The European Commission has issued its guidance on 5G and the role that “high-risk” vendors should play in networks.
Europe has come under pressure to limit the role of China-based Huawei, after the US raised concerns that its equipment could be used for spying.
Member states should agree on the best way to secure their 5G networks by 30 April, the EC said.
The UK has ruled that Huawei can continue to be used in its 5G networks, but with restrictions.
Huawei is not named in its guidelines, and the decision on which equipment to use is left to individual countries.
The non-binding EC recommendations call on member states to:
- strengthen security requirements
- assess the risk of suppliers
- restrict suppliers considered to be high-risk
- reveal exclusions for key assets considered as critical (such as the core network)
- set up a legal or regulatory framework to control the use of outsourced suppliers
- ensure governments get audit telecoms operators to provide detailed data on sourcing of 5G equipment
In a press release, the European Commission said: “5G networks offer more potential entry points for attackers. Cyber-security threats are on the rise and becoming increasingly sophisticated.
“As many critical services will depend on 5G, ensuring the security of networks is of highest strategic importance for the entire EU.”
Margrethe Vestager, executive vice-president for a Europe fit for the digital age, added: “We can do great things with 5G. The technology supports personalised medicines, precision agriculture and energy grids that can integrate all kinds of renewable energy.
“This will make a positive difference. But only if we can make our networks secure. Only then will the digital changes benefit all citizens.”
Huawei has always denied that it would help the Chinese government attack one of its clients. The firm’s founder has said he would “shut the company down” rather than aid “any spying activities”.
In its role as 5G vendor, it competes with Finland’s Nokia and Sweden’s Ericsson.