InterfO-RAN: Interface-Centric Open RAN Research
- InterfO-RAN is a research area focused on open, interface-centric control in O-RAN systems to enhance interference mitigation, orchestration, and interoperability testing.
- Studies demonstrate that leveraging O-RAN control loops and AI-driven scheduling can significantly improve throughput and reduce interference in multi-user scenarios.
- Research highlights the dual-use nature of exposed analytics via the Y1 interface, balancing orchestration benefits with potential security vulnerabilities.
Searching arXiv for InterfO-RAN and closely related O-RAN interface papers. InterfO-RAN is a label used in recent arXiv literature for interface-centric work on Open Radio Access Networks in which interference handling, interoperability, and control intelligence are mediated through open O-RAN interfaces rather than through monolithic vendor-specific mechanisms. In the cited literature, the term covers interference mitigation and spectrum coordination, analytics-driven orchestration and misuse of exposed telemetry, real-time interference detection embedded in the DU PHY pipeline, and interface-level conformance, interoperability, and security analysis across O-RAN components (Chu et al., 12 Feb 2025, Ganiyu et al., 5 Sep 2025, Santhi et al., 31 Jul 2025, Gemmi et al., 2024).
| Usage in the literature | Representative papers | Technical focus |
|---|---|---|
| Interference optimization | (Chu et al., 12 Feb 2025, Gopal et al., 2024, Giannopoulos et al., 20 Jan 2026) | CF-MIMO, spectrum sharing, graph-based PRB allocation |
| Analytics exposure and Y1 | (Ganiyu et al., 5 Sep 2025, Shah et al., 12 Jul 2025) | RAN Analytics Information, orchestration, selective interference |
| Real-time interference detection | (Santhi et al., 31 Jul 2025) | GPU-accelerated dApp on the UL PHY path |
| Interface validation and security | (Nguyen et al., 2024, Gemmi et al., 2024, Groen et al., 2024, Abdalla et al., 2023) | OTIC testing, open fronthaul, E2 and fronthaul hardening |
1. Architectural setting and interface model
InterfO-RAN work is anchored in the standard O-RAN decomposition of the RAN into O-RU, O-DU, O-CU, near-RT RIC, Non-RT RIC, SMO, and O-Cloud, with open interfaces including Open Fronthaul, E2, A1, O1, and O2 (Thiruvasagam et al., 2023, Abdalla et al., 2023). The near-RT RIC operates at – timescales, while the Non-RT RIC operates at seconds and above; current O-RAN interfaces support non-RT and near-RT loops, but the literature explicitly treats sub- real-time control as outside the capability of the current standardized control path and motivates either DU-local mechanisms or proposed real-time extensions (Abdalla et al., 2021).
This interface structure is central because InterfO-RAN research treats interfaces not merely as transport links but as loci for observability, control, policy exchange, testing, and attack surface expansion. Open Fronthaul exposes C-, U-, M-, and S-plane behavior; E2 connects E2 nodes to the near-RT RIC for measurements and control; A1 conveys policies and model guidance; O1 carries FCAPS and telemetry; and Y1, in the more recent literature, exposes RAN Analytics Information from the near-RT RIC to authorized consumers (Ganiyu et al., 5 Sep 2025, Thiruvasagam et al., 2023). This suggests that the term denotes a family of interface-centric design problems rather than a single algorithm or product.
2. Interference optimization through O-RAN control loops
One major meaning of InterfO-RAN is interference management and optimization in programmable O-RAN systems. In an O-RAN-based cell-free MIMO testbed, distributed USRP X310 RUs, a modified srsRAN DU/CU, an OSC near-RT RIC, and an intelligent antenna association xApp were used to mitigate interference for interference-prone users through UL MU-MIMO with ZF combining and per-UE antenna selection over E2SM-KPM and E2SM-RC (Chu et al., 12 Feb 2025). The UL signal model is expressed as , with ZF combining , and the xApp decides a binary antenna-selection vector per UE subject to processing-time and scheduling constraints. In that testbed, a single UE achieved approximately in SU-MIMO UL, while two UEs in MU-MIMO UL achieved approximately each, or approximately total, corresponding to an approximately increase in UL cell throughput versus the SU baseline; the xApp also reduced processor power by up to approximately per antenna and PUSCH processing time by up to approximately 0 per antenna when poorly contributing antennas were removed (Chu et al., 12 Feb 2025).
