[<< Back](../)

# References

## Table of Contents
* [Common References](#1.1)
* [Cloud Native and Kubernetes References](#1.2)
* [Network related References](#1.3)
* [O-RAN, 5G and Miscellaenous References](#1.4)
* [Security Related References](#1.5)
  * [NIST Security Related References](#1.5.1)

<a name="1.1"></a>
## Common References

|Ref	   | Doc Number	            |Title          |
|--------  |------------------------|---------------|
| [1]      | ETSI GR NFV 003 V1.5.1 | "Network Functions Virtualisation (NFV); Terminology for Main Concepts in NFV", January 2020. Available at https://www.etsi.org/deliver/etsi_gr/NFV/001_099/003/01.05.01_60/gr_NFV003v010501p.pdf |
| [2]      |  RFC 2119              | “Key words for use in RFCs to Indicate Requirement Levels”, S. Bradner, March 1997. Available at http://www.ietf.org/rfc/rfc2119.txt |
| [3]      | ETSI GS NFV 002 V1.2.1 | “Network Functions Virtualisation (NFV); Architectural Framework”. Available at https://www.etsi.org/deliver/etsi_gs/NFV/001_099/002/01.02.01_60/gs_NFV002v010201p.pdf |
| [4]      | ETSI GR NFV-IFA 029 V3.3.1 | “Network Functions Virtualisation (NFV) Release 3; Architecture; Report on the Enhancements of the NFV architecture towards "Cloud-native" and "PaaS" ”. Available at https://www.etsi.org/deliver/etsi_gr/NFV-IFA/001_099/029/03.03.01_60/gr_NFV-IFA029v030301p.pdf |
| [5]      | ETSI GS NFV-TST 008 V3.2.1 | “Network Functions Virtualisation (NFV) Release 3; Testing; NFVI Compute and Network Metrics Specification”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-TST/001_099/008/03.02.01_60/gs_NFV-TST008v030201p.pdf |
| [6]      | ETSI GS NFV-IFA 027 V2.4.1 | “Network Functions Virtualisation (NFV) Release 2; Management and Orchestration; Performance Measurements Specification”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-IFA/001_099/027/02.04.01_60/gs_nfv-ifa027v020401p.pdf |
| [7]      | ETSI GS NFV-IFA 002 V2.1.1 | “Network Functions Virtualisation (NFV);Acceleration Technologies; VNF Interfaces Specification”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-IFA/001_099/002/02.01.01_60/gs_NFV-IFA002v020101p.pdf |
| [8]      | ETSI NFV-IFA 019 V3.1.1 | “Network Functions Virtualisation (NFV); Acceleration Technologies; Acceleration Resource Management Interface Specification; Release 3”. Available at https://www.etsi.org/deliver/etsi_gs/nfv-ifa/001_099/019/03.01.01_60/gs_nfv-ifa019v030101p.pdf |
| [9]      | ETSI GS NFV-INF 004 V1.1.1 | “Network Functions Virtualisation (NFV); Infrastructure; Hypervisor Domain”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-INF/001_099/004/01.01.01_60/gs_NFV-INF004v010101p.pdf |
| [10]      | ETSI GS NFV-IFA 005 V3.1.1 | “Network Functions Virtualisation (NFV) Release 3; Management and Orchestration; Or-Vi reference point - Interface and Information Model Specification”. Available at https://www.etsi.org/deliver/etsi_gs/nfv-ifa/001_099/005/03.01.01_60/gs_nfv-ifa005v030101p.pdf |
| [11]      | DMTF RedFish | “DMTF RedFish Specification”. Available at https://www.dmtf.org/standards/redfish |
| [12]      | NGMN Overview on 5GRAN Functional Decomposition ver 1.0 | “NGMN Overview on 5GRAN Functional Decomposition”. Available at  https://www.ngmn.org/wp-content/uploads/Publications/2018/180226_NGMN_RANFSX_D1_V20_Final.pdf |
| [13]      | ORAN-WG4.IOT.0-v01.00 | “Front haul Interoperability Test Specification(IOT)”. Available at  https://static1.squarespace.com/static/5ad774cce74940d7115044b0/t/5db36ffa820b8d29022b6d08/1572040705841/ORAN-WG4.IOT.0-v01.00.pdf/2018/180226_NGMN_RANFSX_D1_V20_Final.pdf |
| [14]      | ETSI GS NFV-TST 009 V3.1.1 | “Network Functions Virtualisation (NFV) Release 3; Testing; Specification of Networking Benchmarks and  Measurement Methods for NFVI”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-TST/001_099/009/03.01.01_60/gs_NFV-TST009v030101p.pdf |
