Print this article

Comment

1 September 2002

Building security into your wireless network

By Moira Young

Your network's security is paramount when you're conducting business. Building security measures into the equipment you use, as well as implementing basic network security techniques available to any organization, can keep your data and transactions secure.

Companies can experience new applications and services by merging industrial networks into corporate networks, allowing them to have access to information from anywhere at any time. At the same time, increased use of the Internet is providing them with real-time access to business-critical information to generate revenue and build a competitive advantage.

Industrial networking developments include the ability to transmit serial and industrial protocols over Ethernet—in a wireless environment. The advantages of an EtherNet/IP-based industrial network outweigh the risks involved. Such advantages include connecting disparate networks (the corporate network with the supervisory control and data acquisition network), hardware and software platform interoperability, collision avoidance, high transmission efficiency, and the ability to add new devices to a network without disrupting traffic flow. Using IP over Ethernet also opens up new possibilities for integrating into a network control scheme a utilitywide intranet, the World Wide Web, and video.

Security in a wireless world

Wireless networks actually offer security benefits that are nonexistent in a wired environment. They can provide an additional level of transmission security using a technique known as spread spectrum. Because the signal is spread over a range of frequencies, the communications link is more resilient to interference or jamming. The spreading technique also makes it more difficult for unwanted listeners to intercept network traffic.

Cable-based systems that rely on telephone, fiber optics, or coaxial cable operate at a higher risk for breakage and damage from storms, motor vehicle accidents, construction work, or even sabotage. Signal quality also suffers, especially in older wired systems that have become noisy due to poor connections.

Cable troubles can be difficult to locate and may take hours to repair, depending on the priorities of maintenance crews. During a widespread event, such as a weather-related outage, repairs may have to wait for several days or even weeks while overloaded crews respond to other pressing incidents.

Availability of a wired network is also a concern, especially where the public telephone system is involved. During periods of heavy telephone use, such as a widespread emergency, you may not be able to access the telephone network and get system data through.

Unfortunately, this scenario will most likely occur at the very time organizations need a network most. Cellular-based technologies such as cellular digital packet data are also subject to these limitations. And consumer voice traffic is the first priority of cell providers, not data services.

Because cables are vulnerable to accidental or intentional damage, it's nearly impossible to ensure the network's integrity. While no system can be 100% secure, wireless solutions offer an inherently more secure infrastructure, as there are no cables exposed to possible damage, sabotage, or tapping by unauthorized persons. Wireless systems replace the wired infrastructure with an over-the-air radio frequency link.

A secure wireless solution

The most important thing to remember is that network security is all about layering. Systems need multiple levels of security mechanisms, such as a standard security plan, a firewall, and a virtual private network at the application level. Assuming you take the appropriate steps to secure a network on an enterprise level, your next concern is incorporating wireless technology that enhances that security. An ideal solution would be a product that offers several layers of security prohibiting unauthorized access and eavesdropping of data communications. You can enhance your networks' security by adding dynamic key sharing, authentication, and provision lists.

Some wireless networks today use 802.11b solutions and operate on the 2.400–2.483 gigahertz band. Because 802.11b solutions are standard, anyone can purchase an 802.11b wireless card for a laptop. Hackers can use that card to monitor signals and determine the spreading sequence on which your information is transmitting. A better alternative might be a solution that operates on the 902–928 megahertz frequency band.

While a radio using spread spectrum technology is an easy solution, one using frequency hopping spread spectrum also offers your network added security. Originally designed to provide transmission security for military applications, the carrier frequency changes several times per second and requires another radio, set to the exact same pattern, to listen to any data.

In a frequency hopping spread spectrum radio, each pseudorandom sequence of hops is generated based on a user-selected key that results in tens of thousands of combinations, making it virtually impossible to reproduce. IT

Moira Young is director of marketing at Microwave Data Systems in Rochester, NY. This paper was presented in August at the ISA-sponsored Industrial Network Security conference held in Philadelphia.