5G JumpStart 1.

2
*unofficial guide to Nokia Certified 5G Associate

WhoMe: Babar Haq

Total of 20+ years’ experience of Integration, Security & Optimization of Converged IP Networks
& Wireless Broadband Services in MENA, EMEA and APAC regions. Nokia 5G Slicing &
Security Professional, 1st Person Certified Worldwide.

Bug Reports: [email protected]

Introduction:

Unofficial guide to Nokia 5G Associate Certification. Just some exam notes

for the certification, I would recommend Nokia extensive online training to
all. The content is focused on knowledge for individuals with existing
UMTS/LTE experience.

Pillars of 5G:

5G E2E networks have four outstanding capabilities over 4G networks.

The four capabilities are ultra-broadband access, massive IoT connectivity,
ultra-reliable low latency, and E2E network slicing. Ultra-Broadband
Access.

Hyper Fast Broadband Networking (<1Gbps)

Evolved Radio Access Technology (Open/Cloud RAN)
Ultra Dense Networks (Small/Femto Cells)
SON Self organizing networks (Self Optimization and healing)
Massive Machine Type communication MMTC (1milltion devices per Km)
mm-Wave ultra-high frequency use (above 6GHZ)
Backhaul split into Front /Mid/Back Haul transport network
Ultra Reliable Low Latency Communication URLLC
Cloud Native NFV Core (DSN, VM, Containers virtualization)
Slicing & NPN nonpublic networks use of RAN/TX/Core slices
WIFI (Non 3GPP) internetworking, seamless handovers
Highly secure (Secure SUCI/SUPI instead of 4G IMSI during signaling
5G Use Cases:

Hyper Fast Broadband Internet (10Gbps)

Smart Homes (IoT sensors use)
Smart city center (i.e. public safety, surveillance, electric grids)
Industrial IoT (Mobile IoT sensors Industry 4.0)
Self-driving autonomous vehicles (V2X, logistics, fleet management)
Virtual Reality, Gaming (XR/AR/VR)
Medical (remote patient care)
Non terrestrial networking (drones, UAV)
Defense and Mining Industry use of NPN (Non public networks)
3GPP Evolution:

Tech Age Throughput Throughput

Mobile Stationary
3G 2001 384Kbps 40Mbps
4G 2011 100Mbps 1Gbps
6G 2020 1G 10Gbps

 LTE Rel 8 - 9
 LTE-A Rel 10 - 11
 LTE-B Rel 12 - 14
 5G Rel 15 – 17
 5G-A Rel 18

5G NR New Radio:

 5G New Radio (NR) is the global standard for a unified, more capable 5G wireless air
interface. It will deliver significantly faster and more responsive mobile broadband
experiences, and extend mobile technology to connect and redefine a multitude of new
industries.
  Massive MIMO, is an extension of MIMO, which essentially groups together
antennas at the transmitter and receiver to provide better throughput and better
spectrum efficiency

 Millimeter waves — often referred to as mmWaves or high-band 5G — are frequencies

starting at 24 GHz and beyond. As radio waves increase in frequency, each wave
narrows in length. Because of its high frequencies, mmWave has a limited range of only
300 to 500 feet and struggles to penetrate buildings

 The 5G spectrum is a range of radio frequencies in the sub-6 GHz range and the
millimeter-wave (mmWave) frequency range that is 24.25 GHz and above. The 5G
spectrum refers to the radio frequencies that carry data from user equipment (UE) to
cellular base stations to the data's endpoint.
.
 TTI, Transmission Time Interval, is a parameter in UMTS and 5GNR related to
encapsulation of data from higher layers into frames for transmission on the radio
link layer. TTI refers to the duration of a transmission on the radio link. Unlike
LTE 5G offers variable TTI i.e. 0.25ms to 1.0ms adjusted per delay or payload
scenario (eMBB, URLLC).

