Demonstration & Validation

The XTRUST-6G project will validate its advanced security solutions through five large-scale pilots, each designed to integrate physical infrastructures and simulation environments (digital twins) to assess resilience against sophisticated cyber threats. These pilots will showcase the key tools and solutions developed for securing the next generation of 6G networks. Each pilot addresses specific challenges in different areas of the 6G ecosystem, demonstrating the project’s potential to provide effective and scalable security measures.

Pilot 1: 6G-enabled EV Charging Infrastructure Resilience

It deploys 5G/6G solutions to facilitate high-speed data exchange, real-time communication, and robust cybersecurity within the EV charging ecosystem. The objective is to prevent cyberattacks, improve operational efficiency, and ensure network availability exceeding 99.9%. The infrastructure, primarily in Greece, will support these resilience goals across the EV charging network.

This pilot focuses on enhancing the security and reliability of electric vehicle (EV) charging systems.

Pilot 2:Safeguarding 6G-connected Autonomous Vehicles

By employing zero-trust security frameworks, it secures communication between vehicles and control systems, aiming to reduce cyber risks and enhance the performance and safety of smart mobility services. This pilot will be conducted in urban environments in Estonia, emphasizing real-world testing of 6G connectivity for autonomous transportation.

The TalTech Pilot within the XTRUST-6G project focuses on secure and intelligent autonomous mobility, testing zero-trust security mechanisms and AI-driven cybersecurity for 6G-enabled autonomous vehicles and smart mobility infrastructures. Hosted at Tallinn University of Technology, the pilot integrates zero-trust security frameworks with AI-powered intrusion detection to enhance cybersecurity for autonomous shuttles operating in smart city environments. Leveraging private 5G networks and exploring future 6G capabilities, it ensures secure and low-latency vehicle-to-infrastructure and vehicle-to-vehicle communications. The pilot also incorporates smart traffic infrastructure, including intelligent traffic lights, and pedestrian crossings enabling real-time secure data exchange between infrastructure and autonomous vehicles. AI-driven anomaly detection and cyber-resilience mechanisms will protect against cyberattacks targeting AV software, sensor spoofing, and data manipulation. The pilot aims to demonstrate secure, AI-powered, 6G-ready autonomous mobility, develop real-time cyber threat detection and automated response for AVs, validate zero-trust frameworks in an operational smart city environment, and provide recommendations for future 6G security standards in mobility applications. As a crucial part of XTRUST-6G, it contributes to the development of resilient, quantum-safe, and energy-efficient cybersecurity for next-generation autonomous mobility solutions. 

This pilot addresses vulnerabilities specific to 5G+/6G networks used by autonomous vehicles.

Pilot 3: Quantum Key Distribution for End-to-End 6G Security

This pilot integrates Quantum Key Distribution (QKD) with 6G networks to provide quantum-resistant encryption for end-to-end communications. It aims to manage the key rate and encryption flow across various 6G components, maintaining performance without compromising security. The pilot will take place at the University of Luxembourg’s campuses (Belval and Kirchberg), testing these technologies within a secure academic infrastructure.

As traditional key exchange and encryption protocols become increasingly vulnerable, QKD offers a quantum-secure channel resistant to computationally unbounded attackers. The pilot addresses key challenges such as secure authentication, seamless key distribution, and efficient key relay mechanisms. SNT will use its Quantum Lab, 6GSpaceLab, and QKD infrastructure to design, implement, and validate QKD integration within 6G networks. The setup includes a QKD star topology with iDQ XGR devices, interconnected via dedicated dark fibers, and a 5G/6G testbed using open-source core networks and software-defined radios.

With the advent of quantum computing, traditional encryption methods are becoming increasingly vulnerable.

Pilot 4: Securing UAV-assisted 6G Communications

This pilot focuses on mitigating cybersecurity risks such as jamming, eavesdropping, and unauthorized access, using physical layer security (PLS) to protect UAV communications. Testing will occur in varied outdoor environments across Europe, where UAVs will be deployed in scenarios such as border inspection and environmental monitoring.

Motivation and Challenges 

Today’s commercial usage and correct operation of drones, or unmanned aerial vehicles (UAV), mainly rely on proprietary and point-to-point communication systems. Preliminary developments and tests have been performed under 5G networks used by rotor UAVs flying at low altitudes/low speeds for border and forest inspection, high voltage/base station inspection, and other use cases. In such use cases, a UAV control vehicle is required to provide reliable network services through 5G networks to the UAV platforms.  

