Classes of Attacks for Tactical Software Defined Radios

Classes of Attacks for Tactical Software Defined Radios

Fabrício A. B. da Silva (Information Technology Division, Brazilian Army Technological Center, Rio de Janeiro, Brazil), David F. C. Moura (Information Technology Division, Brazilian Army Technological Center, Rio de Janeiro, Brazil) and Juraci F. Galdino (Information Technology Division, Electrical Engineering Department, Brazilian Army Technological Center and Military Institute of Engineering, Rio de Janeiro, Brazil)
DOI: 10.4018/jertcs.2012100104

Abstract

This survey presents a classification of attacks that Software Communications Architecture (SCA) compliant Software Defined Radios (SDR) can suffer. This paper also discusses how attack mitigation strategies can impact the development of a SCA-compliant software infrastructure and identifies several research directions related to SDR security. The SCA standard was originally proposed by the Joint Tactical Radio System program (JTRS), which is a program for the development of military tactical radios sponsored by the US Department of Defense. The classification presented in this paper is based on attack results on the radio set, which can also be associated with the adversary’s objectives when planning an intrusion. The identification of classes of attacks on a radio, along with the associated threats and vulnerabilities, is the first step in engineering a secure SDR system. It precedes the identification of security requirements and the development of security mechanisms. Therefore, the identification of classes of attacks is a necessary step for the definition of realistic and relevant security requirements.
Article Preview

Introduction

In the past, military radio design was totally focused on dedicated electronic components. Afterwards, we have witnessed the appearance of software configurable radios (SCR), in which users have the opportunity to choose the most appropriate waveforms for different combat scenarios. In recent years, though, the development of radio communication technology solutions have been submitted to a huge paradigm change - the software defined radio (SDR) technology upspring, in which previously hardware-based features became software defined and users may also introduce new application waveforms on-the-fly.

Such progress is due to several enhancements in different areas like embedded systems, analog-to-digital converters, digital transmission, digital signal processing, multi-band antennas, software architectures, and especially in novel General-Purpose Processors (GPP) evaluation capacity. Based on that, SDR foreshadows important consequences and advantages for the development of wireless solutions for military communications systems. Among the envisioned features, we can list interoperability, waveform portability, and the possibility to be updated with the most recent advances in radio communications without hardware replacement requirements. Moreover, SDR is envisioned as the most appropriate platform for cognitive radio development.

At a glance, the high level functional model of a SDR consists of a front end RF subsystem which performs channel selection, down-conversion to baseband, and data forwarding onto a software-based processing unit, where the associated digital bitstream is submitted onto appropriate layers (e.g., data link, network, security modules) to perform suitable decoding tasks to extract the desired information. This process is reversed on the transmit side, where the input signal is coded and a modulated signal bearing the associated information suitable for transmission is created. This signal is then passed to the RF subsystem for insertion into the wireless channel.

Due to the multitude of concepts related to the described functional model, several efforts have been done towards the standardization of key elements within the SDR architecture, providing a common platform for the development of SDR sets. The standards supported may be proprietary or industry-developed through a consensus process – while the former approach brings product differentiation to manufacturers, the latter strategy commoditizes the technology, allowing support by third parties in creating the radio platform to achieve specific business objectives.

One of the most typical areas of standardization is the application framework, which provides a common software operation environment, with vendor-free interfaces to set up, configure, control and release application waveforms under operation on a SDR platform. Among several examples of application frameworks relevant to SDR systems, we may cite the Open Mobile Alliance, the Service Availability Forum, and the Software Communications Architecture (SCA) supported by the SDR Forum’s SCA Working Group.

The SCA standard was originally proposed by the Joint Tactical Radio System program (JTRS) (SCA, 2001, 2006, 2012), which is a program for the development of military tactical radios sponsored by the US Department of Defense. The SCA / JTRS standard is becoming the de facto standard for the construction of tactical military radios. However, the interest in the SCA goes beyond the military domain, since this standard has inspired academic and commercial projects (Gonzalez, Carlos, Dietrich, & Reed, 2009).

Given its growing importance for SDR application vendors and developers in different project domains, one of the first steps in engineering a secure SDR system is the identification of classes of attacks on a SDR, along with the associated threats and vulnerabilities. It precedes the identification of security requirements and the development of security mechanisms (Myagmar, Lee, & Yurcik, 2005). Therefore, the identification of classes of attacks is necessary for the definition of realistic and relevant security requirements.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 9: 2 Issues (2018)
Volume 8: 2 Issues (2017)
Volume 7: 2 Issues (2016)
Volume 6: 2 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing