SGS Brightsight adds NESAS to the scope of ISO/IEC 17025 accreditation

21.05.21 09:17 AM By Brightsight

Delft, May 21 2021. SGS Brightsight is proud to announce that we are accredited to perform Network Equipment Security Assurance Scheme (NESAS) assessments. The product evaluation can only be performed by accredited, security test laboratories accredited according to ISO 17025.

 

NESAS defines security requirements and an assessment framework for secure product development and product lifecycle processes, as well as using 3GPP defined security test cases for the security evaluation of network equipment.

 

NESAS provides the necessary tools for ensuring effective assurance testing. The NESAS framework is a joint effort between 3GPP SA3 and GSMA, and also includes standard-based assessments for 5G security, which are part of the Security Assurance Specifications (SCAS).

 

The overall objective of NESAS is to provide an industry-wide security assurance framework and security baseline to facilitate improvements in security levels across the whole mobile industry. To achieve this, NESAS defines security requirements and an assessment framework for secure product development and product lifecycle processes, as well as security test cases for the security evaluation of network equipment.

 

NESAS bestows a number of benefits on different stakeholders, including;


Equipment vendors:

  • Demonstrate adherence to security requirements to relevant stakeholders;

  • Illustration of the vendor’s development and maintenance and product security capabilities;

  • Avoidance of globally inconsistent and conflicting security requirements and conformance fragmentation; and

  • Unified set of security requirements eases network product development and global sales

Mobile network operators:

  • Visibility of security capabilities of equipment vendors and their network products before purchase;

  • Baseline of security requirements that can be fulfilled by network equipment products; and

  • Testing of security baseline outsourced to accredited test laboratories reduces security testing efforts for individual operators.

National authorities and regulators:

  • Security assurance scheme readily available for their use;

  • Increase effective security while not negatively impacting the industry; and

  • Help avoid fragmentation of security requirements across the global market.

 

Reach out to us for learning more about NESAS and other relevant 5G security standards via 5g@brightsight.com