The data of the UAV terminal include control and application data; control data includes navigation commands, configuration changes, flight status data reporting, etc. The UAV control vehicle needs to communicate with the edge components and the 5G+/6G non-RT RIC at the SMO; the extended attack surface can be exploited by malicious applications (rApps) or components at the SMO, adversarial AI attacks, compromised edge services or xApps at near-RT RIC, etc. As described, security is a major challenge in UAV communications, and physical layer security (PLS) is an important technique to improve the reliability and security of data shared through the UAVs.  

Objectives  

The high-level objectives of the pilot are described below:  

    • Improve the protection on 5G+/6G based communication network of the UAV control vehicles and the UAV platforms (systems and devices) throughout its life-cycle by physically implementing secure mechanisms for device onboarding and encrypted end-to-end communication;  
    • Establish audit procedures to control data and application hosting changes at the edge services;  
    • Utilizing shared secret keys between legitimate UAV platforms and edge services users at the PHY layer; and  
    • Enhance the resilience of 5G+/6G communication infrastructure against AI-based jamming attacks.  

Set Up – Infrastructure  

For the needs of the pilot, the non-RT RIC, part of the SMO, will be deployed on the cloud, whereas the near-RT RIC, O-CU, and O-DU are part of the UAV control vehicle. Core O-RAN functionality is needed for allowing the non-RT RIC to obtain UE-level data from the application server, and the near-RT RIC to execute the policies obtained and generate configuration parameters for the E2 nodes. The UAV terminals receive user plane data from the application server.  To be more precise, the infrastructure provided to the project for the needs of the pilot includes hardware and software components of the UAV communication and control, like: multirotor UAV AP-M-2; UAV control vehicle; application server (edge computing service platform) on the control vehicle, where dedicated hardware is hosting the application server and the RAN and 5G+ core infrastructure. A private 5G testbed will be used, supporting 5G R16 in stand-alone mode, with slicing support and end-to-end SDN/NFV compliant architecture and NFV and security orchestrators. Latest O-RAN related capabilities will be provided. 

Unmanned aerial vehicles (UAVs) require secure, low-latency 5G+/6G communications for critical tasks like inspection and live broadcasts.

Pilot 5: Thwarting Attacks Against O-RAN and Virtualized 6G Infrastructure

This pilot examines the security of O-RAN architecture and virtualized 6G infrastructures, addressing challenges such as securing cloud and edge applications, preventing lateral movement of attackers, safeguarding software supply chains, and mitigating denial-of-service (DoS) attacks. The goal is to ensure comprehensive protection for the virtualized 6G infrastructure in a dynamic, highly distributed environment.

Pilot 5 aims to test the XTRUST-6G components on the general O-RAN architecture with several scenarios that will be based on, and extend as needed, the O-RAN threat model; this includes the fronthaul, right after the O-RAN radio unit (O-RU), up to the higher-level functions of the SMO framework. This pilot ensures that no fundamental cyber-security requirements of O-RAN systems, no matter how basic, are left outside the scope of XTRUST-6G. The major patterns are: exploitation of cloud/edge application vulnerabilities, attacker’s lateral movement, insecure software development practices (leading to further exploitable application vulnerabilities), and DoS attack opportunities considered from multiple points (both internal and external) of the O-RAN system. 

The objectives of Pilot 5 are: 

    • Secure the O-RAN system against internal/external attempts to exploit cloud/edge application vulnerabilities.  
    • Contain lateral movement through rapid intrusion detection and zero-touch security orchestration. Secure the software supply chain of cloud/edge applications to reduce their attack surface.  
    • Detect and mitigate DoS and other prominent attacks against critical O-RAN components and interfaces. 

For the needs of Pilot 5, Iquadrat’s 5G testbed (Rel-16 in standalone mode) will be used. An end-to end SDN/NFV compliant architecture, implemented with its own local cloud (OpenStack and Kubernetes) and 5G gNBs (O-RAN compliant), as well as, NFV and security orchestration capabilities. Supported UEs include off-the shelf 5G smartphones, 5G CPEs and Raspberry PI-based UEs with a 5G HAT. To further implement the XTRUST 6G pilots, Iquadrat’s testbed will be extended to fully support and comply with the latest O-RAN 7.2 specifications.  

O-RAN architecture and virtualized 6G infrastructures

Each pilot will provide invaluable insights and practical solutions for safeguarding the next generation of 6G networks against evolving cyber threats

The outcomes will contribute to global efforts to standardize secure 6G technologies and practices, helping to shape a secure, resilient, and scalable 6G ecosystem. These pilots are strategically located in key regions, including Greece, Estonia, and Luxembourg, ensuring diverse testing environments and robust validation across different real-world scenarios.

Pioneering Next-Generation 6G
Cybersecurity Frameworks