"Network cybersecurity will no longer hinge solely on protection mechanisms bolted on after the fact: it will depend directly on how networks are designed, distributed, automated and operated." — Sébastien Faye, head of the Distributed & Intelligent Connectivity research group at LIST.
An architecture undergoing deep transformation
There was a time when securing a telecom network followed relatively straightforward logic: protect a defined perimeter, monitor a handful of entry points, control what came in and went out. 5G fundamentally changed that equation. 6G, expected by 2030, will finish the job.
Network functions will potentially be distributed across thousands of nodes — smart antennas, edge servers, industrial equipment, vehicles, sensors and terminals. Through the SmartSpires project, for instance, LIST is exploring how to bring artificial intelligence and computing power closer to where data is generated, rather than funnelling everything into large data centres.
This distributed architecture carries a promise: greater responsiveness, reduced latency, services tailored to each use case. But it also transforms the nature of cyber risk — the more equipment, software and AI is spread across the network, the more points requiring protection multiply. The attack surface becomes more dispersed, harder to control and more dynamic. This is a challenge that 6G must address from the ground up.
AI in the network: guardian and target at once
By design, 6G will be a network largely steered by artificial intelligence. But this AI will not be centralised: it will spread from the cloud all the way to the edge, down to individual devices. Autonomous algorithms will manage resources, predict failures and adjust network topology in real time.
"The challenge for 6G will be to distribute intelligence throughout the network — from cloud to edge, as close to users as possible — without losing control or trust." — Sébastien Faye, head of the Distributed & Intelligent Connectivity research group at LIST.
This leap introduces a new cybersecurity dimension: AI systems themselves become critical components that must be protected. Adversarial attacks — which seek to corrupt a model's decisions without triggering any visible alert — are a prime concern. Robustness, explainability and the ability to flag its own limitations therefore become design requirements on a par with performance or energy efficiency.
Building trustworthy AI into the network means building a trustworthy network for its users. This is one of the most structurally significant lines of research in 6G today.
The Digital Twin: stress-testing crises before they happen
It is with this perspective in mind that the Luxembourg Institute of Science and Technology (LIST) is coordinating 6G-TWIN, a project funded by the European Commission under the Horizon Europe programme. Its central approach: the network digital twin — a virtual replica of the physical infrastructure, updated in real time.
This digital twin makes it possible to test network resilience against incidents or attacks without exposing the real infrastructure. Complex scenarios can be simulated, security configurations tested, countermeasures validated and unintended side effects identified before touching the live system. In networks destined to evolve continuously, this testing capability becomes essential. For a network operator, it is the equivalent of what flight simulators represent for aviation: the ability to work through every conceivable scenario in a fully controlled environment.
Data at the core: privacy by design, not by addition
6G will also be a data infrastructure of unprecedented density. Location data, industrial sensors, health streams, usage behaviours — the volume and sensitivity of information flowing across these networks will have no precedent. Their protection must be considered upstream, built into the architecture from the outset.
LIST's position is one of privacy by design: data protection is part of the network, not something added to it. In practice, this means encryption suited to the data and the exchanges involved, strict minimisation of data collected at the edge, robust access controls and integrated traceability.
"The more data is collected, processed and cross-referenced between different network nodes, the wider the attack surface grows. Privacy by design is therefore not merely a compliance principle — it is a cybersecurity lever." — Qiang Tang, head of the Cybersecurity research group at LIST.
For Luxembourg organisations subject to GDPR, DORA and NIS2, this approach represents both an opportunity and an obligation: turning compliance into architecture, and trust into a genuine competitive advantage.
Luxembourg: a territory built for experimentation
Luxembourg brings together conditions that few territories can claim: a high density of decision-makers, an active research ecosystem, a responsive regulator, and a geographic position at the crossroads of cross-border corridors with France, Belgium and Germany. These are all assets for trialling and validating 6G security models at a manageable scale, before other countries are required to deploy them at mass.
This approach also fits squarely within the diagnosis of the Draghi report: European competitiveness will depend on our collective ability to master networks, cloud, AI and critical technologies together. What is being built at LIST today contributes directly to that — through the architectures, validation methods and standards that will define network security for the next two decades. In 6G, cybersecurity will not be a layer added on top of the network: it will have to become a property of the architecture itself.