Rohde & Schwarz Cybersecurity tests IoT & mobile IP security
Adding the R&S CMW-KM052 analysis option makes the CMW500 wideband radio communication tester into a tool for improving the security of IP-based data communications, providing a detailed overview of security-related parameters in a controlled wireless environment.
The high demand for mobility, large ranges and reliability is, R&S observes, best met with cellular technologies, especially LTE and LTE-Advanced as well as 5G in the future. However the components, particularly for IoT, are often not fully mature or have undergone only the most basic testing and are therefore poorly protected against attacks and provide potential portals for hacker attacks.
With this approach, it is not necessary to install additional software on the DUT for the analysis. The DUT also doesn’t require a debug interface. In the Rohde & Schwarz solution, the R&S CMW500 sets up the wireless connection and functions as a wireless network during IP data communications with the World Wide Web. Developers can flexibly configure the cells to simulate real-world applications in the end customer’s target network. They only need a single test instrument for RF analysis in cellular and non-cellular networks, protocol tests and IP application tests as well as for analysis of security-relevant parameters for IP data communications. This is not, R&S asserts, available anywhere else.
The new reporting module, R&S CMW-KM052 IP connection security analysis, is used in conjunction with the Rohde & Schwarz cybersecurity software R&S PACE2 to analyze IP traffic in realtime within a controlled test environment. The software generates statistics for the IP connections in realtime and outputs a clear overview of the results. The software module allows the user to define sensitive and device-specific information. Statistics show whether this information appears in unencrypted connections. The module also analyzes parameters for SSL/TLS handshake sequences as well as certificates, the country name and the domain name of the endpoint server. Another important function is the active scanning of the IP ports on the mobile or IoT device. This makes it easy to detect invalid configurations and suspicious communications behaviour.
The R&S CMW500 emulates a controlled cellular network or a WLAN access point for IP security checks. The security analysis requires the data application unit (DAU), which provides IP addresses for the DUT and sets up an IP connection to servers in the World Wide Web.
Rohde & Schwarz; www.rohde-schwarz.com
Rohde & Schwarz Cybersecurity is a IT security-focussed business unit within the group that works to protect companies and public institutions around the world against cyberattacks. The company develops and produces technologically leading solutions for information and network security, including highly secure encryption solutions, next generation firewalls and software for network analysis and endpoint security. Its IT solutions are developed based on a security-by-design approach for preventing cyberattacks proactively instead of reactively. Around 400 employees work at the current locations in Berlin, Bochum, Darmstadt, Hamburg, Leipzig, Munich and Saarbruecken.
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
