As work on 6G continues to gather momentum, security is becoming a central design consideration rather than an afterthought. Earlier this month, the Global Coalition on Telecommunications (GCOT) published a set of Security and Resilience Principles for 6G, providing guidance on how future mobile networks should be designed to remain secure, trustworthy and resilient.
GCOT brings together governments from countries including the United Kingdom, United States, Canada, Japan, Australia, Sweden and Finland, with the aim of promoting secure and resilient telecommunications infrastructure. Their latest document focuses specifically on 6G and encourages the industry to embed security principles into network architectures before standards are finalised.
Rather than prescribing specific technologies, the framework outlines ten principles that collectively define what a secure and resilient 6G system should look like.
To make the ideas easier to understand, the principles can broadly be grouped into four themes: system security, technical design, network resilience and ecosystem health.
System Security: Limiting Damage and Protecting Data
The first group of principles focuses on ensuring that the core security properties of the network are protected.
One key concept is containment. Future networks will be highly distributed, with cloud-native functions, AI-driven operations and large numbers of connected devices. In such an environment, a security breach in one component should not compromise the entire system. The architecture must therefore limit the ability of attackers to move laterally within the network.
Another principle emphasises confidentiality and privacy by design. Encryption and data protection mechanisms must be built into the network from the beginning rather than layered on later. This is particularly important as 6G networks will connect a much broader range of devices, applications and industries.
Closely related to confidentiality is the requirement for data and infrastructure integrity. Operators need mechanisms to ensure that software, hardware and transmitted data have not been tampered with. The ability to detect and prevent unauthorised modifications is essential for maintaining trust in the network.
Technical Design and Implementation
The second group of principles focuses on how security should be embedded within the architecture and operation of the network itself.
A core requirement is strong identity and authentication between network functions. Modern telecom networks already rely heavily on virtualised and cloud-based components, and 6G will extend this even further. Every network element must therefore be able to authenticate securely before accessing other functions or data, reducing reliance on implicit trust within the system.
Another area highlighted in the principles is the increasing role of automation and artificial intelligence. Future networks will rely heavily on AI for optimisation, orchestration and fault management. As a result, security mechanisms must ensure that AI systems remain trustworthy and protected from manipulation, such as malicious training data or model tampering.
The GCOT framework also highlights the importance of quantum-resilient cryptography. Although practical quantum computers capable of breaking widely used encryption algorithms are still some years away, data transmitted today may remain sensitive for decades. Supporting cryptographic techniques that can withstand future quantum attacks is therefore an important consideration for long-lived infrastructure like mobile networks.
Network Composition and Resilience
Beyond traditional cybersecurity, the GCOT principles also emphasise resilience. This means ensuring that networks continue to operate even during failures, attacks or large-scale disruptions.
One principle focuses on measurable resilience. Operators should be able to quantify the resilience of their networks using clear metrics such as service availability, recovery times and performance under stress. This is particularly important for critical communications, where services must remain available during emergencies.
Another principle highlights the need for secure and interoperable architectures. Future networks are likely to involve a diverse mix of technologies, vendors and deployment models. Supporting open interfaces and multi-vendor ecosystems can help reduce systemic risks and improve transparency across the network.
A further consideration is resilient positioning and timing. Many digital systems rely heavily on satellite-based navigation signals such as GPS or other Global Navigation Satellite System (GNSS) technologies. However, these signals are vulnerable to jamming and spoofing. The GCOT principles therefore encourage the development of complementary terrestrial positioning and timing mechanisms that can provide redundancy.
Ecosystem Health and Supply Chain Security
The final principle looks beyond the network itself and focuses on the wider ecosystem that supports telecommunications infrastructure.
A secure network requires a trusted and transparent supply chain. This includes visibility into the origin of hardware and software components, as well as confidence that vendors follow robust security practices throughout their development processes.
Diversity within the vendor ecosystem is also important. Over-reliance on a small number of suppliers can create systemic risks, particularly when networks form part of national critical infrastructure. Encouraging a broader and more competitive ecosystem can help improve both resilience and innovation.
Why These Principles Matter
Although the GCOT principles are not formal standards, they are likely to influence future work in organisations such as 3GPP and ITU as the industry develops the specifications for IMT-2030.
Perhaps the most important message from the document is that security cannot be bolted on later. The complexity of future networks, combined with their growing role in critical infrastructure, means that security and resilience must be built into the foundations of 6G from the very beginning.
For engineers, researchers and students exploring the future of wireless systems, these principles provide a useful lens through which to understand the challenges ahead. Designing secure networks will require expertise not only in radio technologies but also in areas such as cryptography, distributed systems, AI safety and supply chain assurance.
As 6G research and standards progresses over the next few years, these themes will almost certainly become central to the way next-generation networks are designed and deployed.
- Free 6G Training: Insights from the 6G Flagship's 6G Resilience Summit and White Paper
- Free 6G Training: How VIAVI Sees Post Quantum Readiness Shaping 6G
- Free 6G Training: Securing the 6G Space–Air–Ground Integrated Network (6G SAGIN)
- Free 6G Training: A European Vision for Innovative Approaches to 6G Security
- Free 6G Training: 6G Security Considerations
- Free 6G Training: ABI Research Whitepaper on Conceptualizing Security in a 6G World
Comments
Post a Comment