Ulrich Kohn analyzes security risks associated with the vCPE use case with a special focus on the virtualization layer and the virtual infrastructure manager. He describes attack vectors and explains technical controls provided with OpenStack to counter the emerging risk.