Secure Wireless Agile Networks (SWAN)

Lead Research Organisation: University of Bristol
Department Name: Electrical and Electronic Engineering

Abstract

Wireless access is an essential to the networks that underpin modern life, providing communications for people, vehicles, machines, infrastructure, and the wide variety of devices that will make up the Internet of Things (IoT). They will become increasingly important to support safe transportation and future healthcare. Society is increasingly vulnerable to network cyber attack, for motivations ranging from financial extortion through terrorist disruption to subversion. Cyber attacks can be mounted remotely through networks, making them attractive to malefactors who can operate safely and anonymously from anywhere in the world. Cyber defence and associated research has become critical, mainly directed at developing and rolling out technical encryption and authentication measures in the network protocols and embedding the essential processes in organisations. Nevertheless exploits continue as attackers discover new vulnerabilities that were not considered in the system design or arise through imperfect implementations. Fixing these requires updating both functionality and credentials of the network elements as threats emerge.

By contrast cyber-attack via the wireless interface, exploiting vulnerabilities in the physical layer and lower layers of the protocol stack, has received much less attention. As network originated exploits become more difficult it can be expected that more attacks will be mounted through the "air interface". The means to develop and mount such attacks are increasingly available with the proliferation of low cost software-defined radio (SDR) platforms and open-source software, and the ubiquity of potentially hackable wireless terminals. More research on this problem is needed to find solutions to be retrospectively applied to existing systems, influence the next generation of wireless standards, raise awareness of the potential problems, and train engineers to develop and embed defensive capability in radio standards and products. Crucial will be the ability to change the physical layer functionality, right to the antenna, by changing system software. This is not possible with current equipment or indeed envisaged in the 5G. Apart from countering the security threat, such technology will be needed to enable the future adoption of Dynamic Spectrum Access (DSA), in which, rather than frequency bands being administratively licensed to specific users, spectrum will be allocated dynamically according to evolving demand in space and time.

The project partners, Toshiba Research, Roke, University of Bristol, and GCHQ, share a vision of Secure Wireless Agile Networks (SWAN) to be developed in this research partnership.

The project scope will include technical deliverables; the shaping of policy and standards; and the training and career development of the SWAN teams. The co-created 5-year programme will integrate academic and industrial teams in activities that address the following Research Challenges (RCs).
1. Threat Synthesis & Assessment: how can RF interfaces be attacked, beyond the threats envisaged in their design?
2. RF Cyber Detection & Defence: techniques to detect RF cyber attack and mitigate their effects.
3. Cyber Secure Radio Design: designing radios whose RF characteristics can be updated in the field to deal with new threats, which also enable DSA.
4. Secure Dynamic Spectrum Access: enabling technology for securely sharing spectrum for most efficient usage.

The consequences of not addressing the above will potentially make the wireless channel an Open Attack Surface for cyber attack. SWAN's technological solutions will place the UK at the forefront of enabling the fundamental parameters and architectures of wireless systems to be adaptable to new spectrum and interface specifications; resilient to accidental or induced failures (such as jamming); and resistant to cyber-attack.

Planned Impact

The prime impact culminating from this Prosperity Partnership will be the significant reduction in the vulnerability of wireless enabled connectivity to RF Cyber-attacks through the adoption of SWAN's novel technologies. Given the increasing use of wireless in the control and management of our national infrastructure, remote health care monitoring as well as our daily use of WiFi and cellular communications, addressing this potentially critical issue is thus essential for our modern society here in the UK, and also world-wide. In addition, Ofcom's 2018 Spectrum Strategy incentivises use of spectrum sharing, aligning with US policy to enhance spectrum efficiency. It is therefore of paramount importance that the protocols must be secure and the enabling RF hardware agile and resilient to enable this paradigm shift in spectrum management.

SWAN results will be rapidly adopted and exploited by Toshiba and Roke in their day-to-day R&D activities. For example, Roke's investment in SWAN is via their Private Venture funding. Where Toshiba and Roke do not wish to commercialise SWAN technology, access to IP will be made available to other companies outside the Partnership, taking advice from our external advisory on appropriate routes to market. We anticipate there will also be considerable indirect economic benefits because our emphasis on future-proofed technologies will add resilience to critical infrastructure. An important programme objective is to apply SWAN technologies to Dynamic Spectrum Access to enhance spectrum utilisation whilst mitigating either intentional or non-intentional misuse. The consortium will therefore produce a white paper with recommendations on Dynamic Spectrum Access, which will be presented to Ofcom. The programme will most directly influence standards primarily through the industrial partners who participate in 3GPP and other standards bodies. Less directly, liaison with the security community will raise awareness of RF cyber threats which will feed into other participants in standards-making.

SWAN is ideally positioned to develop both academic and industrial leaders to influence the next generation of RF systems on a global scale. Phd students will be fully integrated into the SWAN research team and immersed in the Secure by Design ethos for RF systems. It is our goal that these students become future leaders and innovators in the field of RF and continue to act as advocates beyond their training.

Through academic links with the IET accreditation process of undergraduate and taught postgraduate programmes, we seek to make Secure by Design a major component of this assessment, thus propagating this ethos within the mind-set of future generations of engineers.

Publications

10 25 50