SignalFire Security Supports a Highly Reliable and Secure Wireless Network
As the use of wireless technology for sensing and control systems becomes a more common practice in various industries, security becomes an important issue as it is critical to ensure the validity of data as it passes from device to device. To provide a higher level of data integrity for any critical process, SignalFire Wireless Telemetry has implemented a suite of advanced security features that address different security risks.
New Security Features
Data that passes through a wireless remote monitoring and system must be valid and not tampered with in any way. Safeguards must prevent malicious attackers from intercepting a packet and intentionally changing its contents. Using data without an integrity check is risky as it can cause unknown actions.
SignalFire implements the Advanced Encryption Standard (AES) with a 128-bit key size to protect its wireless data. This encryption supports a highly reliable and secure wireless network within the entire wireless system. The AES-128 is used with a CBC-MAC algorithm on encrypted payload data to generate an authentication code that is sent along with data. If any data is modified, the authentication code will no longer be valid, and data will be ignored.
Using device authentication, Signal Fire ensures that nodes within the network pass an integrity check before joining a network. An encrypted, one-time-use token, along with address information, is passed from a node to the joining network. The token is decrypted by the Gateway (or other joined node) using the network key. If the node passes the integrity check and decryption, it will respond with a packet containing the token, address information, and network time. The use of the token prevents a rogue network from attempting to absorb joining nodes in preventing them from communicating with their intended network.
A common security attack is the capture and re-transmission of a packet. For example, a message to turn on a relay could be captured and resent at a later time to disrupt operations. Without replay prevention, this message could be resent without the receiving node knowing it was sent from an attacker. Many wireless encryption standards do not protect against this type of attack.
SignalFire has implemented a replay prevention scheme based on time synchronization of all nodes in the network. The Gateway generates a time base that is securely distributed to all nodes in the network. Every message received by the Gateway or any node contains the transmission time. The receiver checks that the time in the message is within a valid receive time window. If a message is outside the timeframe, it is ignored.
Frequency Hopping and Proprietary Protocol
SignalFire wireless systems utilize a frequency hopping spread spectrum protocol, whereby the RF frequency of transmissions/receptions constantly changes in a random pattern to avoid RF interference. Also, the messaging protocol and RF hardware are proprietary and unpublished. A proprietary platform provides an additional layer of security versus a published standard communication protocol, as an attacker would have to crack both the security and underlying communication protocol at both the hardware and software level.
As of August 1, 2016, SignalFire released new firmware that implements these security and encryption features for all products. All devices after this date are shipped with the new firmware feature. Additionally, the ToolKit has been updated to support this new feature. SignalFire’s encryption has been designed to allow backward compatibility with existing networks and be simple to enable on all new network installations.
Legacy Corporate IDs
Previously, SignalFire issued a preconfigured corporate ID to each end user prior to device shipment. The corporate ID prevented devices from customer “A” communicating with devices from customer “B”, even if the same network and network group were configured. While the corporate ID does provide network isolation, its functionally is limited, and a more flexible and secure method was needed.
Any new device planned for installation into an existing network must be configured to use the same corporate ID as the gateway. The ID is set using the SignalFire ToolKit. Note that the legacy corporate ID should only be used for existing networks when updating to the latest firmware that supports encryption is not feasible.
Encryption is highly recommended for any new installation. The Gateway (and every node that communicates with it) must be configured with the same “key” (6 to 16 characters) in addition to the network and network group settings. The “key” is the only new setting. If the “key” is configured to be unrecoverable, it can never be read back out of the device. If it is forgotten or unknown, every device must be re-configured with a new key.
For more information about SignalFire Wireless security, contact your sales rep or the company at firstname.lastname@example.org.