5GC Core:

 Access and Mobility Management function (AMF) supports: Termination of

NAS signaling, NAS ciphering & integrity protection, registration management,
connection management, mobility management, access authentication and
authorization, security context management. (AMF has part of the MME
functionality from EPC world)
  Session Management function (SMF) supports: session management (session
establishment, modification, release), UE IP address allocation & management,
DHCP functions, termination of NAS signaling related to session management,
DL data notification, traffic steering configuration for UPF for proper traffic
routing. (SMF has part of the MME and PGW functionality from EPC world)
 User plane function (UPF) supports: packet routing & forwarding, packet
inspection, QoS handling, acts as external PDU session point of interconnect to
Data Network (DN), and is an anchor point for intra- & inter-RAT mobility. (UPF
has part of the SGW & PGW functionality from EPC world)
 Policy Control Function (PCF) supports: unified policy framework, providing
policy rules to CP functions, access subscription information for policy decisions
in UDR. (PCF has part of the PCRF functionality from EPC world)
 Authentication Server Function (AUSF) acts as an authentication server. (part
of HSS from EPC world)
 Unified Data Management (UDM) supports: generation of Authentication and
Key Agreement (AKA) credentials, user identification handling, access
authorization, subscription management. (part of HSS functionality from EPC
world)
 Application Function (AF) supports: application influence on traffic routing,
accessing NEF, interaction with policy framework for policy control. (same as AF
in EPC world)
 Network Exposure function (NEF) supports: exposure of capabilities and
events, secure provision of information from external application to 3GPP
network, translation of internal/external information. (not present in EPC world)
 NF Repository function (NRF) supports: service discovery function, maintains
NF profile and available NF instances. (not present in EPC world)
 Network Slice Selection Function (NSSF) supports: selecting of the Network
Slice instances to serve the UE, determining the allowed NSSAI, determining the
AMF set to be used to serve the UE. (not present in EPC world)

UDSF: Unstructured Data Storage Function In 5G, the UDSF supports data
storage for stateless network functions. That is, rather than a given
network function holding its own storage resources, it will instead store UE
context data in the UDSF.
5G Service-based architecture: The 3GPP defines a Service-Based
Architecture (SBA), whereby the control plane functionality and common
data repositories of a 5G network are delivered by way of a set of
interconnected Network Functions (NFs), each with authorization to access
each other's services.

Stateless network functions: 5G network functions are designed to be

stateless. Separating state from the control, allows control to run on a
compute resource and state can be saved at a separate storage node.
Apart from enhancing reliability by maintaining redundancy of storage
nodes, this statelessness also aids in dynamic instantiation/scaling of
virtual network functions corresponding to the 5G network functions.
NSA (Non-Standalone Access) and SA (Standalone Access) are the
two 5G network modes. NSA relies on the 4G network facilities to provide
more speed and higher data bandwidth. A 5G-enabled smartphone will
connect to a 5G or 4G network depending on conditions.

5G QOS:
4G QCI: (1 ERAB + 1 PDP)
5G 5QI: Multiple RB Radio Bearer to 1 PDU (PDP in LTE) single tunnel
multiple flows
QFI: QoS Flow ID mapping APP to Radio Barer , GBR, Non GBR, Low
Latency

5G Open Cloud RAN:

Standard Bodies: 3GPP, ORAN Alliance, GSMA

5G O-RAN: An Open Radio Access Network (O-RAN) is a totally
disaggregated approach to deploying mobile fronthaul and midhaul
networks built entirely on cloud native principles. Radio nodes are
distributed into RU-DU-CU.
CPRI: Common Public Radio Interface, or CPRI, is an evolving
specification for wireless communications networks defined by a
consortium of original equipment manufacturers. The specification relates
to the communication link between baseband units and remote radio units.
5G V2X:

CITS: Common Intelligent Transport Infrastructure

CAV: Connected Autonomous Vehicle
V2X: Vehicle to anything/everything
RSU: Road side unit

Vehicle to Infrastructure (V2I) - V2I involves your car communicating with

things like traffic lights and road work signs. This will give you information
on their environment and on what lies ahead.
Vehicle to Vehicle (V2V) - V2V establishes a link between two vehicles,
allowing them to share sensor and planned route data.
Vehicle to Network (V2N) - V2N means cars will be able to communicate
with the Internet. This will enable things like advanced navigation based on
maps.
Vehicle to Pedestrian (V2P) - V2P will allow vehicles and pedestrians to
exchange information, hopefully limiting pedestrian accidents.
Vehicle to Device (V2D) - V2D will enable cars to exchange information
with devices in general. This will include things like self-parking sensors in
parking garages.
Vehicle to Grid (V2G) - V2G can help with power planning as electric cars
can tell the grid about their current and projected power needs.

