

Since November 2025, O-RAN ALLIANCE (O-RAN) Work Groups and Focus Groups published 59 new or updated technical documents, bringing the total to 157 unique titles. 10 documents represent new titles.
All O-RAN technical documents are available for download at www.o-ran.org/specifications.

The O-RAN Architecture Description specifies the overall architecture of O-RAN. It describes all O-RAN architecture elements and relevant interfaces that connect them. This version updates SMO SBA (Service Based Architecture) principles and description of SMOSs. It also makes editorial corrections throughout the document to increase accuracy and consistency.
The SMO Architecture specifies the O-RAN SMO architecture. This version adds more details to the external exposure of SMO services. It broadens the scope and flexibility of SMO services by supporting both non-specific services and DME (Data Management Exposure) types. It also includes a comprehensive list of SMO services, providing clearer alignment with the SMO architecture diagram. Finally, editorial updates have been made to ensure alignment with the O-RAN drafting rules.
The Transport Network Inclusion (TNI) in O-RAN Architecture Technical Report specifies generic methodologies to enrich O-RAN network functionality by using Transport Network performance, fault management, topology, and configuration management information. The generalized approaches described in the TR leverage various existing aspects of the current O-RAN Architecture, transport specifications, and standardized models.
This document describes potential O-RAN use cases at a very high level, emphasizing how the use case is enabled by the O-RAN architecture along with basic input data expectations and resulting actions. This version of O-RAN Use Cases Analysis Report includes addition of three new use cases (Resiliency, NTN Connected Mode Mobility and Anomaly Management), addition of five Resiliency sub-use cases [Enhanced network resiliency through standby O-DU and adaptive cell activation managed by SMO (O‑DU resiliency), Enhanced network resiliency through the standby O-CU-CP and service restoration managed by the SMO (O-CU-CP resiliency), Enhanced network resiliency through O-RU rehoming, leveraging the SMO framework’s transport resiliency management capabilities (transport resiliency), Enhanced resiliency for NF deployment(s) in O-Cloud managed by the SMO framework (O-Cloud resiliency), Multi-Domain Recovery Service (MDRS) based resiliency] and editorial updates.
This document describes selected O-RAN use cases in further details to facilitate relevant O-RAN Work Groups to define requirements for associated O-RAN functions and interfaces. This version of O-RAN Use Cases Detailed Specification includes a new use case addition (NTN Connected Mode Mobility), addition of a Traffic Steering sub-use case (Spectral efficiency-aware case), updates to Cell Shaping optimization use case, addition of clauses with void content as placeholders for Resiliency and Anomaly Management use cases and editorial updates.
The Transport Network Inclusion (TNI) Technical Report specifies the generic use cases that leverage the O-RAN network architecture by using Transport Network performance, fault management, topology and configuration management information. The generalized use cases described in the TR leverage various existing aspects of the current O-RAN Architecture, transport specifications and standardized models.
This specification defines the data types for A1 Policies and A1 Enrichment Information in a reusable and extensible way. It allows new policy types to be created independently of the generic application protocol parts. This version brings external power attribute to the Energy Saving policy type.
This new SMOS GAPUCR specification contains General Aspects, Principles, Use cases and Requirements based on the related content in the WG2 R1 GAP and R1 UCR specifications.
This document contains a realization for the procedures identified in O-RAN R1 interface: General Aspects and Principles. This version updated the Data access API to V2, updates have been made to the Open APIs for SME, moving from R18 to R19. We've also enhanced the data model for AI/ML model training API as well as the AI/ML model deployment API.
This document specifies the Type Definitions for R1 Services. It is part of a TS-family covering the R1 interface specifications. Updated the version by deprecating the stop time from the JSON example to ensure alignment with Open API. The specifications have also been updated to address editorial comments from the ETSI helpdesk.
Specification introduces analysis and service-level recommendations for detection and avoidance of A1 policy conflict. This version includes a study about general aspects for compatibility of A1 policy conflict with R1 Service-related conflict and a study about possibly impacted WG2 specifications.
The first version of the R1 Conflict management technical report covering the Identification of the Use-cases, Key-issues related to Conflict detection, arbitration, and mitigation. It also captures the Potential solutions and Recommendations for R1 Conflict management.
The O-RAN R1GAP Specification summarizes the R1 interface specification objectives and specifies the principles and procedures related to the O-RAN R1 interface. Updated the latest version by incorporating the editorial comments received during the ETSI PAS review. Additionally, clause 5.4.2 on Network Information Service has been updated to Void.
