Integrated Sensing and Communication (ISAC) in 5G Open Radio Access Network (OpenRAN) faces critical security vulnerabilities—including passive eavesdropping, spoofing, and privacy leakage—as well as tight architectural coupling between communication and sensing functions. Method: This paper proposes a lightweight, modular ISAC deployment framework leveraging existing fronthaul interfaces and sniffing-capable radio units. It introduces a single-site half-duplex sensing architecture wherein radar signal generation and processing are flexibly distributed across the Radio Unit (RU), Distributed Unit (DU), or Centralized Unit (CU). I/Q data encryption and control-plane signaling protection mechanisms are integrated to mitigate adversarial threats. Contribution/Results: To our knowledge, this is the first OpenRAN-native ISAC solution achieving functional decoupling of communication and sensing with minimal hardware modifications. It supports both public and private network deployments and adapts to diverse operational scenarios. Moreover, it provides a 3GPP-compliant evolutionary pathway toward 6G ISAC. Experimental evaluation confirms preserved communication performance while significantly enhancing sensing security and system scalability.

This paper analyzes the functional requirements and architectural considerations for Integrated Sensing and Communication ( ISAC) in a 5G Open Radio Access Network (OpenRAN) environment, with emphasis on secure and modular deployment. Focusing on a mono-static, half-duplex sensing approach, it evaluates radar setup options, signal types, and processing placement within the Radio Access Network ( RAN), considering performance and security implications. The proposed architecture minimizes hardware modifications by leveraging sniffer Radio Units (RU s) and existing OpenRAN fronthaul interfaces, while protecting sensitive In-phase and Quadrature (I/Q) data and control traffic against potential attacks. Security threats, such as passive sensing, spoofing, and privacy violations, are mapped to mitigation strategies within the OpenRAN framework. The result is a deployment blueprint applicable to both Public Land Mobile Networks ( PLMNs) and Non-Public Networks (NPNs), supporting future 6G ISAC capabilities in a standards-compliant manner.