May 11, 2011
Security Focus as Wireless Traffic Rises, Mobiles Get More Powerful
Even though microwave communications have some built-in security-like features such as scrambling, narrow beamwidth, proprietary airframe, coding and other factors, it is not very hard for them to be broken by those with the proper expertise. Some vendors even openly offer digital microwave interception systems for “legitimate” monitoring. This and the growing sophistication and willingness of those attempting to break into wireless networks makes a high level of security for microwave more important than ever.
Historically, security and encryption measures were primarily employed by government or defense agencies or by the financial industry to protect sensitive information. But in today’s connected world the issue of network security can apply to any type of communications network, whether it is fixed, mobile or private.
Is Microwave Ready?
In general, microwave packet radio security is a concern. However, there are different aspects of microwave radio protection that must be considered. The information payload of microwave communications is the most obvious part. For operators that participate in the public switched telephone network (PSTN), the main issue is the security of the communications traffic they are carrying. That would involve both voice and data traffic.
Payload Security
Both popular and scholarly publications have been rife with stories of how easy it has become to tap into mobile calls. For example, the GSM code has been ineffective arguably since a hack was announced in August 2009. With GSM encryption broken, degraded or bypassed, mobile phone calls and text messages can be monitored and diverted by snooping parties. This can happen even before they get to the basestation. The BBC recently demonstrated GSM hacking in an online video.
Once calls and messages are in the mobile backhaul network, in many cases, no encryption is applied at all—not even the broken GSM code. In the past, hackers would have had to buy or by some other means obtain radio equipment identical to that they wanted to take over illegally. This was not an obstacle for those intent on industrial or governmental espionage, but it put it beyond the means of the run-of-the-mill hacker who has become familiar since the mid-1990s. Even if the hacking was not beyond the average hacker’s technical capabilities, it was beyond his economic capabilities. Now commercially available microwave monitoring equipment can be employed to pick out communications channels, to listen and record all conversation and ambient noises for up to 72 hours. One research firm also demonstrated how cell towers can be spoofed to intercept communications.
Secure Management
Another aspect of microwave security encompasses how secure is the management of the network. Even if the payload of a microwave backhaul network is secure, the management may not be, allowing hackers or others with malevolent motives to drop or kill traffic. Unsecure management channels can allow them to create mismatched frequency settings between radio pairs, reconfigure circuitry or reroute payload traffic to another radio if a cross-connect is present. For example, there was an instance where unauthorized users took control of a motorized antenna and repeatedly sent instructions for the motor to adjust the position of the antenna, eventually draining the batteries for the entire site, rendering it “dead.” However, with the shift to the all IP/Ethernet network of the future, hackers are finding ways to wreak havoc on backhaul networks from their desktop PCs, smartphones and other powerful mobile computing devices.
Access Control
Access control of the microwave network is also a cause for concern. It is critical that only authorized personnel are allowed to log onto the administration of a microwave backhaul network. Like many computer-based systems, microwave radios are set up with some basic logon access procedures. Oftentimes, the logon screen will not look very dissimilar from the typical Windows or Macintosh workstation. There will be a dialog box for a username and a password. However, unlike the typical desktop computer, a microwave radio’s graphical user interface is not logged onto that much. Therefore, as per human nature, their usernames and passwords become all too predictable. “Root” and “admin” and “123456” and “password” were very popular as usernames and passwords, respectively, according to one security study. A “mechanized” or “dictionary” attack can randomly generate username-and-password combinations and succeed in unlawfully logging onto a radio on this premise: that the logon will be subject to people being creatures of habit. Thus, there must be a way for microwave network administration to enforce a hard-to-guess username/password security policy.
Another aspect to access control is the issue of the level of control. It is also essential to control what each legitimate user is allowed to perform once logged in—to prevent voluntary and involuntary damaging actions. Not only must users be limited to their area of responsibility and knowledge and avoid involuntary commands that could damage the network but also reserve critical activity for designated key personnel (e.g., cryptography officers).
Would my Radio Network be Secure?
Given the security issues around microwave payload, management and access control, many questions have been raised. Would my microwave radio network be safe from intrusion? What would be the impact of breached calls or text messages? There could always be potential for a Greece type of incident. More importantly, the proactive questions to ask about microwave network security include:
- Who does need a high level of security?
