In the telecommunications industry, a fundamental rethinking of network infrastructure is underway toward 2027. For a long time, operators relied on monolithic Business and Operations Support Systems (BSS/OSS) designed for traditional voice services and fixed-line communications. However, the era of 5G Standalone and dynamic network slicing requires management speeds that are physically impossible under conditions of manual configuration or the use of closed proprietary interfaces. Today, the transition from legacy monoliths to modular, cloud-native architectures is an essential step for launching autonomous networks and enabling AI-driven optimization.
Moving away from BSS/OSS monoliths as an industry challenge
Traditional BSS/OSS systems function as isolated information silos. Deploying a new service or scaling infrastructure often requires cascading updates across dozens of interconnected modules via complex point-to-point integrations. In a reality where the network must adapt to load changes in milliseconds, such an architecture becomes the primary barrier.
The complexity of integrating with legacy BSS/OSS systems, which approximately 53.7% of operators cite as a key obstacle, directly blocks automation. AI self-optimization algorithms require access points to collect real-time telemetry and dynamically manage Radio Access Network (RAN) or core network parameters. Without transitioning to standardized open interfaces, attempts to implement artificial intelligence lead to the creation of new isolated add-ons, which only increase operational chaos.
ODA and 5G Standalone: the foundation for self-optimization
To solve the problem of system isolation, the TM Forum consortium developed the Open Digital Architecture (ODA) standard. According to the official specification, ODA proposes replacing monolithic BSS/OSS with a component-based, API-first architecture. It defines software blocks that interact with each other exclusively through standardized Open APIs, allowing operators to replace legacy modules gradually.
In parallel, 3GPP architectural standards for 5G Standalone (5G SA) define the transition to a fully cloud-native core based on a service-oriented architecture (SBA). Services are broken down into microservices that scale independently. Together, ODA and 5G SA create the necessary landscape for AI-driven optimization:
- Dynamic charging: modular components allow for real-time service charging based on Quality of Service (QoS) parameters via Open APIs.
- Cloud-native core functions (5G Core): flexible deployment of network services in a containerized environment allows AI agents to allocate additional resources (e.g., UPF) closer to the subscriber during peak loads (Edge Computing).
- Network Slicing: instant creation of isolated virtual networks with guaranteed latency parameters for critical IoT systems.
Security of signaling protocols at the intersection of legacy and AI networks
Infrastructure modernization does not happen overnight, so operators are forced to maintain a hybrid environment. In this environment, the latest 5G cloud functions coexist with technologies from previous generations. According to the ENISA Threat Landscape 2025 report, the exploitation of legacy signaling protocols (SS7 and Diameter) remains one of the key security risks for mobile networks.
Vulnerabilities in these protocols are used for SMS interception, geolocation tracking, and fraud. Global financial losses from telecommunications fraud in 2025 are estimated at approximately 41.82 billion USD, according to the CFCA Global Fraud Loss Survey.
While implementing artificial intelligence cannot change the fundamental flaws of the SS7 protocol, automated AI monitoring acts as a critical layer of defense. Machine learning algorithms can detect anomalous signaling traffic patterns (e.g., an attempt to register the same IMSI in remote locations within minutes) and automatically block compromised sessions.
Practical modernization steps: an integration layer based on UnityBase
Preparing infrastructure for the implementation of autonomous networks requires building a reliable technological bridge between legacy systems and AI tools. To solve this task, the Intecracy Group—an alliance of independent companies linked by partner agreements and share exchanges—utilizes the low-code, model-driven platform UnityBase. It is a joint development of the alliance companies (where InBase acts as a key, but not the only, developer).
UnityBase allows for the deployment of a high-performance integration layer on top of a telecom operator's legacy systems. Thanks to the Domain metadata concept, a single model describes the data structure and business logic, automatically generating REST APIs. This allows AI modules to securely retrieve metrics from legacy systems. Using the platform provides several architectural advantages:
- Asynchronous processing: a non-blocking HTTP(S) core based on the multi-threaded SpiderMonkey JavaScript engine allows for high transactional loads during integration data exchange.
- Isolation and access control: built-in Role-Based Access Control (RBAC) and Row-Level Security (RLS) mechanisms ensure restricted access to sensitive telemetry. For critical infrastructure projects with heightened requirements, official documentation recommends Enterprise or Defence commercial editions (with support for extended auditing and integration with external authentication systems).
- Model-driven approach: accelerates the development of new API interfaces, ensuring up to a 27.7% reduction in time-to-market for new integrations.
| Maturity Level | BSS/OSS Architectural Approach | Role of Automation and AI | Signaling Security |
|---|---|---|---|
| Level 1: Monolithic | Legacy BSS/OSS, manual configuration management, closed proprietary interfaces. | Reactive incident resolution after reports, no AI components. | High risks due to the insecurity of legacy signaling protocols. |
| Level 2: Hybrid | Initial adoption of Open APIs, partial virtualization of network functions. | Reactive monitoring, use of scripts for basic automation. | Implementation of basic anomaly detection systems in traffic. |
| Level 3: Cloud-Native | 5G Core service-oriented architecture, compliance with TM Forum ODA principles. | Automated service deployment (CI/CD), dynamic network slicing. | Traffic encryption at the service level, API protection, SIEM integration. |
| Level 4: Autonomous | Fully component-based architecture, integrated via API-first approach. | AI-based self-optimization, real-time dynamic slicing. | AI-driven fraud detection, proactive attack prevention. |
FAQ
What is Open Digital Architecture (ODA) in the context of telecommunications?
Open Digital Architecture (ODA) is a standard and architectural framework from the TM Forum, created to replace monolithic BSS/OSS systems with a modular, component-based architecture where blocks interact exclusively through standardized Open APIs.
How do legacy SS7 and Diameter protocols affect 5G network security?
Due to the need to maintain compatibility with previous generation networks (3G/4G), vulnerabilities in SS7 and Diameter protocols remain an active threat. They are exploited for SMS interception, geolocation tracking, and financial fraud. Automated machine learning-based monitoring allows for the detection of such anomalies in hybrid networks.
What are the first steps in modernizing legacy OSS to support AI technologies?
The key first step is creating a modern integration API layer on top of legacy systems to extract telemetry in real time. Using platforms like UnityBase allows for the rapid deployment of secure REST APIs based on a single domain model, providing AI algorithms with the necessary data without compromising the stability of the network core.