Brussels, Jan. 29 (ZXS) — The European Union issued a guiding document called the “5G Cybersecurity Toolbox” on the 29th, requiring EU member states to assess the risk situation of 5G suppliers and set limits on so-called “high-risk” suppliers.

According to the European Commission’s document published on the same day, EU member states agreed to take measures to address existing and potential risks to 5G networks, in particular to ensure that they can restrict, prohibit or impose specific requirements or conditions on the supply, deployment and operation of 5G network equipment.

For 5G network operators, the document says that member states should increase security requirements, including strict control of access rights, establishment of security operation and monitoring rules, and restrictions on the outsourcing of specific functions. For 5G network providers, the document says to assess supplier risk profiles and set limits on “high-risk” suppliers for important and sensitive assets identified by the EU.

The document stresses the need for EU member states to ensure that each operator has a multi-vendor strategy, avoid relying too much on a single supplier or relying on “high-risk” suppliers, and avoid tying a single supplier.

The document recommends that to avoid long-term dependence on one supplier, EU member states should maintain diversified and sustainable 5G supply chains, for example by making full use of existing EU tools and instruments, in particular by screening for FDI that may affect 5G-critical assets, and avoiding distortions in the 5G supply market due to potential dumping or subsidies.

The document calls on member states to use EU projects and funding to further enhance 5G and post-5G technology capabilities, while the EU will coordinate the standardization process, develop EU certification projects, and promote “safer products and processes”.

While calling for restrictions on 5G suppliers, the document does not exclude any companies from building 5G networks in the EU, adding that the document “does not target any particular supplier or country”.

According to the timetable set out in the document, the European Commission calls on member states to take measures to implement the content of the document by April 30 this year, the European Commission is ready to prepare a report on the implementation of member states by June 30 this year, and member states should assess by October 1 this year to determine whether further action is needed.

Later on the 29th, a spokesman for the Chinese mission to the EU said that China noted the EU 5G cybersecurity toolbox and is evaluating and studying it.

The spokesman pointed out that the EU has long emphasized adherence to the principles of multilateralism, free trade and markets, and hopes to effectively implement the above principles when providing a fair, just and non-discriminatory environment for enterprise investment and operation, and work with China to jointly grasp the huge development opportunities brought by the new round of scientific and technological revolution. (End)

Responsible editor: Li Linzhi