RF communication receiver vulnerability assessment

US 8,229,344 B1
Filed: 08/26/2009
Issued: 07/24/2012
Est. Priority Date: 08/26/2009
Status: Active Grant

First Claim

Patent Images

1. A method for analyzing a wireless communications device, the method comprising:

automatically assessing vulnerability of the wireless communications device, including its susceptibility to jamming, by applying one or more interfering signals to the wireless communications device and observing a response from the wireless communications device, wherein automatically assessing vulnerability includes accessing the wireless communications device by both an antenna interface of the device and a probe interface connected to one or more test points within the device; and

automatically identifying one or more vulnerabilities that can be exploited in defeating malicious behavior involving use of the wireless communications device, wherein the malicious behavior involves using the wireless communications device for remote detonation of explosives;

wherein applying the one or more interfering signals includes;

applying a trigger signal associated with the malicious behavior and a jamming signal to the wireless communications device; and

adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal; and

wherein identifying the one or more vulnerabilities includes;

reporting parameters of the jamming signal that result in defeating the malicious behavior.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are disclosed for analyzing a wireless communications device. The techniques include, for instance, assessing vulnerability of the device, including its susceptibility to jamming, by applying one or more interfering signals to the device and observing the device'"'"'s response. The techniques further include identifying one or more vulnerabilities that can be exploited in defeating malicious behavior involving use of the device (e.g., such as using the device for remote detonation of explosives). Applying one or more interfering signals to the device may include, for instance, applying a trigger signal and a jamming signal to the device, and adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal. Identifying one or more vulnerabilities that can be exploited in defeating malicious behavior may include, for instance, reporting parameters of the one or more interfering signals that result in defeating the malicious behavior.

54 Citations

View as Search Results

20 Claims

1. A method for analyzing a wireless communications device, the method comprising:
- automatically assessing vulnerability of the wireless communications device, including its susceptibility to jamming, by applying one or more interfering signals to the wireless communications device and observing a response from the wireless communications device, wherein automatically assessing vulnerability includes accessing the wireless communications device by both an antenna interface of the device and a probe interface connected to one or more test points within the device; and
  
  automatically identifying one or more vulnerabilities that can be exploited in defeating malicious behavior involving use of the wireless communications device, wherein the malicious behavior involves using the wireless communications device for remote detonation of explosives;
  
  wherein applying the one or more interfering signals includes;
  
  applying a trigger signal associated with the malicious behavior and a jamming signal to the wireless communications device; and
  
  adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal; and
  
  wherein identifying the one or more vulnerabilities includes;
  
  reporting parameters of the jamming signal that result in defeating the malicious behavior.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the one or more vulnerabilities of the wireless communications device include at least one of radio access vulnerabilities, FM demodulator vulnerabilities, signaling layer processing vulnerabilities, DTMF decoder vulnerabilities, telemetry decoder vulnerabilities, message recovery vulnerabilities, and protocol processing vulnerabilities.
  - 3. The method of claim 1 wherein applying the trigger signal includes adjusting the trigger signal by modifying at least one of power and frequency of the trigger signal.
  - 4. The method of claim 1 further comprising characterizing the wireless communications device to identify one or more performance attributes of the wireless communications device that can be used in assessing vulnerability.
  - 5. The method of claim 4 wherein characterizing the wireless communications device to identify one or more performance attributes of the device comprises at least one of:
    - measuring at least one of transmit power, receiver sensitivity, and antenna performance of the wireless communications device;
      
      measuring at least one of filter performance, amplifier gain, mixer performance, channelization, and frequency/time division performance of the wireless communications device; and
      
      measuring baseband processing and decoder performance and response time of the wireless communications device.
  - 6. The method of claim 4 wherein characterizing the wireless communications device to identify one or more performance attributes of the device comprises at least one of:
    - analyzing modulation and/or demodulation parameters of the wireless communications device; and
      
      analyzing protocol parameters of the wireless communications device.
  - 7. The method of claim 4 wherein characterizing the wireless communications device to identify one or more performance attributes of the device comprises at least one of:
    - conducting passive unintentional radiation exploitation (URE) sweeps and active URE sweeps in passband of the wireless communications device;
      
      conducting two-tone sweeps and direct transmission on intermediate frequencies of the wireless communications device, and on frequencies that generate the intermediate frequency as a harmonic; and
      
      identifying unique signature characteristics of the wireless communications device.
  - 8. The method of claim 1 further comprising target deployment and operation assessment to define how of the target communications device can be deployed and triggered in the context of the malicious behavior.
  - 9. The method of claim 1 wherein adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal includes modifying at least one of power, frequency, and duty cycle of the jamming signal.
  - 10. The method of claim 1 wherein the one or more vulnerabilities of the wireless communications device include at least one of FM demodulator vulnerabilities, signaling layer processing vulnerabilities, DTMF decoder vulnerabilities, and telemetry decoder vulnerabilities.

