NTIA RAN Tester UE

Penetration testing tool for 5G and O-RAN security vulnerabilities using software-defined radio UE emulation.

Overview

This project is a security testing tool based on modifications and attacks from the User Equipment, designed to test 5G and open radio access networks (RANs) via the Uu air interface between the UE and the network. While enabling various types of testing, the primary focus of this software is on RAN security testing.

This RAN Tester UE (rtUE) is fully software-based and compatible with widely available, commercial off-the-shelf (COTS) software radio hardware. Standardized 3GPP or O-RAN tests, as well as custom test procedures, can be implemented and executed at minimal cost and at different stages of RAN development and integration. This system facilitates testing across multiple commercial and open-source RAN implementations with minimal technical overhead. Additionally, many attacks on the RAN can be executed automatically by the system.

Getting Help

This project is still in development. If you find any issues, please create a GitHub issue on our repository: ran-tester-ue

Our team will respond to any issues as quickly as possible. We appreciate any feedback as we continue to add to our documentation.

Getting Started

• Quickstart
• Installation
• Routing Traffic

Attacks

• Jamming
• RACH flooding
• RRC fuzzing
• Sniffing

Metrics

• Grafana
• rtUE Metrics

Architecture

• Overview

For Developers

• Development Overview
• Message Types
• Monitor Thread API