Agentic AI for 6G: A New Paradigm for Autonomous RAN Security Compliance

Agentic AI systems are emerging as powerful tools for automating complex, multi-step tasks across various industries. One such industry is telecommunications, where the growing complexity of next-generation radio access networks (RANs) opens up numerous opportunities for applying these systems. Securing the RAN is a key area, particularly through automating the security compliance process, as traditional methods often struggle to keep pace with evolving specifications and real-time changes. In this article, we propose a framework that leverages LLM-based AI agents integrated with a retrieval-augmented generation (RAG) pipeline to enable intelligent and autonomous enforcement of security compliance. An initial case study demonstrates how an agent can assess configuration files for compliance with O-RAN Alliance and 3GPP standards, generate explainable justifications, and propose automated remediation if needed. We also highlight key challenges such as model hallucinations and vendor inconsistencies, along with considerations like agent security, transparency, and system trust. Finally, we outline future directions, emphasizing the need for telecom-specific LLMs and standardized evaluation frameworks.

💡 Research Summary

This paper proposes a novel framework leveraging “Agentic AI” to automate security compliance in the complex and dynamic environment of next-generation 6G and AI-RAN (Artificial Intelligence-Radio Access Network). The authors identify a critical gap in traditional security methods, which rely on static documentation and periodic audits, making them ill-suited for software-defined, virtualized RANs where configurations and intelligent applications (xApps/rApps) evolve in real-time.

The core solution involves integrating Large Language Models (LLMs) with a Retrieval-Augmented Generation (RAG) pipeline within autonomous AI agents. These agents go beyond simple prompt-response models; they are designed to perform closed-loop cycles of observation, reasoning, and action with minimal human intervention. The proposed architecture positions these agents across the AI-RAN stack: orchestration and security agents (e.g., for compliance, penetration testing) in the AI-on-RAN layer, near-real-time telemetry processing and threat response agents in the AI-for-RAN layer, all supported by cloud-based LLMs and knowledge bases.

The paper details several security use cases enabled by this paradigm, with a primary focus on autonomous security compliance. The authors introduce a unified compliance model that combines “compliance by design” (adherence to specifications during development) and “compliance by evidence” (runtime verification against live network states). A dedicated framework for this purpose is presented, intended for deployment within the Service Management and Orchestration (SMO) layer. Its key components include: a Policy Intelligence Hub that monitors evolving standards (3GPP, O-RAN Alliance); a Knowledge and Reasoning Base that processes these multimodal documents (text, tables, diagrams) into queryable chunks for the RAG pipeline; a Compliance Assessment Agent that uses the LLM+RAG to evaluate configuration artifacts, generate compliance decisions, propose remediations, and provide explainable justifications; and a Reflection Agent that reviews these outputs for accuracy and consistency.

An initial case study demonstrates the prototype’s ability to assess network configuration files against O-RAN and 3GPP security requirements. The paper then thoroughly discusses significant challenges for real-world deployment. These include LLM limitations such as hallucinations and a lack of telecom-specific knowledge, inconsistencies in vendor implementations of standards, and crucial operational considerations like the security of the agents themselves (e.g., prompt injection attacks), system transparency, and establishing trust in autonomous decisions. Finally, the authors outline essential future directions, emphasizing the urgent need for developing telecom-domain-specific foundation LLMs trained on relevant standards and operational data, and creating standardized evaluation frameworks to benchmark the performance and reliability of agentic AI systems in telecommunications security.