A second line of work uses O-RAN control loops for proactive spectrum coordination rather than PHY combining. ProSAS formulates LTE/NR spectrum sharing as a convex optimization driven by demand forecasts exchanged across O1, A1, and E2, with ARIMA yielding the lowest RMSE for LTE and ConvLSTM yielding the lowest RMSE for NR in the reported evaluation (Gopal et al., 2024). The objective is to minimize normalized surplus and deficit under a policy weight 1, and the framework compares an OPTmax variant based on peak demand with an OPTavg variant based on mean and variance. At hourly granularity, the paper reports 2, 3, 4, 5, 6, and 7, and shows that OPTavg widens the region of perfect fairness when the shared PRB pool is moderate (Gopal et al., 2024).
A third line extends this toward interoperable rApp/xApp control. A mobility-aware dynamic spectrum allocation framework places traffic prediction in a Non-RT RIC rApp and sub-second PRB assignment in a near-RT RIC xApp, using A1 to convey a policy tuple 8 and E2 to enforce scheduling (Giannopoulos et al., 20 Jan 2026). The xApp constructs a user-centric conflict graph and solves a weighted graph-coloring problem, then applies conflict-aware modified proportional fair scheduling with
9
and
0
The reported simulation results show PRB assignment success rate above 1 and service-share fairness above 2 across channel configurations and user demands (Giannopoulos et al., 20 Jan 2026).
Taken together, these works define InterfO-RAN as proactive, interface-mediated interference coordination across timescales: DU-local signal processing and scheduling remain critical, but open interfaces permit policy-driven adaptation, per-UE antenna control, and multi-RAT or multi-cell spectrum management.
3. Y1 analytics exposure as both orchestration primitive and attack surface
A distinct, and increasingly important, InterfO-RAN theme is the exposure of RAN Analytics Information through the Y1 interface. Y1 is defined as a northbound exposure interface through which a Y1 Producer co-located with the near-RT RIC delivers RAN Analytics Information to authorized Y1 Consumers via REST/HTTPS with mutual TLS, reading analytics from the RIC Shared Data Layer backed by Redis and filtering results according to subscription queries and periodic or event-based notifications (Ganiyu et al., 5 Sep 2025). In the reported implementation, a Y1 consumer requests RAI_Subscription, and the producer streams JSON-encoded metrics including subscription_id, rai_content, timestamp, and validity_period at a 3 period (Ganiyu et al., 5 Sep 2025).
The same exposure mechanism supports benign cross-layer orchestration. In CAORA, custom near-RT RIC xApps expose radio KPIs such as RNTI counts, throughput, latency, and aggregate load via Y1 to an end-to-end orchestrator, which combines a SpikeAwareLSTM forecaster with a Soft Actor-Critic agent to manage GPU/MIG partitions for shared AI and RAN workloads (Shah et al., 12 Jul 2025). Using Barcelona 5G traces, the framework reports near 4 fulfillment of RAN demands and high infrastructure utilization, with scenario-specific results including approximately 5 RAN completion in Les Corts–Camp Nou and approximately 6 RAN and approximately 7 AI completion in Poble Sec (Shah et al., 12 Jul 2025). This establishes Y1 as a control-adjacent analytics path: it does not carry direct RAN control, but it materially shapes resource decisions.
The same exposure can also be abused. A dedicated study shows that a malicious or compromised Y1 consumer, even when restricted to allowed aggregated analytics and without altering RAN or RIC state, can forward downlink metrics to an external jammer and launch selective interference (Ganiyu et al., 5 Sep 2025). Two Y1-aided strategies were evaluated on an over-the-air LTE/5G O-RAN testbed: a threshold-based jammer using the decision rule
8
and a DBSCAN-based jammer operating on standardized feature vectors 9 with offline parameters 0 and 1 (Ganiyu et al., 5 Sep 2025). In unconstrained budgets, the threshold jammer achieved BLER approximately 2, SNR approximately 3, bitrate approximately 4, and activity approximately 5, closely tracking always-on jamming while reducing transmission time by about 6. Under constrained budgets, the clustering-based jammer caused up to an approximately 7 bitrate drop while remaining active only approximately 8 of the time (Ganiyu et al., 5 Sep 2025).