5G Security

SIM card key length 128-256 bit optional

SOAR: SOAR stands for Security Orchestration, Automation, and Response. SOAR
platforms are a collection of security software solutions and tools for browsing and collecting
data from a variety of sources, logs. Use of AI/ML and scripting to automate threat response..

Dual mode: dual mode vulnerability when 5g UE connects to 4g core 5g

security weakened at 4g level
Standalone mode secure 5g UE connects to 5G Radio and 5G port
Beam forming attack: attacker can pin point UE location but not possible
to eavesdrop
Possible attacks: UE capability sensing, battery drain, DOS attack,
location tracking bidding down to 3G 4G
New features DTLS over SCTP, IPsec over N2, N3, Xn, IP Transport
Interfaces
5G roaming security additional SEPP nodes (security end point protection
proxy) signaling between home and visited networks.
SUPI/ SUCI replaces subscriber IMSI identifier with concealed and
encrypted identities.
  Various 5G network security responsibilities fall on both user
equipment and the network infrastructure.
 Data confidentiality and integrity are emphasized in the 3GPP
standard, primarily using encryption algorithms, also called cipher
algorithms, to protect the data.
 Both user equipment and network infrastructure are required to
protect the encryption keys for the algorithms through encryption,
tamper-resistant hardware, or being in a secure physical location.
 Authentication and authorization are also important for both user
equipment and network infrastructure so user equipment and other
networks can be confirmed as authorized equipment and networks

Three aspects of security:

1 — Confidentiality

Which ensures no unauthorized entity can read the communication. To ensure wireless
communication is confidential it is encrypted, and the encryption is done hop-by-hop in
the network. So, at both RAN and CN, the unencrypted information is available.

2 — Integrity

Which ensures no unauthorized entity can modify the communication. To ensure this
wireless communication is integrity protected, integrity is also implemented hop-by-hop
in the network. So, the information is available at both RAN and CN to be tampered
with.

3 — Availability

Which ensure that communication service is available uninterrupted to the users. This
also has to be ensured at both the RAN and CN level, as both can contribute to service
discontinuity.
5G Network Slicing

5G network slicing is a network architecture that enables the multiplexing of

virtualized and independent logical networks on the same physical network
infrastructure. Each network slice is an isolated end-to-end.

 Networks can have hundreds of slices but a UE can support only 8

slices.
 Slice provides Security isolation and Resource isolation.
 NSSAI (Network Slice Selection Assistance Information)
comprised of SD (Slice Differentiator) and SST (Slice Service
Type) i.e uRLLC, MMTC, eMBB.
 Network Slice Selection Function (NSSF): NSSF helps in setting
up multiple virtual network slices of the RAN, core and transport
networks to meet specific service requirements.
5G Cloud Architecture

In order to facilitate network traffic from billions of connected nodes and the
coming wave of new compute-intensive 5G applications, networks must
transform to be able to deliver faster speeds, lower latency, and more
capacity. Cloudification prepares for 5G’s 10X less latency, 100X faster
speed, and 1000X more capacity, laying the foundation for revolutionary
customer experiences, business efficiencies, and products and services.

5G NFV: 5G NFV uses virtualization technologies for all categories of

network node operations on building blocks that can be connected to
create advanced communication services. NFV is based on traditional
server-virtualization techniques, ie, the separation of a physical server for
multiple smaller virtual servers, however, with the help of virtualization
software.

