MWC2017: Test solution analyses IP security mechanisms in IoT

1st March 2017

Mick Elliott

0 0

The R&S CMW-KM052 analysis option which makes the R&S CMW500 wideband radio communication tester a valuable tool for improving the security of IP-based data communications for mobile devices and Internet-of-Things modules was featured by Rohde & Schwarz at Mobile World Congress.

Users are provided with a detailed overview of security-related parameters in a controlled wireless environment. Developers can detect and close security gaps at an earlier point in the development process.

The Internet of Things (IoT) is integrating the Internet into our daily lives, with products such as home automation, wearables and even connected cars. Sensitive data is increasingly being transmitted via wireless IP-based connections.

The high demand for mobility, large ranges and reliability is best met with cellular technologies, especially LTE and LTE-Advanced as well as 5G in the future.

However the components, particularly for IoT, are often not fully mature or have undergone only the most basic testing and are therefore poorly protected against attacks and provide potential portals for hacker attacks.

The new solution from Rohde & Schwarz makes it possible to analyse security mechanisms for IP data communications during the early development phases of mobile devices and IoT modules. Potential security gaps can be identified and closed.

It is not necessary to install additional software on the DUT for the analysis. The DUT also doesn't have to have a debug interface. In the Rohde & Schwarz solution, the R&S CMW500 sets up the wireless connection and functions as a wireless network during IP data communications with the World Wide Web.

Developers can flexibly configure the cells to simulate real-world applications in the end customer's target network.

They only need a single test instrument for RF analysis in cellular and non-cellular networks, protocol tests and IP application tests as well as for analysis of security-relevant parameters for IP data communications.

The new reporting module, R&S CMW-KM052 IP connection security analysis, is used in conjunction with the Rohde & Schwarz cybersecurity software R&S PACE2 to analyse IP traffic in realtime within a controlled test environment.

The software generates statistics for the IP connections in realtime and outputs a clear overview of the results. The software module allows the user to define sensitive and device-specific information. Statistics show whether this information appears in unencrypted connections.

The module also analyses parameters for SSL/TLS handshake sequences as well as certificates, the country name and the domain name of the endpoint server. Another important function is the active scanning of the IP ports on the mobile or IoT device.

This makes it easy to detect invalid configurations and suspicious communications behaviour.