Secure Reconfiguration of Software-Defined Radio

Software-defined radio (SDR) implements a radio system in software that executes on a programmable processor. The components of SDR, such as the filters, amplifiers, and modulators, can be easily reconfigured to adapt to the operating environment and user preferences. However, the flexibility of radio reconfiguration brings along the serious security concern of malicious modification of software in the SDR system, leading to radio malfunction and interference with other users' communications. Both the SDR device and the network need to be protected from such malicious radio reconfiguration. In this article, a new architecture targeted at protecting SDR devices from malicious reconfiguration is proposed. The architecture is based on robust separation of the radio operation environment and user application environment, through the use of virtualization. A new radio middleware layer is designed to securely intercept all attempts to reconfigure the radio, and a security policy monitor checks the target configuration against security policies that represent the interests of various parties. Even if the operating system in the user application environment is compromised, the proposed architecture can ensure secure reconfiguration in the radio operation environment. We have prototyped the proposed secure SDR architecture using VMware and the GNU Radio toolkit and demonstrate that overheads incurred by the architecture are small and tolerable. Therefore, we believe that the proposed solution could be applied to address secure SDR reconfiguration in both general-purpose and embedded computing systems.