This document describes use cases and requirements for the O-RAN R1 interface. This version added a new use case for AI/ML model storage and made several editorial updates, ensuring alignment with the suggestions provided by the ETSI helpdesk.
This document details the functional and non-functional requirements on Near-RT RIC and E2 interface from the O-RAN use cases under study in O-RAN WG3. This version of the specification includes updates to Deep Hibernate use case.
This document specifies the E2 Service Model (E2SM) for exposing services related to node and cell-level configuration and control over the E2 interface. This version of the E2SM-CCC specification extends network energy savings policy to include deep hibernate configuration, along with extensions to O-RU capability reporting and corrections to the JSON Schema.
This document describes E2 Service Model for RAN Control parameters and actions. This version includes support for A1-A5 and I1 Measurement reports for event trigger conditions and RAN Control parameter for NES spatial and power domain adaptation use case.
This document describes E2 Service Model for RAN Control parameters and actions. This version includes support for A1-A5 and I1 Measurement reports for event trigger conditions and RAN Control parameter for NES spatial and power domain adaptation use case.
This document specifies the control plane, user plane and synchronization plane protocols used over the fronthaul interface. The summary of updates for this version is below:
Introduction of new as well as enhancements to existing functionalities, including:
This document defines tests that validate the conformance to the protocols defined for the Lower Layer Split Option 7.2x interface between the O-RU and the O-DU. This version brings:
Addition of new test cases, including:
Enhancements and clarifications to v15.00:
Editorial changes and fixes to typographical errors
This specification defines the Management Plane for the O-RAN Open Fronthaul based on the selected lower-layer split point as defined within the Open Fronthaul Control Plane, User Plane and Synchronization Plane specification. The summary of updates for this version is below.
Addition of new functionality, including:
Clarifications and corrections to v20.00:
This document specifies the interoperability testing (IOT) for O-DU and O-RU from different vendors connected using the O-RAN fronthaul (FH) interface. This version brings:
Addition of new test cases, including:
Changes to exiting test cases in v15.00:
Enhancements and clarifications to v15.00:
The scope of C-Plane profile spec is to further clarify (i.e. profile) for each RAN node the expected behavior (still within the scope of the 3GPP specifications). E.g., Usage of IEs for each use case, general behavior of each node, etc. C-Plane profile spec contains profiles of X2/F1/Xn C-Plane procedure for EN-DC use cases, NR-SA use cases and NR-DC use cases. In this version are implemented 6 CRs for corrections/clarifications on existing use cases.
The scope of WG5 IOT spec is to specify interoperability tests for RAN Node from different vendors implemented in accordance to the WG5 C-plane and U-plane profiles in the specification WG5.C.1. and WG5.U.0, respectively. In this version 7 CRs for new test cases of C-plane profile or correction on existing test cases are implemented.
This is stage 3 specification for D2 interface, which specifies C-plane and U-plane aspects. In this version the editorial correction CRs for D2 AP specification are implemented.
This specification summarizes the requirements on D2 configuration parameter and PM counter. This version implements a CR for correction.
First version of the specification which specifies D2 IOT principles and fundamental test cases.
This specification defines O-RAN O-Cloud functions and protocols for the O-RAN O2 interface. This version of the document updates the PM Job States and Statuses to ensure the integrity of measurement data.
The O-Cloud Information Model provides the logical model of information elements and their relationships.
This version of the document incorporates modeling guidelines, updates network attachment and Precision Time Protocol attributes and corrects Event Type attribute details
This document specifies a test specification for test and validation of the O-Cloud interfaces/APIs. This version updates reference version of O-RAN ETSI NFV profile spec, subclause numbering of O-RAN ETSI NFV profile, and REST resource section to catch-up ETSI NFV Profile update.
This specification defines O-RAN O-Cloud IMS interface functions and protocols for the O-RAN O2 interface. This version of the document introduces the PM Subscription Delete service model and API, updates to PM Job Update and Alarm Change Notification, and addition of OTHER event type.
This document introduces different use cases for O-RAN orchestration of virtualized RAN and the interfaces used for management and orchestration, in particular the O1 interface between the service management and orchestration framework and the RAN managed functions and the O2 interface between the service management and orchestration framework and the O-Cloud Infrastructure Management Services/Deployment Management Services that controls resource assignment for Virtualized Network Functions. The Cloudification and Orchestration Use Case TS v16.00 incorporates a number of editorial corrections and terminology alignment ("Service Management and Orchestration (SMO)") and a new use case for Alarm Subscription Update.
