FS.38 defines the structure of the Profile Package (the collection of files, applications, and keys that make up a SIM). Because of this standard, a Mobile Network Operator (MNO) can build a profile using tools from one vendor (e.g., Giesecke+Devrient) and successfully download and install that profile onto an eUICC chip manufactured by a completely different vendor (e.g., Thales or IDEMIA). This decoupling is the engine of the eSIM economy.
: Focuses on protecting the pathways between the user and the core network.
GSMA FS.38 formally rejects this single-perimeter assumption. If an attacker exploits a misconfiguration or a zero-day vulnerability in an edge device, they gain unhindered access to an unhardened core. Modern attacks utilize complex protocol correlation—leveraging flaws across SIP, Diameter, and GTP protocols simultaneously—to bypass standalone SBC filters. FS.38 shifts the industry toward a model, mandating that internal nodes must be independently hardened and tested. Key Threat Vectors Addressed by FS.38
GSMA FS.38 ("SIP Network Security") is a Permanent Reference Document providing a "defense in depth" security framework for SIP infrastructures, including VoLTE, VoNR, and peripheral systems. The guidelines emphasize protecting core network nodes beyond Session Border Controllers (SBCs) and offer specific test cases to mitigate threats like T-DOS and unauthorized access. Read the full details at GSMA .
: FS.38 advocates for a multi-layered security approach that goes beyond basic Session Border Controllers (SBCs) to protect the entire core network. gsma fs.38
: MNOs mistakenly assumed that Border Protection Nodes—such as Session Border Controllers (SBCs)—were impenetrable barriers, rendering internal core nodes safe from exploitation.
FS.38 provides actionable recommendations covering access, interconnects, and the core network. 1. Defense in Depth Beyond SBCs
I can outline specific or provide a template for vendor evaluation criteria based on the GSMA specifications.
: Voice is no longer handled by circuit-switched hardware. It is compressed into data packets and routed via SIP over standard IP networks. : Focuses on protecting the pathways between the
GSMA FS.38 (Session Initiation Protocol (SIP) Interconnect Security Guide) is a pivotal Permanent Reference Document (PRD) designed to address the unique security challenges of SIP-based communication in modern telecommunications.
mentioned in FS.38 or compare it with other GSMA standards like
: Techniques to ensure that signaling messages are not tampered with and that only authorized users or peers can initiate sessions.
: FS.38 is typically a "Members Only" document. You can check for updates or related public summaries on the GSMA Interworking Security page. While existing standards from the IETF
Furthermore, SIP is no longer used exclusively for SIM-based mobile traffic. It handles: Non-SIM-based access and hosted voice services Enterprise SIP trunking SIP Interconnects between global carriers
: Ensuring the integrity of signaling to prevent malicious rerouting. Active Defense Strategies
The GSMA FS.38 is more than just a document; it is a vital tool that represents a new, more mature era of telecom security. By moving away from outdated models of implicit trust and sole reliance on firewalls, and embracing a defense-in-depth approach, the standard provides a comprehensive and actionable guide for network operators, vendors, and security professionals.
Against this backdrop, the GSMA Fraud and Security Group (FASG) shifted its focus to SIP, a protocol with a vast attack surface that is used across access networks, core networks, and interconnects. While existing standards from the IETF, 3GPP, and ETSI cover various security aspects of SIP, there was no single, overarching document addressing real-world attacks and comprehensive countermeasures. FS.38 was created to fill this critical gap. The 230+ page guide outlines potential security, privacy, and fraud attacks based on SIP against mobile, fixed, and converged networks, and it provides practical defensive strategies for network operators.