Cloud Models IAAS, PAAS and SAAS

IAAS: The IaaS model shares hardware resources among the users.
Cloud providers typically bill IaaS services according to the utilization of
hardware resources by the users.
PAAS: The IaaS model shares hardware resources among the users.
Cloud providers typically bill IaaS services according to the utilization of
hardware resources by the users.
SAAS: The SaaS model is the software layer. In the SaaS layer, clients are
not allowed to modify the lower levels such as hardware resources and
application platform.
Cloud Elasticity: The Elasticity refers to the ability of a cloud
to automatically expand or compressed the infrastructural resources on
a sudden-up and down in the requirement so that the workload can be
managed efficiently.
Virtualization sprawl is a phenomenon that occurs when the number of
virtual machines (VMs) on a network reaches a point where administrators
can no longer manage them effectively. Virtualization sprawl is also
referred to as virtual machine sprawl, VM sprawl or virtual server sprawl.
COTS (Commercial off-the-Shelf Servers): AKA “Cheap Intel Servers”
Hybrid Cloud: Hybrid cloud computing is an environment that combines
public clouds and private clouds by allowing data and applications to be
shared between them. Private Cloud is an environment where Compute
and Storage servers are owned by the user, while Public Cloud is when the
equipment is owned by a vendor ie Microsoft, AWS.
MEC: (Mobile Edge Computing) is a distributed computing framework
that brings enterprise applications closer to data sources such as IoT
devices or local edge servers. This proximity to data at its source can
deliver strong business benefits, including faster insights, improved
response times and better bandwidth availability.
Hypervisors: Hypervisor is computer software, firmware or hardware that
creates and runs virtual machines. A computer on which a hypervisor runs
one or more virtual machines is called a host machine, and each virtual
machine is called a guest machine.
Type 1: Type 1 hypervisor run directly on the host’s physical
hardware without loading the attack-prone underlying OS, making them
very efficient and secure.
Type 2: Type 2 hypervisors are also known as hosted hypervisors,
because they are installed on existing OSs, and rely on them for
virtualization and resource management.
Common Products: VM-ware vSphere, Microsoft Hyper V, Xen Server,
KVM, Redhat Virtualization.
Containers: containers hold individual applications and their corresponding
software, commands, and configurations. This allows applications to be
transferred to different cloud or OS environments without having integration
or run issues because of the change in environment (Dockers, Kubernetes
Container Name-Space: isolates the applications from each other within
single or multiple container' scope. When multiple processes / services are
being run on multiple containers (on a single host system) then such
isolation is a necessity from security and stability standpoints.

SDN (Software Defined Networking)

SDN attempts to centralize network intelligence in one network component

by disassociating the forwarding process of network packets (data plane)
from the routing process (control plane). The control plane consists of one
or more controllers, which are considered the brain of the SDN network
where the whole intelligence is incorporated.

OpenFlow: OpenFlow is a communications protocol that gives access to

the forwarding plane of a network switch or router over the network.
Controller: SDN controller is a software system or collection of systems
that together provides: Management of network state, and in some cases,
the management and distribution of this state, may involve a database.

Flow Table: In OpenFlow for packet-based network, each switch contains

a flow-table. Each flow-table entry header specifies a flow and an
associated action to be taken towards an incoming packet matching the
respective entry.

Traffic Engineering: Traffic Engineering is a method that helps to optimize

the performance and efficiency of the movement of people, goods, and
transportation. Traffic engineering looks at the whole picture in order to
maximize traffic flow and reduce instances of congestion.
SON (Self Organizing Networks)

5G SON: SON (Self-Organizing Network) technology minimizes the

lifecycle cost of running a mobile network by eliminating manual
configuration of network elements at the time of deployment, right through
to dynamic optimization and troubleshooting during operation. Besides
improving network performance and customer experience, SON can
significantly reduce the cost of mobile operator services, improving the
OpEx-to-revenue ratio and deferring avoidable CapEx.

Introduced in LTE (3GPP Rel.8)

As 5G has massive Femto/ Small cell dense deployment, SON will be
needed as manual configuration management is not possible.
Self-Configuration: PNP Automatic software download, automatic
neighbor relationship, DNS MME SGW IP Address Software configuration.
Self-Optimization: Neighbor Selection, UE Measurement, Frequency
Selection, Load balancing.
Self-Healing: Outage management, Neighbor power selection,
Interference management.
EMS (Element Management System): KPI Measurements, SON
controller.

