4G Security Test Suite

Security Test Suites for 4G

4G-LTE

Core

IMS

SIGTRAN

M3UA

SS7

SCTP

CAMEL

ISUP

4G Security Test Suite

Security Test Suites for 4G

Overview

The Valid8 Security Test Suites are suitable for auditing security of 4G LTE network nodes including UE, eNodeB, MME, SGW, PGW, according to standards including NESAS, 3GPP.

What It Can Do For You

The solution is capable of simulating and testing various different devices:

UE
eNodeB
MME
SGW
PGW

Why It’s Different

Scalable software-based architecture can run on a range of hardware from COTS and high-end customer provided hardware to Virtual Machines and the Cloud (e.g. Amazon AWS) for maximum versatility and performance
Web-based UI is easy to learn
HTTP API enable integration with automation test systems and other equipment
Stateful modeling provides accurate emulation of network elements

Features

Pre-made test scenarios and procedures
PASS / FAIL analysis, including plain English diagnostic reason
Valid / Invalid testing
Customizable source-code
User-configurable proprietary messages, IEs, headers
Animated test results action-replay
Easy to configure
Automatic execution of test batches
UDP, TCP, SCTP transport layer IPv4/IPv6 support
Suitable for Development and QA test lab environments, verifying protocol compliance, negative and robustness testing, Regression testing and Reproducing customer issues in the field

Additional Videos

Subsystems

Valid8 Security Test Suites are comprised of multiple subsystems that can be activated as needed to test the DUT. Traffic can be captured through the use of a remote capture tool such as Wireshark.

KPIs

Test Verdict - Pass, Fail or Inconclusive
Detailed message field validation

Configurable Parameters

IP address and port
Network layer- IPv4 / IPv6
Transport layer- UDP / TCP / SCTP / TLS
Phone numbers
Authentication - username and password
Unexpected message handling - Stop / Continue

Automation API

User commands can be fully automated using an HTTP API. This includes all control functions as well as collection of results and metrics. It can be integrated into any CI system including Jenkins, CircleCI, Gitlab and others. Our Autom8 Python framework is included to ease integration.

Scripting

The application can be edited directly in the browser using VTDL using Composer, a powerful development environment that includes error checking and a graphical view easing the creation and modification of scenarios. Codec Studio can be used to quickly build message templates from raw PDUs, as captured by tcpdump for example, to use in the scenarios.

PRODUCT OPTIONS

M5 Mobile UE Tester

Base Station Emulator for 4G eNodeB, 5G gNodeB RAN and mobile core to test UE devices including CPE router, phone, modem & IoT devices

Mobile Core Network Emulator

The software-based Mobile Core Network emulator mimics 5g Core (5GC) SA and NSA, LTE 4G EPC, and UMTS 3G Core stand-alone to test the RAN.

Use Cases

No items found.

Summary of Specifications

Specifications

NESAS SCAS 3GPP TS 33.116 - MME

Access with 2G SIM forbidden
Re-synchronization
Integrity check of Attach message
Not forwarding EPS authentication data to SGSN
Not forwarding unused EPS authentication data between different security domains
Bidding down prevention
NAS integrity algorithm selection and use .
NAS NULL integrity protection
NAS confidentiality protection
Bidding down prevention in X2-handovers .
NAS integrity protection algorithm selection in MME change .
No access with 2G SIM via idle mode mobility
No access with 2G SIM via handover
No access with 2G SIM via SRVCC
Release of non-emergency bearers

NESAS SCAS 3GPP TS 33.216 - eNodeB

Control plane data confidentiality protection
Control plane data integrity protection
User plane data ciphering and deciphering at the eNB
User plane data integrity protection
AS algorithms selection
Verify RRC integrity protection
The selection of EIA0
Key refresh at the eNB
AS Security Mode Command Procedure
Bidding down prevention in X2-handovers
AS protection algorithm selection in eNB change
RRC and UP downlink ciphering at the eNB
Map a UE NR security capability
UE NR security capability is only sent to a SgNB
Bidding down prevention in X2-handovers when target eNB receives a NR security capability

NESAS SCAS 3GPP TS 33.250 - PGW

Per-user based packet filtering
Charging ID Uniqueness
TEID UNIQUENESS
Mobility binding
Inactive emergency PDN connection release
Unpredictable GTP TEID
IP Address reallocation interval
MS/UE-Mutual Access Prevention
Traffic separation
User Plane Traffic Differentiation

TBD - UE

Under development

‍

Product Details

Operating System

‍Protocol Engine (Linux-based)

User Interface

‍Browser-based, touch-optimized graphical user interface

Automation

‍HTTP API

Note:

Actual throughput levels over radio may vary based on the 3rd party device manufacturer and software versions. Valid8 product specifications are subject to change at any time without notice.