5G QoS: Impact of Security Functions on Latency

Network slicing is considered a key enabler to 5th Generation (5G) communication networks. Mobile network operators may deploy network slices -- complete logical networks customized for specific services expecting a certain Quality of Service (QoS). New business models like Network Slice-as-a-Service offerings to customers from vertical industries require negotiated Service Level Agreement (SLA) contracts, and network providers need automated enforcement mechanisms to assure QoS during instantiation and operation of slices. In this paper, we focus on ultra-reliable low-latency communication (URLLC). We propose a software architecture for security functions based on off-the-shelf hardware and open-source software and demonstrate, through a series of measurements, that the strict requirements of URLLC services can be achieved. As a real-world example, we perform our experiments using the intrusion prevention system (IPS) Snort to demonstrate the impact of security functions on latency. Our findings lead to the creation of a model predicting the system load that still meets the URLLC latency requirement. We fully disclose the artifacts presented in this paper including pcap traces, measurement tools, and plotting scripts at https://gallenmu.github.io/low-latency.