Open Source Network Elements for Security Analysis of Mobile Networks

March 15, 2016 (at 2 p.m.) in The "Telco Security Day" (TSD) is an additional event to Troopers. It takes place on Tuesday the 15th. As the event aims to bring together only researchers, vendors and practitioners from the telecommunication / mobile security field, it is an invitation only event. The event is intended to be a discussion round for current topics accompanied by talks covering various subjects from different domains (e.g. practical security research or hacking, 3GPP standardization, Telco security operations). The TSD is a closed event and no filming will be allowed or recording will take place. It will be held in English. The agenda is publicly available and will be published here soon. Please note there is also a Shared Dinner at 19:30 for TSD Speakers and Attendees. For questions, talk submissions or invitation requests, please contact

For almost 20 years, digital cellular networks have been without Free /Open Source software implementations of any of their protocols or network elements.

In 2008, the two independent and architecturally completely different projects OpenBTS and OpenBSC have changed that for 2G networks. In 2010, they were followed by OsmocomBB, an Open Source implementation of the GSM Mobile Station protocol stack.

It is not a coincidence that the above projects were a (if not the) key enabler behind a lot of the cellular technology security research that followed in the years after.

Despite being of such prominent importance for researching (and ultimately improving) cellular security, the mobile industry has not learned from 2G and not taken up the cause to funded or support the development of Open Source reference implementations of later (3G / 4G) protocols and network elements.

Despite the lack of support, the Osmocom project has started an implementation of the 3G core network elements and is actively working towards IuCS, IuPS and Iuh support in OsmoNITB and OsmoSGSN. The first working alpha-versions of this are expected to be available at the end of Q1/2016. Let's hope they can have an equal impact in spawning cellular security research than the releases of OpenBSC and OsmocomBB in the past.

Harald Welte

Harald Welte is a data communications freelancer, enthusiast and hacker who is working with Free Software (and particularly GNU/Linux) since 1995 His major code contribution to the Linux kernel was as a core developer of the netfilter/iptables packet filter.

He has co-started a number of other Free Software and Free Hardware projects, mainly related to RFID such as librfid, OpenMRTD, OpenBeacon, OpenPCD, OpenPICC. During 2006 and 2007 Harald became the co-founder of OpenMoko, where he served as Lead System Architect for the worlds first 100% Open Free Software based mobile phone.

Aside from his technical contributions, Harald has been pioneering the legal enforcement of the GNU GPL license as part of his project. More than 150 inappropriate use of GPL licensed code by commercial companies have been resolved as part of this effort, both in court and out of court. He has received the 2007 ""FSF Award for the Advancement of Free Software"" and the ""2008 Google/O'Reilly Open Source award: Defender of Rights"".

In 2008, Harald started to work on Free Software on the GSM protocol side, both for passive sniffing and protocol analysis, as well as an actual network-side GSM stack implementation called OpenBSC. In 2010, he expanded those efforts by creating OsmocomBB, a GSM telephony-side baseband processor firmware and protocol stack. Other projects include OsmocomTETRA, a receive-only implementation of the ETSI TETRA radio interface.

Together with fellow developer Dieter Spaar, Harald has been giving many incarnations of deeply technical trainings about mobile communications protocols from the air inteface to the core network, with a special emphasis on security.

Harald is co-founder of sysmocom GmbH, Berlin/Germany based company working on innovative Free Software based products and solutions for conventional and unconventional operators of mobile networks. Said projects are also used by various entities in research of mobile security.