This document specifies the hardware reference design as required by architecture and requirements for the Outdoor Microcell and deployment scenario and base station classes specifications. This version brings addition of section 2.3.4 on SDR SoC Reference design for FR2.
This specification defines the O-CU and O-DU software architecture, functional blocks, and API definitions. This version brings fronthaul security description, updates to D2 procedures description and editorial corrections.
This specification defines interoperability test cases for O-CU and O-DU. This version brings new test cases and test cases update.
The document is intended to describe best practices for O-RAN Architecture and Solution for X-haul timing & synchronization. Annex H introduces a new dataset hierarchy for PRTC/GNSS time receiver monitoring, with the following updates:
This document defines the testing requirements for an Open Xhaul transport infrastructure. Version 6 adds test requirements for the D2 interface.
This document describes best practices for O-RAN Architecture and Solution for X-haul Physical Layer technologies. This version:
NOTE: this specification is successor of “WDM-based Xhaul Networks v5.0“
This document specifies management services for the O-RAN O1 interface and includes requirements, notifications and protocols. Summary of the changes since the previous version:
The O-RAN Information Model and Data Models document specifies the Information Model and the Data Models that are foundational for O-RAN’s model-driven architecture and for the functions carried out over O-RAN interfaces. Summary of the changes since the previous version:
The O-RAN OAM Architecture identifies management services, functions and interfaces supported in O‑RAN, including the interworking between SMO and O-RAN O-Cloud components. Requirements are derived from end-to-end OAM use cases, including the initial provisioning of O-RAN service across VNFs and PNFs and the collection of measurement data. Summary of the changes since the previous version:
The present document specifies the Information Model and the Data Model for Network Resource Model (NRM) that are foundational for functions carried out over the O-RAN O1 interface. This version brings:
The document specifies the O-RAN Alarms that are reported over the O1 Interface.
This initial version brings:
The present document specifies the O-RAN Performance Measurements (PMeas) for 5G networks that may be supported on the O1 Interface. This version brings:
This document specifies the Information Model used to support TE&IV services within the SMO. The TE&IV Information Models described in this document are structured using the concept of Namespaces. In addition, relevant sections in this document include information imported from existing standards and industry work that serve as a basis for O-RAN TE&IV. Summary of the changes from the previous version:
The document leverages the existing content in various O-RAN specifications and specifies new use cases for Topology Exposure and Inventory Management. For each use case, the document describes the motivation, resources, processes involved and the data requirements. Summary of the changes from the previous version:
This document specifies the TE&IV Data Models used to support TE&IV services within the SMO.
Summary of changes from the previous version:
The present document provides an overview of Filtered Measurements, as well as their use cases and requirements in line with WG1 Filtered Measurements TR.
The present document specifies the service procedures, information model for those procedures and DME data types that are published or consumed by the procedures of the Onboarding SMOS. It is part of a TS-family covering the Onboarding SMOS.
The present document specifies the general aspects and principles of the Onboarding SMOS as described in the SMO Decomposition TR [i.3], clause 5.11. The specification identifies where the service fits into the Application Lifecycle as described in the OAM Architecture [i.5], clause 6. Beyond the general specs and principles, this document provides the use cases from the user perspective and specifies the service procedures, requirements, and information model for the service.
Summary of changes since the previous version:
This Technical Specification contains security requirements and controls for O-RAN architecture elements, O-RAN defined interfaces, and transversal security requirements and controls for the O-RAN architecture.
The version 15.00 introduces a comprehensive set of security updates which include enhanced security controls for the D2 interface, improved clarity for IEEE 1588 Authentication TLV and 802.1X protocol requirements, and enhanced security requirements for preventing unauthorized software installation and managing rollback or update failures across SMO, O-Cloud, and application software. Authentication and authorization requirements for AALI-C-Mgmt have been introduced, along with new requirements for certificate-related logging scenarios. Password policy security requirements have been updated, and 3GPP standards text presenting copyright concerns has been removed from the SRCS. Annex D has been updated to incorporate new security requirements, controls mapping, and corrections.
These specifications validate the proper implementation of security requirements and protocols, emulate security attacks, and validate the effectiveness of security mitigation methods.
Version 13 of the STS document includes an expansion of security-testing depth across the document. Most of the updates concentrate on MACsec, X.509/TLS validation, eCPRI robustness, and Open Fronthaul M‑plane control. The MACsec section, in particular, grows substantially, adding full coverage of cipher‑suite negotiation, replay and integrity protection, key‑management flows (both EAP‑TLS/MKA and PSK/MKA), and cleartext‑exception policies. TLS and certificate‑profile validation are also strengthened, with clearer rules for certificate structure, validity periods, key usage, and chain verification.