The central implication is not that Y1 is intrinsically harmful or intrinsically beneficial. Rather, the literature shows that exposed analytics are dual-use: they can drive predictive orchestration, but they can also provide a low-latency reconnaissance channel into downlink behavior. This duality is one of the clearest modern expressions of InterfO-RAN.
4. Real-time uplink interference detection in the DU PHY pipeline
Another usage of InterfO-RAN is defensive and PHY-facing: real-time, in-band uplink interference detection inside the gNB processing chain. A GPU-accelerated dApp integrated into NVIDIA Aerial cuBB as a post-PUSCH component processes raw pre-equalization I/Q samples and PHY KPIs to classify UL slots as CLEAN or INTERF (Santhi et al., 31 Jul 2025). The implementation accesses I/Q samples before MMSE-IRC, together with RSSI, RSRP, SINR, MCS index, MCS table index, CB error sum, and total CB count, with total feature payload up to 9 bytes per UL transport block (Santhi et al., 31 Jul 2025). The I/Q tensor is reshaped from contiguous storage into 0, corresponding to 1 OFDM symbols and 2 subcarriers for 3 bandwidth at 4 SCS (Santhi et al., 31 Jul 2025).
The deployed CNN uses two convolutional blocks—first 5/6 filters, then 7/8 filters, each with 9 kernels and ReLU—followed by pooling, feature flattening, scalar concatenation, and a dense softmax classifier (Santhi et al., 31 Jul 2025). The model was trained and tested on more than 0 NR UL slots collected across two buildings with commercial RUs and COTS UEs, with transfer learning from one site to another (Santhi et al., 31 Jul 2025). Reported OTA performance for the best deployed model is 1 accuracy, 2 specificity, and 3 recall in a familiar RF environment, and 4 accuracy, 5 specificity, and 6 recall in an unseen RF environment (Santhi et al., 31 Jul 2025).
Latency is the decisive systems result. Standalone ONNX Runtime inference on CPU took 7, CUDA EP took 8, and TensorRT EP took 9, while the integrated dApp achieved average inference times of 0 for the smaller 1 model and 2 for the larger 3 model, with detection consistently under 4 (Santhi et al., 31 Jul 2025). Because NVIDIA Aerial cuBB operates at 5, corresponding to a 6 NR slot, the dApp is positioned as a post-PUSCH stage that remains actionable for subsequent slots or subframes rather than as a replacement for immediate slot-internal PHY control (Santhi et al., 31 Jul 2025).
This line of work gives InterfO-RAN a concrete defensive interpretation: open, programmable RAN functions can host slot-scale interference intelligence directly in the DU pipeline, provided that acceleration and memory placement are engineered carefully.
5. Interoperability, OTIC practice, and repeatable interface validation
InterfO-RAN also denotes interface-centric interoperability and testing. A cross-lab conformance study between Japan OTIC and Asia Pacific OTIC in Singapore executed O-RAN WG4-aligned M-plane, UC-plane, and S-plane tests for an mMIMO O-RU and reported PASS for all listed cases in both labs (Nguyen et al., 2024). The executed suite included M-plane transport, subscription, supervision, alarm, software update, configurability, troubleshooting, and trace tests; UC-plane base, extended, RB-parameter, beamforming, DLM, and PRACH scenarios; and S-plane functional and performance tests using the ITU-T G.8275.1 profile (LLS-C1/C2/C3) (Nguyen et al., 2024). The reported result is binary and stringent: identical PASS outcomes across both OTICs.
