ORANalyst: Systematic Testing Framework for Open RAN Implementations

Tianchang Yang, Syed Md Mukit Rashid, Ali Ranjbar, Gang Tan, Syed Rafiul Hussain

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We develop ORANalyst, the first systematic testing framework tailored for analyzing the robustness and operational integrity of Open RAN (O-RAN) implementations. O-RAN systems are composed of numerous microservice-based components. ORANalyst initially gains insights into these complex component dependencies by combining efficient static analysis with dynamic tracing. Applying these insights, ORANalyst crafts test inputs that effectively navigate these dependencies and thoroughly test each target component. We evaluate ORANalyst on two O-RAN implementations, ORAN-SC and SD-RAN, and identify 19 previously undiscovered vulnerabilities. If exploited, these vulnerabilities could lead to various denial-of-service attacks, resulting from component crashes and disruptions in communication channels.

Original languageEnglish (US)
Title of host publicationProceedings of the 33rd USENIX Security Symposium
PublisherUSENIX Association
Pages1921-1938
Number of pages18
ISBN (Electronic)9781939133441
StatePublished - 2024
Event33rd USENIX Security Symposium, USENIX Security 2024 - Philadelphia, United States
Duration: Aug 14 2024Aug 16 2024

Publication series

NameProceedings of the 33rd USENIX Security Symposium

Conference

Conference33rd USENIX Security Symposium, USENIX Security 2024
Country/TerritoryUnited States
CityPhiladelphia
Period8/14/248/16/24

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'ORANalyst: Systematic Testing Framework for Open RAN Implementations'. Together they form a unique fingerprint.

Cite this