The eCPRI chapters gain new tests for malformed input handling and tight timing‑window checks, while the M‑plane parts introduce stricter authorization and configuration‑control validation. Logging and monitoring requirements are also expanded, with more explicit expectations for security‑event coverage and timestamp formats.
Overall, the tracked changes in this version are additive: the file contains insertions only, with no removed or relocated content. The result is a more complete and better‑structured security‑testing suite, especially around MACsec, certificate handling, fronthaul robustness, and system‑level observability.
This document provides security protocol specifications for an O-RAN compliant implementation.
Version 15.00 of the technical specification changes the support of the SSH public key algorithm sshed25519 and of the MAC umac-128 from ‘shall’ to ‘should’, removes OFH- specific derivations from the TLS profile, adds support of the IPsec pseudo-random functions PRF_HMAC_SHA2_256 and PRF_HMAC_SHA2_384, and adds details for the support of the IEEE 1588- defined Authentication TLV.
The O-RAN Security Threat Modeling and Risk Assessment Technical Report (TR) identifies critical assets and outlines potential security threats to the O-RAN system, along with guiding security principles to mitigate those risks. It also evaluates the likelihood and potential impact of each identified threat on the overall system.
Version 9 adds new threats related to Security Configuration Management (SCM), adds D2-related threats with their associated risk assessment, and introduces additional S-Plane threats with corresponding assessments. It also updates and clarifies the asset list, refines the mapping of selected AI threats to their relevant assets, and updates the risk assessment methodology to explicitly capture residual risk by considering the applicable security requirements. Finally, it clarifies the risk assessment terminology, in particular the use of severity/impact.
This technical report studies the applicability of a Zero Trust Architecture (ZTA) to the O-RAN Architecture. It identifies assets and security controls in pursuit of a ZTA while considering those already existing in WG11 specifications.
The sixth version of the ZTA Technical Report marks a significant milestone: as of the March 2026 release train, the O-RAN ALLIANCE security specifications have achieved the CISA ZTA maturity level: INITIAL, assessed against NIST SP 800-207 Zero Trust Architecture and the DHS CISA Zero Trust Maturity Model (ZTMM) v2.0.
In this version, gap analysis resolutions toward the Initial maturity stage are completed and updated across all architecture elements, interfaces, and transversal functions. Recommendations across all architecture elements and transversal functions have been updated accordingly to reflect these resolutions. The scope and terminology have also been refined notably replacing "Out of Scope for O-RAN" with "Not Applicable for O-RAN ALLIANCE Specifications" and introducing clear definitions for "Gap" and "No Gap".
Specifically, the D2 interface was added to the ZTA gap analysis, and gap analysis resolutions were completed for the D2 interface, O-RU, O-DU, and O-CU. ZTA gap resolution updates also include details about how the Application Service Descriptor meets the CISA ZTMM Initial Stage for Network Traffic Management, and Identity and access related clarifications that contextual information beyond identity is out of scope for O-RAN ALLIANCE specifications. Security logging requirements aligned to the ZTMM Visibility and Analytics cross-cutting pillar have been added across all relevant Network Pillar gap analysis tables.
This technical report specifies the security analysis for the D2 interface.
The first version of the TR contains the identified O-RAN ASSETS related to D2 interface, Threats related to the D2 interface, Key security issues related to the D2 interface followed by Solutions to the key issues and Evaluations. The TR finally ends with Conclusions and Recommendations to address the D2 interface security.
The Security Assurance Specification (SCAS) for O-RU, TS defines the security assurance baseline for the O-RU architectural element under the O-RAN Alliance Security Certification and Badging Program by identifying and profiling the applicable security requirements and the corresponding subset of Security Test Specifications (STS) test cases to be used during evaluation.
The SCAS follows the same concept as the 3GPP and ETSI SCAS specifications and is designed to be reusable beyond O-RAN certification. In particular, it can be leveraged when adopted under GSMA NESAS, BSI NESAS, or other telecom security assurance and certification schemes.
This document describes the certification and badging processes and associated detailed technical procedures for the Open Testing and Integration Centres (OTICs) and various other testing entities.
