NESAS Documents

GSMA Network Equipment Security Assurance Scheme documentation

The NESAS policies, processes and procedures are on this page. The 3GPP specifications define the scheme. While the scheme’s processes and requirements are from the GSMA.

Please note that NESAS improves by iterations. Therefore, all findings refine future releases. Whether they are through its application or feedback from stakeholders. So the scheme can help to make sure security improvements are always the best they can be.

GSMA Scheme Documents

The GSMA publishes the following documents:

FS.13 – NESAS OverviewFamiliarise yourself with the NESAS scheme.
FS.14 – NESAS Security Test Laboratory AccreditationRequirements for accreditation.
FS.15 – NESAS Development and Lifecycle Assessment MethodologyThe audit assessment for network equipment vendors’ processes.
FS.16 – NESAS Development and Lifecycle Security RequirementsSecurity requirements for network equipment vendors’ processes.
FS.46 – NESAS Audit GuidelinesHow to prepare and carry out an audit.
FS.47 – NESAS Product and Evidence Evaluation MethodologyDetails of how the product and evidence evaluation works.

3GPP Security Assurance Specifications

3GPP publishes the following Security Assurance Specification (SCAS) documents:

TS 33.116MME network product class
TS 33.117Catalogue of general security assurance requirements
TS 33.216Evolved Node B (eNB) network product class 
TS 33.250PGW network product class 
TS 33.326Network Slice-Specific Authentication and Authorization Function (NSSAAF) network product class 
TS 33.511Next generation Node B (gNodeB) network product class 
TS 33.512Access and Mobility management Function (AMF). 5G SCAS
TS 33.513User Plane Function (UPF) 5G SCAS
TS 33.514Unified Data Management (UDM) network product class. 5G SCAS
TS 33.515Session Management Function (SMF) network product class. 5G SCAS
TS 33.516Authentication Server Function (AUSF) network product class. 5G SCAS 
TS 33.517Security Edge Protection Proxy (SEPP) network product class. 5G SCAS
TS 33.518Network Repository Function (NRF) network product class. 5G SCAS
TS 33.519Network Exposure Function (NEF) network product class. 5G SCAS
TS 33.521Network Data Analytics Function (NWDAF). 5G SCAS
TS 33.522 Service Communication Proxy (SCP). 5G SCAS 
TS 33.523Split gNB product classes 5G SCAS
TS 33.526Management Function (MnF) 5GSCAS
TS 33.5273GPP virtualized network products 5GSCAS

Want to know more or speak to someone about GSMA NESAS? Then please get in touch here.