A top cyber-security official has said Huawei's "shoddy" engineering practices mean its mobile network equipment could be banned from Westminster and other sensitive parts of the UK.
GCHQ’s Dr Ian Levy told BBC Panorama the Chinese telecom giant also faced being barred from what he described as the “brains” of the 5G networks.
The UK government is expected to reveal in May whether it will restrict or even ban the company’s 5G technology.
Huawei said it would address concerns.
Last month, a GCHQ-backed security review of the company said it would be difficult to risk-manage Huawei’s future products until defects in its cyber-security processes were fixed.
It added that technical issues with the company’s approach to software development had resulted in vulnerabilities in existing products, which in some cases had not been fixed, despite having being identified in previous versions.
In his first broadcast interview, the executive in charge of the firm’s telecoms equipment division said he planned to spend more than the $2bn (£1.5bn) already committed to a “transformation programme” to tackle the problems identified.
“We hope to turn this challenge into an opportunity moving forward,” said Ryan Ding, chief executive of Huawei’s carrier business group.
“I believe that if we can carry out this programme as planned, Huawei will become the strongest player in the telecom industry in terms of security and reliability.”
However, Dr Levy – the technical director of GCHQ’s National Cyber Security Centre – said he had yet to be convinced.
“The security in Huawei is like nothing else – it’s engineering like it’s back in the year 2000 – it’s very, very shoddy.
“We’ve seen nothing to give us any confidence that the transformation programme is going to do what they say it’s going to do.”
He added that “geographic restrictions – maybe there’s no Huawei radio [equipment] in Westminster” was now one option for ministers to consider.
Mobile UK – an industry group representing Vodafone, BT, O2 and Three – has warned that preventing Huawei from being involved in the UK’s 5G rollout could cost the country’s economy up to £6.8bn and delay the launch of its next-generation networks by up to two years.
Those already using Huawei’s equipment have opted to keep it out of what is known as the core of their networks, where tasks such as checking device IDs and deciding how to route voice and data take place.
EE used to make use of Huawei’s gear in its 3G and 4G core, but BT is currently stripping it out after buying the business.
The industry does, however, want to use Huawei’s radio access network (Ran) equipment – including its antennae and base stations. These allow individual devices to wirelessly connect to their mobile data networks via radio signals transmitted over the airwaves.
For its part, Huawei says the Chinese government would never ask it to install backdoors or other vulnerabilities into its foreign clients’ systems, and even if such a request were made it would refuse.
And Mr Ding dismissed suggestions that this commitment would fall by the wayside if the US and China were to go to war.
“We have a country here that virtually uses no Huawei equipment and doesn’t even know whether our 5G equipment is square or round, and yet it has been incessantly expressing security concerns over Huawei,” he said.
“I don’t want to speculate on whether they have other purposes with this kind of talk. I would rather focus the limited time that I have on making better products.”