| [15]      | ETSI GR NFV IFA-012 | “Network Functions Virtualisation (NFV) Release 3; Management and Orchestration; Report on Os-Ma-Nfvo reference point - application and service management use cases and recommendations”. Available at https://www.etsi.org/deliver/etsi_gr/NFV-IFA/001_099/012/03.01.01_60/gr_NFV-IFA012v030101p.pdf |
| [16]      | ETSI GS NFV-SEC 001 V1.1.1 | “Network Functions Virtualisation (NFV); NFV Security; Problem Statement”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/001/01.01.01_60/gs_nfv-sec001v010101p.pdf |
| [17]      | ETSI GS NFV-SEC 003 V1.1.1 | “Network Functions Virtualisation (NFV); NFV Security; Security and Trust Guidance”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/003/01.01.01_60/gs_NFV-SEC003v010101p.pdf |
| [18]      | ETSI GS NFV-SEC 013 V3.1.1 | “Network Functions Virtualisation (NFV) Release 3; NFV Security; Security Specification for MANO Components and Reference points”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/014/03.01.01_60/gs_NFV-SEC014v030101p.pdf |
| [19]      | ETSI GS NFV-SEC 013 V2.6.1 | “Network Functions Virtualisation (NFV) Release 2; Security; VNF Package Security Specification ”. Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/021/02.06.01_60/gs_nfv-sec021v020601p.pdf |
| [20]      | GSMA FS.31 V2.0 February 2020| “Baseline Security controls ”. Available at https://www.gsma.com/security/resources/fs-31-gsma-baseline-security-controls |
| [21]      | GSMA whitepaper January 2021| “Open Networking & the Security of Open Source Software deployment ”. Available at https://www.gsma.com/futurenetworks/resources/open-networking-the-security-of-open-source-software-deployment |
| [22]      | Cloud Security Alliance (CSA) and SAFECode| “The Six Pillars of DevSecOps: Automation (2020) ”. Available at https://safecode.org/the-six-pillars-of-devsecops-automation |
| [23]      | ISO/IEC 27000:2018 | Information technology — Security techniques — Information security management systems — Overview and vocabulary. Available at https://www.iso.org/standard/73906.html. |
| [24]      | Cloud Security Alliance (CSA) | “Information Security Management through Reflexive Security  ”. Available at https://cloudsecurityalliance.org/artifacts/information-security-management-through-reflexive-security/ |
| [25]      | NIST SP 800-207  | “Zero Trust Architecture (ZTA) ”. Available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf |
| [26]      | Open Infrastructure  | “Edge Computing: Next Steps in Architecture, Design and Testing ”. Available at https://www.openstack.org/use-cases/edge-computing/edge-computing-next-steps-in-architecture-design-and-testing/ |
| [27]      | RFC5905 | "Network Time Protocol Version 4: Protocol and Algorithms Specification", IETF RFC, Available at https://datatracker.ietf.org/doc/html/rfc5905 |
| [28]      | RFC5906 | "Network Time Protocol Version 4: Autokey Specification", IETF RFC, Available at https://datatracker.ietf.org/doc/html/rfc5906 |
| [29]      | RFC5907 | "Definitions of Managed Objects for Network Time Protocol Version 4 (NTPv4)", IETF RFC, Available at https://datatracker.ietf.org/doc/html/rfc5907 |
| [30]      | RFC5908 | "Network Time Protocol (NTP) Server Option for DHCPv6", IETF RFC, Available at https://datatracker.ietf.org/doc/html/rfc5908 |
| [31]      | IEEE 1588-2019 | "Precision Clock Synchronization Protocol for Networked Measurement and Control Systems", Available at https://standards.ieee.org/standard/1588-2019.html |
| [32]      | ITU-T G.8262| "Timing characteristics of a synchronous equipment slave clock", Available at https://www.itu.int/rec/T-REC-G.8262 |
| [33]      | ITU-T G.8275.2| "Precision time protocol telecom profile for time/phase synchronization with partial timing support from the network", Available at https://www.itu.int/rec/T-REC-G.8275.2 |
| [34]      | GSMA OPG.02| "Operator Platform Telco Edge Requirements", Available at https://www.gsma.com/operatorplatform  |


