The UK Spectrum Policy Forum has today published its Findings and Recommendations on Spectrum Infrastructure Resilience.
This report is developed from the UK SPF Spectrum Usage and Demand study which highlighted the diverse nature of spectrum use and how information accessed through wireless underpins our infrastructure, the modern economy, our society, our businesses and our personal lives.
As the infrastructure and societal reliance on information, enabled via wireless spectrum access, increases (e.g. through Smart Energy, Smart Cities, Healthcare, Internet of things, Autonomous vehicles etc.) denial or disruption to spectrum access, maliciously or accidentally could cause significant economic, political, social or even physical harm.
Spectrum-access denial, or disruption, would be equivalent to a cyber denial-of-service (DOS) attack and could prevent facilities, systems and networks from functioning. Some examples include loss of GPS signal due to targeted interference, potential loss of personal health related monitoring data due to interference, loss of data or communications during a national emergency (e.g. during a flood) and interference to train signalling causing rail disruptions.
Reflecting on the initial findings from the SPF event, the UK Spectrum Policy Forum has the following recommendations to address various threats to the continued use of spectrum:
1. We should raise user awareness of the risks posed to spectrum use, by government or private sector users, from service denial or disruption by
- Encouraging spectrum users to conduct “spectrum stress test” to their businesses
- Consider the production of a ‘Common Spectrum Attacks and Mitigations Summary’ for general use, and its inclusion as part of corporate risk assessments
- Considering further if Spectrum Access threats should be included in the National Risk Register
2. We should evaluate the potential loss of economic and social value
3. We should ensure the regulatory framework is designed to minimise risk from service disruption
- Consider making the possession of civil jamming devices illegal
- Review regulations applied to Licence Exempt bandwidths, Dynamic Spectrum Access use, and other provisions for spectrum use which appear susceptible to disruption
4. We should encourage industry to design equipment and systems to be resilient to attack
- Ensure resilience is part of the standards for 5G, IoT, autonomous systems and other new technologies
- Develop better systems for detection and attribution of threats
Raj Sivalingam, Executive Director of the UK Spectrum Policy Forum, commented: “The increasing interconnectivity of systems that use radio spectrum, such as med tech, the internet of things, connected homes, and even GPS in your cars, means that a small disruption to a system could have serious ripple effects to many other systems and services. Yet many businesses and users do not fully understand the impact and disruption that may be caused through the denial of access to spectrum. The Spectrum Policy Forum has highlighted a number of recommendations to address these issues, such as ensuring the regulatory framework is designed to minimise risk and encourage businesses to develop spectrum resilience plans.”