being dedicated to 5G new radio (NR). The portion
of the radio spectrum with frequencies between 30 GHz and 300 GHz is known as the

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 45
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

millimeter wave, since wavelengths range from 1-10 mm. Frequencies between 24
GHz and 100 GHz have been allocated to 5G in multiple regions worldwide.
 In addition to the millimeter wave, underutilized UHF frequencies between 300
MHz and 3 GHz and C-band frequencies between 3.7 and 3.98 GHz have also
been repurposed for 5G.
 The diversity of frequencies employed can be tailored to the unique application.
Higher frequencies are characterized by higher bandwidth and shorter range.
Millimeter wave frequencies are ideal for densely populated areas, but
ineffective for long distance communication.
 Within the various frequency bands dedicated to 5G, each carrier has begun to
carve out their own individual portions of the 5G spectrum.
3.1.4 MEC
Multi-Access Edge Computing (MEC) is an important element of 5G architecture.
MEC is an offshoot of cloud computing that brings applications from centralized data
centers to the network edge, closer to end users and their devices. This essentially
creates a shortcut in content delivery between the user and host, bypassing the
long-distance network path that once separated them. This technology is not
exclusive to 5G but is certainly integral to its efficiency.
 Characteristics of MEC include the low latency, high bandwidth, and real time
access to RAN information that distinguish 5G architecture from its
predecessors.
 5G networks based on the 3GPP 5G specifications are an ideal environment
for MEC deployment. These specifications define the enablers for edge
computing, allowing MEC and 5G to collaboratively route traffic.
 Distribution of computing power enables the high volume of connected
devices inherent to 5G deployment and the Internet of Things (IoT), in addition
to the latency and bandwidth benefits.
 Convergence of RAN and core networks will require operators to leverage new
approaches to network testing and validation.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 46
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

3.1.5 NFV and 5G

Network function virtualization (NFV) decouples software from hardware by
replacing various network functions such as firewalls, load balancers, and routers with
virtualized instances running as software. This eliminates the need to invest in many
expensive hardware elements and can also accelerate installation times, thereby
providing revenue generating services to the customer faster.
NFV enables the 5G ecosystem by virtualizing appliances within the 5G
network. This includes the network slicing technology that enables multiple virtual
networks to run simultaneously. NFV addresses other 5G challenges through
virtualized computing, storage, and network resources that are customized based on
the applications and customer segments.

3.1.6 5G RAN Architecture

The concept of NFV extends to the RAN through the network dis-aggregation
promoted by alliances such as O-RAN. Open RAN architecture eases the deployment
of new RAN features and technology to scale by encouraging open interfaces and
open-source development practices. This evolution increases flexibility and creates
new opportunities for competition.
The O-RAN ALLIANCE objective is to allow multi-vendor deployment with off-
the shelf hardware for improved inter-operability. Network dis-aggregation also allows
more components of the network to be virtualized, providing a means to scale and
improve user experience quickly as capacity grows. Virtualized RAN is essential for
controlling hardware and software costs in the rapidly expanding ecosystem of IoT
applications.

3.1.7 eCPRI
Network dis-aggregation with the functional split also brings other cost benefits,
particularly with the introduction of new interfaces such as eCPRI. RF interfaces are
not cost effective when testing large numbers of 5G carriers as the RF costs rapidly
multiply. The original CPRI interface developed for 4G was vendor specific in many
instances, which made it problematic for operators. eCPRI interfaces provide a more
efficient solution as fewer interfaces can be used to test multiple 5G carriers. eCPRI

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 47
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

has been designated as a standard interface for 5G O-RAN fronthaul elements such
as the DU.

3.2 Network Slicing

3.2.1 Introduction
A key ingredient for enabling the full potential of 5G architecture is network
slicing. This technology adds an extra dimension to the NFV domain by allowing
multiple logical networks to run simultaneously on top of a shared physical network
infrastructure. This capability supports 5G architecture by creating end-to-end virtual
networks that include both networking and storage functions.
 Operators can effectively manage diverse 5G use cases with differing
throughput, latency and availability demands by partitioning network resources
to multiple users or “tenants”.
 Network slicing becomes extremely useful for applications like the IoT where
the number of users may be extremely high, but the overall bandwidth demand
is low.
 5G verticals each have their own requirements, so network slicing is an
important design consideration for 5G network architecture.
 Operating costs, resource management, and flexibility of network
configurations can be optimized with the level of customization afforded by
network slicing.
 Expedited trials for potential new 5G services and quicker time-to-market are
also enabled by network slicing.

3.2.2 Beamforming

Another breakthrough technology integral to the success of 5G is beamforming.

Conventional base stations transmit signals in multiple directions without regard to the
position of targeted users or devices. Using multiple-input, multiple-output (MIMO)
arrays featuring dozens of small antennas combined in a single formation, signal

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 48
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

processing algorithms are used to determine the most efficient transmission path to
each user. Individual packets can be sent in multiple directions then choreographed
to reach the end user in a predetermined sequence.
With 5G data transmission occupying the millimeter wave, free space
propagation loss, proportional to the smaller antenna size, and diffraction loss,
inherent to higher frequencies and lack of wall penetration, are much greater. On the
other hand, the smaller antenna size also enables much larger arrays to occupy the
same physical space. With each of these smaller antennas potentially adjusting or
reassigning beam direction several times per millisecond, massive beamforming to
support the challenges of 5G bandwidth becomes more feasible. With a larger antenna
density in the same physical space, narrower beams can be achieved with massive
MIMO, providing high throughput and more effective user tracking.

3.2.3 5G Core Architecture

The 5G core network architecture is at the heart of the new 5G specification and
enables the increased throughput demand that 5G must support. The new 5G core,
as defined by 3GPP, utilizes cloud-aligned, service-based architecture (SBA) that
spans across all 5G functions and interactions including authentication, security,
session management and aggregation of traffic from end devices. The 5G core
emphasizes NFV with virtualized software functions deployed using the MEC
infrastructure that is central to 5G architectural principles.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 49
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

3.2.4 Differences from 4G Architecture

Changes at the core level are among the myriad of architectural changes that
accompany the shift from 4G to 5G, including the migration to millimeter wave,
massive MIMO, network slicing, and essentially every other element of the diverse 5G
ecosystem. The 4G Evolved Packet Core (EPC) is significantly different from the 5G
core, with the 5G core leveraging virtualization and cloud native software design at
unprecedented levels.
Among the other changes that differentiate the 5G core from its 4G predecessor
are user plane function (UPF) to decouple packet gateway control and user plane
functions, and access and mobility management function (AMF) to segregate session
management functions from connection and mobility management tasks.

3.2.5 5G Architecture Options

Bridging the gap between 4G and 5G requires incremental steps and a well-
orchestrated game plan. Emblematic of this shift is the gradual transition from non-
standalone mode to standalone mode 5G architecture options. The 5G non-
standalone standard was finalized in late 2017 and utilizes existing LTE RAN and core
networks as an anchor, with the addition of a 5G component carrier. Despite the
reliance on 4G architecture, non-standalone mode increases bandwidth by tapping
into millimeter wave frequencies.
5G standalone mode is essentially 5G deployment from the ground up with the
new core architecture and full deployment of all 5G hardware, features, and
functionality. As non-standalone mode gradually gives way to all new 5G mobile
network architecture deployments, careful planning and implementation will make this
transition seamless for the user base.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 50
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

3.2.6 Geographical Architecture Adoption

The infrastructure inherent to standalone 5G deployment requires a worldwide
step function in 5G integration for various geographical regions. Technology leading
regions such as North America, Asia, and Europe are ramping deployment quickly
while other nations around the globe follow closely behind. Nearly 200 live 5G
networks are already in service around the globe with the number of mobile 5G
connections projected to exceed 2 billion by 2025.
The proximity of neighboring countries and a proliferation of carriers have made
the rollout more challenging in Europe. Although adoption has lagged other regions,
the European Commission has initiated a policy known as the Digital Compass which
calls for 5G access in all populated areas by 2030.
Industrial nations such as China, Japan, and India are heavily invested in the
practical as well as the financial implications of the 5G conversion. New antenna,
infrastructure hardware, and software technologies create a bonanza for electronics
and software design and manufacturing industries around the world, with speedy
deployment being emphasized. The four largest telecom providers in India are rolling
out 5G services following an August 2022 spectrum auction, and China is expected to
have 3.64 million 5G base stations installed by 2025.
Security in 5G Architecture
5G implementation brings tremendous performance benefits and diversity of
applications through extensive use of cloud-based resources, virtualization, network
slicing, and other emerging technologies. With these changes come new security risks
and additional “attack surfaces” exposed within the 5G security architecture.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 51
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 5G security practices build upon past mobile technology generations, yet the
“trust model” has expanded with more players involved in the service delivery
process.
 The IoT and user propagation create an exponentially higher number of
endpoints with many of these traffic inputs no longer supervised by human
hands.
 Improved 5G security features detailed by the 3GPP standards include unified
authentication to decouple authentication from access points, and public key
based encryption schemes to reduce the risk of metadata exploits.
 Continual monitoring and assessment of security effectiveness are essential
as 5G critical performance nodes become increasingly virtualized.
 Best practices include end-to-end 5G network security monitoring
encompassing the system architecture, devices, and apps.
Undoubtedly, 5G is delivering the exponential speed enhancement users have come
to expect with each new generation of mobile networks, but speed is just the
beginning. The changes to industries ranging from personal transportation to
manufacturing and farming are so significant that many have dubbed 5G the
next Industrial Revolution. At the heart of this paradigm shift is the multi-faceted 5G
architecture, with MEC, NFV massive MIMO and a cloud-aligned, service-based core
architecture working in concert to deliver the new wave of services. 5G test solutions
designed to accommodate this architectural seed change will be the true enablers of
the forthcoming 5G transition.

3.3. NETWORK SLICING

Network Slicing allows the same physical network infrastructure to be
partitioned and made available as multiple logical or virtual network slices. Each of the
network slices would have its own performance (speed or latency) and quality of
service characteristics. A user-subscribed service such as Enhanced Mobile
Broadband will get mapped to the network slice. NFV provides infrastructure for
orchestration and automation of the life cycle management of network slices.

Traditional networks and their one-size-fits-all approach needs to be adapted

so that the expected large number of network deployment use cases, many different

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 52
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

subscriber types with diverse and sometimes contradictory requirements, and varying
application usage can be supported. So, instead of using a single monolithic network
serving multiple purposes, technology advancements such as Virtualization and SDN
allows us to build logical networks on top of a common and shared infrastructure
layer. These logical networks are then called Network Slices. he meaning of the term
Network Slice vary in the industry, but in general a Network Slice is a logical network
serving a defined business purpose or customer, consisting of all required network
resources configured together.

A Network Slice is realizing a complete network for any type of access and is an
enabler for providing services. The used physical or virtual infrastructure resources
may be dedicated to the Network Slice or shared with other Network Slices.
As the network slicing concept allows multiple logical networks to be created,
they can then be accommodated to realize a wanted network characteristic and
provide specific network capabilities to address a specific customer need. The
customer here is not directly the end-user, but a business entity that has requested
specific services from the network operator, e.g., an enterprise, another service
provider or the network operator itself. The Network Slices are orchestrated and
managed by management functions. The concept of network slicing and one definition
is summarized in Fig. 11.1.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 53
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Network Slice is a logical network serving a defined business purpose or customer,

consisting of all required network resources configured together.
• Complete network within a provider
• Enabler for services
• All access types
• Resources may be physical or virtual, dedicated or shared
•Independent/Isolated but may share resources
What is the benefit with network slicing?
The network slicing concept assumes virtualization and automated orchestration and
management, and the expectations is thatwhen these are used together they provide:
• Better customer experience by per customer adaptations and optimizations
• Shorter time-to-market and time-to-customer
• Simpler resource management
• Increased automation
• Flexibility and agility
• Reduced risks by separation of concerns.
Depending on the service type, e.g., eMBB, URLLC, mIoT, and customer
expectations, there may be different requirements to be addressed by a Network
Slice, for example:
– Traffic capacity requirements per geographical area
– Charging requirement
– Coverage area requirement
– Degree of isolation requirement
– End-to-end latency requirement
– Mobility requirement
– Overall user density requirement
– Priority requirement
– Service availability requirement
– Service reliability requirement
– Security requirement
– UE speed requirement.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 54
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

complete network slicing concept. However, of course, the existing means can also
be used within a Network Slice, to achieve a limited separation between resources.
An automated management process is important to realize the expectations from the
operators customers and to enable the possibly large number of Network Slices in an
operator s network. As to allow any type of Network Slices to be established and used
it was agreed to develop a generic framework for the Network Slice selection.
3.4 MULTI ACCESS EDGE COMPUTING(MEC)
Multi-Access Edge Computing (MEC) is an integral part of the 5G ecosystem.
MEC helps service providers to bring application oriented capabilities closer to the
users and support several latency sensitive use cases from the edge. The MEC
system brings networking and computing capabilities at the edge of the network to
optimize the performance for ultra-low latency and high bandwidth services. The initial
use cases of MEC were very specific to mobile networks and hence it was called as
Mobile Edge Computing (MEC). However, later on, the industry acknowledged the
general applicability of MEC for both wireless and wired networks and hence renamed
it to Multi-Access Edge Computing.
3.4.1 Need for MEC
Compute infrastructure for application services were existent in some form,
even in 4G and 3G networks. For example, video transcoding, WAN optimization,
Content Delivery Network (CDN) and transparent caching services were running
previously in the service providers core network in purpose built network equipment.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 55
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

However, with the growth in the number of mobile devices connecting to the network
and the explosion of data consumption, it is impossible to offer such application
services from a centralized location, without impacting the user experience. Hence, a
mobile edge computing infrastructure was conceptualized.
Some of the key drivers for MEC in 5G Network are:
 Growth in the number of mobile devices connecting to the network (with IOT, it
is expected to explode even further)
 Growth in the volume of data generated by the Over the Top (OTT) applications
such as social media, video streaming and online gaming.
 Need for distributing the infrastructure where the application services are
hosted in a service provider network, to improve the application performance
and the user experience
 Need for running application services in multiple locations to increase the
reliability of the services
 Need for virtualizing the application services and eliminate the dependencies
with purpose-built hardware to simplify the management and orchestration of
multivendor functions
 Dramatically reduce the network latency to support new use cases such as
Autonomous Cars, Virtual Reality, Augmented Reality and Robotic Surgeries

3.4.2 MEC Architecture

MEC architecture resembles NFV architecture. The MEC architecture consists of the
following functions:
* MEC Orchestrator
* MEC Platform
* MEC Platform Manager
* Virtualization Infrastructure
* MEC Application Services

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 56
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

3.4.2.1 MEC Orchestrator

MEC Orchestrator is a centralized function and has the complete view of the multi-
access edge systems including the topology, available resources in the virtualized
infrastructure, available applications and services running on the virtualized
infrastructure. MEC Orchestrator triggers the life cycle management of the
applications and services running on the virtualized infrastructure, including service
instantiation, service termination and service relocation. It also selects the right set of
resources for running the applications and services, to meet the latency requirements.

3.4.2.2 MEC Platform

MEC platform provides an environment where applications can discover,
advertise, consume and offer mobile edge services. It receives regular updates from
the MEC platform manager and the various applications or services running in the
virtualized infrastructure. Some of the updates received by the MEC Platform include
activation and deactivation of traffic rules and DNS records. For example, MEC
Platform would work with the data plane to establish the traffic path for the various
applications. MEC Platform uses the DNS record updates to con figure the DNS proxy

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 57
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

or server in the network. Thus, DNS records can be used to redirect traffic to a specific
application running on the MEC host.

3.4.2.3 MEC Platform Manager

MEC Platform manager provides the Fault, Con figuration, Accounting,
Performance and Security (FCAPS) management services. It periodically receives
fault and performance related reports from the Virtual Infrastructure manager and
notifies the MEC Orchestrator about the application and service specific events. MEC
Platform manager also manages the application and service specific rules and policies
for managing the traffic.
3.4.2.4 Virtualization Infrastructure
Virtualized infrastructure provides shared compute, storage and networking
resources for hosting MEC related applications or Virtual Network Functions (VNFs).
This infrastructure can also be shared with other non-MEC VNFs.
3.4.2.5 Virtualized Infrastructure Manager
Virtualized Infrastructure Manager manages the infrastructure resources
required for the various applications and services hosted on the MEC host. It partitions
the physical resources and make them available as multiple tenant spaces for hosting
the MEC applications and services.
3.4.2.6 MEC Applications & Services
The service provider can run their own network applications or services in the
MEC. The service provider can also run partner or customer applications on the MEC.
A MEC application can belong to one or more network slices that have been con
figured in the 5G core network.