11. A computer-readable memory having instructions encoded thereon that when executed by a processor, cause a process for analyzing a wireless communications device to be carried out on a test system, the process comprising:
- automatically assessing vulnerability of the wireless communications device, including its susceptibility to jamming, by applying one or more interfering signals to the wireless communications device and observing a response from the wireless communications device, wherein automatically assessing vulnerability includes accessing the wireless communications device by both an antenna interface of the device and a probe interface connected to one or more test points within the device; and
  
  automatically identifying one or more vulnerabilities that can be exploited in defeating malicious behavior involving use of the wireless communications device, wherein the malicious behavior involves using the wireless communications device for remote detonation of explosives;
  
  wherein applying the one or more interfering signals includes;
  
  applying a trigger signal associated with the malicious behavior and a jamming signal to the wireless communications device; and
  
  adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal; and
  
  wherein identifying the one or more vulnerabilities includes;
  
  reporting parameters of the jamming signal that result in defeating the malicious behavior.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The computer-readable memory of claim 11 wherein the one or more vulnerabilities of the wireless communications device include at least one of radio access vulnerabilities, FM demodulator vulnerabilities, signaling layer processing vulnerabilities, DTMF decoder vulnerabilities, telemetry decoder vulnerabilities, message recovery vulnerabilities, and protocol processing vulnerabilities.
  - 13. The computer-readable memory of claim 11 wherein applying the trigger signal includes adjusting the trigger signal by modifying at least one of power and frequency of the trigger signal.
  - 14. The computer-readable memory of claim 11 further comprising characterizing the wireless communications device to identify one or more performance attributes of the wireless communications device that can be used in assessing vulnerability, including at least one of:
    - measuring at least one of transmit power, receiver sensitivity, and antenna performance of the wireless communications device;
      
      measuring at least one of filter performance, amplifier gain, mixer performance, channelization, and frequency/time division performance of the wireless communications device;
      
      measuring baseband processing and decoder performance and response time of the wireless communications device;
      
      analyzing modulation and/or demodulation parameters of the wireless communications device;
      
      analyzing protocol parameters of the wireless communications device;
      
      conducting passive unintentional radiation exploitation (URE) sweeps and active URE sweeps in passband of the wireless communications device;
      
      conducting two-tone sweeps and direct transmission on intermediate frequencies of the wireless communications device, and on frequencies that generate the intermediate frequency as a harmonic; and
      
      identifying unique signature characteristics of the wireless communications device.
  - 15. The computer-readable memory of claim 11 further comprising target deployment and operation assessment to define how of the target communications device can be deployed and triggered in the context of the malicious behavior.
  - 16. The computer-readable memory of claim 11, wherein adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal includes modifying at least one of power, frequency, and duty cycle of the jamming signal.
  - 17. The computer-readable memory of claim 11 wherein the one or more vulnerabilities of the wireless communications device include at least one of FM demodulator vulnerabilities, signaling layer processing vulnerabilities, DTMF decoder vulnerabilities, and telemetry decoder vulnerabilities.

18. A system for analyzing a wireless communications device, comprising:
- a vulnerability assessment module for automatically assessing vulnerability of the wireless communications device, including its susceptibility to jamming, by applying one or more interfering signals to the wireless communications device and observing a response from the wireless communications device, wherein automatically assessing vulnerability includes accessing the wireless communications device by both an antenna interface of the device and a probe interface connected to one or more test points within the device; and
  
  a reporting module for identifying one or more vulnerabilities that can be exploited in defeating malicious behavior involving use of the wireless communications device, wherein the malicious behavior involves using the wireless communications device for remote detonation of explosives;
  
  wherein in applying the one or more interfering signals, the vulnerability assessment module is configured to apply a trigger signal associated with the malicious behavior and a jamming signal to the wireless communications device, and to adjust the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal; and
  
  wherein in identifying the one or more vulnerabilities, the reporting module is configured to report parameters of the jamming signal that result in defeating the malicious behavior.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18 wherein the vulnerability assessment module is further configured to adjust the trigger signal by modifying at least one of power and frequency of the trigger signal.
  - 20. The system of claim 18 wherein in adjusting the jamming signal until the trigger signal is rendered ineffective in acting as a trigger signal, the vulnerability assessment module is further configured to modify at least one of power, frequency, and duty cycle of the jamming signal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BAE Systems Information and Electronic Systems Integration Incorporated (BAE Systems Plc)
Original Assignee
BAE Systems Information and Electronic Systems Integration Incorporated (BAE Systems Plc)
Inventors
Petersen, Joshua, Delaney, William
Primary Examiner(s)
Kincaid, Lester
Assistant Examiner(s)
KELLEY, STEVEN SHAUN

Application Number

US12/548,171
Time in Patent Office

1,063 Days
Field of Search

455/1, 455/67.11, 455423-425
US Class Current

455/1
CPC Class Codes

H04B 17/29   Performance testing

H04K 2203/24   for communication related t...

H04K 3/92   related to allowing or prev...

H04K 3/94   related to allowing or prev...

RF communication receiver vulnerability assessment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

54 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

RF communication receiver vulnerability assessment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links