Objectives and scope:
Changes from previous version:
This test specification is focused on validating the end-to-end system functionality, performance, and key features of the O-RAN system as a black box. The changes from previous version:

Since November 2025, O-RAN ALLIANCE (O-RAN) Work Groups and Focus Groups published 59 new or updated technical documents, bringing the total to 157 unique titles. 10 documents represent new titles.
All O-RAN technical documents are available for download at www.o-ran.org/specifications.

The O-RAN Architecture Description specifies the overall architecture of O-RAN. It describes all O-RAN architecture elements and relevant interfaces that connect them. This version updates SMO SBA (Service Based Architecture) principles and description of SMOSs. It also makes editorial corrections throughout the document to increase accuracy and consistency.
The SMO Architecture specifies the O-RAN SMO architecture. This version adds more details to the external exposure of SMO services. It broadens the scope and flexibility of SMO services by supporting both non-specific services and DME (Data Management Exposure) types. It also includes a comprehensive list of SMO services, providing clearer alignment with the SMO architecture diagram. Finally, editorial updates have been made to ensure alignment with the O-RAN drafting rules.
The Transport Network Inclusion (TNI) in O-RAN Architecture Technical Report specifies generic methodologies to enrich O-RAN network functionality by using Transport Network performance, fault management, topology, and configuration management information. The generalized approaches described in the TR leverage various existing aspects of the current O-RAN Architecture, transport specifications, and standardized models.
This document describes potential O-RAN use cases at a very high level, emphasizing how the use case is enabled by the O-RAN architecture along with basic input data expectations and resulting actions. This version of O-RAN Use Cases Analysis Report includes addition of three new use cases (Resiliency, NTN Connected Mode Mobility and Anomaly Management), addition of five Resiliency sub-use cases [Enhanced network resiliency through standby O-DU and adaptive cell activation managed by SMO (O‑DU resiliency), Enhanced network resiliency through the standby O-CU-CP and service restoration managed by the SMO (O-CU-CP resiliency), Enhanced network resiliency through O-RU rehoming, leveraging the SMO framework’s transport resiliency management capabilities (transport resiliency), Enhanced resiliency for NF deployment(s) in O-Cloud managed by the SMO framework (O-Cloud resiliency), Multi-Domain Recovery Service (MDRS) based resiliency] and editorial updates.
This document describes selected O-RAN use cases in further details to facilitate relevant O-RAN Work Groups to define requirements for associated O-RAN functions and interfaces. This version of O-RAN Use Cases Detailed Specification includes a new use case addition (NTN Connected Mode Mobility), addition of a Traffic Steering sub-use case (Spectral efficiency-aware case), updates to Cell Shaping optimization use case, addition of clauses with void content as placeholders for Resiliency and Anomaly Management use cases and editorial updates.
The Transport Network Inclusion (TNI) Technical Report specifies the generic use cases that leverage the O-RAN network architecture by using Transport Network performance, fault management, topology and configuration management information. The generalized use cases described in the TR leverage various existing aspects of the current O-RAN Architecture, transport specifications and standardized models.
This specification defines the data types for A1 Policies and A1 Enrichment Information in a reusable and extensible way. It allows new policy types to be created independently of the generic application protocol parts. This version brings external power attribute to the Energy Saving policy type.
This new SMOS GAPUCR specification contains General Aspects, Principles, Use cases and Requirements based on the related content in the WG2 R1 GAP and R1 UCR specifications.
This document contains a realization for the procedures identified in O-RAN R1 interface: General Aspects and Principles. This version updated the Data access API to V2, updates have been made to the Open APIs for SME, moving from R18 to R19. We've also enhanced the data model for AI/ML model training API as well as the AI/ML model deployment API.
This document specifies the Type Definitions for R1 Services. It is part of a TS-family covering the R1 interface specifications. Updated the version by deprecating the stop time from the JSON example to ensure alignment with Open API. The specifications have also been updated to address editorial comments from the ETSI helpdesk.
Specification introduces analysis and service-level recommendations for detection and avoidance of A1 policy conflict. This version includes a study about general aspects for compatibility of A1 policy conflict with R1 Service-related conflict and a study about possibly impacted WG2 specifications.
The first version of the R1 Conflict management technical report covering the Identification of the Use-cases, Key-issues related to Conflict detection, arbitration, and mitigation. It also captures the Potential solutions and Recommendations for R1 Conflict management.
The O-RAN R1GAP Specification summarizes the R1 interface specification objectives and specifies the principles and procedures related to the O-RAN R1 interface. Updated the latest version by incorporating the editorial comments received during the ETSI PAS review. Additionally, clause 5.4.2 on Network Information Service has been updated to Void.
