SIRF

System Information Retrieval Function

Security
Introduced in Rel-16
A security function defined in 5G networks that enables a secure and efficient mechanism for a UE to retrieve system information (SI) from a network. It is part of the security architecture for the Service-Based Interface (SBI) within the 5G Core, ensuring that SI delivery is authenticated and integrity-protected.

Description

The System Information Retrieval Function (SIRF) is a network function within the 5G Core (5GC) security framework, standardized in 3GPP Release 16 and later. It operates as a security endpoint that facilitates the secure retrieval of System Information (SI) by User Equipment (UE). System Information comprises essential data broadcast by the radio access network (e.g., gNB) that UEs need to discover, select, and access the network, including parameters for cell selection, access control, and neighboring cell information. While some SI is broadcast openly, the SIRF addresses the need for secure, on-demand delivery of certain SI messages.

Architecturally, the SIRF is a logical function that can be co-located with other Network Functions (NFs), such as the Network Repository Function (NRF) or a dedicated SI management function. It exposes a service-based interface (likely using HTTP/2 and JSON, as per 5GC SBI conventions) that is secured using 5G security mechanisms. When a UE requires specific system information that is not broadcast or needs a verified copy, it can initiate a secure session with the SIRF. The interaction is protected by the 5G security context established during initial registration, ensuring mutual authentication between the UE and the network, as well as confidentiality and integrity protection for the retrieved information.

The SIRF works by receiving authenticated requests from UEs, validating them against the UE's security context and subscription profile, and then fetching the requested system information. This information may be sourced from a central repository or generated dynamically. The SIRF then packages and returns the SI to the UE in a protected manner. This mechanism is particularly valuable for delivering sensitive or large SI blocks that are inefficient to broadcast frequently, for providing UE-specific SI configurations, or for ensuring SI authenticity in scenarios where broadcast SI could be spoofed (e.g., in non-terrestrial networks or vulnerable coverage areas). It enhances the overall security and efficiency of system information management in 5G.

Purpose & Motivation

The SIRF was created to address specific security and efficiency challenges in system information delivery for advanced 5G use cases defined from Release 16 onward. Traditional broadcast of all system information is inefficient for rarely-changing parameters and vulnerable to spoofing attacks, where a malicious transmitter could broadcast false network parameters to launch denial-of-service or man-in-the-middle attacks.

Its introduction was motivated by the expansion of 5G into new deployment scenarios such as Non-Public Networks (NPN), Integrated Access and Backhaul (IAB), and Non-Terrestrial Networks (NTN). In these environments, ensuring the authenticity and integrity of system information is paramount. For instance, in an NPN, a UE must be certain it is retrieving SI from the legitimate private network and not a rogue cell. Furthermore, for on-demand SI, the network needs a secure method to deliver potentially large or UE-specific data blocks without relying on insecure broadcast channels.

The SIRF solves these problems by leveraging the established 5G security architecture. It provides a standardized, secure, and service-based method for SI retrieval, moving beyond the purely broadcast model. This allows network operators to control access to certain SI, verify the identity of the retrieving UE, and protect the SI from tampering during delivery. It represents an evolution from a 'trust-the-air-interface' model for SI towards a 'secure-service' model, aligning with the broader 5GC principle of service-based interactions protected by robust security protocols.

Key Features

  • Provides a secure, service-based interface for on-demand retrieval of System Information by UEs.
  • Integrates with the 5G Core security framework, ensuring mutual authentication and protection of SI data.
  • Supports efficient delivery of large, infrequent, or UE-specific system information blocks.
  • Enhances resilience against false base station attacks by authenticating the source of SI.
  • Facilitates advanced deployment scenarios like Non-Public Networks (NPN) and Non-Terrestrial Networks (NTN).
  • Operates as a logical function that can be co-located with other 5G Core Network Functions.

Evolution Across Releases

Rel-16 Initial

Initially introduced in the security specifications (33.127, 33.128). Defined the SIRF's role and requirements within the 5G security architecture for secure system information retrieval. Established the need for it to support service-based interactions and integrate with 5G authentication and authorization mechanisms.

TS 33.127TS 33.128

Defining Specifications

SpecificationTitle
TS 33.127 3GPP TR 33.127
TS 33.128 3GPP TR 33.128