3.5 MEC Deployment modes

MEC can be deployed in one of the four deployment modes, as given below:
 Breakout mode - The session connection is redirected to a MEC
application which is either hosted locally on the MEC platform or on a
remote server. Some examples of breakout applications are local Content
Deliver Network (CDN) caches (for ex., Akamai caches), gaming services

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 58
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

and media delivery services (for ex., Net Flix streaming). Normally, you
achieve this by de fining forwarding policies
 In-line mode - MEC is deployed transparently, in an in-line mode. The
session connection is maintained with the original server, while all the
traffic traverses and goes through the application running in the MEC.
Examples of in-line MEC applications are transparent content caching
and security applications.
 Tap mode - In Tap mode, data exchanged in a session is selectively
duplicated and forwarded to the tap MEC application. Some examples of
tap mode applications are virtual network probes, monitoring and security
applications.
 Independent mode - MEC application and services run independently,
but still the MEC application is registered in the MEC platform and will
receive other MEC services, such as DNS and radio network information
(for ex., radio bearer statistics). Steering the traffic to the MEC is achieved
by con figuring local DNS or MEC host data plane.

3.5.1 MEC Deployment scenarios in 5G Network

MEC can Flexibly be deployed in different locations of the 5G network, from near the
Base Station to the central Data Network. Irrespective of where the MEC is deployed,
the User Plane Function (UPF) has to steer the traf fic towards the MEC application
and back to the network. UPF is responsible for traf fic forwarding in a 5G network. 5G
architecture provides the Flexibility to deploy UPF instances at the network edge, as
well as at the network core, for improving performance and reducing latency. There
are 4 possible deployment scenarios for the MEC system in a 5G network.

The location in which the MEC is

deployed is dependent on a number of factors such as the infrastructure availability
(power, space and cooling), type of applications/services hosted in the MEC, network
latency and bandwidth requirements.
1. MEC and the User Plane Function (UPF) can be co located With the Base
Station.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 59
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

2. MEC co-located with a transmission node and possibly with a UPF

3. MEC and the UPF co-located with a network aggregation point
4. MEC co-located with the Core Network functions, in the same data centre

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 60
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Integrating MEC with 5G Networks 5G architecture provides a number of ways to

integrate MEC into the network.
 MEC Services and Applications can be mapped to the Application
Functions (AFs) to allow the consumption of services and information
exposed by the 5G network. For example, users mobility and location
related updates can be consumed by the MEC services.
 Supports local routing and traffic steering for selectively routing traffic to
the applications running in the local data network.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 61
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 Application Functions (AFs) can influence the selection of User Plane

Functions through the Policy Control Function (PCF) or via the Network
Exposure Function (NEF). Administrators can define the forwarding rules
and redirection policies in the PCF or define them via an API exposed by
the NEF. NEF consolidates the APIs across different functions and
provides a unified access to the 5G Core.
 MEC applications can connect to the Local Area Data Network (LADN)
in the 5G Core Network. LADN is a new concept introduced in 5G, to
provide localized services to users. For example, a video streaming
application can be hosted near the RAN in a stadium, accessible through
the LADN. Service providers can let users stream a replay of the last goal
made by the players, in a football match. Only the people who are
watching the sports in the stadium would be able to access those video
feeds.

Deploying MEC system in 5G networks, brings in some complexities related to

User Equipment (UE) and Application Mobility. For example, UEs such as
autonomous cars will be continuously in motion. A session maintained between the
UE and a MEC Application, running in a MEC host, may not provide the same level of
response times, when the UE moves away from the MEC host. In such situations, the
session has to be seamlessly moved to another MEC host or MEC application instance
which is closer to the UE.
If the application is stateful, it would require continuous synchronization of UE
session data or state information across the MEC application instances. If the
application is stateless, then there is no need for synchronizing the session data and
the session can be easily migrated to the MEC application instance that is running
closer to the UE.

3.5.2 MEC Use Cases

MEC supports multiple use cases enabling service providers to realize new
revenue streams. Some of the potential use cases for MEC in a 5G network are:

3.5.3 MEC for Enterprise services:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 62
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

By deploying an MEC system within the Enterprise, service providers can let
the Enterprise host some of its corporate applications locally, without having to
compromise on the security requirements. When the corporate users move out of the
Enterprise coverage zone, they will also lose access to the applications hosted on the
MEC system, unless they access those applications through a VPN connection.
Enterprises such as healthcare providers, government institutions and industries can
get bene fitted by the locally deployed MEC. Applications that require ultra-low
latencies such as live streaming broadcasts and robotic surgeries can be hosted in
the MEC system.

3.5.4 MEC for Internet of Things (IOT) services:

IOT is going to be one of the biggest beneficiaries of the MEC system in 5G
networks. IOT services require the service providers to host and run many applications
on the IOT edge. IOT Applications such as the ones used for data collection and
analysis has a need to gather large amounts of data locally near the source. MEC
system can provide the infrastructure for hosting such applications near the IOT edge.
IOT service monitoring applications can also be hosted in the MEC, for improving the
reliability of the IOT services provided by the service provider.

3.5.5 MEC for Third party services:

Traditionally, service providers were hosting third party applications such as video
optimization, WAN acceleration and CDN caches in the core of the network to improve
the user experience for their customers. However, due to the speed and latency
requirements of 5G networks, such services can no more be centrally deployed and
managed. Such third-party applications can be now hosted on the MEC systems near
the users. Opening up the service provider network for hosting third party application
services can also let the service provider to monetize their MEC infrastructure. For
example, a cloud service provider can partner with the telco service provider to host
their applications in the MEC system. Or, a video streaming solution provider can host
their application on the MEC system. This would enable the telco service provider to
get into a revenue sharing agreement with the OTT service provider.

3.5.6 Benefits of MEC

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 63
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

MEC provides the following bene fits:

 Support low latencies in a 5G network. Low latencies improve application
performance and user experiences, as applications are run in local compute
infrastructure
 Provides a platform for service providers to experiment with new customer
facing services, without disrupting their network architecture significantly.
 Helps service providers to increase their monetization opportunities by rolling
out new network services to customers, beyond the traditional connectivity
services
 Provides an environment for Over the Top (OTT) applications to leverage
wireless customer information to offer customized experience (for ex., services
based on customer location)
 Provides security for IOT services, by distributing the attack surface
 Improves reliability of application and network services, by offering a distributed
infrastructure for service failover
 Provides real time access to data locally, in an IOT environment
 Provides an environment for local policy management for enterprise customers
Reduces operational costs, by avoiding the need to build costly data centres)

3.6 Visualization of 5G Components

The third version of the 5G PPP architecture whitepaper, focused on the
underlying technology including service creation.
To this extend it covered the 5G System (5GS) as a whole and discussed end-
to-end (E2E) network slicing, service-based architecture, Software-Defined
Networking (SDN), Network Functions Virtualisation (NFV), Management &
orchestration, and E2E service operations & lifecycle management as the
fundamental pillars to support the 5G Key Performance Indicators (KPIs).
Given the new requirements coming from new stakeholders in the 5G
ecosystem that will be described, the recent advances in the softwarization of the
mobile network ecosystem as well as the recent releases of the relevant standards
for access, core, management and orchestration, we can draw architectural trends
that are captured in this version of the white paper. A further trend that is newly
introduced and that is quite intrinsic is the concept of Non-Public Networks (NPN).

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 64
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Sometimes called a private network, an NPN provides 5G network services to a

clearly defined user organisation or group of organisations and is deployed on the
organisation’s defined premises, such as a campus or a factory.
Owing to this architectural representation of the third version of the 5G PPP
architecture whitepaper, we integrated the trends that form novel architectural
aspects and which became very influential in the implementation of phase III projects
of the 5G PPP. The updated architecture is depicted in Figure 2-1 below, and
comprises three main areas: the verticals, the network, and the infrastructure. These
can be easily mapped to the stakeholders’ ecosystem.

The Service Domain for Verticals includes all architectural innovations that
help to include the business-related considerations to the offered services (among
others, e-health, robotics, or enhanced video streaming services). Here, the key role
is played by two innovations which have been considered in the recent 5G PPP
projects, namely: the service layer and the concept of NetApps. The service layer
provides a common interface towards the management and the operation of the
network, enabling the interaction between the service intelligence and the underlying
network. The concept of NetApps comprises all 5Gnetwork empowered applications
that build a network service, through the usage of network slices. Slices are then
used to provide such network services, and encompass different network functions
(including core and access functions), possibly orchestrated over different clouds.
The different functions are operated in the Network Domain, arranged in different
slices according to the KPIs that they have to provide.

Innovations in the Infrastructure domain are captured in the context of specific

fields such as the NPN or drone-based access. Architecture instantiations and
network architecture validation examples.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 65
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

The architecture shall natively support the quest for network automation that
is achieved through control loops and the usage of artificial intelligence algorithms
(the interested reader is referred to the AI/ML Whitepaper for more details).
Specifically, we identified two main loops: the first loop enabled by the service layer
that is leveraged by the service provider through the NetApps to steer the behaviour
of the network and the second loop that happens within the network domain, with
specific modules such as the network data analytics function (NWDAF) or the
Management Data Analytics Function (MDAF) designed for this purpose.
A list of network components and technologies supporting the cluster
architecture evolution is identified and split through several domains ,to support the
vertical’s use cases:
• Applications and use case experimentations, deploying and instantiation
of various services, including MEC servers, various APIs to signal
deployment on the edge, orchestrators for network slicing deployment
and various KPIs monitoring.
• Physical 5G infrastructure, hardware/PNFs and compute resources.
• Virtualized infrastructures, SDNs, VIM and platform monitoring tools
• Network slices and services resources orchestrators, inventories and
services catalogues, multi-site orchestrators and inventories, mobility
management and profiling, VNFs life cycle management

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 66
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

• Use case service design tools

• Monitoring and data analytics systems, data visualization, KPIs analysis
and data analytics outputs exposure to dashboards for further
visualization
• Evaluate applications KPIs focused on availability, reliability, mobility,
broadband connectivity, latency, coverage, QoS experimentation,
service optimization.

5G is the Software Based Architecture model targeting to serve “X as a

service” concept, where X can be infrastructure, software or platform, the network
slicing being applied in order to meet the customized specific combination of the
services and network functions components. The 5G system can be flexibly
extended and customized to serve the needs of the vertical industries, for overall
RAN architecture, extended MEC hosting infrastructures and NFVI overlay, data
plane network infrastructure and transport networks.
The multi-domain management involves interaction between E2E services
operations for all involved management domains , as the orchestration framework is
designed for a holistic approach in the 5G ecosystem, relying on the separation of
network services that support the developed applications and specific management
infrastructure slices. The architecture extension involved also the DevOps, the
integration of the development and operation of complex software systems and NFV
orchestration.
The DevOps approach affects the entire structure of the systems by
introducing multiple stages at the deployment time, pre-deployment time and
runtime.

3.7 End-to-End System Architecture

5G is certainly the loudest buzzword in the networking industry for the past few
years. Many carriers announced their 5G networks in 2019 but these 5G deployments
were mostly based on the 3GPP Release 15. The 3GPP Release 15 still missed out
many important 5G’s feature and service specifications such as the new 5G Core
(5GC), cell densification, and support of network latency down to 1ms that are planned
for the 3GPP Releases 16 and 17 to be standardized in 2020 and 2021 respectively.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 67
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Many of the 5G deployments announced in 2019 were deployed using the Non-
Standalone 3x Option with the legacy 4G’s Evolved Packet Core (EPC) as the mobile
core network to terminate 4G’s eNodeBs and 5G’s gNBs (i.e., Next Generation 5G
Radios). This kind of setup offers 1Gbps to 5Gbps downlink speed for the early 3GPP’s
5G enhanced Mobile Broadband (eMMB) service. The practical outdoor 5G downlink
speed for a UE (e.g., User Equipment such as a 5G Smartphone) is expected to be in
the range of 300Mbps vs. 10Mbps in 4G LTE now.
Note that when carriers advertise that their 5G networks have 10Gbps or more
throughput, they are referring to the peak data rate including control and management
traffic shared by 100s of UEs within a cell site.
3GPP Releases 16 and 17 will be standardized in late 2020 and 2021
respectively to support new 3GPP’s 5G services such as the:
 Enhanced Mobile Broadband (eMMB) supporting 10Gbps or more downlink
speed shared by UEs in a cell sector
 Ultra Reliable and Low Latency Communication (URLLC) supporting down
to 1ms network latency for advanced network applications such as real-time
robotic and autonomous driving
 Massive Machine Type Communications (mMTC) supporting millions of
millions of wireless IoT and other devices simultaneously etc…
 Vehicle to Anything Communication (C-V2X) allowing high-speed moving
vehicles to communicate with any servers and moving vehicles
We will start seeing these kinds of advanced 5G services to be offered by carriers from
early 2021.
This is a multi-part articles focusing on 5GC such as its architectural design, QoS
Flows and enforcement, and PDU (Packet Data Unit) session establishment and
modification for UEs to exchange mobile traffic with Data Networks such as the Internet
via gNB and 5GC etc… 5GC Wireshark traces will be used whenever applicable to
explain these topics.

3.7.1. Introduction to 5GC

The following shows the high-level architecture of a 5G System (5GS) described in the
3GPP TS 23.501 5G System Architecture specification:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 68
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

There are a lot of interesting architectural design and changes in the 5GC when
compare with the 4G’s Evolved Packet Core (EPC) such as:
 Control and User Plane Separation to allow Control and User Plane systems to
scale up and down independently. This has been adopted by the 3GPP
Release 14 in 2017 and has been the principle of many new network
architecture initiatives such as the Software Defined Network (SDN)
 Separation of Compute and Data to enable stateless Network Functions (NFs)
in the Control Plane for scalability and resilience. In 5GC’s control plane, all
NFs such as the UDM, SMF, PCF etc… do not keep their data inside their VMs
or Containers. Instead, all their data are stored “remotely” at the UDR (Unified
Data Repository) and the UDSF (Unstructured Data Storage Function) for
structured and unstructured 3GPP NF data storage respectively for stateless
NF operations. In other words, if a NF fails, the backup NF (stateless) can be
started up to retrieve the state and the data from the UDR and/or the UDSF to
continue the operations

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 69
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 Service Base Architecture (SBA) enables a scalable and extensible control

plane system by exposing each NF’s capabilities via HTTP/2 ReSTful APIs. NF
Service Producers and Consumers produce and consume the network services
respectively over the HTTP/2 transport to realize the control plane system.
Docker Containers, Kubernetes and microservices are usually employed in
implementing the NFs in the control planes to take advantages of the built-in
Scaling and resilience capabilities of Kubernetes
 5GC supports multiple access networks instead of just the 3GPP 5G NR-RAN
access network. For example, 5G AGF (5G Access Gateway Function) is
designed to terminate residential broadband access networks to 5GC to
achieve fixed and mobile network convergence
 Network Slicing offers end-to-end virtual network partitions for timely,
automated, and QoS ready virtual network setup and tear down in seconds or
minutes.
3.7.2. Bell Lab’s Future X Network architecture
Interestingly, the above 5GC’s architectural changes are also the principles of the
Universal Adaptive Core (UAC) of the Bell Lab’s Future X Network as shown below:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 70
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

AC offers the above 5 principles to ensure that network equipment architecture

and design following these principles to be open, scalable, resilience, flexible for
changes, and support multiple access networks (e.g., wireless and wireline network
convergence). UAC sits on top of SNF (Smart Network Fabric) in the Future X Network
architecture and SNF is designed to be the new cloud-native carrier networks for the
new carrier network transformation.
Cloud-native Network Functions (CNFs) are more than just running NFs such as
the SMF or the UPF virtual machines with KVM or VMWare hypervisors on x86 servers
in the cloud. It is about having containerized (e.g., Docker) NFs with the built-in
scalability, Continuous Integration / Continuous Deployment (CI/CD), and resilience
functions of Kubernetes to manage the life-cycle of the containerized NFs in the public
Cloud. This enables the 5GC NFs to be easily deployed on Cloud Service Providers
such as Microsoft’s Azure to support Container or Software as a Service (CaaS or
SaaS).
Below is a quick summary of the functions of some of the SBA’s control plane
Network Functions (NFs) that we are going to be covered in this article:
 AMF — Access and Mobility Management Function terminates the control plane of
different access networks onto the 5GC and control which UEs can access the 5GC
to exchange traffic with the DNs. It also manages the mobility of the UEs when they
roam from one gNB to another for session continuity, whenever possible
 SMF — Session Management Function keeps trace of PDU sessions and QoS Flows
in the 5GS for UEs and make sure their states and status are in sync among the
Network Functions in the Control and the User Planes. It also receives PCC (Policy
and Charging Control) Rules from the PCF (Policy Charging Function) and convert
PCC Rules into SDF Templates, QoS Profiles and QoS Rules for the UPF, gNB and
UE respectively for QoS Flows establishment, modification and release etc…
 UPF — User Plane Function forwards UE traffic between the access networks such
as the gNBs in the 5G-RAN and the DNs. It also enforces QoS on UE’s uplink and
downlink traffic in the 5GC using the SDF Templates sent by the SMF over the N4
PFCP (Packet Forwarding Control Packet) interface for the UEs
 UDM — Unified Data Management stores UE encryption key to decrypt and convert
UEs’ SUCI (Subscriber Concealed Identifier) to SUPI (Subscriber Permanent
Identifier). It also stores UEs’ subscription data

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 71
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 AUSF — Authentication Server Function offers services to the UDM for it to

authenticate UEs for accessing the 5GS
 gNB — 5G New Radio (NR) implements various advanced 5G RF technology such
as massive MIMO, beam forming, cell densification etc…

3.8 Service Continuity

In any telecom technology one of the key feature requirement is data session
and service continuity to ensure the uninterrupted service experience to the users
irrespective of any change of UE IP address or change in Core network anchor point.
In 4G, EPC provides the continuity of IP session by maintaining the P-GW and
UEs PDU session IP regardless of UE’s mobility.
In 5G system architecture, Session and Service Continuity (SSC) support
enables to address the various continuity requirements for different applications and
services for the UE. However, not all applications require guaranteed IP
session continuity even if service continuity is needed but 5G being more
flexibility and evolved, offers different types of session continuity depending on UE
or service type.

