Communications are commonly targeted by malicious actors to disrupt business, government, or industrial operations. In RF communications, the disruption can be achieved using Electronic Warfare (EW) techniques such as jamming. Digital communications may also be targeted through cyber-attacks. Typically, these Cyber and EW threats are analyzed and mitigated separately. A new class of combined Cyber/EW attacks targeting software defined communications is an emerging threat not normally considered by traditional security analysis. These combined Cyber/EW attacks use specially designed coordinated EW and cyber-attack methods to achieve a cyber effect in Software Defined Radios (SDR) and embedded communications systems. Unmitigated Cyber/EW vulnerabilities can lead to denial of communications or exploitation of the communications network.
Secmation has developed CyRF, a security analysis and design tool which automatically identifies Cyber/EW vulnerabilities in software defined communications systems including Software Defined Radios. CyRF uses integrated communications and computation analytics to guide an automated search for Cyber/EW vulnerabilities.
Dynamic Analysis of RF Communications and Security
CyRF’s integrated RF and cyber testing capability includes an automated method to generate signal and data inputs which maximize software coverage of communications functions during testing. This coverage enables targeting of non-steady state functions that can be more complex and less extensively tested than steady state functions. CyRF’s integrated analysis capability enables rigorous security testing of low-level Physical and Data Link Layer signal processing functions, waveform processes, and communications protocols significantly improving the resilience of communications.
Automated Identification of Signal that Exploits Vulnerability
CyRF’s analysis capability utilizing software and communications metrics is enabling technology for identifying hard-to-find signals that exploit Cyber/EW vulnerabilities. While traditional cyber tools can find an input to a software function that will exploit a vulnerability, the attacker cannot directly use knowledge of that input to exploit that vulnerability over-the-air. CyRF uses its unique combination of integrated analytics, dynamic analysis, and automated vulnerability detection to drive the search for a signal that exploits the communication system vulnerability after being partially processed by earlier functions in the receiver processing chain.
Unlike many security analysis tools designed by and for security experts, CyRF provides an integrated user experience enabling users with different backgrounds and skill levels to effectively use the system. This usability enables Programs with limited resources to perform the detailed analysis required to find Cyber vulnerabilities in their systems. The user interface workflow enables the user to:
• Configure a test project identifying the system/software to be tested
• Configure a test session detailing the parameters to be tested
• Execute and monitor the CyRF testing enabling rapid evaluation of initial test results
• Analyze results of completed tests and replicate results