This document describes use cases and requirements for the O-RAN R1 interface. This version added a new use case for AI/ML model storage and made several editorial updates, ensuring alignment with the suggestions provided by the ETSI helpdesk.
This document details the functional and non-functional requirements on Near-RT RIC and E2 interface from the O-RAN use cases under study in O-RAN WG3. This version of the specification includes updates to Deep Hibernate use case.
This document specifies the E2 Service Model (E2SM) for exposing services related to node and cell-level configuration and control over the E2 interface. This version of the E2SM-CCC specification extends network energy savings policy to include deep hibernate configuration, along with extensions to O-RU capability reporting and corrections to the JSON Schema.
This document describes E2 Service Model for RAN Control parameters and actions. This version includes support for A1-A5 and I1 Measurement reports for event trigger conditions and RAN Control parameter for NES spatial and power domain adaptation use case.
This document describes E2 Service Model for RAN Control parameters and actions. This version includes support for A1-A5 and I1 Measurement reports for event trigger conditions and RAN Control parameter for NES spatial and power domain adaptation use case.
This document specifies the control plane, user plane and synchronization plane protocols used over the fronthaul interface. The summary of updates for this version is below:
Introduction of new as well as enhancements to existing functionalities, including:
This document defines tests that validate the conformance to the protocols defined for the Lower Layer Split Option 7.2x interface between the O-RU and the O-DU. This version brings:
Addition of new test cases, including:
Enhancements and clarifications to v15.00:
Editorial changes and fixes to typographical errors
This specification defines the Management Plane for the O-RAN Open Fronthaul based on the selected lower-layer split point as defined within the Open Fronthaul Control Plane, User Plane and Synchronization Plane specification. The summary of updates for this version is below.
Addition of new functionality, including:
Clarifications and corrections to v20.00:
This document specifies the interoperability testing (IOT) for O-DU and O-RU from different vendors connected using the O-RAN fronthaul (FH) interface. This version brings:
Addition of new test cases, including:
Changes to exiting test cases in v15.00:
Enhancements and clarifications to v15.00:
The scope of C-Plane profile spec is to further clarify (i.e. profile) for each RAN node the expected behavior (still within the scope of the 3GPP specifications). E.g., Usage of IEs for each use case, general behavior of each node, etc. C-Plane profile spec contains profiles of X2/F1/Xn C-Plane procedure for EN-DC use cases, NR-SA use cases and NR-DC use cases. In this version are implemented 6 CRs for corrections/clarifications on existing use cases.
The scope of WG5 IOT spec is to specify interoperability tests for RAN Node from different vendors implemented in accordance to the WG5 C-plane and U-plane profiles in the specification WG5.C.1. and WG5.U.0, respectively. In this version 7 CRs for new test cases of C-plane profile or correction on existing test cases are implemented.
This is stage 3 specification for D2 interface, which specifies C-plane and U-plane aspects. In this version the editorial correction CRs for D2 AP specification are implemented.
This specification summarizes the requirements on D2 configuration parameter and PM counter. This version implements a CR for correction.
First version of the specification which specifies D2 IOT principles and fundamental test cases.
This specification defines O-RAN O-Cloud functions and protocols for the O-RAN O2 interface. This version of the document updates the PM Job States and Statuses to ensure the integrity of measurement data.
The O-Cloud Information Model provides the logical model of information elements and their relationships.
This version of the document incorporates modeling guidelines, updates network attachment and Precision Time Protocol attributes and corrects Event Type attribute details
This document specifies a test specification for test and validation of the O-Cloud interfaces/APIs. This version updates reference version of O-RAN ETSI NFV profile spec, subclause numbering of O-RAN ETSI NFV profile, and REST resource section to catch-up ETSI NFV Profile update.
This specification defines O-RAN O-Cloud IMS interface functions and protocols for the O-RAN O2 interface. This version of the document introduces the PM Subscription Delete service model and API, updates to PM Job Update and Alarm Change Notification, and addition of OTHER event type.
This document introduces different use cases for O-RAN orchestration of virtualized RAN and the interfaces used for management and orchestration, in particular the O1 interface between the service management and orchestration framework and the RAN managed functions and the O2 interface between the service management and orchestration framework and the O-Cloud Infrastructure Management Services/Deployment Management Services that controls resource assignment for Virtualized Network Functions. The Cloudification and Orchestration Use Case TS v16.00 incorporates a number of editorial corrections and terminology alignment ("Service Management and Orchestration (SMO)") and a new use case for Alarm Subscription Update.