3.8.1 Key Pointer for SSC Modes

 5G technique allows the service provider to set a specific SSC mode for a
given PDU Session
 SSC Modes determines the flow of the packets across network in mobility
scenarios
 A PDU Session is configured to use a specific ‘Session and Service
Continuity’ (SSC) mode
 3GPP specification provided three different types of SSC modes
 UE can request a specific mode using the ‘SSC Mode‘ field within the NAS:
PDU Session Establishment Request
 The SMF specifics the allocated mode using the ‘Selected SSC Mode‘ field
within the NAS: PDU Session Establishment Accept

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 72
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 SSC Mode 1 & 2 can work for PDU Type as IP and Ethernet whereas SSC
Mode 3 can be only work with PDU session type as IP

3.8.2 Types of SSC Modes

5G System architecture provides three types of Session and Service Continuity
(SSC) modes to addresses various continuity requirements of different
applications/services. Once an SSC mode is associated with a PDU Session then it
does not change during the lifetime of the PDU Session. The 5G architecture allows
applications to influence the selection of SSC modes as needed for required data
service and shown in following figure.

 SSC Mode 1: With SSC mode 1, the 5G network preserves the connectivity
service provided to the UE. For the PDU session
Type as IPv4 or IPv6 or IPv4v6 type, the IP address is preserved. In this case the
User Plane function (UPF) acting as the PDU session anchor is maintained
(remains same) till the point UE release the PDU session.
 SSC Mode 2: With SSC mode 2, the 5G network may release the connectivity
provided to the UE, i.e. the PDU Session can be released. If the PDU Session is
being used to transfer IP packets, then the allocated IP address is also released.
An usecase for this is a network may release connectivity if there is a requirement
for load balancing at the anchor UPF. Here, the PDU Session may be moved onto
a different anchor UPF by releasing the existing PDU Session and subsequently
establishing a new PDU Session. It works on break and make framework i.e. PDU
session will be release from first serving UPF and then a new PDU session is
established at new UPF.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 73
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 SSC Mode 3: With SSC mode 3, the network preserves the connectivity provided
to the UE but there may be some impact during certain procedures. For example,
the IP address allocated to the UE will be updated if the Anchor UPF changes but
the change procedure will ensure that connectivity is preserved, i.e. connectivity
towards the new Anchor UPF is established before releasing the connection to
the old Anchor UPF. The 3GPP release 15 only supports Mode 3 for IP
based PDU Sessions.
3.8.3 Working of Session and Service Continuity Mode
How does Session and Service Continuity Mode Selection Works?
The SSC mode selection policy is used to determine the type of session and
service continuity mode associated with an application or group of applications for
the UE. A MNO may provision the policy rules for UE to determine the type of mode
associated with an application or a group of applications. There can be a default
policy that matches all applications on UE.
When a UE initiates a PDU session it determines the which SSC mode it has to
use for a particular application by checking SSC mode selection policy and included
it within PDU session establishment request as “SSC mode” IE. In 5G Core, the
SMF can receive the list of supported SSC modes and the default SSC
mode per DNN per S-NSSAI as part of the subscription information from the UDM.
The SMF select the SSC mode by checking against subscriber data and
local SMF configuration and allowed SSC mode.
Based on selection results, the SMF can either accepts or modifies or rejects
based on UE subscription or local configuration. If UE does not provide SSC, then
SMF selects default SSC depending on the data network in subscription or local
configuration.

3.8.4 Call Flow for SSC Mode Information:

 The SSC mode information is exchanged as part of NAS layer signaling as shown
below. The UE sends the PDU session establishment request including the PDU
session type and request SSC mode (Optional) toward the Core Network.
The Core network response the Selected SSC mode as part of PDU
session establishment accept.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 74
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

3.8.5 PDU Session Establishment Request

3.8.6 PDU Session Establishment Accept

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 75
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Service continuity mode for an application is determined by SSC mode selection

policy. The service provider may provision the policy rules for UE to determine the
type of mode associated with an application or a group of applications. There can be
a default policy that matches all applications on UE. An application does not decide
SSC mode when it initiates a session instead UE determines the SSC mode for the
application by checking SSC mode selection policy.
If UE provides SSC mode while requesting new PDU session creation, then
Session Management Function (SMF) in the network either accepts or modifies or
rejects based on UE subscription or local configuration. If UE does not provide SSC,
then SMF selects default SCC depending on the data network in subscription or local
configuration.

3.9 Relation to EPC and Edge Computing.

What is the difference between EPC, EPC+ and 5GC?
The core network is the most important domain in the mobile network starting
from 2G and 3G while the MSC and SGSN are the main functions there to EPC or
Evolved packet Core, then EPC+ in 4G network and finally 5GC or 5G Core in 5G
Network.
However, there are many differences between EPC, EPC+, and 5GC especially
in the features, upgrades and main interfaces as below

 EPC (Evolved Packet Core)

o Reference Point Interfaces, Sx interfaces.
o Proprietary protocol like Diameter,S1AP,eGTP for each interface.
o Possibility of deploying DECOR.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 76
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

o Some Nodes/NFs should be upgraded prior to 5G NSA Deployment.

 EPC+
o Reference Point Interfaces, Sx interfaces including Sxa, Sxb, and Sxc
depending on CUPS.
o Proprietary protocol like Diameter,S1AP,eGTP-C,eGTP-U for each
interface.
o Possibility of deploying DECOR.
o Some Nodes/NFs should be upgraded prior to 5G NSA Deployment.
 5GC (5G Core)
o Service-based interfaces for CP function group (Nsmf, Namf..etc) using
HTTP/2 based REST APIs.
o Reference point interfaces for UP NFs and their interconnections ( e.g.
N1, N2, N4, and N9) using proprietary interfaces such as EPC.

The core is the heart of a mobile network: Evolved Packet Core powers 4G LTE
networks, the 5G Core powers standalone 5G networks.
The Evolved Packet Core (EPC) converged voice and data by replacing circuit
switching with packet switching. That shed a foundational concept in
telecommunications: that point-to-point communications required an open circuit. The
convergence of voice and data as manageable digital information transformed mobile
communications. And 4G LTE has been a driver of global enterprise and consumer
telecom demand ever since.
The EPC was introduced by 3GPP in Release 8. The EPC comprises four core
elements. The core includes the Serving Gateway (SGW), the PDN Gateway (PGW),
the Mobility Management Entity (MME) and the Home Subscriber Server (HSS).
User equipment (UE) connects to the EPC through eNodeB base stations. The
SGW manages User Plane (UP) data, while the MME handles Control Plane (CP)
functions. The HSS manages User Equipment (UE) authentication. The PGW
connects the EPC to external IP networks.
“It was decided to have a ‘flat architecture’. The idea is to handle the payload
(the data traffic) efficiently from performance and costs perspective. Few network

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 77
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

nodes are involved in the handling of the traffic and protocol conversion is avoided,”
said the 3GPP.
5G Non-Standalone Architecture (NSA) pairs a 5G Radio Access Network (RAN) to
the EPC. Core network functions remain in the EPC.
5G’s Enhanced Mobile Broadband (eMBB) is the first practical exposure
enterprise and consumers have to 5G in most regions. And it’s the tip of the spear of
a new generation of 5G services. Those services only work with the transition to a
cloud-native core.
“This approach allowed new 5G services to be introduced quickly while maximizing
the reuse of existing 4G networks. However, this is also the reason why it’s impossible
to unlock 5G’s full potential using these networks to support the vast majority of critical
internet of things (IoT) and industrial automation use cases,” said Ericsson.
3.9.1 The transition to cloud-native
Enhanced broadband speeds and better reliability are hallmarks of 5G. But the
real meat of the new standard lies in other innovations. Ultra-reliable low latency
communications (URLLC), for example. Much greater UE density than ever before,
enabling massive machine-type communication (mMTC) and the Internet of Things.
Mobile edge computing (MEC) and network slicing, of course. Only the cloud-native
5G core makes and more this possible.
5G NSA gives carriers better operational flexibility to transition to 5G, and it’s
already attracting consumers in droves. 4G global network coverage continues to
expand in 2021, but 5G on a sharp rise, according to GSMA.
EPC will continue to serve as an engine for mobile telecommunications far into
the future. It’s the heart of 4G LTE networks. But the next transition for core network
functions comes with the standalone (SA) 5G Core (5GC). 3GPP Release 15 defined
the 5GC. The 5GC employs a cloud-native Service-Based Architecture (SBA).
Control and User Plane Separation (CUPS) which began in EPC continues in 5GC.
NFs communicate with each other via a Service-Based Interface (SBI). Each NF is
containerized and operates independently, and exposes its functionality to other NFs
through a SBI.
“The major difference with 5G Core (5GC) compared to EPC is that 5GC’s
control plane (CP) functions interact in a Service-Based Architecture (SBA),” said
Ericsson.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 78
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

The 5GC CP separates Access and Mobility Functions (AMF) and Session
Management Functions (SMF).
“Other changes include a separate Authentication Server (AUSF) and several
new functions, such as the Network Slice Selection Function (NSSF) and the Network
Exposure Function (NEF),” said Ericsson.
3.9.2 Cloud-native core
The cloud-native core of 5G enables more granular distribution of NFs. In a cloud-
native core, NFs operate as combinations of microservices, with some microservices
reused for multiple NFs. Microservices are Cloud Native Functions (CNFs), operating
in runtime environments called containers. CNFs can replace and work
alongside Virtual Network Functions (VNFs) in the same cloud.
Operating a 5GC telco cloud requires carriers to adopt a DevOps approach to
managing cloud-native core network operation. DevOps is a process of continuous
integration, development, deployment, testing, and monitoring central to cloud
computing. The DevOps lifecycle is a continuous state of flow. Each process is fluid,
happening continuously as part of an iterative, constant and repeating system.

3.10. 5G protocols: 5G NAS,NGAP, GTP-U, IPSec and GRE.

A protocol stack is defined e.g. in TS 23.501 for communications between several of
these NFs, and secondary ones, not presented in the figure above. Here, we highlight
some of the main ones:
Control plane: the UE-to-AMF and UE-to-SMF protocol stack
3.10.1 5G Protocol stacks
The protocol stack between the UE and the SMF, via the AMF, is shown in the next
figure

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 79
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Figure 3: Control Plane protocol stack between the UE, the 5G-AN, the AMF
and the SMF
NAS-SM: it supports the handling of Session Management between the UE and the
SMF. It supports user plane PDU Session Establishment, modification and release. It
is transferred via the AMF, and transparent to the AMF. It is defined in ‘Non-Access-
Stratum (NAS) protocol for 5G System (5GS); Stage 3’ (TS 24.501).
NAS-MM: it supports registration management functionality, connection management
functionality and user plane connection activation and deactivation. It is also
responsible of ciphering and integrity protection of NAS signalling. 5G NAS protocol is
defined in TS 24.501.
5G-AN Protocol layer: This set of protocols/layers depends on the 5G-AN. In the
case of NG-RAN, the radio protocol between the UE and the NG-RAN node (eNodeB
or gNodeB) is specified in the E-UTRA & E-UTRAN; ‘Overall description; Stage 2’ (TS
36.300) and the NR ‘Overall description; Stage-2’ in TS 38.300. In the case of non-
3GPP access, see clause 8.2.4.
NG Application Protocol (NG-AP): Application Layer Protocol between the 5G-AN
node and the AMF. NG-AP is defined in TS 38.413.
Stream Control Transmission Protocol (SCTP): This protocol guarantees delivery
of signalling messages between AMF and 5G-AN node (N2).
Note that there is also a direct communication between 5G-AN and SMF, called
N2 SM information: this is the subset of NG-AP information (not shown on the figure)
that the AMF transparently relays between the 5G-AN and the SMF, and is included
in the NG-AP messages and the N11 related messages.

User plane: the UE-to-AMF and UE-to-SMF protocol stack.

The following figure is extracted from TS 23.501.It illustrates the protocol stack
for the User plane transport related with a PDU Session.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 80
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Figure 4: User Plane Protocol Stack between the UE, the 5G-AN and the UPF
 PDU layer: This layer corresponds to the PDU carried between the UE and the
DN over the PDU Session. When the PDU Session Type is IPv4 or IPv6 or
IPv4v6, it corresponds to IPv4 packets or IPv6 packets or both of them; When
the PDU Session Type is Ethernet, it corresponds to Ethernet frames; etc.
 GPRS Tunnelling Protocol for the user plane (GTP U): This protocol
supports tunnelling user data over N3 (i.e. between the 5G-AN node and the
UPF) and N9 (i.e. between different UPFs of the 5GC) in the backbone network,
details see TS 29.281. GTP shall encapsulate all end user PDUs. It provides
encapsulation on a per PDU Session level. This layer carries also the marking
associated with a QoS Flow defined in clause 5.7. This protocol is also used on
N4 interface as defined in TS 29.244.
 5G-AN protocol stack: This set of protocols/layers depends on the AN. When
the 5G-AN is a 3GPP NG-RAN, these protocols/layers are defined in TS 38.401.
The radio protocol between the UE and the 5G-AN node (eNodeB or gNodeB)
is specified in TS 36.300 and TS 38.300. L2 is also called the "Data Link Layer"
and the L1 is the "Physical Layer".
 UDP/IP: These are the backbone network protocols.

3.10.2.NAS Non-access stratum (NAS)

Non-access stratum (NAS) is a functional layer in the NR, LTE, UMTS and GSM
wireless telecom protocol stacks between the core network and user equipment.[1]
This layer is used to manage the establishment of communication sessions and for
maintaining continuous communications with the user equipment as it moves. The

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 81
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

NAS is defined in contrast to the Access Stratum which is responsible for carrying
information over the wireless portion of the network. A further description of NAS is
that it is a protocol for messages passed between the User Equipment, also known as
mobiles, and Core Nodes (e.g. Mobile Switching Center, Serving GPRS Support
Node, or Mobility Management Entity) that is passed transparently through the radio
network. Examples of NAS messages include Update or Attach messages,
Authentication Messages, Service Requests and so forth. Once the User Equipment
(UE) establishes a radio connection, the UE uses the radio connection to
communicate with the core nodes to coordinate service. The distinction is that the
Access Stratum is for dialogue explicitly between the mobile equipment and the radio
network and the NAS is for dialogue between the mobile equipment and core network
nodes.

For LTE, the Technical Specification for NAS is 3GPP TS 24.301. For NR, the
Technical Specification for NAS is TS 24.501.

3.10.3. NGAP – NG Application Protocol

In the 5G SA, NG interface is designed to interconnect gNB and 5G Core which is
similar to S1 interface in 4G LTE connects eNB and EPC. Considering Control and
user plane separation specification has defined NG interface as NG-C and NG-U. NG-
C allows signaling between a gNB and an AMF and NG-U allows the transfer of
application data between a gNB and a UPF.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 82
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

In gNB split architecture, these NG interfaces connect the CU to the 5G

Core Network. NG-C connects the CU-CP to one or more AMF, where as NG-
U connects the CU-UP to one or more UPF. NG-C also called as N2 and NG-U called
as N3 as per Reference Point Architecture and NG-C use NGAP protocol and NG-
U use GTP-U protocol. In this post, we will discuss about NGAP Protocol.

