Management and Orchestration (MANO), in other words the creation, configuration, monitoring and deletion of network functions, is defined as a critical function in 5G telecommunication networks. For this reason, the Federal Office for Information Security has commissioned and now published a study that aims to product-independently describe and analyze MANO so that specific protection profiles can be created based on the results of the study.

MANO is a complex system with multiple interconnected components, and ensuring its security is of paramount importance in today's connected and digital world. Security is a multi-layered concern and requires a combination of technical measures, secure development practices and organizational processes. By implementing robust security measures and a proactive approach to threat prevention, network operators and service providers can ensure the integrity, availability and confidentiality of their network functions and services.

The creation of certification requirements itself is not the subject of this study. The study includes an introduction and overview of MANO, an examination with regard to applicability to existing products, a risk analysis of the entire system, derived security requirements and problem definitions and the corresponding identification of the security functionalities for deriving potential future TOEs (Targets of Evaluation).

• Studie und Risikoanalyse von Management- und Orchestrierungssystemen (MANO) in 5G
• Study and risk analysis of Management and Orchestration (MANO) systems in 5G