VM

Virtual Machine

Management →
Introduced in Rel-10 Also in: Security

VM is a software emulation of a physical computer system that executes network functions as isolated instances, forming the foundation for Network Function Virtualization (NFV) to enable flexible and scalable telecom services.

Category
Management
Introduced
Rel-10
Where
Management
Also touches
1 segments
Specifications
10 specs
VM Description Purpose Related Classification Detected Changes Specifications

Description

A Virtual Machine (VM) is a software-based abstraction that emulates the functionality of a physical computer, including its CPU, memory, storage, and network interfaces. It runs on a hypervisor (or Virtual Machine Monitor) installed on physical server hardware. The hypervisor allocates physical resources (compute, storage, network) to each VM, ensuring isolation and security between multiple VMs running on the same host. Each VM contains its own guest operating system and application software, behaving like an independent physical machine from the perspective of the software running inside it. This isolation is a key architectural principle, preventing faults or security breaches in one VM from affecting others on the same host.

In the context of 3GPP networks, VMs are the primary execution environment for Virtualized Network Functions (VNFs). Core network functions like the MME, SGW, PGW, and later the AMF, SMF, and UPF in 5GC, can be implemented as software packages deployed within VMs. The hypervisor manages the lifecycle of these VMs, including instantiation, scaling, migration, and termination. Resource allocation is dynamic; the hypervisor can adjust CPU cores, memory, and virtual network interface bandwidth assigned to a VM based on the VNF's current load and performance requirements, a capability managed by an NFV Orchestrator (NFVO).

The role of the VM is central to the ETSI NFV architectural framework, which 3GPP adopts and references. The VM provides the necessary isolation and resource guarantees for carrier-grade network functions. It allows operators to deploy network services on commercial off-the-shelf (COTS) hardware in data centers, moving away from proprietary, integrated appliances. This shift enables rapid service innovation, as new VNFs can be developed and deployed as software updates. Furthermore, VMs support high availability through live migration, where a running VM can be moved to another physical host with minimal service interruption for maintenance or load balancing.

Purpose & Motivation

The VM was introduced into 3GPP specifications to support the industry-wide shift towards Network Function Virtualization (NFV). Prior to NFV, telecom networks were built using monolithic, proprietary hardware appliances for each network function (e.g., a physical firewall, a physical MME). This approach led to long innovation cycles, high capital and operational expenses, vendor lock-in, and inefficient resource utilization, as each appliance was sized for peak load and often remained underutilized.

The purpose of standardizing the VM concept within 3GPP was to provide a common, interoperable foundation for virtualized deployments. It solves the problem of hardware dependency by abstracting network functions into software that can run on standardized cloud infrastructure. This enables operators to achieve greater agility, scaling services up or down elastically based on demand. It also facilitates multi-vendor environments, as VNFs from different vendors can, in principle, run on the same NFV Infrastructure (NFVI) provided they conform to the VM specifications and interfaces.

Historically, the work was driven by operator demands for cost reduction and operational flexibility, leading to collaboration between 3GPP and ETSI ISG NFV. The initial integration in Release 10 marked the beginning of formal architectural support for virtualization, paving the way for the cloud-native evolution seen in later releases with containers and microservices.

Classification

Part ofNFVI
Related approachesVNF

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (1 CRs across 1 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Studied in Rel-10, normative work from Rel-18.

Rel-18 1 change

In Release 18, a new security consideration for virtualized network functions was introduced by adding the analysis of VM traffic isolation as a potential security threat. This update was documented within the technical report for virtualized network product classes, specifically in TR 33.927. The change focuses on identifying and addressing security risks associated with the isolation of traffic between virtual machines in a network function virtualization environment.

  • Add VM traffic isolation security threat to TR 33.927 3GPP virtualized network product classes TS 33.927CR0002

Explore further

Broader topics and technologies where VM plays a role.

Topics
Lawful Intercept5G Core (5GC)Services & ApplicationsManagement & OperationsRadio Access NetworkCore Network
Technologies
5G

Defining Specifications

3GPP specifications that define or reference VM, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 23.057 vj00 Mobile Execution Environment (MExE) Specification Rel-19
TR 23.758 vh00 Study on Edge Application Architecture Rel-17
TS 28.515 vj00 Fault Management for Virtualized Networks Rel-19
TS 28.516 vj00 Fault Management for Virtualized Mobile Networks Rel-19
TS 29.892 vg00 Study on User Plane Protocol in 5GC Rel-16
TS 32.501 vj00 Self-Configuration of Network Elements Concepts Rel-19
TS 32.842 vd10 Management of Virtualized 3GPP Core Networks Rel-13
TR 33.818 vh10 SECAM/SCAS for 3GPP Virtualised Network Products Rel-17
TR 33.848 vi00 Technical Report on Virtualisation Security Rel-18
TR 33.927 vj00 Security Assurance for Virtualized Network Products Rel-19