NGAP Protocol Pointer:

 The protocol name NGAP is derived from the interface name NG with the
addition of Application Protocol
 NGAP supports all mechanisms requires to manage the procedures
between gNB and AMF
 NGAP also supports transparent transport for NAS procedures that are
executed between the UE and the AMF
 NGAP does not have any version negotiation, it support forward and
backwards compatibility of the protocol by a mechanism where all current and
future messages, and IEs or groups of related IEs, include ID
and criticality fields that are coded in a standard format that will not be changed
in the future
 NGAP is applicable both to 3GPP access and non-3GPP accesses integrated
with 5GC
 NGAP relies on a reliable transport mechanism and is designed to run on top
of SCTP
 The key difference between NGAP and S1AP is that S1AP was designed only
for 3GPP access (E-UTRAN) and not non-3GPP accesses
 NGAP is applicable to any access and defined in 3GPP TS
38.413 specification. Support for specific parameters related to non-3GPP
accesses have been added to the protocol when needed
 N2 interface between gNB and AMF performs management functions, for
example NG Setup, Reset, Error Indication, and Load Balancing
 NGAP supports Initial UE Context Setup functionality for establishment of an
initial UE context at gNB
 NGAP Provides the UE capability information to the AMF during UE capability
exchange

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 83
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 It also support PDU Session Setup, modification, and release for user
plane resources
 Paging over NGAP, providing the functionality to page UE within 5GC
 NGAP allows Trace of active UEs.
 UE location reporting and positioning protocol support.
 NGAP supports Warning message transmission for emergency services

Types of Services over NGAP

The signaling over NGAP provides following two types of services:

 Non UE-associated Service: These NGAP services are related to N2

interface instance between the gNB and AMF and used to establish the NGAP
signaling connection between gNB and AMF, handle some overload situations
and to exchange gNB and AMF configuration data
 UE-associated services: These NGAP services are related to a UE and
involves signaling related to procedures where a UE activity is involved, e.g. at
Registration, PDU Session Establishment, Deregistration etc.

Types of NGAP Procedures

An Elementary Procedure is a sequence of interaction between

the gNB and AMF and 3GPP specifications has defined two types of elementary
procedure.

 Request Response Procedure: In this types of procedures, the initiator gets

a response from the receiver of the request, indicating whether the request was
successfully handled or not or a failure response.
 No Response Procedures: These elementary procedures without does not
expect a response from the receiver. These messages are used, e.g., when
AMF wants to only deliver a downlink NAS message. There is no need for gNB
to provide a response in that case since error handling is handled on NAS level.

3.10.4. GTP for Mobile Networks

1. GTP is used in LTE networks to carry user data – from GSM/GPRS,
UMTS/3G, 4G/LTE and 5G:
GPRS Tunnelling Protocol User Plane (GTP-U): The GTP-U protocol is used over S1-
U, X2, S4, S5 and S8 interfaces of the Evolved Packet System (EPS). GTP-U Tunnels
are used to carry encapsulated T-PDUs and signalling messages between a given
pair of GTP-U Tunnel Endpoints. The Tunnel Endpoint ID (TEID) which is present in
the GTP header indicates which tunnel a particular T-PDU belongs to.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 84
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

The transport bearer is identified by the GTP-U TEID and the IP address (source
TEID, destination TEID, source IP address, destination IP address).
GTP is a fundamental workhorse of mobile user plane packet data.
GSM, UMTS, LTE & NR all have one protocol in common – GTP – The GPRS
Tunneling Protocol.
So why do every generation of mobile data networks from GSM/GPRS in 2000, to 5G
NR Standalone in 2020, rely on this one protocol for transporting user data

Why GTP?
GTP – the GPRS Tunnelling Protocol, is the protocol which encapsulates and
tunnels IP packets from the internet / packet data network, to and from the User.

Why encapsulate the packets? What if the Base Station had access to the
internet and routed the traffic to the users?
 If we were to do that, we would have to have large pools of IP addresses
available at each Base Station and when a user connected they’d be assigned
an IP Address and traffic for these users would be routed to the Base Station
which would forward it onto the user.
 This would work well until a user moves from one Base Station to another, when
they’d have to get a new IP Address allocated.
 TCP/IP was never designed to be mobile, as an IP address only exists in a
single location.
 Breaking out traffic directly from a base station would have other issues, such
as no easy way to enforce QoS or traffic policies, meter usage, etc.

1. How we solve IP’s lack of mobility?

GTP
spectrum and frequency

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 85
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

2. GTP Packets
When looking at a GTP packet of user data at first glance it seems not much is
involved.
Like in most tunneling / encapsulation protocols we have the original network / protocol
stack of IPv4 and UDP, and a payload of a GTP packet.
The packet itself is pretty simple, with flags denoting a items such as the version
number, the message type (T-PDU), the length of the GTP packet and the payload
(used for delineating the end of the payload), a sequence number an a Tunnel
Endpoint Identifier (TEID).
From a mobility standpoint, a feature of GTP is that it takes IP packets and puts
them into a stream with out-of-band signalling, this means we can change the
parameters of our GTP stream easily without touching the encapsulated IP Packet.
When a UE moves from one base station to another, all that has to happen is
the destination the GTP packets are sent to is changed from the old base station to
the new base station. This is signalled using GTP-C in GPRS/UMTS, GTPv2-C in LTE
and HTTP in 5G-SA.
Traffic to and from the UE are similar to above, the only difference would be the first
IPv4 address would be different, but the IPv4 address in the GTP tunnel would be the
same.

3.10.5. IPsec protocol

1. Overview
What does IPsec do?
IPsec provides the following security services for traffic at layer 3 (IP):
Data origin authentication—Identifying who sent the data
Confidentiality (encryption)—Ensuring that the data has not been read en
route
Connectionless integrity (authentication)—Ensuring the data has not been
changed enroute
Replay protection—Detecting packets received more than once to help
protect against denial of service attacks

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 86
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

The operation of IPsec is based upon negotiated connections between peer devices.
These connections are called Security Associations.
A Security Association (SA) is a one-way connection that provides security
services between IPsec peers. For example, SAs determine the security protocols and
the keys. An SA is uniquely identified by a combination of:
A random number called the Security Parameter Index (SPI)
An IP destination address
A security protocol header, either AH (Authentication Header) or ESP (IPsec
Encapsulating Security Payload)
You can choose IPsec in tunnel mode to implement site-to-site VPN. A site-to-
site VPN is used to connect two sites together, for example a branch office to a head
office, by providing a communication channel over the Internet. This saves a company
having to pay for expensive leased lines. Employees gain full access to all company
resources as if they were physically in the office connected to the corporate LAN.

Internet Protocol Security (IPsec) is a secure network protocol suite that

authenticates and encrypts the packets of data to provide secure encrypted
communication between peers over an Internet Protocol network. IPsec uses
cryptographic security services to protect communications over Internet Protocol (IP)
networks. It supports network-level peer authentication, data-origin authentication,
data integrity, data confidentiality (encryption), and replay protection.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 87
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

As an open standard as a part of the IP suite, IPsec uses the following protocols to
perform various functions.

IPsec Basic Concepts

1. Security Associations (SA)
Security Associations (SA) provides the bundle of algorithms and data that provide the
parameters necessary for AH and/or ESP operations. The Internet Security
Association and Key Management Protocol (ISAKMP) provides a framework for
authentication and key exchange, with actual authenticated keying material provided
either by manual configuration with pre-shared keys, Internet Key Exchange (IKE and
IKEv2), Internet Negotiation of Keys (KINK), or IPSECKEY DNS records.

2. Internet Key Exchange Protocol (IKE)

Internet Key Exchange (IKE) is the protocol used to set up a secure,
authenticated communications channel between two parties. IKE typically uses X.509
PKI certificates for authentication and the Diffie–Hellman key exchange protocol to set
up a shared session secret.
The IKE protocol uses UDP packets, usually on port 500, and generally requires
4–6 packets with 2–3 round trips to create an SA (security association) on both sides.
The negotiated key material is then given to the IPsec stack. For instance, this could
be an AES key, information identifying the IP endpoints and ports that are to be
protected, as well as what type of IPsec tunnel has been created. The IPsec stack, in
turn, intercepts the relevant IP packets if and where appropriate and performs
encryption/decryption as required.
3. Encryption and Authentication Algorithms
IPsec is a collection of cryptography-based services and security protocols that
protect communication between devices that send traffic through an untrusted
network.
a. Encryption Algorithms
Encryption algorithms protect the data so it cannot be read by a third-party while in
transit. Below are three main encryption algorithms.
1) DES (Data Encryption Standard) — Uses an encryption key that is 56 bits long.
This is the weakest of the three algorithms.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 88
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

2) 3DES (Triple-DES) — An encryption algorithm based on DES that uses DES to

encrypt the data three times.
3) AES (Advanced Encryption Standard) — The strongest encryption algorithm
available. AES encryption keys of lengths for 128, 192, or 256 bits.
b. Authentication Algorithms
Authentication algorithms verify the data integrity and authenticity of a message.
Below are three main authentication algorithms.
1) HMAC-MD5 (Hash Message Authentication Code — Message Digest Algorithm
5) MD5 produces a 128-bit (16 byte) message digest, which makes it faster than
SHA1 or SHA2.
2) HMAC-SHA1 (Hash Message Authentication Code — Secure Hash Algorithm 1)
SHA1 produces a 160-bit (20 byte) message digest. Although slower than MD5, this
larger digest size makes it stronger against brute force attacks.
3) HMAC-SHA2 (Hash Message Authentication Code — Secure Hash Algorithm 2)
There are three variants of SHA2 with different message digest lengths.
SHA2-256 — produces a 265-bit (32 byte) message digest
SHA2-384 — produces a 384-bit (48 byte) message digest
SHA2-512 — produces a 512-bit (64 byte) message digest
SHA2 is stronger than either SHA1 or MD5.
4. IPsec Security Protocols
4.1 Authentication Headers (AH)
AH protocol provides a mechanism for authentication only. AH provides data
integrity, data origin authentication, and an optional replay protection service. Data
integrity is ensured by using a message digest that is generated by an algorithm
such as HMAC-MD5 or HMAC-SHA. Data origin authentication is ensured by using a
shared secret key to create the message digest. Replay protection is provided by
using a sequence number field with the AH header. AH authenticates IP headers
and their payloads, with the exception of certain header fields that can be
legitimately changed in transit, such as the Time To Live (TTL) field.
Authentication Headers (AH) provides connectionless data integrity and data origin
authentication for IP datagrams and provides protection against replay attacks.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 89
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

4.2 Encapsulating Security Payloads (ESP)

ESP protocol provides data confidentiality (encryption) and authentication (data
integrity, data origin authentication, and replay protection). ESP can be used with
confidentiality only, authentication only, or both confidentiality and authentication.
When ESP provides authentication functions, it uses the same algorithms as AH, but
the coverage is different. AH-style authentication authenticates the entire IP packet,
including the outer IP header, while the ESP authentication mechanism
authenticates only the IP datagram portion of the IP packet.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 90
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

5.1 IPsec Operation Modes

5.1 Tunnel Mode
In tunnel mode, the entire IP packet is encrypted and authenticated. It is then
encapsulated into a new IP packet with a new IP header. Tunnel mode is used to
create virtual private networks for network-to-network communications (e.g. between
routers to link sites), host-to-network communications and host-to-host
communications. Tunnel mode supports NAT traversal.
5.2 Transport Mode
In transport mode, only the payload of the IP packet is usually encrypted or
authenticated. The routing is intact, since the IP header is neither modified nor
encrypted; however, when the authentication header is used, the IP addresses
cannot be modified by network address translation, as this always invalidates the
hash value. The transport and application layers are always secured by a hash, so
they cannot be modified in any way, for example by translating the port numbers.
NAT traversal is not supported with the transport mode.
MSS is higher, when compared to Tunnel mode, as no additional headers are
required.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 91
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

The transport mode is usually used when another tunneling protocol (such as GRE,
L2TP) is used to first encapsulate the IP data packet, then IPsec is used to protect
the GRE/L2TP tunnel packets.
5.3. How IPsec works
There are two phases to build an IPsec tunnel as IKE phase 1 and IKE phase 2.
5.3.1 IKE Phase 1
In IKE phase 1, first the IPsec peers are authenticated thus protecting the identities
of the peers. Then the Internet Key Exchange (IKE) Security Associations (SA)
policy is negotiated among the peers. This results in both the parties to have a
shared secret matching key that helps in the IKE phase two. Also, in this phase,
there is setting up of a secure tunnel through which the exchange of information for
phase two will occur.

This phase has two operating modes.

1）Main Mode
There are three exchanges among the initiator and the receiver. In first exchange,
algorithms and hashes are exchanged. The second exchange is responsible for
generations of shared secret keying using Diffie-Hellman exchange. The last

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 92
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

exchange is for the verification of the other side’s identity. All three of these
exchanges are bi-directional.

2）Aggressive Mode
There are fewer exchanges in this mode. All the required information is squeezed
making it faster to use. The only trouble is that information is shared before there is a
secure channel making this mode vulnerable.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 93
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

5.3.2 IKE Phase 2

This phase negotiates information for IPsec SA parameters through the IKE SA.
Here as well IPsec policies are shared and then establish IPsec SAs. There is only a
single mode (quick mode) in this phase. It exchanges nonce providing replay
protection. These nonces generate new shared secret key material. If the lifetime for
IPsec expires, it can renegotiate a new SA.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 94
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

2. 4. IPSec In Wlink 5G/4G Router

Each mode provides strong protection, but using a slightly different solution.
IPSec is broken into multiple protocols.
 Internet Key Exchange (IKE) protocol
 Authentication Header (AH) protocol
 Encapsulating Security Payload (ESP) protocol

5.10.6. GRE (Generic Routing Encapsulation)

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 95
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

What is GRE?
Generic Routing Encapsulation, or GRE, is a protocol for encapsulating data packets
that use one routing protocol inside the packets of another protocol. "Encapsulating"
means wrapping one data packet within another data packet, like putting a box inside
another box. GRE is one way to set up a direct point-to-point connection across a
network, for the purpose of simplifying connections between separate networks. It
works with a variety of network layer protocols.

Encapsulated packet - network-supported packet inside unsupported packet

GRE enables the usage of protocols that are not normally supported by a network,
because the packets are wrapped within other packets that do use supported
protocols. To understand how this works, think about the difference between a car and
a ferry. A car travels over roads on land, while a ferry travels over water. A car cannot
normally travel on water — however, a car can be loaded onto a ferry in order to do
so.

In this analogy, the type of terrain is like the network that supports certain routing
protocols, and the vehicles are like data packets. GRE is a way to load one type of
packet within another type of packet so that the first packet can cross a network it
could not normally cross, just as one type of vehicle (the car) is loaded onto another
type of vehicle (the ferry) to cross terrain that it otherwise could not.

For instance, suppose a company needs to set up a connection between the local
area networks (LANs) in their two different offices. Both LANs use the latest version
of the Internet Protocol, IPv6. But in order to get from one office network to another,
traffic must pass through a network managed by a third party — which is somewhat
outdated and only supports the older IPv4 protocol.

With GRE, the company could send traffic through this network by encapsulating IPv6
packets within IPv4 packets. Referring back to the analogy, the IPv6 packets are the
car, the IPv4 packets are the ferry, and the third-party network is the water.

What does GRE tunneling mean?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 96
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Encapsulating packets within other packets is called "tunneling." GRE tunnels

are usually configured between two routers, with each router acting like one end of the
tunnel. The routers are set up to send and receive GRE packets directly to each other.
Any routers in between those two routers will not open the encapsulated packets; they
only reference the headers surrounding the encapsulated packets in order to forward
them.
To understand why this is called "tunneling," we can change the analogy slightly.
If a car needs to pass from Point A on one side of a mountain to Point B on the other
side, the most efficient way is to simply go through the mountain. However, ordinary
cars are not capable of going straight through solid rock. As a result, the car has to
drive all the way around the mountain to get from Point A to Point B.

But imagine that a tunnel was created through the mountain. Now, the car can
drive straight from Point A to Point B, which is much faster, and which it could not do
without the tunnel.

Now, think of Point A as a networked device, Point B as another networked device,

the mountain as the network in between the two devices, and the car as the data
packets that need to go from Point A to Point B. Imagine this network does not support
the kind of data packets that the devices at Points A and B need to exchange. Like a
car trying to go through a mountain, the data packets cannot pass through and may
need to take a much longer way around via additional networks.

But GRE creates a virtual "tunnel" through the "mountain" network in order to allow
the data packets to pass through. Just as a tunnel creates a way for cars to go straight
through land, GRE (and other tunneling protocols) creates a way for data packets to
go through a network that does not support them.

