Rohde & Schwarz has introduced an unique test solution that analyzes IP security mechanisms in IoT and mobile devices. The New R&S CMW-KM052 analysis option is part of the R&S CMW500 wideband radio communication tester which makes it a valuable tool for improving the security of IP-based data communications for mobile devices and Internet-of-Things modules. Users are provided with a detailed overview of security-related parameters in a controlled wireless environment. Developers can detect and close security gaps at an earlier point in the development process.
With IoT integrating the internet into daily lives, with products such as home automation, wearables and even connected cars, sensitive data is increasingly being transmitted via wireless IP-based connections. The high demand for mobility, large ranges and reliability is best met with cellular technologies, especially LTE and LTE-Advanced as well as 5G in the future. However the components, particularly for IoT, are often not fully mature or have undergone only the most basic testing and are therefore poorly protected against attacks and provide potential portals for hacker attacks. This new solution makes it possible to analyze security mechanisms for IP data communications during the early development phases of mobile devices and IoT modules through which potential security gaps can be identified and closed.
With this R&S Solution the R&S CMW500 can be used to set up the wireless connection and functions as a wireless network during IP data communications with the World Wide Web. It is not necessary to install additional software on the DUT for the analysis. Developers can flexibly configure the cells to simulate real-world applications in the end customer's target network. They only need a single test instrument for RF analysis in cellular and non-cellular networks, protocol tests and IP application tests as well as for analysis of security-relevant parameters for IP data communications.
The new reporting module, R&S CMW-KM052 IP connection security analysis, is used in conjunction with the Rohde & Schwarz cyber-security software R&S PACE2 to analyze IP traffic in real-time within a controlled test environment. The software generates statistics for the IP connections in real-time and outputs a clear overview of the results. The software module allows the user to define sensitive and device-specific information. Statistics show whether this information appears in unencrypted connections. The module also analyzes parameters for SSL/TLS handshake sequences as well as certificates, the country name and the domain name of the endpoint server. Another important function is the active scanning of the IP ports on the mobile or IoT device. This makes it easy to detect invalid configurations and suspicious communications behavior.
The R&S CMW500 emulates a controlled cellular network or a WLAN access point for IP security checks. The security analysis requires the data application unit (DAU), which provides IP addresses for the DUT and sets up an IP connection to servers in the World Wide Web. The R&S CMW-KM052 reporting module can now be ordered from Rohde & Schwarz.