, ,

The Journey Begins: Turning the BSI NESAS Vision into Real-World Security Certification

Telecommunications networks form the foundation of today’s digital society and are increasingly recognized as critical infrastructure. In Germany, regulatory requirements for public telecommunications networks establish specific security expectations for systems and components supporting critical functions to account for their importance. In this context, BSI NESAS provides an important mechanism for demonstrating security assurance and supporting trust in critical telecommunications components.

Which brings us to an important milestone we are proud to share: atsec has successfully completed multiple certifications under the BSI NESAS scheme, supporting vendors in demonstrating their commitment to securing their critical telecommunications components.

BSI NESAS: From Concept to Working Certification Scheme

Before the BSI NESAS scheme came about, GSMA NESAS was jointly developed by the GSMA and the 3GPP to provide a standardized approach for assessing the security of network equipment used in mobile networks, which creates a common baseline for security assurance across the telecommunications industry.

An important strength of GSMA NESAS is that it continues to evolve alongside the telecommunications landscape, as the GSMA NESAS Working Group actively maintains and updates the scheme’s specifications, incorporating lessons learned from completed assessments, emerging cybersecurity threats, and new technologies and regulatory requirements. This ongoing collaboration between mobile network operators, equipment vendors, security experts, and standards organizations ensures that NESAS remains relevant, practical, and aligned with the evolving security needs of modern telecommunications networks.

When BSI NESAS was introduced, the goal was clear: establish a common security assessment framework for network equipment vendors, combining industry expertise via the GSMA NESAS scheme with independent evaluation and certification.

Over time, BSI NESAS has grown into a practical certification scheme that enables repeatable, structured, and trusted assessments. The successful completion of NESAS certifications demonstrates that the ecosystem is now functioning: vendors are engaging with the process, evaluation bodies are performing assessments, and certification is providing meaningful assurance to all relevant stakeholders.

Working with multiple vendors has given us valuable insight on how to apply NESAS across different products and deployment environments. Each certification strengthened our processes and test automation, demonstrating the scalability of the scheme.

Looking Ahead

Completing this first set of BSI NESAS certifications marks an important step forward, but it is also the beginning of a broader journey: We believe BSI NESAS has demonstrated its value as a working framework that enables meaningful security assurance across the telecommunications ecosystem.

At atsec, we are proud to contribute to this development and to support vendors in achieving robust, independent security certification. The journey has started and we look forward to what comes next.

What atsec can do for you?

If you are interested in undergoing BSI NESAS certification or have any questions regarding GSMA NESAS or our evaluation services, don’t hesitate to contact us. We look forward to working with you.

An arrow divider