This document specifies the hardware reference design as required by architecture and requirements for the Outdoor Microcell and deployment scenario and base station classes specifications. This version brings addition of section 2.3.4 on SDR SoC Reference design for FR2.
This specification defines the O-CU and O-DU software architecture, functional blocks, and API definitions. This version brings fronthaul security description, updates to D2 procedures description and editorial corrections.
This specification defines interoperability test cases for O-CU and O-DU. This version brings new test cases and test cases update.
The document is intended to describe best practices for O-RAN Architecture and Solution for X-haul timing & synchronization. Annex H introduces a new dataset hierarchy for PRTC/GNSS time receiver monitoring, with the following updates:
This document defines the testing requirements for an Open Xhaul transport infrastructure. Version 6 adds test requirements for the D2 interface.
This document describes best practices for O-RAN Architecture and Solution for X-haul Physical Layer technologies. This version:
NOTE: this specification is successor of “WDM-based Xhaul Networks v5.0“
This document specifies management services for the O-RAN O1 interface and includes requirements, notifications and protocols. Summary of the changes since the previous version:
The O-RAN Information Model and Data Models document specifies the Information Model and the Data Models that are foundational for O-RAN’s model-driven architecture and for the functions carried out over O-RAN interfaces. Summary of the changes since the previous version:
The O-RAN OAM Architecture identifies management services, functions and interfaces supported in O‑RAN, including the interworking between SMO and O-RAN O-Cloud components. Requirements are derived from end-to-end OAM use cases, including the initial provisioning of O-RAN service across VNFs and PNFs and the collection of measurement data. Summary of the changes since the previous version:
The present document specifies the Information Model and the Data Model for Network Resource Model (NRM) that are foundational for functions carried out over the O-RAN O1 interface. This version brings:
The document specifies the O-RAN Alarms that are reported over the O1 Interface.
This initial version brings:
The present document specifies the O-RAN Performance Measurements (PMeas) for 5G networks that may be supported on the O1 Interface. This version brings:
This document specifies the Information Model used to support TE&IV services within the SMO. The TE&IV Information Models described in this document are structured using the concept of Namespaces. In addition, relevant sections in this document include information imported from existing standards and industry work that serve as a basis for O-RAN TE&IV. Summary of the changes from the previous version:
The document leverages the existing content in various O-RAN specifications and specifies new use cases for Topology Exposure and Inventory Management. For each use case, the document describes the motivation, resources, processes involved and the data requirements. Summary of the changes from the previous version:
This document specifies the TE&IV Data Models used to support TE&IV services within the SMO.
Summary of changes from the previous version:
The present document provides an overview of Filtered Measurements, as well as their use cases and requirements in line with WG1 Filtered Measurements TR.
The present document specifies the service procedures, information model for those procedures and DME data types that are published or consumed by the procedures of the Onboarding SMOS. It is part of a TS-family covering the Onboarding SMOS.
The present document specifies the general aspects and principles of the Onboarding SMOS as described in the SMO Decomposition TR [i.3], clause 5.11. The specification identifies where the service fits into the Application Lifecycle as described in the OAM Architecture [i.5], clause 6. Beyond the general specs and principles, this document provides the use cases from the user perspective and specifies the service procedures, requirements, and information model for the service.
Summary of changes since the previous version:
This Technical Specification contains security requirements and controls for O-RAN architecture elements, O-RAN defined interfaces, and transversal security requirements and controls for the O-RAN architecture.
The version 15.00 introduces a comprehensive set of security updates which include enhanced security controls for the D2 interface, improved clarity for IEEE 1588 Authentication TLV and 802.1X protocol requirements, and enhanced security requirements for preventing unauthorized software installation and managing rollback or update failures across SMO, O-Cloud, and application software. Authentication and authorization requirements for AALI-C-Mgmt have been introduced, along with new requirements for certificate-related logging scenarios. Password policy security requirements have been updated, and 3GPP standards text presenting copyright concerns has been removed from the SRCS. Annex D has been updated to incorporate new security requirements, controls mapping, and corrections.
These specifications validate the proper implementation of security requirements and protocols, emulate security attacks, and validate the effectiveness of security mitigation methods.
Version 13 of the STS document includes an expansion of security-testing depth across the document. Most of the updates concentrate on MACsec, X.509/TLS validation, eCPRI robustness, and Open Fronthaul M‑plane control. The MACsec section, in particular, grows substantially, adding full coverage of cipher‑suite negotiation, replay and integrity protection, key‑management flows (both EAP‑TLS/MKA and PSK/MKA), and cleartext‑exception policies. TLS and certificate‑profile validation are also strengthened, with clearer rules for certificate structure, validity periods, key usage, and chain verification.
