Abstract
Even though security research in cognitive radio offers specific countermeasures to address known threats, there are a number of unknown conditions or influences that will shape its eventual realization once it reaches capability maturity. To attempt to secure against such unknowns, this chapter describes a risk engine that can incorporate a risk assessment cognition cycle. In various business sectors, risk management is the preferred mechanism to address unknown conditions and therefore offers promise in this context. The chapter describes how the risk engine can potentially address the vulnerabilities inherent to radio operation: in the sensing/perception of spectrum, in the cognition cycle, or in the device infrastructure. It highlights some well-defined threats, their associated countermeasures, and suggests conceptual approaches for a risk engine to intervene in those scenarios. Finally, a case study is introduced to demonstrate an example risk engine's ability to accurately assess particular risks in a given operational environment as well as potentially detect adversarial actions.
TopBackground
There is an ongoing project to identify major innovations that would be required to create the foundation of the next generation of wireless devices (Wireless Innovation Forum). These innovations, either technical, business or regulatory, if realized, would address various perceived or real shortcomings in the wireless domain. “Top 10 Innovations” from The Wireless Innovation Forum are widely considered to have the most potential of improving the wireless communications experience. Without listing all ten innovations, two are of specific relevance to the concepts presented in this chapter. Innovation #7 call for a more context aware cognitive radio and Innovation #8 solicits interference mitigation techniques. The premise of a risk engine for the cognition cycle touches both areas and potentially offers an avenue for their further development.
The Software Defined Radio Forum has published a standard architecture for future cognitive radio development, as depicted in Figure 1. Two prominent aspects of this architecture are described as engines. The first, labeled the “cognitive engine,” tries to find a solution or optimize a performance goal based on inputs received from the operating environment and other parts of the radio. The second engine is the “policy engine” and is used to ensure that the solution is in compliance with regulatory rules and other policies external to the radio. This chapter will discuss the potential promise that can be found in a third, the “risk engine,” which evaluates set radio metrics against an understanding of its existing vulnerabilities and threats to assess risk to the radio.
Figure 1.
Standard architecture for cognitive radio development (Fette 2006, 222)
The criticality of this third engine lies with the uncertainties regarding a potential threat environment that may emerge upon the realization of cognitive radio implementations. To posture the radio for this uncertainty, there can be a synchronization of both the policy engine and a risk engine. If successfully incorporated into the cognition cycle, this would maintain the policy engine’s ability to provide a sense of conscious (i.e. right versus wrong) and have the risk engine create a sense of caution (i.e. unacceptable risk) to enhance the radio’s decision-making process.
It can be expected that radio frequency (RF) noise will be a constant threat to the radio, whether realized as attenuation or interference. Best characterized as environmental risk factors, such threats fall in the category of well-known challenges that have a basis in existing research and are elements considered in many spectrum access techniques. However, a less understood challenge will be the threats that are presented as adversarial risk factors. These risks represent the vulnerabilities that resulted from a transition to the SDR operational environment and utilization of a particular cognition cycle. Three of these general vulnerability areas are depicted in Figure 1. These are the areas that present uncertainty and therefore deserve additional attention.
Key Terms in this Chapter
Vegetation: Plants in the collective sense; in this literary context, forests.
Software Defined Radio: Radio technologies that have evolved from fixed hardware components and combined certain functions using aspects of digital technology and facilitating their dynamic configuration based on software programming.
Cognitive Radio: A radio incorporating an intelligent framework in order to capitalize on the newfound flexibility provided by software defined radio technologies.
Risk Management Framework: An assessment process for measuring existing threats, known vulnerabilities, and the consequential impact their intersection will have; then taking a select action to reduce that assessed risk (a.k.a. mitigation).
Vulnerability: A measured weakness or aspect of a system that can be exploited and cause significant harm.
Mitigation: An action taken to reduce the severity of an assessed risk.
Threat: A person or thing likely to cause damage.
Cognition Cycle: A decision cycle designed to imitate human cognition in order to establish the capability of a machine to pursue an objective after receiving inputs from the operational environment.
Countermeasure: An action taken to counteract a threat.
Obstacles: An object that blocks; in this literary context, buildings and other man-made structures.
Anomaly: Something that deviates from what is standard, normal, or expected.
Positive Train Control: A system of functional requirements for monitoring and controlling train movements to provide increased safety.
Precipitation: The presence of water in the air, often falling to the ground (fog, rain, snow, sleet, or hail).