Modular platform for secure real-time radio
Errors in hardware and software can result in serious security vulnerabilities in infrastructure-critical devices. Through such gaps, attackers can gain unauthorized access to sensitive data and even modify it or alter or destroy the function of the devices. Unfortunately, errors in hardware and software cannot be excluded and the number of errors increases with system complexity. This is a particular problem with the solutions currently available on the market. The almost unmanageable complexity of hardware and software from different suppliers leads to frequent software updates in order to maintain the security of networked products. However, this is associated with extensive operational efforts and further risks.
In our view, combining component-based software with reconfigurable hardware is a necessary and viable way out of this dilemma. By using a modular operating system with appropriate isolation between components, the attack surface can be significantly reduced. Together with our partner Genode Labs GmbH, the Barkhausen Institute is researching the integration of a modular operating system (Genode OS Framework) and a software-defined radio (SDR) on embedded hardware for this purpose.
The isolation of the components reduces the risk of undetected errors to a minimum.. In addition, the use of a microkernel operating system isolates local software bugs to the component itself, when existing software is reused and prevents unchecked propagation through the system. The result is a dramatically reduced need for security updates due to the reduced attack surface of the system software by a factor of 100 when using the Genode OS framework developed by Genode Labs.
In addition, there is a trend to use the originally expensive and large software-defined radios (a programmable hardware that supports different radio standards by reprogramming) productively in base stations. The advantages move more and more manufacturers to offer highly integrated base stations based on SDR. Such base stations are used, especially in the 5G market segment, not only by network operators such as Vodafone or Telekom, but also to a large extent by companies that are building their own 5G campus network for e.g. Industry 4.0 applications.
So far it has not yet been finally clarified whether the real-time requirements of the radio system can be met by a modular operating system. This question is to be answered in the present project, in addition to the integration of the Genode OS framework on an embedded device.
The project is financed by the „Zentrales Innovationsprogramm Mittelstand“ of the BMWK.