Adding the R&S CMW-KM052 analysis option makes the R&S CMW500 wideband radio communication tester a valuable tool for improving the security of IP-based data communications for mobile devices and Internet-of-Things modules. Users are provided with a detailed overview of security-related parameters in a controlled wireless environment. Developers can detect and close security gaps at an earlier point in the development process.
The Internet of Things (IoT) is integrating the Internet into our daily lives, with products such as home automation, wearables and even connected cars. Sensitive data is increasingly being transmitted via wireless IP-based connections. However the components, particularly for IoT, are often not fully mature or have undergone only the most basic testing and are therefore poorly protected against attacks and provide potential portals for hacker attacks.
The new solution from Rohde & Schwarz makes it possible to analyze security mechanisms for IP data communications during the early development phases of mobile devices and IoT modules. Potential security gaps can be identified and closed.
It is not necessary to install additional software on the DUT for the analysis. The DUT also doesn’t have to have a debug interface. In the Rohde & Schwarz solution, the R&S CMW500 sets up the wireless connection and functions as a wireless network during IP data communications with the World Wide Web. Developers can flexibly configure the cells to simulate real-world applications in the end customer’s target network. They only need a single test instrument for RF analysis in cellular and non-cellular networks, protocol tests and IP application tests as well as for analysis of security-relevant parameters for IP data communications.
The new reporting module, R&S CMW-KM052 IP connection security analysis, is used in conjunction with the Rohde & Schwarz cybersecurity software R&S PACE2 to analyze IP traffic in realtime within a controlled test environment. The software generates statistics for the IP connections in realtime and outputs an overview of the results.
The software module allows the user to define sensitive and device-specific information. Statistics show whether this information appears in unencrypted connections. The module also analyzes parameters for SSL/TLS handshake sequences as well as certificates, the country name and the domain name of the endpoint server. Another important function is the active scanning of the IP ports on the mobile or IoT device. This makes it easy to detect invalid configurations and suspicious communications behavior.
The R&S CMW500 emulates a controlled cellular network or a WLAN access point for IP security checks. The security analysis requires the data application unit (DAU), which provides IP addresses for the DUT and sets up an IP connection to servers in the World Wide Web.