What goes in a GRE header?

All data sent over a network is broken up into smaller pieces called packets, and all
packets have two parts: the payload and the header. The payload is the packet’s
actual contents, the data being sent. The header has information about where the

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 97
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

packet comes from and what group of packets it belongs to. Each network protocol
attaches a header to each packet.

GRE adds two headers to each packet: the GRE header, which is 4 bytes long, and
an IP header, which is 20 bytes long. The GRE header indicates the protocol type
used by the encapsulated packet. The IP header encapsulates the original packet's
header and payload. This means that a GRE packet usually has two IP headers: one
for the original packet, and one added by the GRE protocol. Only the routers at each
end of the GRE tunnel will reference the original, non-GRE IP header.

How does the use of GRE impact MTU and MSS requirements?
MTU and MSS are measurements that limit how large data packets traveling
over a network can be, just like a weight limit for automobiles crossing a bridge. MTU
measures the total size of a packet, including headers; MSS measures the payload
only. Packets that exceed MTU are fragmented, or broken up into smaller pieces, so
that they can fit through the network.

Like any protocol, using GRE adds a few bytes to the size of data packets. This
must be factored into the MSS and MTU settings for packets. If the MTU is 1,500 bytes
and the MSS is 1,460 bytes (to account for the size of the necessary IP and TCP
headers), the addition of GRE 24-byte headers will cause the packets to exceed the
MTU:

1,460 bytes [payload] + 20 bytes [TCP header] + 20 bytes [IP header] + 24 bytes [GRE
header + IP header] = 1,524 bytes

As a result, the packets will be fragmented. Fragmentation slows down packet

delivery times and increases how much compute power is used, because packets that
exceed the MTU must be broken down and then reassembled.

This can be avoided by reducing the MSS to accommodate the GRE headers.
If the MSS is set to 1,436 instead of 1,460, the GRE headers will be accounted for and
the packets will not exceed the MTU of 1,500:

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 98
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

1,436 bytes [payload] + 20 bytes [TCP header] + 20 bytes [IP header] + 24 bytes [GRE
header + IP header] = 1,500 bytes

While fragmentation is avoided, the result is that payloads are slightly smaller,
meaning it will take extra packets to deliver data. For instance, if the goal is to deliver
150,000 bytes of content (or about 150 kB), and if the MTU is set to 1,500 and no
other layer 3 protocols are used, compare how many packets are necessary when
GRE is used versus when it is not used:

Without GRE, MSS 1,460: 103 packets

With GRE, MSS 1,436: 105 packets
The extra two packets add milliseconds of delay to the data transfer. However,
the usage of GRE may allow these packets to take faster network paths than they
could otherwise take, which can make up for the lost time.

Part-A
1. What are the benefits of MEC? (Any Four)

MEC provides the following bene fits:

 Support low latencies in a 5G network. Low latencies improve application
performance and user experiences, as applications are run in local compute
infrastructure
 Provides a platform for service providers to experiment with new customer
facing services, without disrupting their network architecture significantly.
 Helps service providers to increase their monetization opportunities by rolling
out new network services to customers, beyond the traditional connectivity
services

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 99
CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 Provides an environment for Over the Top (OTT) applications to leverage

wireless customer information to offer customized experience (for ex., services
based on customer location)
 Provides security for IOT services, by distributing the attack surface
 Improves reliability of application and network services, by offering a distributed
infrastructure for service failover
 Provides real time access to data locally, in an IOT environment
 Provides an environment for local policy management for enterprise customers
Reduces operational costs, by avoiding the need to build costly data centres)

2. How does the network slicing is offered in 5G networks?

A key ingredient for enabling the full potential of 5G architecture is network
slicing. This technology adds an extra dimension to the NFV domain by allowing
multiple logical networks to run simultaneously on top of a shared physical network
infrastructure. This capability supports 5G architecture by creating end-to-end virtual
networks that include both networking and storage functions.

3. What is beam forming in 5G network?

Conventional base stations transmit signals in multiple directions without regard
to the position of targeted users or devices. Using multiple-input, multiple-output
(MIMO) arrays featuring dozens of small antennas combined in a single formation,
signal processing algorithms are used to determine the most efficient transmission
path to each user. Individual packets can be sent in multiple directions then
choreographed to reach the end user in a predetermined sequence.
With 5G data transmission occupying the millimeter wave, free space propagation
loss, proportional to the smaller antenna size, and diffraction loss, inherent to higher
frequencies and lack of wall penetration, are much greater.

4. What are the functions of MEC architecture?

MEC architecture resembles NFV architecture. The MEC architecture consists of the
following functions:
* MEC Orchestrator
* MEC Platform
* MEC Platform Manager
* Virtualization Infrastructure
* MEC Application Services

5. What is meant by Service session continuity in 5G?

In 5G system architecture, Session and Service Continuity (SSC) support
enables to address the various continuity requirements for different applications and
services for the UE. However, not all applications require guaranteed IP
session continuity even if service continuity is needed but 5G being more
flexibility and evolved, offers different types of session continuity depending on UE
or service type.

6. How does the beam forming is occurred in 5G?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 100

CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

Another breakthrough technology integral to the success of 5G is beamforming.

Conventional base stations transmit signals in multiple directions without regard to the
position of targeted users or devices. Using multiple-input, multiple-output (MIMO)
arrays featuring dozens of small antennas combined in a single formation, signal
processing algorithms are used to determine the most efficient transmission path to
each user. Individual packets can be sent in multiple directions then choreographed
to reach the end user in a predetermined sequence.

7. In 5G networks, what does GTP stand for? What is the need for GTP?

GTP is used in LTE networks to carry user data – from GSM/GPRS, UMTS/3G,
4G/LTE and 5G:
GPRS Tunnelling Protocol User Plane (GTP-U): The GTP-U protocol is used over S1-
U, X2, S4, S5 and S8 interfaces of the Evolved Packet System (EPS). GTP-U Tunnels
are used to carry encapsulated T-PDUs and signalling messages between a given
pair of GTP-U Tunnel Endpoints. The Tunnel Endpoint ID (TEID) which is present in
the GTP header indicates which tunnel a particular T-PDU belongs to.
The transport bearer is identified by the GTP-U TEID and the IP address (source
TEID, destination TEID, source IP address, destination IP address).
GTP is a fundamental workhorse of mobile user plane packet data.
Why GTP?
GTP – the GPRS Tunnelling Protocol, is the protocol which encapsulates and
tunnels IP packets from the internet / packet data network, to and from the User.

8. How we solve IP’s lack of mobility?

GTP addressed the mobility issue by having a single fixed point the IP Address
is assigned to (in GSM/GRPS/UMTS this is the Gateway GPRS Support Node, in LTE
this is the P-GW and in 5G-SA this is the UPF), which encapsulates IP traffic to/from
a mobile user into GTP Packet.
In some ways GTP is like GRE or any of the other common encapsulation
protocols, wrapping up the IP packets into a GTP packet which we can rerouted to
different Base Stations as the users move from being served by one Base Station to
another.
This ease-of-redirecting / rerouting of user traffic is why GTP is used for NR
(5G), LTE (4G), UMTS (3G) & GPRS (2.5G) architectures.

9. Write short notes on spectrum and frequency of 5G networks.

Multiple frequency ranges are now being dedicated to 5G new radio (NR). The portion
of the radio spectrum with frequencies between 30 GHz and 300 GHz is known as the
millimeter wave, since wavelengths range from 1-10 mm. Frequencies between 24
GHz and 100 GHz have been allocated to 5G in multiple regions worldwide.
 In addition to the millimeter wave, underutilized UHF frequencies between 300
MHz and 3 GHz and C-band frequencies between 3.7 and 3.98 GHz have also
been repurposed for 5G.
 The diversity of frequencies employed can be tailored to the unique application.
Higher frequencies are characterized by higher bandwidth and shorter range.
Millimeter wave frequencies are ideal for densely populated areas, but
ineffective for long distance communication.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 101

CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

 Within the various frequency bands dedicated to 5G, each carrier has begun to
carve out their own individual portions of the 5G spectrum.

10. Why encapsulates the packets? What if the Base Station had access to the
internet and routed the traffic to the users?
 If we were to do that, we would have to have large pools of IP addresses
available at each Base Station and when a user connected they’d be assigned
an IP Address and traffic for these users would be routed to the Base Station
which would forward it onto the user.
 This would work well until a user moves from one Base Station to another, when
they’d have to get a new IP Address allocated.
 TCP/IP was never designed to be mobile, as an IP address only exists in a
single location.
Breaking out traffic directly from a base station would have other issues, such
as no easy way to enforce QoS or traffic policies, meter usage, etc

Part-B
1. Explore the 5G architecture and core in detail, discussing its intricacies.
2. Elaborate on the concept of network slicing in 5G networks.
3. Analyze the concept of Multi-Access Edge Computing (MEC) and provide an
explanation?
3. Describe the visualization of 5G components, emphasizing their interconnections
and functions?
4. Articulate the end-to-end system architecture concept of 5G networks, emphasizing
its key components and their interactions?
5. Elucidate the concepts of session and service continuity in 5G networks,
emphasizing their significance and operational mechanisms?
6. Clarify the relationship between Evolved Packet Core (EPC) and edge computing,
highlighting their interconnected roles and functionalities?
7.Explain in details about 5G protocols: 5G NAS,
8. Elucidate the 5G protocols, with a specific focus on 5G NGAP, highlighting its
functionalities and its integral role within the broader 5G network architecture?
9. Explain the GTP-U protocol in 5G, detailing its functionalities and its significance
within the broader 5G network architecture?
8. Explain the IPSec protocol in 5G, delineating its functionalities and emphasizing its
importance within the broader 5G network architecture?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 102

CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-III Network Architecture and the Processes

10. Discuss about the GRE protocol in 5G, detailing its functionalities and emphasizing
its role within the broader 5G network architecture?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 103

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

UNIT IV
DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES
Syllabus
Mobility management, Command and control, spectrum sharing and spectrum
trading, cognitive radio based on 5G, millimeter waves.

4.1 Mobility management

The mobile station attempts to find a suitable cell by passing through the list in
descending order of received signal strength, the first BCCH channel, which satisfies
a set of requirements it has selected.

1. Cell Selection Criteria

The requirements that a cell must satisfy before a mobile station can receive service
from it are −

 It should be a cell of the selected PLMN. The mobile station checks whether the
cell is part of the selected PLMN.
 It should not be "barred". The PLMN operator may decide not to allow mobile
stations to access certain cells. These cells may, for example only be used for
handover traffic. Barred cell information is broadcast on the BCCH to instruct
mobile stations not to access these cells.
 The radio path loss between the mobile station and the selected BTS must be
above a threshold set by the PLMN operator.
 If no suitable cell is found then the MS enters a "limited service" state in which
it can only make emergency calls.

2. Call to an Active Mobile Station

As an active mobile station (MS) moves in the coverage area of a public land mobile
network (PLMN), it reports its movements so that it can be located as needed, using
the update procedure locations. When a mobile services switching center (MSC) in
the network needs to establish a call to a mobile station operating in its flow area,
following things occur −
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 104

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

 A page message its broadcast which contains the identification code of the MS.
Not every Base Station Controller (BSC) in the network is requested to transmit
the page message. The broadcast is limited to a cluster of radio cells that
together form a location area. The last reported position of the MS identifies the
location area to be used for the broadcast.
 The MS monitors the page message transmitted by the radio cell in which it is
located and, on detecting its own identification code, responds by transmitting
a page response message to the Base Transceiver Station (BTS).
 Communication is then established between the MSC and the MS via BTS that
received the page response message.

3. Location Update

Case 1 − Location never updates.

If location never updates the implementation for location update, cost becomes zero.
But we have to page every cell for locating the MS and this procedure will not be cost
effective.

Case 2 − Location update is implemented.

Location updates are taking place as per the requirements of the network, may
be time or movement or distance based. This procedure involves high cost, but we
have to page single cell or few cells only for locating the MS and this procedure will
be cost effective.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 105

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

Radio spectrum is a prime factor in driving the growth of mobile services. The success
of 5G network is based on the unconstrained availability of spectrum. About 1200 MHz
of spectrum in the frequency bands below 5 GHz has been identified for IMT services
during World Administrative Radio Conference (WARC)-92, World Radio
communication Conference (WRC)-2000 and WRC-2007. These frequency bands are
450–470 MHz, 698–960 MHz, 1710–2025 MHz, 2110–2200 MHz, 2300–2400 MHz,
2500–2690 MHz, and 3400–3600 MHz.
The identified spectrum is noncontiguous and scattered in different frequency
bands from 450 MHz to 3.4 GHz. However, the actual allocation is ranging between
the frequency band 700 MHz and 2.6 GHz. The irony is that these identified frequency
bands have already been allocated to legacy services long back. Therefore, no vacant
spectrum is available especially below 6 GHz at present for mobile communications.
The options available to enhance the spectrum availability for 5G communications are
spectrum re-farming, spectrum sharing and use of cognitive radio technology.
Moreover, this identified 1200 MHz noncontiguous spectrum could not hold the
pressure of high mobile data growth, demand for convergence of different varieties of
services and speed as envisaged in 5G network.
Assigning a new radio spectrum is crucial to meet the expected demands for
future 5G networks. This is possible by exploiting higher microwave frequencies,
referred as millimeter (mm-wave) bands. Therefore, mm-frequency band is the
obvious and the most preferred band for 5G network. The 5G network envisages as a
combination of several micro, pico and femto cells embedded within a macro cell.
According to physical law, coverage decreases with increasing frequency. The mm-
waves can be divided into different categories, the first one ranging between 20 and
40 GHz frequency bands for micro sites and the other one is around 60 GHz frequency
band for pico and femto cell sites. With the increase in the number of wireless devices,
the number of wireless connections and high data rate networks rises. This leads to
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 106

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

the two important factors spectrum demand and spectrum congestion, turning out to
be the two critical challenges for the forthcoming wireless communication world.
Simultaneously the user’s requirements such as high multimedia data rate
transmission based on the bandwidth demanding applications will make the future
wireless networks to suffer from the spectrum scarcity.

4.2 Command and Control Method

The conventional method for allocating spectrum is known as “Command and
Control Method” shown in the Figure 4.1. There are some countries following this
technique of spectrum allocation. In this method radio spectrum is divided into different
spectrum bands that are allowed to specific radio communication services such as
satellite services, mobile, broadcast on an exclusive basis. This method guarantees
that the radio frequency spectrum will be exclusively licensed to an authorized user
and can use spectrum without any interference.

This method of spectrum allocation is not efficient because :

• Spectrum assigned to a particular radio communication service cannot be replaced
by other services even though it is witnessed that spectrum is underutilized.
• There is no possibility of questioning the user once the spectrum is allocated to him
(during the licensing period) as per the norms, provided he fulfills the terms and
conditions.

• This method does not make spectrum to be utilized efficiently in rural areas as the
spectrum utilization is heavy in the urban regions and underutilized in the rural areas.
It is sad to see the spectrum underutilized and not accessible to all. It is difficult for
some nations to provide 4G services itself. There is a need for taking serious steps in
handling spectrum issues by implementing sophisticated technologies for the
development of nation. In these cases the techniques like spectrum trading would

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 107

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

be a successful solution. This will only lead to the development of 5G communications

in these types of countries.