<a name="1.2"></a>
## Cloud Native and Kubernetes References

|Ref	     | Doc Number	            |Title          |
|--------  |------------------------|---------------|
| [C1] | | "Extended Cloud Native Principles". Available at https://networking.cloud-native-principles.org/cloud-native-principles. |
| [C2] | | "DANM". Available at https://github.com/nokia/danm. |
| [C3] | | "Kubernetes Container Runtime Interface (CRI)". Available at https://kubernetes.io/blog/2016/12/container-runtime-interface-cri-in-kubernetes/. |
| [C4] | | "Multus". Available at https://github.com/k8snetworkplumbingwg/multus-cni. |
| [C5] | | "Node Feature Discovery (NFD)". Available at https://kubernetes-sigs.github.io/node-feature-discovery/stable/get-started/index.html. |
| [C6] | | "Open Container Initiative (OCI)". Available at https://github.com/opencontainers/runtime-spec. |


<a name="1.3"></a>
## Network related References

|Ref	     | Doc Number	            |Title          |
|--------  |------------------------|---------------|
| [N1] | IETF-RFC 2544 | "Benchmarking Methodology for Network Interconnect Devices".  Available at https://datatracker.ietf.org/doc/html/rfc2544. |
| [N2] | ITU-T Y.3500  | "Information Technology – Cloud computing – Overview and vocabulary"; SERIES Y: Global Information Infrastructure, Internet Protocol Aspects and Next-Generation Networks: Cloud Computing. Available at https://www.itu.int/rec/T-REC-Y.3500/recommendation.asp?lang=en&parent=T-REC-Y.3500-201408-I. |
| [N3]  | | "P4 Language Consortium" (Packet Processing Programming). Available at https://p4.org/.|

<a name="1.4"></a>
## O-RAN, 5G and Miscellaenous References

|Ref	     | Doc Number	            |Title          |
|----------|------------------------|---------------|
| [M1] | ITU-T IMT-2020 | "International Mobile Telecommunications-2020 (IMT-2020) Standard for 5G networks". Available at https://www.itu.int/pub/T-TUT-IMT. |
| [M2] | O-RAN.WG6.AAL-GAnP-v01.00 | "O-RAN Acceleration Abstraction Layer General Aspects an Principles 1.0", November 2020; O-RAN.WG6.AAL-GAnP-v01.00. Available at https://www.o-ran.org/specifications. |
| [M3] | ETSI TS 123 501 V16.6.0 | "System architecture for the 5G System (5GS)". ETSI TS 123 501 V16.6.0 (2020-10) (3GPP TS 23.501 version 16.6.0 Release 16). Available at https://www.etsi.org/deliver/etsi_ts/123500_123599/123501/16.06.00_60/ts_123501v160600p.pdf. |