- What comprises the high level of security necessary to protect my microwave backhaul?
- What precautions will a high level of security invoke to protect my network?
- How is this high level of security implemented?
- What are the options for high-level security?
- How do I get a high level of security for my network?
- Is this high-level security solution standards-based?
- What type of threats does my high-level security solution need to protect against?
We’ll examine these questions more in future posts. Or see our white paper.
April 29, 2011
Synchronization Over Microwave Mobile Backhaul Networks
Synchronization is creating quite a stir in the mobile backhaul industry as operators are wrestling with a variety of synchronization technology options including Synchronous Ethernet (SyncE) and Precision Time Protocol (PTP) a.k.a. IEEE 1588v2. This paper reviews unique microwave backhaul characteristics that need to be taken into account in support of synchronization, and how each particular synch approach can be addressed.
April 20, 2011
Unlocking Capacity Block Through Higher Order Digital Modulation
If you are reading this post, then you probably have heard about “4G”, the 4th generation cellular network. For a cell phone user, 4G means improved data speeds that allow faster delivery of multimedia-based applications, see our previous post, What is 4G?, for more details. On the other hand, the network operator desires to spend a minimum on upgrading network infrastructure and prefers to buy a backhaul solution that supports current and near future capacity demands of a cellular network.
Thus, it is important to improve the capacity of wireless backhaul links. To increase transmission capacity, wider channel spacing can be used. However the wireless spectrum is expensive and may not be available in some countries. Using transmission in high frequency bands, such as 60 GHz and above, provides the bandwidth needed to increase capacity. However, very high radio frequencies increase the cost of radio components. In addition, 60 GHz links limit transmission range due to high absorption of radio waves by the atmosphere, making this solution somewhat cost inefficient. One efficient way of improving the capacity of a communication link is to increase the order of the digital communication modulation scheme used for transmission.
In simple terms, digital modulation is the process of mapping a group of data bits into an information symbol that gets transmitted, after up-conversion to the radio frequency (RF) of the link. The most popular digital modulation scheme used in wireless radios is known as quadrature amplitude modulation (QAM). For a given symbol rate, increasing the modulation order, or equivalently packing more bits per symbol, would be an effective way to increase the capacity of a microwave link. For example, each symbol in a 64-QAM signal represents 6 data bits, while for 256-QAM and 1024-QAM signals it represents 8 and 10 data bits, respectively. Therefore, 1024-QAM provides (theoretically) a 25 percent increase in capacity over 256-QAM and an impressive 67 percent increase in capacity compared to 64-QAM.
The price paid for achieving such an increase in capacity is more complex signal processing algorithms and stricter requirements for channel quality, e.g. higher signal-to-noise ratio (SNR) at the receiver is required. In that case, increasing the modulation order for some networks under normal operating conditions can have a diminishing return on throughput. This is due to the fact that the required SNR for an acceptable receiver performance rarely can be met.
Why this is the case? Let us briefly discuss the challenges in increasing the modulation order. Higher modulation order results in larger pool of symbols available for transmission. For example, for 64-QAM, there exists 64 symbols in a 2D grid (known as constellation points) compared to 1,024 symbols for 1024-QAM for the same grid size. Clearly, increasing the number of symbols (assuming fixed power) makes the symbols closer to each other in this 2D grid. Thus, data detection at the receiver becomes more susceptible to errors due to impairment.
In practical terms, receiver circuits are affected by thermal noise, clipping and non-linearity of power amplifiers, phase noise and many other distortions that are beyond the scope of this post. It is worth mentioning that increasing the signal power beyond some limits results in actually decreasing the received SNR since many of these distortions associated with RF circuits are dependent on the transmitted power. Rather, the way to increase the modulation order is to improve the detection schemes and build circuits that are less susceptible to power-related distortions, along with improving the correction mechanisms at the receiver for phase noise and other impairments.
At Aviat Networks, we have the expertise and knowledge to build the highest quality microwave radios that can work at cutting edge signaling schemes. We will make sure that our customers see a sizable return—not a diminishing one from increasing the modulation order. Our pledge is that microwave backhaul will always exceed the capacity requirements of our customers.