4.3 Spectrum Sharing

The demand for multimedia content and information processing, services such
as e-education and e-health, mobile broadcasting, enormous increase in the electronic
gadgets necessitate efficient use of all available and usable frequency spectrum. The
new generation of mobile broadband networks will require supporting higher data
throughput rates. Many sophisticated technologies have been implemented for making
the efficient use of available spectrum. For example, line-of-sight (LOS) systems are
usable up to 100 GHz now. Running down the size of electronic components and
systems introduces the multiple frequency bands in single equipment leading to the
efficient use of available spectrum by the enhanced dynamic sharing of frequency
bands. Spectrum management should be in such a way that there should be always
optimum spectral sharing. Greater sharing of frequencies and bands allows more data
to be sent by different users in the same amount of available spectrum. Spectrum
sharing has basically three dimensions: frequency, time and location.
The Collective Use of Spectrum (CUS) allows spectrum to be used by more
than one user simultaneously without requiring a license. Some of the examples that
come under spectrum sharing are frequency reuse concept in the existing telecom
networks, FDMA, TDMA. Another important challenge is the sharing of spectrum
among the heterogeneous networks. While it is easier to achieve efficient and
successful spectrum sharing among the homogeneous or similar networks or
applications, there arises complexity in heterogeneous networks .
The spectrum sharing methods are classified into three categories based on
based on the priority level of accessing the radio spectrum as follows :
a. Horizontal spectrum sharing: all the devices have equal rights to access the
spectrum.
b. Vertical spectrum handover only: the primary users are allotted priorities to access
the spectrum.
c. Hierarchical spectrum sharing: it is an enhanced variant of the vertical spectrum
sharing.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 108

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

4.3.1 Spectrum Using SDR and Cognitive Radio – Dynamic Sharing

Evolution of software defined radio (SDR) and cognitive radio (CR) are the two
major milestones in the mobile communications. Dynamic sharing of spectrum
improves the spectrum efficiency and the above mentioned technologies play a vital
role in this aspect. Conventionally, transmitters were tuned to specific frequencies,
and facilities for multiple frequencies would cost high. But after the development of
these technologies, tuning the transmitters to the multiple frequencies has become
easier, i.e., switching to the different frequencies in a dynamic way would be possible
at a reasonable cost. Cognitive radio first detects the occupation of the channel, and
if it is occupied, it helps the users to switch to the other vacant channels. Also the
carrier signals are sensed regularly for usage in other. There is always a need of large
amount of spectrum in case of emergency or public safety conditions compared to that
of normal conditions. In these emergency cases, dynamic sharing of spectrum would
be a promising solution. In some countries spectrum regulators are used for the
encouraging dynamic sharing spectrum with public safety requirements. It is to be
noted that CR is a combination of administrative (regulatory), technical, and market
based techniques to enhance the efficiency of spectrum utilization . Another area of
utility for dynamic sharing is White Spaces (TV Band). Normally, the TV broadcasters
repeat the same channel/carrier at relatively longer distances, to avoid any
interference especially at the border/edger of the coverage areas that are on the
border of two adjacent broadcast transmissions on same channel. However, there are
very few receivers in this area, and the spectrum utility is not effective and could be
utilized for other purposes.
The broadcasters are generally quite protective for their signal transmissions, even in
areas beyond the theoretical coverage areas. Hence, only low power systems that
cause minimal interference can be considered for shared usage with the TV spectrum.
However, gradually with time building collective confidence amongst the users that
includes the broadcasters, higher power based systems could be considered .

4.4 Spectrum Trading

Spectrum trading is a case of spectrum sharing with the involvement of
commercial activities. Spectrum trading is found to be a more economical way of
efficient use of spectrum. It is an option through which flexibility can be increased and
spectrum assigned to a particular service, and can be easily transferred for other
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 109

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

usage. To explain it in brief, spectrum trading is a market based mechanism where

buyers and the sellers determine the assignments of spectrum and its uses in which
seller transfers the right of spectrum usage, in full or part, to buyer while retaining the
ownership. In many countries spectrum trading is already running and the trading
procedure is confined to specific bands, which are in demand for commercial use with
specified conditions. Spectrum trading improves the efficiency and facilitates new
services to enter in the market by making slight modification in the regulatory
provisions . The difference between spectrum sharing and spectrum trading can be
explained as follows: In spectrum trading the usage rights are transferred completely
from the seller for a specified period. However, in spectrum sharing buyer gets a
temporary right of spectrum usage with the exclusive rights resting with the seller.
Trading becomes effective only when it is clubbed with liberalization. Spectrum trading
can be implemented if there is solid base in understanding advanced technologies and
operating systems as the spectrum flexibility demands new approaches and practical
methods for monitoring compliance, enforcement and conflict resolution .

4.4.1 Spectrum Trading Merits

The merits of spectrum trading are as follows :
• Improves efficient spectrum usage
• Facilitates the evaluation of spectrum licenses, and gaining knowledge of market
value of spectrum
• Quicker process, with better and faster decision-making by those with information
• Removes barriers to entry by allowing small operators and start-ups to acquire
spectrum rights of use more readily, thereby facilitating the development of market
competition
• There is an opportunity for more rapid redeployment and faster access for spectrum
• Encourages new technologies to gain access to spectrum more quickly
• Existing operators gain an opportunity to sell unused or under-used spectrum and
make more flexible use of spectrum
• Reduction in the transactions costs of acquiring rights to use spectrum
• Allows operators increased flexibility to accommodate shifting demand driven by
market changes.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 110

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

4.5 Cognitive Radio

IEEE approved definition of cognitive radio (CR) is a radio in which
communication systems are aware of their environment and internal state, and can
make decisions about their radio operation based on that information and predefined
objectives. The environmental information may not include location information related
to communication systems. Cognitive radio is a very good solution for increasing the
spectrum utilization.
Cognitive radios should be able to self-organize their communication based on
sensing and reconfigurable functions as stated below:
• Spectrum resource management: this scheme is necessary to manage and organize
efficiently spectrum holes information among cognitive radios.
• Security management: cognitive radio networks (CRNs) are heterogeneous
networks in essence and this heterogeneous property introduces a lot of security
issues. So this scheme helps in providing security functions in dynamic environment.
• Mobility and connection management: this scheme can help neighbourhood
discovery, detect available Internet access, and support vertical handoffs, which help
cognitive radios to select route and networks.

4.5.1 CR Device Concept

This section explains the features of CR whose implementation in a single device
offers a very smart and high performance user terminal – CR terminal.
The Figure 4.2 shows the CR properties.
Spectrum sensing Spectrum sensing operation can be divided into the three
step functions:
1. Signal Detection: In this step of operation existence of the signal is sensed.
There is no need to know the type of signal in this step.
2. Signal Classification: In this step of operation the type of signal is detected,
which is done by extracting the features of the signal.
3. Channel availability decision: In this channel availability is detected. Once
the free channels are detected, the step next to it is, sharing the spectrum holes
which can be achieved by the spectrum allocation scheme.

The CR technology also brings new security and pricing challenges which are
shown in the Figure 4.2.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 111

CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

 New security threats appear with the dynamic spectrum access concept, as well
as the CR’s authentication needs.
 The pricing is very much influenced by the used channel allocation scheme.
Additionally, CRs must be designed with strong capabilities to negotiate the
available channels’ price.
 Spectrum handover The phenomenon of frequency changing dynamically is
said to be spectrum handover. A secondary user changes its frequency on
appearance of a primary user or due to transmission degradation. This
necessitates designing a handover scheme
 Environment adaptation Different changes like topological changes, noise or
interference power may occur while sensing the information. In order to adapt
to these changes and to maintain the constant performance new adaptation
techniques have to be implemented which is an important point of concern .

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 112

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

Figure 4.2 Concept of CR Device .

CR routing CR routing is based on the requirement for CR device to interoperate
with different systems, and is influenced by the spectrum sharing techniques . CRNs
inherit the PSs (Primary Systems) network characteristics: infrastructure - based,
mesh, ad-hoc, sensor networks, etc. and these architecture types impose a specific
routing algorithm, which must also include the CR devices and the possibility for a CR
to be a relay node for another CR.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 113

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

4.5.2 CR based on 5G
As already stated earlier CR technology would be a major modality to build the
integrated 5G network. The various functionalities for 5G that could be met with CR
usage are as follows :
• Advanced PHY and MAC technologies.
• Implementation of novel and flexible protocols.
• Capacity to support homogenous and heterogeneous systems.
• Adaptation to different changes like environment changes, dynamic frequency
changes, etc.
Correlation between WISDOM and CR in reference to 5G could be given as: “5G
brings the convergence concept through WISDOM and CR represents the
technological tool to implement it.” The 5G technology eliminates the radio terminals
that are specific to particular wireless technologies and proposes a universal terminal
which must include all of the predecessor features in a single device. This terminal
convergence is supported by the users’ needs and demands and is strongly found in
CR terminal .

4.6 Milli metre Waves

Most of the radio communications including TV, satellite communications GPS,
Bluetooth are utilizing frequency band ranging from 300 MHz to 3 GHz. But this band
is getting crowded and the focus is on releasing and utilizing the additional spectrum.
In mm-waves are the promising solution for this problem. The spectrum bands
identified under the IMT umbrella do not have the capacity to carry such enormous
data required for 5G services. Therefore, mm-waves could be the candidate bands for
5G mobile communications due to high data carrying capacity.
The mm-waves have the following advantages
(a) Not much operation at mm-waves so more spectrum is available at
mmwaves
(b) Very large blocks of contiguous spectrum to support future
applications.
(c) Due to high attenuation in free space, frequency reuse is possible at
shorter distance
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 114

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

(d) Spatial resolution is better at mm-waves hardware with CMOS

technology
(e) Advancement in semiconductor technology allows low cost equipment
(f) Small wavelength makes possible use of large antenna arrays for
adaptive beam forming
(g) Small size of antenna at mm-waves facilitates easy integration on chip
and installation at suitable locations.

In mm-waves allow larger bandwidth and offer high data transfer and low latency
rate that are suitable for high speed reliable Internet services. The small wavelength
facilitates small size antenna and other part of radio hardware, which reduces costs
and also easy to install. The transmitter’s antenna would be like a lamppost, which
could be installed on building, street lamppost, etc. .
High directionality attained in this band can be used to increase spatial
multiplexing. The size of antenna required for a mm-waves radio can be one-tenth or
less of an equivalent lower frequency radio which is an advantage to the manufactures
to build smaller and lighter systems. Beam width is the measure of how a transmitted
beam spreads out as it gets farther from its point of origin. But due to limited availability
of radio frequency (RF) bands the fifth generation wireless communication systems
will move to ultra-high capacity mm-wave bands.
High frequency makes mm-wave band more attractive for wireless
communication system and these frequencies are used in terrestrial and satellite
communications. Wireless products that use millimeter waves already exist for fixed,
LOS transmissions But the absorption rate of the mm-wave electromagnetic signal
poses great challenges for their utilization in the non-LOS and mobile connections. On
the other hand, high directionality achieved in this band can be used to increase spatial
multiplexing.
Wireless backhaul will be another key enabler of 5G-mm-wave small cells .
Within the mm frequencies, the frequency band of 60 GHz has attracted the
researchers to work with, as the large amounts of bandwidth are unallocated in this
band, bandwidths that are required for communication systems at the intended data
rates of 100 Mbps and above.
Also, another advantage of 60-GHz band is due to a physical property of the
propagation channel at this frequency that provides a natural way for reduction of
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 115

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

frequency reuse factor, which tends to compact cell size . It is a general property of
the mm-wave propagation that the behaviour of the propagation rays is well
characterized by the geometric optics. That is, the waves do not penetrate the walls
or other obstacles and wave reflection is the main mechanism leading to a multipath.
In mm-waves have the potential to support broad-band service access which is
especially relevant because of the advent of Broadband Integrated Service Digital
Network (BISDN).
With the development of personal wireless communication systems, two things
are appearing to be significant:
• Exploiting high frequency bands, such as mm-waves to provide
broadband for high rate data transmission.
• To integrate multi-tasks in one system which greatly extend the
application of wireless device.

The utility of mm-waves for the micro cells that form the WISDOM based GIMCV
are well positioned to be served by these mm-waves. It has been elaborated in these
following points:
• It is relatively easy to get licenses for big blocks of mm-wave spectrum,
which would allow carriers to deploy large backhaul pipes over 1 Gbps in size.
While a single small cell may not need that much capacity, the complexity of
heterogeneous networks will require daisy-chaining many small cells together,
each cell passing its load down the line.
• Small cell backhaul makes the best use high frequency characteristics
of mm-waves. The higher the frequency the shorter distance a wave propagates
unless it gets a serious power boost. But the heterogeneous network by
definition will be composed of densely packed cells in urban environments,
meaning no mm-waves will have to travel far between hops.
The traditional uses of the mm-waves include radio navigation, space research,
radio astronomy, earth exploration satellite, radar, military weapons and other
applications. The backbone/backhaul networks (point to point network) for existing
telecom network to connect base station to main switching centre (MSC), Local
Multipoint Distribution System (LMDS), indoor WLAN, high capacity dense networks
are also present in the mm-waves.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 116

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

The typical microwave backhaul bands are at 6.0 GHz, 11.0 GHz, 18.0 GHz,
23.0 GHz, and 38.0 GHz frequency bands. The light use of mm-waves could be
attributed to high attenuation and low penetration. At such high frequency, waves are
more prone to rain and other atmospheric attenuation. The wavelength is in the order
of millimeters, and rain drops are also of the same size. Rains absorb high frequency
waves and make it difficult for propagation.
However, the experimental results show that in heavy rain condition, attenuation
is 1.4 dB and 1.6 dB for 200 meters distance at 28 GHz and 38 GHz, respectively .
The rain attenuations at 60 GHz for a rainfall rate of 50 mm/h, is approximately 18
dB/km . A proper link design with slightly high transmit power may take care of rain
attenuation. Slight change in the position would affect the signal strength at the
receiving end, due to which mm-waves are deeply affected by scattering, reflection
and refraction. The root mean square (RMS) delay spread for mm-waves is of the
order of few nano seconds, and it is high for are non-LOS (NLOS) links than (LOS)
links .
Similarly, path loss exponent for NLOS links is higher than LOS links. Due to
higher path loss and RMS delay spread, it is assumed that mm-waves are not suitable
for (NLOS) links. However, these difficulties could be managed by using carrier
aggregation, high order MIMO, steerable antenna, beam-forming techniques.
Recently, extensive measurements to understand the propagation
characteristics for defining the radio channel have been carried out at 28 GHz in the
dense urban areas of New York City and at 38 GHz cellular propagations
measurements were conducted in Austin, Texas, at the University of Texas main
campus. The measurements were conducted to know the details about angle of arrival
(AoA), angle of departure (AoD), RMS delay spread, path loss, and building
penetration and reflelction characteristics for the design of future mm-wave cellular
systems. The propagation feasibility studies at 28 GHz and 38 GHz showed that
propagation is feasible up to 200 meters of distance in both the conditions, i.e., (LOS)
and (NLOS) with transmit power of the order of 40–50 dBm in a difficult urban
environment. This is size of micro cell in the urban areas.
The frequency bands around 60 GHz is best suited for pico and femto cell due
to high data carrying capacity and small reuse distance due to strong oxygen
absorption at the rate of 15 dB/Km. The usage in frequency bands around 60 GHz is

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 117

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

highly sparse, which provides freedom to allocate a large bandwidth to every channel.
Moreover, equipment can be made very compact due to the very small antenna size.
Much research work has been done for indoor channel characteriszation at 60
GHz band but a very few work has been done for outdoor characteriszation. In
reference measurements were carried out for narrowband CW for received power
against separation distance in different environments mainly airport field, urban street
and city tunnel.
4.6.1 The measurement Setup
A channel sounder based on correlation has been used for the measurement
for centre frequency of 59.0 GHz with a bandwidth of 200 MHz. A 90◦-horn antenna
was used at transmitting end and a biconical horn with an elevation beamwidth of 20◦
was used at receiver in all the measurements.
The measurement was carried out for path loss exponent and RMS delay
spread. The result found that path loss exponent was between 2 and 2.5 for outdoor
environment and RMS delay spread was lower than 20 ns. Result also included that
multipath phenomenon was bad at parking garage due to large dimensions and
smooth surface as compared to city streets and road tunnel, where multipath
phenomenon was not much significant.
In measurements were carried out at 55 GHz in city streets of London (UK)
with moderate traffic density using a fixed transmitter and a mobile receiver, with link
distances not greater than 400 m. The transmitter installed at 10 m above the ground
level and receiver was mobile mounted over the roof of a car. The test signal was
narrowband FM signal generated through Gunn oscillator and fed to a 25-dBi horn
antenna.
The result found that path loss exponent was 3.6 for a T-R separation of 400 m
with LOS path and path loss exponent was 10.4 for same Tx-Rx separation in NLOS
condition. In order to understand the radio channel propagation characteristics,
extensive propagation measurements in urban environment hasve been carried out
long back at the campus of Delft University of Technology, Netherlands . The
measurements for frequency fading over 100 MHz bandwidth centered around 59.9
GHz were done almost exclusively in the time-domain by using network analyzsers
and channel sounders. The block diagram of the measurement system used in
reference for the frequency-domain characteriszation of the radio-channel is shown
in Figure 4.3.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 118

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

The two main components are signal generator towards transmitter side and
spectrum analyser at receiver side. A flat omnidirectional antenna (2 dBi, 120◦) was
used at transmitter side and omnidirectional (120◦) and patch directional antenna
(pencil beam, 19.5 dBi, 15◦) were used at receiver side. Measurements with both were
done in order to see the difference in performance, because omnidirectional antenna
allows for more reflected components to enter the receiver. The measurements were
conducted for statistics of the ‘k’ factor of Rice distribution and the path loss coefficient
for the pico cell of the order of 50 m radius at three different locations including outdoor
and indoor. The measurements were done in possible locations for the mobile
multimedia communication.
The measurements were taken in the corridor area (indoor) of the University for
the Rice factor k and received power versus distance with TX–RX separation of 12–
15 m are shown in Figures 4.4 and 4.5 below. The measurements were taken in the
parking area (outdoor) of the University for received power versus distance on
logarithmic scale with TX–RX separation of 12–15 m is shown in Figure 4.6.
The measurement results show that propagation is feasible upto 10–15 m in the
indoor and outdoor urban environment, which is normal size of pico cell.
The Radiocommunication Sector of International Telecom Union (ITU) is
responsible for management of radio spectrum at international level. As per ITU-R
frequency allocation plan , the frequency band 10–40 GHz has been earmarked for
satellite based services in all the three regions along with Fixed and mobile services.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 119

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

Local Multipoint Distribution System (LMDS), WLAN, Satellite services and High
capacity dense network etc. are main services present in mm-waves. Several point to
point fixed microwaves links are also working in this band. These links are basically
for backbone/backhaul network for GSM and other services. A good amount of vacant
spectrum is available at mm-waves which could be utiliszed for 5G communications
services. 5G services may transmit high power approximately 40–50 dBW. Therefore,

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 120

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

coexistence study needs to be carried out with existing LMDS and satellite services,
that would be working in neighbouring spectrum bands.
Part-A

1.What are the steps involved in mobility management?

