CCSDS Security Working Group Spring 2014 Meeting 31 March – 1 April 2014 Noordwijkerhout, The Netherlands Charles Sheehe NASA/Glenn
Dynamic Spectrum Access and Cognitive Radio Risks Charles Sheehe
Objective of the risks discussion To recommend that the threat book be updated with the threats to these emergent technologies. To recommend that a Green Book developed to provide guidance to the users of the emergent technologies.
Back Ground
The shared use of spectrum between primary and secondary users. Primes are by license allowed the access and use of chunk of spectrum with out interference Secondary users are allowed to use the spectrum on a non- interfering basis Some systems designate the primary stations as the control station. Some systems require active sensing for primary stations Some systems allow low level wide band in conjunction with primary and secondary users All systems require more complicated spectrum access and control functions in the radios, like geo-location, spectrum sensing, transmitter and receiver, active management and spectrum management control channel negotiations (M2M) communications. What is Dynamic Spectrum Access
What is a Cognitive Radio FCC definition: A cognitive radio is, a radio that can change its transmitter parameters based on interaction with the environment in which it operates. Wireless Innovation Forums: – a.) Radio in which communication systems are aware of their environment and internal state and can make decisions about their radio operating behavior based on that information and predefined objectives. The environmental information may or may not include location information related to communication systems. – b.) Cognitive Radio (as defined in a.) that utilizes Software Defined Radio, Adaptive Radio, and other technologies to automatically adjust its behavior or operations to achieve desired objectives IEEE: IEEE recognizes that the terminology commonly used is “cognitive radio.” However, generally the cognitive functionality may be outside the boundary normally associated with a radio (e.g., environment sensing is a cognitive function that is not normally part of a radio) Cognitive Control Mechanism: Cognitive control mechanism is the mechanism through which cognitive radio decisions are implemented. WINNF Intelligent Radio: Cognitive radio that is capable of machine learning. WINNF The World Radio Conference, Lisbon, 19 September 2013 a workshop on the Cognitive Radio Future Networks Projects “CORASAT: "Cognitive radio for satellite communications and its regulatory implications" My view: A radio that changes how it interacts with it’s environment dynamically based on a complex policy engine inputs.
Cognitive Radio Network A group of radios, cognitive and non-cognitive radios communicating over shared spectrum. FCC: CR technology can help in many ways to enhance services. These include: – Avoiding spectrum congestion. – Precedence service to higher priority users temporarily during the peak communications period of an emergency. – Dynamic spectrum access to improve spectrum efficiency. – Achieving interoperability among legacy and new devices and systems.
Cognitive Engine Knowledge Base Reasoning Engine Learning Engine Cognitive Engine
Interactions with the radio Knowledge Base Reasoning Engine Learning Engine Cognitive Engine Radio API’s
Threats
Non Standard Threats that Cognitive Radio Networks are susceptible Sensory manipulation attacks, policy based radios – Primary User Emulation, all, shuts secondary users down when sensed Belief manipulation attacks, learning radios Cognitive radio viruses, all; self propagating behaviors
Objective Function Attack Adaptive radio, the cognitive engine has a large number of radio parameters under control. If the goals of the radio are low-power, high-rate and secure communications depending on the weighting of the goals different attacks are possible by changing the observed channel, which can manipulate weather or not a function is used. Primary User Emulation, a transitory attack where a system develops a waveform that looks sufficiently enough like the primary and the secondary system stop transmitting
Belief manipulation attacks Introduction of a jamming whenever the radio switches higher speeds the radio will learn that the higher speed will cause a jammer and the radio will decide not to use the higher speed mode. If known, your adaptation algorithm can be manipulated lead you to the state I want – DSA herding, similar to Stochastic Herding in the financial markets.
Cognitive radio viruses A environmental cause seen by radio1 of the network will cause a sub-optimal state in radio1 and this sub-optimal state causes a sub-optimal state in radio2 cascading through the network.
Primary radio side Attack Vectors Knowledge Base Reasoning Engine Learning Engine Cognitive Engine Radio API’s Off Path- injection of data onto the data stream On Path- Observe and transmit data in real time
Cognitive Radios Security Issues The radio security issues propagate up into the applications. With the adaptability of the system complicates the security mechanisms. Learned behaviors could become fixed. With out a control channel to correct cognitive network issues, systems could contend with each other to optimize their performance at the expense of other radios. Not only does the cognitive radio transport the data, it consumes the data. Opening additional security considerations. – Trust of other systems and trust information.
CCSDS Relavance
Space Applications where Cognitive Radios could be applied Proiximity-1: enables the automated selection of communications frequencies, data rates, modulation, coding, and link directionality (full duplex, half duplex, and simplex). Formation Flight to optimize communication between systems and the ground. – Maintain / optimal internal communications among deployed devices when control from Earth is lost or impractical (orbiting and ground based on some far-flung, possibly extra-solar planet) – Dynamically share radio telescope bands with tight coupling on when they’re on / where they’re pointing, telescope array. CR for interference mitigation of space to ground and space-to- space communications. CR sensors can double as a space-borne radio telescope.
Security of the Cognitive System Adaptable computing platforms process and consume the information passing through the system. Cognitive systems can adapt to stimulus, capabilities can be adjusted. An Access Control Modules (ACM) and Encryptions Module will need to act in concert to protect and control behaviors of the system.
BACK UP
APPLICATION LAYER (7) This layer supports application and end-user processes. Communication partners and quality of service (QoS) is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything a this layer is application-specific. This layer provides application services for file transfers, , and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer. PRESENTATION / SYNTAX LAYER (6) This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. Works to transform data into the form that the Application Layer can accept. Formats and encrypts data to be sent across a network, providing freedom from compatibility problems. SESSION LAYER (5) Establishes, manages, terminates connections between applications. This layer sets up, coordinates and terminates conversations, exchanges, dialogs, between the applications at each end. It deals with session and connection coordination. TRANSPORT LAYER (4) Provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. Ensures complete data transfer. NETWORK LAYER (3) Switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing. DATA LINK / MEDIA ACCESS LAYER (2) Switching Data packets are encoded and decoded into bits. Furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization. LOGICAL LINK CONTROL – Frame synchronization, flow control, error checking MEDIA ACCESS CONTROL – Controls how a computer in a network gains access to the data and permission to transmit it. PHYSICAL LAYER (1) Conveys the bit stream (electrical pulse, light, RF) through the network at the electrical and mechanical level. The hardware means of sending and receiving data on a carrier, including cables, cards, other physical aspects. Fast Ethernet, RS232, and ATM are protocols with physical layer components. INFORMATION DATA SEGMENTS PACKETS FRAMES BITS OPEN SYSTEMS INTERCONNECTION (OSI) REFERENCE MODEL INFORMATION PHYSICAL LINK
OPEN SYSTEMS INTERCONNECTION (OSI) REFERENCE MODEL LAYERDESCRIPTIONCONTEXT 7. Application This layer supports application and end-user processes. Communication partners and quality of service (QoS) is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything a this layer is application-specific. This layer provides application services for file transfers, , and other network software services. Telnet and FTP are applications that exist entirely in the application level. Tiered application architectures are part of this layer. 6. Presentation This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa. Works to transform data into the form that the Application Layer can accept. Formats and encrypts data to be sent across a network, providing freedom from compatibility problems. 5. Session Establishes, manages, terminates connections between applications. This layer sets up, coordinates and terminates conversations, exchanges, dialogs, between the applications at each end. It deals with session and connection coordination 4. Transport Provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. Ensures complete data transfer. 3. Network Switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing. 2. Data Link Media Access Switching Data packets are encoded and decoded into bits. Furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization. LOGICAL LINK CONTROL – Frame synchronization, flow control, error checking MEDIA ACCESS CONTROL – Controls how a computer in a network gains access to the data and permission to transmit it. 1. Physical Conveys the bit stream (electrical pulse, light, RF) through the network at the electrical and mechanical level. The hardware means of sending and receiving data on a carrier, including cables, cards, other physical aspects. Fast Ethernet, RS232, and ATM are protocols with physical layer components. Communications Context Message Context Operational Context
References Wireless Innovation Forum Cognitive Radio Working Group and Chair, James Neel IEEE FCC NASA/TM— Cognitive Networking With Regards to NASA’s Space Communication and Navigation Program IEEE Security, Tim Brown – Univ. Colorado Security in Cognitive Radio Networks Threats and Mitigation by T. Charles Clancy and Nathan Georgen University of Maryland Satellite Formation Flight and Realignment Maneuver Demonstration aboard the International Space Station Christophe P. Mandy, Alvar Saenz-Otero, David W. Miller Air Force SATCOM Kirtland SF B1116: Anti-RF Jamming and High Throughput Terminals for Wideband Global SATCOM