Voice over 5G:

High Definition voice quality support

No circuit voice support, No 2g 3g handover
5G to 4G and 5G to Wi-Fi seamless handover
EPS Fallback 5G to 4G VOLTE, afterwards CS fallback/SRVCC to 3G 2G
5G MMTC:

mMTC: mMTC focuses on IoT applications which requires mass

deployment of billions of low-cost, low-powered devices and sensors.

Some of the 5G applications which come under this use case are :
➢ Smart Cities, Smart Homes and Smart Buildings
➢ Intelligent Agriculture Systems
➢ Patient Monitoring Systems
➢ Traffic Management Systems

Battery life of upto 10 years at 200 byte UL

Coverage Density 1,000,000 devices/ km^2
Latency <10s with 20 byte payload
Price – Ultra low cost
Features: Multicast, location awareness, Mobility

5G URLLC:

Ultra-reliable low latency communications (URLLC) is one of the key pillars

of 5G New Radio (NR). As the underlying feature required to support dense
sensor grids of IoT endpoints, it is a primary enabler for a number of unique
use cases in the areas of manufacturing, energy transmission,
transportation and healthcare. With the need to support end-to-end
latencies as low as 5ms, the delay budget for individual interfaces can be
as low as 1ms. This means that optimizations must be made at every step
of the uplink and down link transmission process. While outside the scope
of 3GPP specifications, the need to reduce data processing response times
is also leading to the emergence of highly distributed edge computing
strategies.
Smart factory/industrial automation
Healthcare industry
Intelligent transportation (fleet / logistics)
Entertainment and media (AR/VR Gaming)
Smart electricity grid
5G EMBB:

Enhanced Mobile Broadband: improvement on that which is currently

used for cellular data. It provides speeds of up to 10Gbps for high
bandwidth usage such as HD video streaming or VR/AR gaming, providing
faster download speeds and improved user experiences

WiFi Internetworking:
N3IWF: Non-3GPP Internetworking Function: Gateway to connect 5GC
to Wifi Access Point.
ATSSS: Access Traffic Steering, Switching, Splitting
“Steering” refers to the possibility of selecting for user-plane traffic,
according to the service (QoS-type for a data flow), the best link to use
“Switching” describes the possibility of performing handover without
service interruption to the other link when necessary
“Splitting” means the simultaneous use (bonding) of the two links.
5G Wired Broadband:

The AGF provides AAA services plus hierarchical traffic shaping and
policing for fixed network (FN) and 5G residential gateways (RGs) being
served from a standard 3GPP User Plane Function (UPF) within a common
5G Core (5GC).
ATSSS applies the same rules as WIFI.
5G small cell

Small cells are low-powered cellular radio access nodes that operate in
licensed and unlicensed spectrum that have a range of 10 meters to a few
kilometers and that are typically backhaul connected via wired connections.
Acronyms

