Specialist Task Force 502:
Reconfigurable Radio Security
Who we are:
What we do
The objective of the STF is to assist TC RRS WG3 in the definition of the security problem statement and to define the requirements for security features, services and mechanisms to address said problem.
For more details, see our Terms of Reference
Why we do it
Reconfigurable Radio Systems (RRS) provide a framework in which a device (the Reconfigurable Equipment) can have Radio Applications installed that provide modifications to the radio connectivity capabilities of the RE (e.g. adding LTE or Wi-Fi modes). Whilst RRS has similarities to Software Defined Radio at first glance in that the applications are software entities, RRS makes wider assumptions of the openness of the hardware and software platforms to Radio Application Providers. The RRS framework allows for installed Radio Application to be updated, or new Radio Applications to be installed on the Reconfigurable Equipment, thus enabling RRS-compatible devices to support future Radio Access Technologies.
Bringing great flexibility, RRS will be a critical enabler for next generation Software Defined Radio and Cognitive Radio networks, since it will be possible to regularly upgrade devices with new capabilities. Combined with the existing reconfiguration features of network equipment, this will allow for reconfiguration of the whole radio network as new access and cognitive radio methods are devised.
These new capabilities bring new security challenges. The STF focuses on securing the RRS framework itself and in particular the Radio Application update mechanism, which can be an efficient remediation mechanism. It is very important to guaranty the integrity of Radio Applications and prevent their use as attack vectors against Reconfigurable Equipment or the network. Inappropriate use of the radio spectrum can have harmful consequences (in particular to health) and as such RRS security shall provide safeguards towards maintaining compliance with spectrum regulations (in particular the European Radio Equipment Directive, 2014/23/EU). RRS security must also complement Cognitive Radio and various Radio Access Technologies. However, the most challenging aspect that awaits the industry in the near future will be the continuous mutability of the network, which will make it harder to spot abnormal behaviour.
How we do it
The STF carries the analysis for RRS security using the TVRA (ETSI TS 102 165-1) method and works in close coordination with its parent group, TC RRS WG3. The draft deliverables will be reviewed by TC CYBER.
A presentation on the future of Software Defined Radio, building on the results of the STF, will be given during the ETSI Workshop on Future Radio Technologies, January 27-28, 2016.
The STF will produce a Technical Report on security use cases and threats for Reconfigurable Radio Systems (DTR/RRS-03010, TR 103 087), as well as a Technical Specification covering security requirements (DTS/RRS-03012). ETSI members are encouraged to review the drafts and provide comments.
A stable draft of the Technical Report is expected in mid-December 2015. A stable draft of the Technical Specification is expected by the end of February, 2016.
Interested parties can contact us under the following e-mail addresses: firstname.lastname@example.org, email@example.com.
Contact information for TC RRS WG3 can be found on the ETSI portal (https://portal.etsi.org/).