Software defined radios (SDR) are not a novel concept; the original concept of a software radio first appeared thirty years ago. Due to the high cost of SDR hardware, though, software radio platforms really haven’t been available as ‘consumer’ devices until recently. The wide availability of software defined radios for students, engineers & scientists, and hobbyists, was really kicked off by Matt Ettus in 2004. Since then, the use of the software defined radio has proliferated through many fields of communications and electronics.
One of the more recent areas that SDRs have really gained traction is cybersecurity. The boom in software defined radio use by cybersecurity researchers really surged with the growth of two software radio applications: GNU Radio and OpenBTS. GNU Radio enables users to build applications from a library of common processing blocks, and then use the application directly with hardware (perhaps most commonly, an Ettus Research USRP). OpenBTS is an open-source implementation of the GSM cellular stack.
With GNU Radio, security researchers can create custom applications to analyze other wireless devices and protocols. With OpenBTS, researchers can easily and cheaply create their own cellular base-stations, through which consumer handsets can make calls and send SMS messages. The utility of each of these to the cybersecurity industry is immediately obvious, and it represents something of a democratizing of access to these sorts of technologies.
There are now entire tracks focused on cybersecurity using software defined radio technology at conferences like DEFCON (see DEFCON’s Wireless Village) and BlackHat. If you look at the agendas of the yearly GNU Radio Conference, there are numerous talks given by recognized cybersecurity experts on using GNU Radio for the purpose. Indeed, some of the most well-known of these talks have been given by Ettus Research’s very own Balint Seeber, such as his talk from 2012, “All Your Hz are Belong to Me”, and its follow on, “Some More of Your RFz are Belong to Me”. Balint’s YouTube video about exploring the wireless world with a USRP B200 has been many peoples’ first introduction to SDR and cybersecurity.
Published videos and papers using the Ettus Research USRP (universal software radio peripheral) have brought wide-spread attention to software defined radios and GNU Radio for their applicability to the field of cybersecurity. Articles about cybersecurity research with USRPs have made splashes on information security news sources like Security Week, EHacking, and the security ledger. Write-ups of USRP security work have even spread to non-security news services like Tom’s Guide and NPR; the NPR story actually features Nick Foster, a former hardware designer at Ettus Research.
As the number of wireless devices that are part of our everyday lives continues to grow, proving that these systems are in fact secure will only become more critical. Ettus Research USRPs, GNU Radio, and other open source software distributions have been a key component of this field to date, and we are excited to see what researchers will do with our products in the years to come.