3GPP 3rd Generation Partnership Project

4IR Fourth Industrial Revolution
5G 5th generation wireless technology
5GC 5G Core
5GNR 5G New Radio
5GTTH 5G to the home
A2P Application-to-person
ADM Add-drop multiplexer
ADSL Asymmetric digital subscriber line
AF Application function
AGV Automated guided vehicles
AI Artificial intelligence
AKA Authentication and key agreement
AMF Access and mobility management function
API Application programming interface
AR Augmented reality
ASIC Application-specific integrated circuit
AuC Authentication center
AUSF Authentication server function
BBU Baseband unit
BGP Border gateway protocol
BPaaS Business Processes as as Service
BTS Base transceiver station
CCAP Converged cable access platform
CNF Cloud-native network function
CPE Customer premise equipment
CPRI Common public radio interface
CPU Central processing unit
CSP Communication service provider
CU Centralized unit
CUPS Control and user plane separation
CWDM Coarse wavelength division multiplexing
DC Data center
DÉCOR Dedicated core network
DL Downlink
DN Data network
DoS Denial of service
DSCP Differentiated service code point
DSL Digital subscriber line
DSP Digital Service Provider
DU Distributed unit
DWDM Dense wavelength division multiplexing
E2E End-to-End
EAP Extensible authentication protocol
ECMP Equal-cost multi-path
eCPRI Enhanced CPRI
eLTE Evolved long-term evolution
eMBB Enhanced mobile broadband
eMTC Enhanced machine-type communication
EPC Evolved packet core
ETSI European Telecommunications Standards Institute
eVPN Ethernet virtual private network
FPGA Field programmable gate array
FR Frequency range
FTTH Fiber to the home
FWA Fixed wireless access
GDP Gross domestic product
GPU Graphics processing unit
GSM A GSM Association
GW Gateway
HLR Home location register
HPLMN Home public land mobile network
HSS Home subscriber server
HW Hardware
ICP Internet content provider
IETF Internet Engineering Task Force
IKE Internet key exchange
IMSI International mobile subscriber identity
IMT International Mobile Telecommunications
IPSec Internet protocol security
IPX Internetwork packet exchange
IS to IS Intermediate system to intermediate system
IT Information technology
ITU International Telecommunications Union
ITU-T ITU-telecommunication
LAN Local area network
lloT Industrial Internet of Things
loT Internet of Things
LTE Long-term evolution
LTE-M Long-term evolution machine-type communication
MAA Massive antenna array
MANO Management and network orchestration
MBB Mobile broadband
MEC Multi-access edge computing
MiTM Man in the middle
ML Machine learning
Ml MO Multiple-input multiple-output
MME Mobility management entity
mMIMO Massive multiple-input multiple-output
mMTC Massive machine-type communication
MNO Mobile network operator
MOCN Mobile operator core network
MTC Machine-type communication
MU-MI MO Multiple-user multiple-input multiple-output
MVNO Mobile virtual network operator
NB-loT Narrowband Internet of Things
NEF Network exposure function
NESAS Network element security assurance scheme
NF Network function
NFV Network function virtualization
NFV MANO Network Function Virtualization Management and
Orchestration
NFV-0 Network function virtualization orchestration
NFV-I Network function virtualization infrastructure
NG RAN New generation radio access network
NLRI Network layer reachability information
NR New radio
NRF Network repository function
NS Network service
NSA Non-standalone
NSSF Network slice selection function
NVP Network visibility poisoning
NWDAF Network data analytics function
Oauth Open authentication
OPEX Operating expense
OS Operating system
OSPF Open shortest path first
OTP One-time password
PCE Path computation engine
PCF Policy control function
PCS Probabilistic constellation shaping
PLMN Public land mobile network
PNF Physical network function
PON Passive optical network
PSTN Public switched telephone network
QoS Quality of Service
RAM Random access memory
RAN Radio access network
RF Radio frequency
ROADM Reconfigurable optical add-drop multiplexer
Rt Realtime
RU Radio unit
SaaS Software as a service
SBA Service-based architecture
SCAS Security assurance specification
SDN Software-defined network
SECAM Security assurance methods
SEPP Secure edge protection proxy
SIDF Subscription identifier de-concealing function
SLA Service level agreement
SMF Session management function
SMSF Short message service function
S-NSSAI Single network slice selection assistance information
SOAR Security orchestration automation and response
SR Segment routing
SR-TE Segment routing-traffic engineering
SUCI Subscription concealed identity
SUPI Subscription permanent identifier
SW Software
TCO Total cost of ownership
TEU Twenty-foot equivalent unit
TLS Transport layer security
TOO Total cost of ownership
TSN Time sensitive network
TTI Transmission time interval
UDM Unified data management
UDR Unified data repository
UDSF Unstructured data storage function
UE User equipment
UL Uplink
UPF User plane function
URLLC Ultra-reliable low latency communication
V2X Vehicle-to-everything
vDAA Virtualized Distributed Access Architecture
VDSL Very high speed digital subscriber line
VIM Virtualized infrastructure manager
VM Virtual machine
VNF Virtualized network function
VNF-M Virtualized network function manager
VOD Video on demand
VoIP Voice over internet protocol
VPLMN Visited public land mobile network
VR Virtual reality
vRAN Virtual radio access network
WAN Wide area network
WDM Wavelength division multiplexing
Wi-fi Wireless fidelity
WLAN Wireless LAN
WTTA Wireless to the antenna
WWC Wireline-wireless convergence
xDSL Digital subscriber line