1. Cell Selection Criteria
2. Call to an Active Mobile Station
3. Location Update
2. Write short notes on Command-and-Control Method.
The conventional method for allocating spectrum is known as “Command and
Control Method” shown in the Figure 4.1. There are some countries following this
technique of spectrum allocation. In this method radio spectrum is divided into different
spectrum bands that are allowed to specific radio communication services such as
satellite services, mobile, broadcast on an exclusive basis. This method guarantees
that the radio frequency spectrum will be exclusively licensed to an authorized user
and can use spectrum without any interference.

3 Justify the necessity of spectrum trading, examining its key factors and
implications in the context of telecommunications.
Command and control method does not make spectrum to be utilized efficiently in rural
areas as the spectrum utilization is heavy in the urban regions and underutilized in the
rural areas. It is sad to see the spectrum underutilized and not accessible to all. It is
difficult for some nations to provide 4G services itself. There is a need for taking
serious steps in handling spectrum issues by implementing sophisticated technologies
for the development of nation. In these cases the techniques like spectrum trading
would be a successful solution. This will only lead to the development of 5G
communications in these types of countries.
4. Outline the Collective Use of Spectrum (CUS) significance in the field of
wireless communications
The Collective Use of Spectrum (CUS) allows spectrum to be used by more than one
user simultaneously without requiring a license. Some of the examples that come
under spectrum sharing are frequency reuse concept in the existing telecom networks
FDMA, TDMA. Another important challenge is the sharing of spectrum among the
heterogeneous networks.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 121

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

5. Classify the spectrum sharing methods in telecommunication.

The spectrum sharing methods are classified into three categories based on
based on the priority level of accessing the radio spectrum as follows:
a. Horizontal spectrum sharing: all the devices have equal rights to access the
spectrum.
b. Vertical spectrum handover only: the primary users are allotted priorities to access
the spectrum.
c. Hierarchical spectrum sharing: it is an enhanced variant of the vertical spectrum
sharing.

6. Mention the merits of Spectrum Trading.

The merits of spectrum trading are as follows:

• Improves efficient spectrum usage
• Facilitates the evaluation of spectrum licenses, and gaining knowledge of market
value of spectrum
• Quicker process, with better and faster decision-making by those with information
• Removes barriers to entry by allowing small operators and start-ups to acquire
spectrum rights of use more readily, thereby facilitating the development of market
competition
• There is an opportunity for more rapid redeployment and faster access for spectrum
• Encourages new technologies to gain access to spectrum more quickly
• Existing operators gain an opportunity to sell unused or under-used spectrum and
make more flexible use of spectrum
• Reduction in the transactions costs of acquiring rights to use spectrum
• Allows operators increased flexibility to accommodate shifting demand driven by
market changes.

7. What is cognitive radio (CR) in modern communication systems??

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 122

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

IEEE approved definition of cognitive radio (CR) is a radio in which

communication systems are aware of their environment and internal state, and can
make decisions about their radio operation based on that information and predefined
objectives. The environmental information may not include location information related
to communication systems. Cognitive radio is a very good solution for increasing the
spectrum utilization.

8. What are the steps involved in Spectrum sensing operation?

Spectrum sensing operation can be divided into the three step functions:
1. Signal Detection: In this step of operation existence of the signal is sensed.
There is no need to know the type of signal in this step.
2. Signal Classification: In this step of operation the type of signal is detected,
which is done by extracting the features of the signal.
3. Channel availability decision: In this channel availability is detected. Once
the free channels are detected, the step next to it is, sharing the spectrum holes
which can be achieved by the spectrum allocation scheme.

9. What are the various functionalities of CR based on 5G?

The various functionalities for 5G that could be met with CR usage are as follows :
• Advanced PHY and MAC technologies.
• Implementation of novel and flexible protocols.
• Capacity to support homogenous and heterogeneous systems.
• Adaptation to different changes like environment changes, dynamic frequency
changes, etc.

10.List the mm-waves advantages.

The mm waves have the following advantages
(a) Not much operation at mm-waves so more spectrum is available at mm waves.
(b) Very large blocks of contiguous spectrum to support future applications.
(c) Due to high attenuation in free space, frequency reuse is possible at shorter
distance.
(d) Spatial resolution is better at mm-waves hardware with CMOS technology.
(e) Advancement in semiconductor technology allows low-cost equipment.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 123

 CEC331 4G / 5G COMMUNICATION NETWORKS UNIT-IV DYNAMIC SPECTRUM MANAGEMENT AND MM-WAVES

(f) Small wavelength makes possible use of large antenna arrays for adaptive beam
forming.
(g) Small size of antenna at mm-waves facilitates easy integration on chip and
installation at suitable locations.

Part-B
1. Discuss in detail about the principles of mobility management in 5G communication.
2. Elaborate on the concept of command and control in 5G wireless communication.
3. Elucidate the concepts of spectrum sharing and spectrum trading in the field of
telecommunications?
4. Discuss the concept of cognitive radio within the context of 5G, examining its
principles and assessing its role and impact on advanced communication systems.
5. Explain both the concept of millimeter waves and assessing their applications within
the domain of wireless communication?
6. Discuss the measurement setup of mm waves and examining their characteristics

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 124

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

UNIT V
SECURITY IN 5G NETWORKS
Syllabus
Security features in 5G networks, network domain security, user domain security, flow
based QoS framework, mitigating the threats in 5G.

Introduction
A 5G cybersecurity toolbox/solution offers improved network security through
international mobile subscriber identity (IMSI) encryption. Additionally, all traffic data
sent over the 5G network is encrypted, integrated, protected, and follows a mutual
authentication policy to ensure maximum data protection.
Like most IP networked devices, 5G is vulnerable to MITM (Man-in-the-Middle)
attacks. These attacks use IMSI catchers and malicious core networks. They pose as
devices from authorized mobile network operators and collect sensitive information.
Mobile operators need to adopt a hybrid cloud-based approach where sensitive
data is stored locally and less sensitive data stored in the cloud. This provides
operators with more access and control over the data, and they can decide where and
whom to share it with.

5.1 Security features in 5G networks

1. 5G uses licensed spectrum, which prevents hackers from eavesdropping into
the network and getting access to sensitive data that gets exchanged over the
network.
2. 5G achieves network segmentation through network slicing, by isolating each
of the slices. Network slicing ensures that data exchanged by one customer or
a service does not get shared with other customers or services riding on the
network.
3. 5G supports Home Control features for preventing network spoofing attacks.
Home Control feature authenticates the device location in roaming scenarios.
4. When a device is roaming, the home network verifies if the device is actually
present in the serving network, before allowing the user to roam in the visited
network. This axis a known vulnerability in the previous generation networks -
3G and 4G.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 125

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

5. 5G provides native support for Extensible Authentication Protocol (EAP). It

allows new authentication methods to be plugged into the network, by the
service provider. It also homogenizes the authentication method for 3GPP and
non-3GPP systems (for example, 5G and WiFi systems).
6. Security Anchor Function (SEAF) in 5G, allows for reauthentication of the
device, when the device moves between different access networks without
having to run the full authentication process. SEAF is now part of the Access
and Mobility Management Function (AMF), in the 5G Core.
7. 5G network supports mutual authentication between the User Equipment (UE)
and the network.
8. 5G supports Subscriber Identifier Privacy. In 3G and 4G networks, the IMSI
(International Mobile Subscriber Identifier) is shared with the network during the
connection establishment process. In 5G network, a globally unique Subscriber
Permanent Identifier (SUPI) is allocated for each subscriber. The SUPI either
follows the format of the IMSI or the Network Access Identifier (NAI).
9. The SUPI is not shared during the connection establishment process. Instead,
a temporary Subscriber Concealed Identifier (SUCI) is shared with the network,
until the subscriber or device is authenticated. This feature protects the
subscribers from rogue base stations in the network.

5.2. Security domains

5.2.1 Overview
In order to describe the different security features of 5GS it is useful to divide the
complete security architecture into different security domains. Each domain may have
its own set of security threats and security solutions. 3GPP TS 33.501 divides the
security architecture into different groups or domains:
1. Network access security
2. Network domain security
3. User domain security
4. Application domain security
5. SBA domain security
6. Visibility and configurability of security.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 126

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

Fig.5.1 Six Domains of the 5G Security Architecture: Network Access Security

(I); Network Domain Security (II); User Domain Security (III); Application
Domain Security (IV); Service-Based Architecture Domain Security (IV);
Visibility and Configurability of Security (VI).

Note that Domain VI is not shown.

Groups 1-4 and 6 are very similar to corresponding groups for 4G/EPC.
Group 5 is however new compared to 4G/EPC.
The first group is specific to each access technology (NG-RAN, Non-3GPP access),
whereas the others are common for all accesses. Fig. 5.1 provides a schematic
illustration of different security domains.

5.2.2 Network access security

Network access security refers to the security features that provide a user with
secure access to the network. This includes mutual authentication as well as privacy
features. In addition, protection of signaling traffic and User Plane traffic in the access
is also included. This protection may provide confidentiality and/or integrity protection
of the traffic. Network

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 127

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

Fig. 5.2 Overview of the security architecture.

access security generally has access specific components that is, the detailed
solutions, algorithms, etc. differ between access technologies. With 5GS, a large
degree of harmonization has been done across access technologies, e.g. to use
common access authentication.
The system now allows authentication over NAS to be used over both 3GPP
and Non3GPP access technologies.

5.2.3 Network domain security

Mobile networks contain many Network Functions and reference points
between them. Network domain security refers to the features that allow these
Network Functions to securely exchange data and protect against attacks on the
network between the Network Functions, both between NFs within a PLMN and in
different PLMNs. PLMN stands for Public Land Mobile Network, will be established by
the network and is used to provide land mobile communication services to public. IMSI:
International Mobile Subscriber Identification Number.
5.2.4 User domain security
User domain security refers to the set of security features that secure the
physical access to terminals. For example, the user may need to enter a PIN code

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 128

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

before being able to access the terminal or before being able to use the SIM card in
the terminal.
5.2.5 Application domain security
Application domain security is the security features used by applications such
as HTTP (for web access) or IMS. Application domain security is generally end-to-end
between the application in the terminal and the peer entity providing the service. This
contrasts with the previous security features listed that provide hop-by-hop security
that is, they apply to a single link in the system only. If each link (and node) in the
chain that requires security is protected, the whole end-to-end chain can be
considered secure.
Since application-level security traverses on top of the User Plane transport
provided by 5GS, and as such is transparent to 5GS.

5.2.6 SBA domain security

SBA domain security is the set of security features that enables Network
Functions using Service Based interfaces/APIs to securely communicate within a
network, and between network domains e.g., in case of roaming. Such features
include Network Function registration, discovery, and authorization aspects, as well
as the protection of the service-based interfaces. SBA domain security is a new
security feature compared to 4G/EPC. Since SBA is a new feature of 3GPP in 5GS,
while the other security domains exist also in 4G/EPS, SBA has been considered a
security domain on its own.

5.2.7 Visibility and configurability of security

This is the set of features that allows the user to learn whether a security feature
is in operation or not and whether the use and provision of services will depend on the
security feature. In most cases the security features are transparent to the user and
the user is unaware that they are in operation. For some security features the user
should, however, be informed about the operational status. For example, use of
encryption and integrity protection of user data depends on operator configuration and
it should be possible for the user to know whether it is used or not, for example using
a symbol on the terminal display. Configurability is the property where the user can

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 129

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

configure whether the use or provision of a service will depend on whether a security
feature is in operation.

5.3 Network Domain Security

5.3.1 Introduction
Most of the text in this chapter has so far concerned network access security,
i.e. the security features that support a UE access to the 5GS. It is important to
consider security aspects also of network-internal interfaces, both within a PLMN and
between PLMNs in roaming cases. This has however not always been the case. When
2G (GSM/GERAN) was developed, no solution was specified for how to protect traffic
in the core network. This was perceived not to be a problem, since the GSM networks
typically were controlled by a small number of large institutions and were trusted
entities. Furthermore, the original GSM networks were only running circuit-switched
traffic. These networks used protocols and interfaces specific for circuit-switched voice
traffic and typically only accessible to large telecom operators. With the introduction of
GPRS as well as IP transport in general, the signaling and User Plane transport in
3GPP networks started to run over networks and protocols that are more open and
accessible to others than the major institutions in the telecom community. This brought
a need to provide enhanced protection also to traffic running over core network
interfaces. For example, the core network interfaces may traverse third-party IP
transport networks, or the interfaces may cross operator boundaries as in roaming
cases.
3GPP has therefore developed specifications for how IP-based traffic is to be
secured also in the core network and between one core network and another (core)
network. On the other hand, it should be noted that even today, if the core network
interfaces run over trusted networks, for example a physically protected transport
network owned by the operator, there would be little need for this additional protection.
Below we will discuss both the general Network Domain Security (NDS) solution that
was specified already for 3G and 4G and is re-used with 5GS, but also look at new
5GS solutions that have been developed specifically for the Service Based interfaces
(i.e. the interfaces that use HTTP/2). In this area the interfaces between domains are
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 130

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

of special importance, the roaming interface (N32) between PLMNs as well as the
interfaces between 5GS and 3rd parties used for Network Exposure.

5.3.2 Security aspects of Service Based interfaces

Service Based interfaces is a new design principle in 3GPP networks,
introduced with 5G. Therefore, 3GPP has also defined new security features to
accommodate the new type of interactions between core network entities. For
example, when a NF Service consumer wants to access a service provided by a NF
Service producer, there is support in 5GS to authenticate and authorize the consumer
before granting access to the NF Service. These features are optional within a PLMN
and an operator may decide to instead rely e.g. on physical security instead of
deploying the authentication/authorization framework for NF Services. Below we will
describe on high level the general security features for the Service Based interfaces,
including the authentication and authorization support.
For protecting the Service Based interfaces, all Network Functions shall support
TLS. TLS can then be used for transport protection within a PLMN unless the operator
implements network security by some other means. TLS is however optional to use
and as alternative an operator could e.g. use Network Domain Security (NDS/IP)
within a PLMN. The operator may also decide to not use cryptographic protection at
all within the PLMN in case the interfaces are considered trusted, e.g. if they are
physically protected operator-internal interfaces.
Authentication between Network Functions within a PLMN is also supported but
the method depends on how the links are protected. If the operator uses protection at
the transport layer based on TLS as mentioned above, the certificate-based
authentication that is provided by TLS is used for authentication between NFs. If the
PLMN however does not use TLS-based transport layer protection, authentication
between NFs within one PLMN could be considered implicit by using NDS/IP or using
physical security of the links.
In addition to authentication between NFs, the Server side of a Service Based
Interface also needs to authorize the client for accessing a certain NF Service. The
authorization framework uses the OAuth 2.0 framework as specified in RFC 6749
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 131

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

(RFC 6749). The OAuth 2.0 framework is an industry-standard protocol for

authorization developed by IETF. It supports a token-based framework in which a
service consumer will get a token from an Authorization Server. This token can then
be used to access a specific Service at a NF Service producer. In 5GS it is the NRF
that acts as the OAuth 2.0.
Authorization server and a NF Service Consumer will thus request tokens from
the NRF when it wants to access a certain NF Service. The NRF may authorize the
request from the NF Service consumer and provide a token to it. The token is specific
to a certain NF Service producer. When the NF Service consumer tries to access the
NF Service at the NF Service producer, the NF Service consumer provides the token
in the request. The NF Service producer checks the validity (integrity) of the token by
either using NRF public key or a shared key, depending on what type of keys have
been deployed for the OAuth 2.0 framework. If the verification is successful, the NF
Service producer executes the requested service and responds back to the NF
Service consumer. The above framework is the general framework when an NF
accesses services produced by any other NF. However, the NRF is a somewhat
special NF Service producer in this case since it is the NRF that provides services for
NF discovery, NF Service discovery, NF registration, NF Service registration and
OAuth 2.0 token request services, i.e. services that support the overall Service Based
framework. When an NF wants to consume NRF services (i.e. register, discover or
request access token) the above general features for transport security (based on
TLS) and authentication (based on TLS or implicit authentication) apply as well.
However, the OAuth 2.0 access token for authorization between the NF and the NRF
is not needed. The NRF instead authorizes the request based on the profile of the
expected NF/NF service and the type of the NF service consumer. The NRF
determines whether the NF service consumer can discover the expected NF
instance(s) based on the profile of the target NF/NF service and the type of the NF
service consumer. When network slicing applies, the NRF authorizes the request
according to the configuration of the Network Slice, e.g. so that the expected NF
instance(s) are only discoverable by other NFs in the same network slice.