Ramy Abdallah,
Senior Signal Processing Engineer, Aviat Networks
April 6, 2011
What’s So Different About IEEE 1588v2 Sync Over Microwave Backhaul?
The beauty of IEEE 1588v2 (i.e., Precision Time Protocol) synchronization is that it is a bookended solution. In theory, there is no need to worry about what is in between or underneath—from a Layer 1 transport perspective. While in principle this is accurate, there are a couple “unique” aspects of running 1588v2 over a microwave network that should be carefully considered in your deployment plans.
First, the infamous “last mile” is in reality typically many miles across multiple microwave radio hops—which may consist of a mix of linear, ring and hub-and-spoke configurations. Unfortunately, more hops introduce more packet transmission delay and delay variation over the backhaul—a potentially lethal mix for sync transport—the amount of which is proportional to the number of microwave hops. Careful design and engineering are required. On a bright note, Aviat Networks and Symmetricom recently validated <1.5ms delay could be achieved across 10 hops—well within the requirements for mobile backhaul.
Second, most advanced microwave systems now support Adaptive Coding and Modulation (ACM), a key benefit for microwave transport that allows the effective throughput of the microwave link to be dynamically changed to accommodate for radio path fading, typically due to changes in the weather. If bandwidth is reduced as a result of an ACM change, it is critical that advanced traffic and QoS management techniques be applied in the microwave systems to ensure that 1588v2 traffic (packets carrying timestamps) are given the highest/strict priority for transmission, and are not subject to delay or discard. On a brighter note, Aviat Networks and Symmetricom recently validated that 1588v2 could operate over a highly loaded (approaching 100 percent) microwave network running ACM.
In a nutshell, there are some unique considerations for running 1588v2 over microwave – but the outcome can be predictably bright with proper engineering.
Check out the Aviat Networks application note for more information on the Aviat Networks/Symmetricom partnership and 1588v2 network synchronization over microwave backhaul.
Errol Binda
Senior Solutions Marketing Manager, Aviat Networks
March 30, 2011
Microwave Backhaul Total Cost of Ownership (TCO) pt. 2
How Important is Initial CAPEX?
Are we seeing the forest or the trees?
Based on microwave Total Cost of Ownership (TCO) model posted earlier, the most significant contributor to total cost is ongoing OPEX.
We see an increasing trend of operators making decisions on backhaul solution based mostly (sometimes solely) on price (or initial CAPEX). While initial CAPEX is important, if the goal is lowest cost, this can be problematic approach as initial CAPEX it is not the most significant contributor to total cost. Ongoing OPEX is key.
Perhaps a better approach would be to focus on features most impacting lowering total costs. For instance, adaptive coding and modulation can lower antenna sizes – which can reasonably reduce 10 year TCO by as much as $48,000 (which is 2-3x more than initial CAPEX). Deploying ring architectures with high layer (L2/L3 or packet-based) failure recovery techniques can enable lower per hop reliability and smaller antennas – further lowering costs.
Microwave Backhaul Total Cost of Ownership
Gary Croke
Product Marketing, Aviat Networks
March 16, 2011
Microwave Total Cost of Ownership (TCO) Pt. 1
When choosing the right backhaul technology, total cost of a microwave system is a critical, often overlooked, consideration. TCO is not widely understood today. Lack of understanding of microwave TCO can lead to poor decisions about choice in backhaul technology and obscure the relative importance of features. Features that lower critical components of TCO are often not given enough attention.
A summary of a TCO model for a mobile operator in North America is shown below. Clearly, ongoing OPEX resulting from tower leases represent largest contributor to total cost. These lease costs include tower space for antennas and cable runs, shelter/cabinet space and power, and ongoing move/add/change fees regularly paid to tower companies. The largest portion of this tower lease is related to the antenna size. Microwave products and features that enable smaller antennas sizes, less indoor space, and fewer cables are most important for operators.
10 Year Microwave Total Cost of Ownership
*Note: for private network applications (like state/local governments, public safety organizations, and utilities) who generally own towers, initial CAPEX is often higher, leading to an overall reduction in ongoing OPEX and TCO.
Make sure to check back next week for post #2 ” How Important is Initial CAPEX?” where I breakdown the true costs of initial and ongoing CAPEX.
Gary Croke
Product Marketing, Aviat Networks