Some parts of our critical infrastructure, such as wind farms, are controlled at least partly via mobile phone networks. Researchers at the Horst Görtz Institute for IT Security (HGI) in Bochum have designed new tests to assess how secure this form of communication is from external attack by hackers. The team at the Ruhr-Universität Bochum is collaborating with colleagues from the TU Dortmund University, among others, as part of the Bercom project, which aims to make critical infrastructure in Europe secure from attack by hackers. The Bochum-based science magazine Rubin has reported on their work.
Outdated technology still in use
Because wind farms tend to be spread out over large areas, they cannot be entirely controlled using cable-based connections. “The last stretch, at least, relies on mobile phone networks,” explains David Rupprecht, a doctoral researcher at the HGI and a member of the Bercom project. It is important to be able to manage these facilities reliably, so as to control the amount of power being produced, for example. If this is greater than the amount of power required, the grid will quickly become overloaded, which can lead to failures. Hackers could attack the system by allowing a surplus of power to be produced and deactivating the system’s security and warning mechanisms.
“A number of elements of critical infrastructure still use outdated and therefore insecure communications technology,” explains Rupprecht. One example is the obsolete GSM mobile phone standard. It has been replaced in private use by the new LTE standard.
Mobiles in place of wind turbines
Rupprecht is developing tests to assess the security of chipsets in wind power plants’ control units. More specifically, he is interested in the encryption and authentication technologies that are being used in these communications. Encryption prevents hackers from eavesdropping on communications to gain information about the system. Authentication prevents a hacker from masquerading as a legitimate mobile phone network, which would allow for the transmission of manipulated and false commands to the control unit.
Because mobile telephones and wind power plants’ control units use the same chipsets, David Rupprecht was able to conduct his tests first on mobile handsets. He used so-called Software Defined Radios to imitate an LTE base station that sends and receives signals from mobile telephones. He was thereby able to simulate attacks on a variety of chipsets.
The result: None of the ten mobile telephones that were tested warned the user about the unencrypted exchange of data. Only one, however, failed the test of authentication. The remaining nine recognised forged communications and prevented their delivery.
The researchers in Bochum and Dortmund would like to capitalise on this project to work together with additional partners from research and industry to make LTE a secure mobile telephone standard for the energy sector.
Additional information is available from the RUB news portal here. (In German only)