Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_sent

369 views

Published on

Presentations from the SPF Spectrum Resilience workshop on 03 May 2018

More information about the UK Spectrum Policy Forum is available here.
http://www.techuk.org/about/uk-spectrum-policy-forum

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_sent

  1. 1. QINETIQ PROPRIETARY QINETIQ PROPRIETARY Dr Anil Shukla – QinetiQ Fellow ashukla@qinetiq.com Spectrum Resilience – Framework workshop overview and need. Spectrum Policy Forum Workshop Tech UK – 3rd May 2018; 14:00 – 16:30 QINETIQ/18/01713
  2. 2. QINETIQ PROPRIETARY QINETIQ PROPRIETARY QINETIQ/18/01713 • UK economic contribution £52 billion in 2011 • UK Strategy to make it £104 billion in 2025 • 750MHz of spectrum to be released by 2020 • 800MHz & 2.6GHz raised £2.34bn in Feb 2013 • 2.3GHz & 3.4GHz raised £1.4bn March 2018 • Increasingly congested environment and in demand • Interference causes a denial of service 2 Importance of the Spectrum Infrastructure
  3. 3. QINETIQ PROPRIETARY QINETIQ PROPRIETARYQINETIQ/18/01713 • Who/what are the perceived threat Sources e.g. Threat Actors –Users – incorrect use or accidental –Hobbyist –Criminal/terrorist –State sponsored –Nation state • What can happen –Denial of service –Information insertion –Information capture 3 Understanding the Spectrum Threats
  4. 4. QINETIQ PROPRIETARY QINETIQ PROPRIETARYQINETIQ/18/017134 Example of Direct Threats to Wi-Fi • Information-cyber attacks are attacks that aim to compromise or damage computer networks • There are videos on YouTube explaining how to hack Wi-Fi users with simple-to-use but highly powerful tools easily found online –Person-in-the-middle –Denial-of-service –Unauthorised devices –Rogue APs • More overt, less sophisticated jamming is also possible –with converted microwave oven!
  5. 5. QINETIQ PROPRIETARY QINETIQ PROPRIETARYQINETIQ/18/017135 Easy availability of Jamming systems and their design
  6. 6. QINETIQ PROPRIETARY QINETIQ PROPRIETARY QINETIQ/18/01713 6 The Resilience / Security Onion • Cyber (information security) is forging ahead in training and board level governance • Is spectrum going to be the weakest link ? • What is Spectrums role in resilience agenda ? Don’t want radios to look like this ? By I, Ldopa, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=2239310
  7. 7. QINETIQ PROPRIETARY QINETIQ PROPRIETARY QINETIQ/18/01713 Summary • White paper based on two SPF workshops. • Highlights that spectrum is part of the soft infrastructure and spectrum disruptions are similar to traditional Cyber-information Denial of Service attacks • Paper provides examples of Cyber-Spectrum disruptions • Highlights that in an increasingly integrated and interdependent society dependent on spectrum a cyber-spectrum disruption could cause cascade effects • Security is an integrated approach and Spectrum must play its part otherwise it will be the weakest link. Recommends 1. Government departments, private sector service providers and users of spectrum should conduct regular “spectrum stress tests” to understand their business risks and develop appropriate mitigation techniques 2. Spectrum Policy Forum should develop a Framework guidance document on achieving spectrum resilience 7 What does the UK need to do to pursue its spectrum resilience objectives?
  8. 8. QINETIQ PROPRIETARY QINETIQ PROPRIETARY QINETIQ/18/01713 • Objective to provide guidance – not the how • Audience – non spectrum specialists, business managers, systems operators • What should it cover? – Governance - Who own the problem – what’s the governance required – Assessment - How do you find out what business functions/assets use spectrum – where are the risk/threat areas what are the attributes – Requirement - How do you assess what level of resilience is needed (Gold, Silver, Bronze); – Non Spectrum Controls - What non-spectrum mitigation can be used (physical, procedural and technical controls) – Spectrum Controls - What spectrum mitigations can be used – Paper Compliance - What could a spectrum resilience compliance regime look like – Spectrum compliance - How do you conduct a spectrum stress test ? 8 Framework Discussion
  9. 9. QINETIQ PROPRIETARY QINETIQ PROPRIETARYQINETIQ/18/01713

×