<a name="1.5"></a>
## Security Related References

|Ref	     | Doc Number	            |Title          |
|----------|------------------------|---------------|
| [S1] | | CSA's Information Security Management through Reflexive Security. Available at https://cloudsecurityalliance.org/artifacts/information-security-management-through-reflexive-security/. |
| [S2] | | Common Vulnerabilities and Exposures (CVE). Available at https://cve.mitre.org/. |
| [S3] | | ETSI Industry Specification Group Network Functions Virtualisation (ISG NFV).  Available at https://www.etsi.org/committee/1427-nfv. |
| [S4] | | ETSI Cyber Security Technical Committee (TC CYBER).  Available at https://www.etsi.org/committee/cyber
| [S5] | ETSI GS NFV-SEC 014 V3.1.1 (2018-04) |  Network Functions Virtualisation (NFV) Release 3; "NFV Security; Security Specification for MANO Components and Reference points";  ETSI GS NFV-SEC 014 V3.1.1 (2018-04). Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/014/03.01.01_60/gs_NFV-SEC014v030101p.pdf. |
| [S6] | ETSI GS NFV-SEC 021 V2.6.1 (2019-06) | Network Functions Virtualisation (NFV) Release 2; Security; "VNF Package Security Specification"; ETSI GS NFV-SEC 021 V2.6.1 (2019-06). Available at https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/021/02.06.01_60/gs_nfv-sec021v020601p.pdf. |
| [S7] | | Information Security Management through Reflexive Security. Available at https://cloudsecurityalliance.org/artifacts/information-security-management-through-reflexive-security/. |
| [S8] | ISO/IEC 27000:2018 | Information technology — Security techniques — Information security management systems — Overview and vocabulary. Available at https://www.iso.org/standard/73906.html. |
| [S9] | | "Open Networking & the Security of Open Source Software deployment". Available at https://www.gsma.com/futurenetworks/resources/open-networking-the-security-of-open-source-software-deployment/. |
| [S10] | | OWASP "Secure Coding Practices - Quick Reference Guide". Available at https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/migrated_content. |
| [S11] | | Software Bill of Materials (SBOM) described by US National Telecommunications and Information Administration (NTIA). Available at https://www.ntia.gov/SBOM. |
| [S12] | | Twelve-Factor App. Available at https://12factor.net/. | 
| [S13] |ETSI TS 103 457 V1.1.1 (2018-10) | CYBER; Trusted Cross-Domain Interface: Interface to offload sensitive functions to a trusted domain. Available at http://www.etsi.org/standards-search. | 
| [S14] |MITRE ATT&CK®Framework| CYBER; MITRE ATT&CK: Design and Philosophy, MITRE, March 2020. Available at https://www.mitre.org/sites/default/files/publications/mitre-getting-started-with-attack-october-2019.pdf. | 



<a name="1.5.1"></a>
## NIST Security Related References

|Ref	     | Doc Number	            |Title          |
|----------|------------------------|---------------|
| [NI1] | NIST SP 800-53 | Security and Privacy Controls for Federal Information Systems and Organizations https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf. |
| [NI2] | NIST SP 800-53A | Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans https://www.serdp-estcp.org/content/download/47513/453118/file/NIST%20SP%20800-53A%20Rev%204%202013.pdf. |
| [NI3] | NIST SP 800-63B | Digital Identity Guidelines https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf. |
| [NI4] | NIST SP 800-63B | Digital Identity Guidelines https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf. |
| [NI5] | NIST SP 800-123 | Guide to General Server Security https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-123.pdf. |
| [NI6] | NIST SP 800-125 | Guide to Security for Full Virtualization Technologies https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-125.pdf. |
| [NI7] | NIST SP 800-125a | Security Recommendations for Server-based Hypervisor Platforms https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-125Ar1.pdf. |
| [NI8] | NIST SP 800-125b | Secure Virtual Network Configuration for Virtual Machine (VM) Protection https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-125B.pdf. |
| [NI9] | NIST SP 800-137 | Information Security Continuous Monitoring for Federal Information Systems and Organizations https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-137.pdf. |
| [NI10] | NIST SP 800-145 | The NIST Definition of Cloud Computing https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf. |
| [NI11] | NIST SP 800-190 | Application Container Security Guide https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-190.pdf. |
| [NI12] | NIST IR 8320A   | Hardware-Enabled Security: Container Platform Security Prototype https://doi.org/10.6028/NIST.IR.8320A. |