The eCPRI chapters gain new tests for malformed input handling and tight timing‑window checks, while the M‑plane parts introduce stricter authorization and configuration‑control validation. Logging and monitoring requirements are also expanded, with more explicit expectations for security‑event coverage and timestamp formats.
Overall, the tracked changes in this version are additive: the file contains insertions only, with no removed or relocated content. The result is a more complete and better‑structured security‑testing suite, especially around MACsec, certificate handling, fronthaul robustness, and system‑level observability.
This document provides security protocol specifications for an O-RAN compliant implementation.
Version 15.00 of the technical specification changes the support of the SSH public key algorithm sshed25519 and of the MAC umac-128 from ‘shall’ to ‘should’, removes OFH- specific derivations from the TLS profile, adds support of the IPsec pseudo-random functions PRF_HMAC_SHA2_256 and PRF_HMAC_SHA2_384, and adds details for the support of the IEEE 1588- defined Authentication TLV.
The O-RAN Security Threat Modeling and Risk Assessment Technical Report (TR) identifies critical assets and outlines potential security threats to the O-RAN system, along with guiding security principles to mitigate those risks. It also evaluates the likelihood and potential impact of each identified threat on the overall system.
Version 9 adds new threats related to Security Configuration Management (SCM), adds D2-related threats with their associated risk assessment, and introduces additional S-Plane threats with corresponding assessments. It also updates and clarifies the asset list, refines the mapping of selected AI threats to their relevant assets, and updates the risk assessment methodology to explicitly capture residual risk by considering the applicable security requirements. Finally, it clarifies the risk assessment terminology, in particular the use of severity/impact.
This technical report studies the applicability of a Zero Trust Architecture (ZTA) to the O-RAN Architecture. It identifies assets and security controls in pursuit of a ZTA while considering those already existing in WG11 specifications.
The sixth version of the ZTA Technical Report marks a significant milestone: as of the March 2026 release train, the O-RAN ALLIANCE security specifications have achieved the CISA ZTA maturity level: INITIAL, assessed against NIST SP 800-207 Zero Trust Architecture and the DHS CISA Zero Trust Maturity Model (ZTMM) v2.0.
In this version, gap analysis resolutions toward the Initial maturity stage are completed and updated across all architecture elements, interfaces, and transversal functions. Recommendations across all architecture elements and transversal functions have been updated accordingly to reflect these resolutions. The scope and terminology have also been refined notably replacing "Out of Scope for O-RAN" with "Not Applicable for O-RAN ALLIANCE Specifications" and introducing clear definitions for "Gap" and "No Gap".
Specifically, the D2 interface was added to the ZTA gap analysis, and gap analysis resolutions were completed for the D2 interface, O-RU, O-DU, and O-CU. ZTA gap resolution updates also include details about how the Application Service Descriptor meets the CISA ZTMM Initial Stage for Network Traffic Management, and Identity and access related clarifications that contextual information beyond identity is out of scope for O-RAN ALLIANCE specifications. Security logging requirements aligned to the ZTMM Visibility and Analytics cross-cutting pillar have been added across all relevant Network Pillar gap analysis tables.
This technical report specifies the security analysis for the D2 interface.
The first version of the TR contains the identified O-RAN ASSETS related to D2 interface, Threats related to the D2 interface, Key security issues related to the D2 interface followed by Solutions to the key issues and Evaluations. The TR finally ends with Conclusions and Recommendations to address the D2 interface security.
The Security Assurance Specification (SCAS) for O-RU, TS defines the security assurance baseline for the O-RU architectural element under the O-RAN Alliance Security Certification and Badging Program by identifying and profiling the applicable security requirements and the corresponding subset of Security Test Specifications (STS) test cases to be used during evaluation.
The SCAS follows the same concept as the 3GPP and ETSI SCAS specifications and is designed to be reusable beyond O-RAN certification. In particular, it can be leveraged when adopted under GSMA NESAS, BSI NESAS, or other telecom security assurance and certification schemes.
This document describes the certification and badging processes and associated detailed technical procedures for the Open Testing and Integration Centres (OTICs) and various other testing entities.
Objectives and scope:
Changes from previous version:
This test specification is focused on validating the end-to-end system functionality, performance, and key features of the O-RAN system as a black box. The changes from previous version: