BLACKSBURG, Va., Dec. 14, 2006 – Improving the security of software-defined radio (SDR) technology is the goal of a team of Virginia Tech engineering researchers who have won a $400,000 Cyber Trust grant from the National Science Foundation.
The three-year project will be led by principal investigator Jung-Min Park, an assistant professor in Virginia Tech’s Bradley Department of Electrical and Computer Engineering (ECE). Co-principal investigators are assistant professor Thomas Hou and Jeffrey Reed, the Willis G. Worcester Professor, both of ECE. Park and Hou are associates and Reed is director of Wireless@Virginia Tech , the umbrella organization for all of the university’s wireless communications groups.
Software-defined radio devices use software rather than traditional dedicated hardware to define and modify the way they perform signal processing for transmission and reception. SDR technology is being used in two-way communications devices by tactical military forces and emergency responders. The other major arena for this technology is the development of wireless mesh networks that provide Internet services to rural areas.
While traditional hardware-based radios are inflexible in terms of being able to change operating characteristics, SDRs can use software to readily change characteristics, including frequency, modulation and transmission power.
Software-defined radio devices also can be used to help solve a national problem. The radio (or electromagnetic) spectrum is a limited natural resource, and the proliferation of wireless devices, such as cell phones, has led to overcrowding of the unlicensed bands of the spectrum. A hardware-based cell phone can access only one area of the radio spectrum, but a software-defined cell phone can sense and identify “white spaces,” or vacant areas, in the spectrum.
Although SDR networks and devices offer a number of advantages, software is vulnerable to failure, as well as malicious tampering.
“In a civilian SDR network, the motive of a malicious user may be to simply cause mayhem to other users or to receive notoriety,” Park said. “This would be the equivalent of computer hackers. Malicious users also could try to extort money from providers who operate SDR networks and services. In a military setting, an adversary could try to interfere with communications to gain a tactical advantage.”
An international standards body, the SDR Forum, has been developing measures to prevent corrupt software from being downloaded, installed or instantiated on SDR devices. However, Park said, “preventative measures can only act as the first line of defense. Other security measures need to be employed to fortify those measures.”
“Our group at Virginia Tech plans a comprehensive investigation of critical security issues,” said Park, who is the director of the Laboratory for Advanced Research in Information Assurance and Security (ARIAS), a lab associated with Wireless@Virginia Tech. “What are the security threats if an adversary were able to install malicious software on an SDR, and what counter measures would be effective against such attacks? These problems are unique to SDR networks and have not been studied in a systematic way by the network security community.”
Park and his colleagues hope their findings will help service providers and manufacturers develop more secure SDR technology, and also help regulators develop more secure standards for use of SDRs in the radio spectrum.
The College of Engineering at Virginia Tech is internationally recognized for its excellence in 14 engineering disciplines and computer science. The college’s 5,500 undergraduates benefit from an innovative curriculum that provides a “hands-on, minds-on” approach to engineering education, complementing classroom instruction with two unique design-and-build facilities and a strong Cooperative Education Program. With more than 50 research centers and numerous laboratories, the college offers its 1,800 graduate students opportunities in advanced fields of study such as biomedical engineering, state-of-the-art microelectronics, and nanotechnology.