5.3.3 Service Based interfaces between PLMNs in roaming

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 132

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

The internetwork interconnect allows secure communication between service

consuming and service-producing NFs in different PLMNs. Security is enabled by the
Security Edge Protection Proxies (SEPP) of both networks, i.e. SEPP(s) in each
PLMN.
The SEPPs enforce protection policies regarding application layer security
thereby ensuring integrity and confidentiality protection for those elements to be
protected. The SEPPs also allow topology hiding to avoid that the internal network
topology is revealed to external networks.
Between PLMNs with roaming agreements there is, in most cases, an
intermediate network that provides mediation services between PLMNs, a so-called
roaming IP exchange or IPX. The IPX thus provides interconnect between different
operators. Each PLMN has a business relationship with one or more IPX providers. In
most cases there will thus be one or more interconnect providers between SEPPs in
the two PLMNs. The interconnect provider may have its own entities/proxies in the
IPX, that enforce certain restrictions and policies for the IPX provider. Fig.5.3 shows
an example of a serving PLMN where an NF wants to access a service produced by
an NF in a home PLMN.
The serving PLMN has a consumer SEPP (cSEPP) and the home PLMN has a
producer SEPP (pSEPP). Each PLMN has a business relation with an IPX operator.
The cSEPP operator has a business relationship with an interconnect provider
(consumer IPX, or cIPX), while the pSEPP operator has a business relationship with
an interconnect provider (producer IPX, or pIPX). There could be further interconnect
providers in between cIPX and pIPX, but that is not shown here. Interconnect
operators (pIPX and cIPX in the figure) may modify the messages exchanged between
the PLMNs to provide the mediation services, e.g. to provide value-added services for
the roaming partners. If there are IPX entities between SEPPs that want to inspect or
modify a message, TLS cannot be used on N32 since it is a transport network
protection that does not allow intermediaries to look into or modify a

Fig. 5.3 Overview of security between PLMNs (N32).

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 133

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

message. Instead, application layer security needs to be used for protection between
the SEPPs. Application layer security means that the message is protected inside the
HTTP/2 body which allows some Information Elements in the message to be
encrypted while other Information Elements are sent in clear text. The Information
Elements that an IPX provider have reasons to inspect would be sent in clear text
while other Information Elements, that should not be revealed to intermediate entities,
are encrypted. Using Application layer security also allows an intermediate entity to
modify the message.
The SEPPs use JSON Web Encryption (JWE, specified in RFC 7516) for
protecting messages on the N32 interface, and the IPX providers use JSON Web
Signatures (JWS, specified in RFC 7515 (RFC 7515)) for signing their modifications
needed for their mediation services. It should be noted that even if TLS is not used to
protect NF-to-NF messages carried between two SEPPs in this case, the two SEPPs
still establish a TLS connection in order negotiate the security configuration
parameters for the Application Layer Security.
If there are no IPX entities between the SEPPs, TLS is used to protect the NF-
to-NF messages carried over the two SEPPs. In this case there is no need to look
inside the messages or to modify any part of the message carried between the SEPPs.

5.3.4 Network Domain Security for IP based communication

The specifications for how to protect general IP-based control-plane traffic is
called Network Domain Security for IP-based Control Planes (NDS/IP) and is available
in 3GPP TS 33.210. This specification was originally developed for 3G and evolved
for 4G to cover primarily IP-based Control Plane traffic (e.g. Diameter and GTP-C). It
is, however, also applicable to 5G networks to provide network layer protection.
NDS/IP is based in IKEv2/IPSec and is thus applicable to any kind of IP traffic,
including HTTP/2 used with 5GS.
NDS/IP uses the concept of security domains. The security domains are
networks that are managed by a single administrative authority. Hence, the level of
security and the available security services are expected to be the same within a
security domain. An example of a security domain could be the network of a single
telecom operator, but it is also possible that a single operator divides its network into
multiple security domains. On the border of the security domains, the network operator
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 134

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

places Security Gateways (SEGs) to protect the control-plane traffic that passes in
and out of the domain.
All NDS/IP traffic from network entities of one security domain is routed via an
SEG before exiting that domain toward another security domain. The traffic between
the SEGs is protected using IPsec, or to be more precise, using IPsec Encapsulated
Security Payload (ESP) in tunnel mode. The Internet Key Exchange (IKE) protocol
version 2, IKEv2, is used between the SEGs to set up the IPsec security associations.
An example scenario is illustrated in Fig. 5.4(adapted from 3GPP TS 33.210).

Fig. 5.4 Example of two security domains deploying NDS/IP.

Although NDS/IP was initially intended mainly for the protection of control-plane
signaling only, it is possible to use similar mechanisms to protect the User Plane traffic.
Also, within a security domain that is, between different network entities or between a
network entity and an SEG the operator may choose to protect the traffic using IPsec.
The end-to-end path between two network entities in two security domains is thus
protected in a hop-by-hop manner.

5.4 User Domain Security

User domain security includes the set of security features that secure the user
access to the mobile device. The most common security feature in this user domain
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 135

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

context is the secure access to the USIM. Access to the USIM will be blocked until the
USIM has authenticated the user. Authentication is in this case based on a shared
secret (the PIN code) that is stored inside the USIM. When the user enters the PIN
code on the terminal, it is passed on to the USIM. If the user provided the right PIN
code, the USIM allows access from the terminal/ user, for example to perform the
AKA-based access authentication.
5.5 Flow Based Qos Framework
The QFI is carried in an (GTP-U) encapsulation header on N3 (and N9) i.e.
without any changes to the end-to-end packet header. Data packets marked with the
same QFI receives the same traffic forwarding treatment (e.g. scheduling, admission
threshold). The QoS Flows can be GBR QoS Flows i.e. that require guaranteed flow
bit rate, or QoS Flows that do not require guaranteed flow bit rate (Non-GBR QoS
Flows). Fig. 5.5 illustrates the classification process and the differentiated packet
forwarding provided by the NG-RAN of data packets in DL (i.e. packets arriving at UPF
which pass through toward the UE) and data packets in UL (i.e. packets generated by
the UE e.g. in application layer which are sent to the network). The data packets are
shown to be IP packets, but same principles can be applied for Ethernet frames.
In DL, the data packets are compared in UPF towards Packet Detection Rules
(PDR), see Chapters 6 and 10, installed by the SMF, as to classify the data packets
(e.g. against IP 5-tuple filters in the PDR). Each PDR is then associated with one or
more QoS Enforcement Rule(s) (QER) that contains information for how to enforce
e.g. bitrates. The QER also contains the QFI value to be added to the GTP-U header
(N3 encapsulation header).
In this example, the data packets of five IP flows are classified into three QoS
Flows and then sent toward the 5G-AN (in this case NG-RAN) via the NG-U Tunnel
(i.e. N3 tunnel). The NG-RAN, based on the QFI marking and the corresponding per
QFI QoS Profile received e.g. during the establishment of the PDU Session, decides
how to map the QoS Flows to DRBs. The Service Data Adaptation Protocol (SDAP),
specified in 3GPP TS 37.324, is used to enable multiplexing if more than one QoS
Flow is sent on a DRB, i.e. if the NG-RAN decides to setup a DRB per QFI then the
SDAP layer is not needed. Unless Reflective QoS is used. If so the SDAP is used, see
3GPP TS 38.300. For QFI 5, the NG-RAN decides to use a dedicated DRB, but QFI2
and QFI3 are multiplexed on the same DRB. When there is SDAP configured then an
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 136

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

SDAP header is added on top of PDCP, i.e. there is some overhead added to the data
packets, and the SDAP is used for the QoS Flow to DRB mapping. The QoS Flow to
DRB mapping can also be defined using RRC reconfiguration in which case a list of
QFI values can be mapped toward a DRB. The NG-RAN then sends the data packets
using the DRBs toward the UE. The UE SDAP layer keeps any QFI to DRB mapping
rules, and the data packets are forwarded internally toward the application layer
socket interfaces in the UE without any 3GPP specific extensions e.g. as IP packets.
In UL, the UE application layer generates data packets which first are compared with
the set of installed packet filters from the Packet Filter Sets in the UE. The Packet

Fig. 5.5 QoS Flow to DRB mapping.

Filter Sets are checked in precedence order and when a match is found the data
packet is assigned a QFI. The assigned QFI and the data packet is sent toward the
UE Access Stratum (AS) SDAP layer which performs a QFI to DRB mapping using
the available mapping rules. When a match is found the data packet is sent on the
corresponding DRB, and if there is no match then the data packet is sent on the default
DRB and the SDAP header indicates the QFI such that the NG-RAN can decide
whether to move the QFI to another DRB. It is optional to configure a default DRB, but
the 5GC may provide additional QoS Flow information indicating that a non-GBR QoS
Flow is likely to appear more often than traffic for other QoS Flows established for the
PDU Session and such QoS Flows may be more efficient to be sent without any SDAP
header e.g. on the default DRB. In Fig. 5.5 the QFI 5 is sent on DRB1 but as it is the
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 137

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

only QoS Flow there is no need to include any SDAP header, while QoS Flows 2 and
3 are sent on DRB2 with SDAP header indicating the QFI of the data packet. The NG-
RAN uses the available information as to decide how to mark the N3 header of each
data packet and forwards the data packet to the UPF. The UPF resolves the data
packets into IP flows, and the UPF also performs any bitrate policing and other logic
as directed by the various N4 rules provided by the SMF e.g. counting.

5.6 Mitigating the Threats in 5G.

MEC is one of the vulnerable entities in a 5G network, as it gets deployed at the

edge of the network. The risk can be minimized by deploying endpoint protection
software in the MEC host. MEC applications and services can be protected and
secured by configuring and enforcing application or service specific policies. For
example, configuring role-based access control for administrators managing the MEC
applications and services. In addition, implement monitoring to provide enhanced
visibility of the MEC applications, MEC services and the MEC infrastructure
components. For example, keeping track of activities of various logged-in
administrators, collection of system resource utilization and system performance
snapshots at various time intervals etc., As MEC is open to several third parties for
running their own custom applications, it is better to deploy Firewalls for DDOS
protection, malware protection and API protection.

5.6.1 Protecting the Core Network

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 138

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

Fig. 5.6 - Protecting the Core Network

Core network can be protected by using several mechanisms. Micro

segmentation is one of the emerging trends in the security landscape. Micro
segmentation helps in protecting the core network, allowing administrators to control
the communication between different components in the core network. Micro
segmentation allows policies to be configured at different levels such as Virtual
Machine (VM) level, Operating System (OS) level, application level and at the flow-
level. Data exchanged over the network can be protected by encrypting data using
traditional methods such as IPSEC and VPN. NAT allows network administrators to
isolate select internal networks and prevents access to those networks from the
external world. Network administrators can deploy CGNAT (Carrier Grade NAT)
functions to isolate networks.
In addition, service providers can deploy Firewalls to protect the network and
implement monitoring of the end-to-end core network functions.

5.6.2 Protecting the Virtualized Infrastructure

5G brings-in additional complexity to the operations teams, in deploying,
managing and securing the network infrastructure - as several 5G components are
deployed in a virtualized infrastructure. In order to protect, the Virtualized Network
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 139

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

Functions (VNFs), service providers have to turn-on DNS level security features to
block bad domains and bad talkers from accessing the network.
Network operations teams must deploy security software that blocks
compromised VNFs, prevents VM hopping and blocks container image packages with
vulnerabilities. In addition, Virtualized Infrastructure components must be continuously
monitored for added protection.

5.6.3 Protecting the CPE and Small Cell devices

In 5G, several equipment such as the Customer Premise Equipment (CPE) and
Small Cells are deployed closer to the user or at the user premise. In such cases,
encryption of sensitive data stored in non-secure physical locations is a must.
All the CPE or Small Cell devices connecting to the service providers 5G
network should validate Firmware and software packages cryptographically at the time
of booting. When vulnerable software packages are detected, the security teams must
be alerted, and the software must be rolled back to a trusted version. The devices can
provide a Trusted Executive Environment (TEE) to isolate resident applications on the
devices, by leveraging hardware capabilities. Each device connecting to the network
should authenticate itself at the time of connecting to the network. This can be
achieved through certificate-based authentication. Service providers can pre-provision
device credentials in the certificate and install them on the device, before shipping the
device to the Feld.
In addition, device location can be continuously tracked by embedding a GPS
chipset in the device. The location of the device can be validated during the connection
establishment process.

Part- A Questions and Answers

1. What are the security threats and attacks for 5G?
Like most IP networked devices, 5G is vulnerable to MITM (Man-in-the-Middle)
attacks. These attacks use IMSI catchers and malicious core networks. They pose as
devices from authorized mobile network operators and collect sensitive information.

2. How can we overcome 5G security challenges?

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 140

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

Mobile operators need to adopt a hybrid cloud-based approach where sensitive data
is stored locally and less sensitive data stored in the cloud. This provides operators
with more access and control over the data, and they can decide where and whom to
share it with.

3. How secure is 5G vs 4G?

It comes to the security of calls and messages, all calls and messages are encrypted
in both 4G and 5G technology. But the encryption protocol is the difference between
both. 4G uses 128-bit encryption. 5G uses 256-bit encryption.

4. Write any three Security features in 5G networks

1. 5G uses licensed spectrum, which prevents hackers from eavesdropping into
the network and getting access to sensitive data that gets exchanged over the
network.
2. 5G achieves network segmentation through network slicing, by isolating each
of the slices. Network slicing ensures that data exchanged by one customer or a
service does not get shared with other customers or services riding on the network.
3. 5G supports Home Control features for preventing network spoofing attacks.
Home Control feature authenticates the device location in roaming scenarios.

5. What are the different security groups or domains in 5G networks?

1. Network access security
2. Network domain security
3. User domain security
4. Application domain security
5. SBA domain security
6. Visibility and configurability of security.

6. Write Short notes on Network domain security.

Mobile networks contain many Network Functions and reference points
between them. Network domain security refers to the features that allow these
Network Functions to securely exchange data and protect against attacks on the
network between the Network Functions, both between NFs within a PLMN and in
different PLMNs.
Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 141

 CEC331 4G/5G Communication Networks Unit -5 Security IN 5G Networks

7. What is meant by PLMN in 5G networks?

PLMN stands for Public Land Mobile Network, will be established by the network
and is used to provide land mobile communication services to public. IMSI:
International Mobile Subscriber Identification Number.

8. How will you Mitigate the Threats in 5G?

 Protecting the Core Network
 Protecting the Virtualized Infrastructure
 Protecting the CPE and Small Cell devices

9.Wite short noes on User domain security?

User domain security includes the set of security features that secure the user
access to the mobile device. The most common security feature in this user domain
context is the secure access to the USIM. Access to the USIM will be blocked until the
USIM has authenticated the user. Authentication is in this case based on a shared
secret (the PIN code) that is stored inside the USIM. When the user enters the PIN
code on the terminal, it is passed on to the USIM. If the user provided the right PIN
code, the USIM allows access from the terminal/ user, for example to perform the
AKA-based access authentication.

10. What is flow based QoS in 5G?

The 5G QoS model supports both QoS Flows that require guaranteed flow bit
rate (GBR QoS Flows) and QoS Flows that do not require guaranteed flow bit rate
(Non-GBR QoS Flows).

Part-B
1. Summarize the security features in 5G networks.
2. Discuss about network domain security in 5G networks.
3. Discuss in detail about flow based Qos framework in 5G networks.
4. Write brief overview about network domain security in 5G networks.
5. Enumerate the ways to mitigate the threats in 5G.

Department of Electronics and Communication Engineering | NPR College of Engineering and Technology, Natham

Page No: 142