Chinese vendor ZTE announced the launch of its first cybersecurity lab in Nanjing, China.
ZTE said that the opening of this security lab will contribute with its goal of increasing transparency. The cybersecurity lab aims to provide global customers, regulators and other stakeholders with security assessment and audit services, such as source code review on ZTE products including 4G and 5G, security design audit, procedural document review, black box testing and penetration testing.
Furthermore, the cybersecurity lab will also facilitate in-depth research activities and explorations in the security field, ZTE said.
“The security lab is an open and cooperative platform for the industry,” said Zhong Hong, ZTE’s chief security officer. “ZTE plans to gradually achieve the cybersecurity goals through three steps: first, meeting the requirements of cybersecurity laws, regulations and industry standards as well as certification schemes; second, conducting an open dialogue to enhance transparency and establishing cooperation with customers as well as regulatory agencies; and third, sustaining the open cooperation mechanism to contribute to cybersecurity standardization.”
Moving forward, the company also said it will collaborate with security organizations to jointly conduct security assessment, certification, training and consulting.
During Mobile World Congress 2019, which took place in Barcelona in February, ZTE’s Chief Scientist Xiang Jiying had told reporters that the vendor also expected to open two additional labs in Italy and Belgium during 2019.
Moving forward, ZTE
said it will be considering the establishment of new labs in accordance with
its customers’ needs and business development.
In these labs, customers
will also have access to important technical documentation
of ZTE products and services. The labs will also provide manual and
automated security testing of the vendor’s products and services, the executive
“If anybody is concerned about the security of
our products, we can open the source code for customers and governments. If
they want, they can take a view of the source code and even scan the source
code of our products for monitoring,” the executive added.
During MWC, ZTE’s
Chief Security Officer Zhong Hong also said that ZTE had never received
any requests from any Chinese government agency to set up backdoors in its
“The source code of
our products can be opened to security audits by customers and professional
organizations through our security labs,” he added.
In order to achieve
an end-to-end secure delivery of products and services, ZTE said it
integrates security policies and controls into every phase of its product
lifecycle, which establishes a cybersecurity assurance mechanism covering areas
such as product development, supply chain and manufacturing, engineering
services, security incident management and verification and audits.
The move by ZTE to
increase its transparency around its products comes as the U.S. government
continues to press its case to the international community that using equipment
from Chinese equipment vendors poses both privacy and national security risks,
with Huawei as a particular target.