Network Slicing Isolation: Confirm that each network slice (eMMB, URLLC, mMTC) is logically isolated at the NSSF (Network Slice Selection Function) level. Verify that no unauthorized inter-slice data leakage occurs.

Service-Based Architecture (SBA) Security: Mutual TLS (mTLS): Are all HTTP/2 interfaces (Nnrf, Namf, Nsmf) protected via certificate-based mutual authentication? OAuth2 Authorization: Is access to service-based interfaces (SBI) controlled via NRF (Network Repository Function) access tokens?

User Plane Security (UPF): Verify that GTP-U traffic is encapsulated correctly and integrity-protected. Confirm that the UPF (User Plane Function) performs packet-level filtering (DPI).

SEPP Authentication: Verify that the Security Edge Protection Proxy (SEPP) is active and requires strong authentication for N32 roaming interfaces.

Cross-Operator Trust: Does the network use the itu-t Y.3101 trust model for foreign PLMN (Public Land Mobile Network) interconnection?

Message Sanitization: Are non-standard information elements (IEs) from visited networks stripped at the border?

Latency Verification: Does the URLLC (Ultra-Reliable Low-Latency Communication) slice meet the latency targets (<1ms)?

Massive IoT (mMTC): Confirm that the control plane can handle 10^6 devices per km^2 without degradation.

Failover & Resilience: Verify that the network functions (NFs) are stateless and support rapid scale-out/failover.