The operational backdrop for such work is the Wraparound Testing methodology, in which testing equipment emulates interface peers around the device under test. The Open6G OTIC blueprint makes this explicit by treating each O-RAN or 3GPP interface as a programmable slice implemented through VLAN-based interface separation, programmable switches, synchronized clocking, RF and digital test equipment, impairment generators, and multi-tenant network segmentation (Gemmi et al., 2024). The blueprint reserves distinct networks for F1, NG, O1, E1, and OFH M-plane, keeps OFH CU-plane at L2 only, and combines data-center-hosted digital assets with RF-lab instrumentation such as VSTs and anechoic-chamber support (Gemmi et al., 2024).
These works extend InterfO-RAN beyond runtime optimization. They show that once the RAN is decomposed into openly specified interfaces, interoperability is no longer a secondary integration task; it becomes a first-class experimental and certification domain. Repeatable interface testing is therefore part of the same intellectual space as interference-aware control, because both depend on exact behavior at interface boundaries.
6. Security trade-offs, misconceptions, and research trajectory
The most persistent controversy surrounding InterfO-RAN is whether open interfaces primarily enable innovation or primarily enlarge the attack surface. The literature does not support either extreme. It consistently argues that openness, disaggregation, AI control, and cloud-native deployment expand the threat surface compared with monolithic 3GPP RANs, but it also shows that those same interfaces enable observability, orchestration, and advanced testing that closed systems do not provide (Abdalla et al., 2023, Liyanage et al., 2022, Thiruvasagam et al., 2023).
Security analysis is especially detailed for E2 and Open Fronthaul. One experimental study evaluates IPsec ESP on E2 and MACsec on Open Fronthaul, reporting that E2 SACK round-trip delay increases from approximately 7 to approximately 8 under encryption, for an overhead of approximately 9 and a percent increase of approximately 0; for typical E2 traffic volumes, this is judged small relative to near-RT loops (Groen et al., 2024). The same study reports ciphertext throughput of approximately 1 for AES256-CBC and approximately 2 for AES256-GCM, showing that algorithm choice materially affects performance (Groen et al., 2024). On fronthaul, MACsec without encryption adds approximately 3 on small packets and approximately 4 at 5, while MACsec with AES-GCM-128 reaches approximately 6 at 7 and adds approximately 8 latency under high load compared with integrity-only mode (Groen et al., 2024). This motivates per-plane security rather than uniform encryption.
A second security theme is that transport protection is necessary but not sufficient. Holistic O-RAN security work emphasizes secure transport for E2 and other open interfaces, but also xApp/rApp isolation, visibility and auditing, secure cloud practices, and AI robustness (Groen et al., 2023). In one experiment, prepending an autoencoder to a DRL xApp reduced normalized Euclidean distance between intended and attacked actions by approximately 9 for scheduling and by more than 0 for slicing under KPI perturbation (Groen et al., 2023). Separate threat analyses stress rogue O-RUs, PTP delay manipulation, malicious or conflicting xApps, improper authentication and authorization in SMO and RIC components, and supply-chain risk across multi-vendor O-Cloud environments (Liyanage et al., 2022, Abdalla et al., 2023).
A common misconception is that mutual TLS, TLS, IPsec, or 802.1X alone close the problem. The Y1 misuse results show why this is incomplete: secure exposure can still enable a trusted but malicious consumer to conduct analytics-driven selective interference if there is no deep behavioral auditing of post-authenticated consumers (Ganiyu et al., 5 Sep 2025). Another misconception is that InterfO-RAN is solely about defense; the literature demonstrates offensive misuse, benign orchestration, defensive detection, interference mitigation, and standards-driven interoperability testing within the same interface-centric frame.
The research trajectory therefore points in multiple directions already identified in the literature: formal risk scoring of RAN analytics fields and temporal granularities, behavioral analytics for Y1 and SEF consumers, adaptive scheduling and coding against analytics-driven jamming, standardization of Y1 telemetry schemas and policy hooks, automated E2/A1 testing in OTIC environments, and stronger zero-trust and chain-of-trust mechanisms for open, multi-vendor RAN deployments (Ganiyu et al., 5 Sep 2025, Shah et al., 12 Jul 2025, Gemmi et al., 2024, Abdalla et al., 2021). InterfO-RAN, in this broader sense, is the study of what becomes possible—and what becomes vulnerable—when interference handling, control, and validation are relocated to explicit interfaces in an open RAN architecture.