5G Signalling Controller: Functions and SEPP

The SCP (Service Communication Proxy) is a network function (NF) in the 5G Core Network (5GC) that increases the operational efficiency and reliability of the PLMN internal signaling network.

The SCP provides the following benefits within a service-based architecture:

  • Traffic distribution and failover
  • Topology simplification
  • Load balancing
  • Failover handling 
  • Signaling peak protection
  • Load distribution
  • Prioritization of service requests
  • Overload control
  • Integration and interworking
  • Parameter adaptation
  • Migrate customer basis to new services
  • Increased security
  • Authorization based on OAuth2.0 framework

SC supports a definition of multiple NF profiles that are used in the NRF registration. Supported NFs and services can be configured in the NF profile.

SC registers its NF profiles through the Nnrf_NFManagement service in one NRF per NRF group. If the SC is taken out of service, it will deregister its NF profiles through the Nnrf_NFManagement service.

The SCP registers in the NRF for one or several services to be proxied between NF service consumers and the NF service producers.

When an NF service consumer sends a Discovery Request to the NRF for such a service, it receives the service address of the SCP.

The NF service consumer then sends any service request for this service to the service address of the SCP, and the SCP forwards the service request to one of the NF service producers applying its configured routing function, for example, load balancing.

Also Read:  GSMA 5G Cybersecurity Knowledge Base

5G Signalling Controller (SC) Functions

  • The SC hides the complexity of the charging pools from the service consumers and offloads service consumers from complex routing decisions to find the optimal charging service routing.
  • The SC performs load distribution of charging messages and optimizes the utilization of the charging pools.
  • The SC protects service consumers from fault indications by failing over to alternative charging pool members in case of overload or failures.
  • Based on error indication from a charging pool member, the charging pool member can be temporarily blocked from traffic distribution for a predefined time.

Security Edge Protection Proxy (SEPP)

Security Edge Protection Proxy (SEPP) in 5G system architecture is an entity sitting at the perimeter of the Public Land Mobile Network (PLMN) for protecting control plane messages for inter-PLMN communication.

For intra-PLMN communication, all Service-Based Interfaces (SBIs) are protected using mTLS as specified in 3GPP 33.501.

Protocol Tracing allows capturing raw IP packets for NRF or NSSF SBI traffics and sending the captures to external SFTP server or cluster internal Probe Adapter.

The Nnssf_NSSelection service can be invoked in the following procedures:

During UE Registration, the service is used by an NF service consumer (for example, AMF) to retrieve the Allowed NSSAI, Configured NSSAI, target AMF Set or the list of candidate AMF(s) and other optional information.

Also Read:  How 5GC is Different than 4G EPC: 5GC vs EPC

During PDU Session establishment, the service is used by an NF service consumer (for example, AMF or NSSF in a different PLMN) to retrieve the NRF and the optionally the NSI ID of the network slice instance.

During UE Configuration Update procedure, the service is used by an NF service consumer (for example. AMF) to retrieve the Allowed NSSAI, Configured NSSAI, target AMF Set or the list of candidate AMF(s) and other optional information.

Photo of author

Som D

Som is Network and Cloud Security expert with 12+ years of experience in the field and years of experience into 5G Security. She has researched, tested and written hundreds of articles on a variety of topics such as Network Security, Cloud Security, Wireless Security, Networking Basics, Mobile Operators services guides and 5G Security. In addition to her professional pursuits, Som is also a passionate into researching and publishing the content on other education platforms surrounding network security, cloud security and 5G security. She also creates guides, walkthroughs, solutions and more to help others with their progression in the same field.