Abstract: The development of new architectures, technologies and applications of 5G poses new challenges to security. On the one hand, 5G introduces many IT technologies, making the form of assets more complex and diverse. The application of network slicing, multi-access edge computing, network capacity opening and other technologies brings new security threats. On the other hand, 5G is deeply integrated with vertical industries, and 5G security requires a transformation from "general security" to "on-demand security". Global System for Mobile Communications Association has established Network Equipment Security Assurance Scheme (NESAS), which leverages security evaluation to improve 5G security. However, NESAS mainly focus on large-scale 5G base station and core network equipment testing, lacking the scheme of network operation security and data protection.  A novel security evaluation model (ARMIT model) for 5G assets is proposed. The model first describes 5G assets composition and threats landscape, and then stresses the evaluation security requirements, indexes and methods regarding to 5G assets and network operation. It provides an effective reference for equipment enterprises and operators to carry out security capability evaluation of 5G products, networks and services.

Key words: 5G Security, Network security, Risk evaluation, Security test, 5G Threats

摘要： 5G新架构、新技术、新应用的发展对安全提出了新的挑战。一方面，5G引入众多IT技术，资产形态更加复杂多样，网络切片、边缘计算、网络能力开放等技术的应用带来了新的安全威胁，另一方面，5G与垂直行业深度融合，安全要求从“通用安全”向“按需安全”转变。为保障5G网络安全，全球移动通信系统协会（GSMA）制定网络设备安全保障框计划（NESAS），通过5G设备安全评估提升安全能力。然而，NESAS主要关注大粒度的5G基站和核心网设备，缺乏对网络运行安全、数据资产安全等方面的评估机制。ARMIT模型从5G网络资产组成和安全威胁出发，构建适用于5G资产和网络运行的安全要求、安全能力评价指标体系和评测方法，为设备企业、运营商等开展5G产品、网络和服务的安全能力评测提供有效的参考。

关键词: 5G安全, 网络安全, 风险评估, 安全检测, 5G威胁