Security considerations for M2M IEEE Presentation Submission Template (Rev. 9) Document Number: IEEE ppc-10/0037 Date Submitted: Source: Eldad Zeira, Alex Reznik InterDigital Communications Corp. Venue: Session #68, San Diego Base Contribution: None Purpose: To be discussed and adopted by Project Planning Committee / p Notice: This document does not represent the agreed views of the IEEE Working Group or any of its subgroups. It represents only the views of the participants listed in the “Source(s)” field above. It is offered as a basis for discussion. It is not binding on the contributor(s), who reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy: The contributor is familiar with the IEEE-SA Patent Policy and Procedures: and. Further information is located at and.

212/4/2015 M2M networks are more vulnerable to security threats than traditional networks –… and handle highly critical missions Network attacks can lead to false situational awareness, loss of privacy, and even become physical attacks –Compromised by physical or remote reconfiguration or impersonation SR recognizes this issue and recommends that it is in scope of the M2M PAR

312/4/2015 M2M devices handle highly critical missions while being… –deployed in highly distributed networks –provisioned in the field and managed over the air –operated without human supervision M2M networks and applications are vulnerable to: –Misleading reports –Network (denial of service) attacks –Loss of privacy –Cyber attacks can become physical attacks The awareness of an attack is in itself an important security related information

412/4/2015 Security susceptibilities of M2M use cases Susceptibility  Misleading reports Network attacks (particularly for WAN) Data privacyCyber attacks become physical attacks M2M use case  Secured access, surveillance, remote maintenance False situational awareness DoS attacks prevent obtaining of situational awareness Tracking, tracing & recovery False location reports Prevents timely tracking Public safety Similar to security, especially if acts of terrorism are considered Payment Transmission of information to unauthorized parties Health Care False situational awareness Prevents awareness of emergency conditions Transmission of information to unauthorized parties Malicious control can have serious health implications Smart grid Prevention of timely control requires unavailable electrical resources Malicious control can cause lasting damage to grid

512/4/2015 The vulnerabilities, more precisely… Physical Attacks such as insertion of valid authentication tokens into a manipulated device, inserting and/or booting with fraudulent or modified software (“re-flashing”), and environmental/side-channel attacks, both before and after in-field deployment. Compromise of Credentials comprising brute force attacks on tokens and (weak) authentication algorithms, physical intrusion, or side-channel attacks, as well as malicious cloning of authentication tokens residing on the device. Configuration Attacks such as fraudulent software update/configuration changes, mis- configuration by the owner, subscriber or user, mis-configuration or compromise of the access control policies. Attacks on the Network. These are the main threats to the network operator: Impersonation of devices, traffic tunneling between impersonated devices, mis- configuration of the firewall in the modem/router/gateways, Denial of Service (DoS) attacks against the core network. They may also include changing the device’s authorized physical location in an unauthorized fashion or attacks on the radio access network, using a rogue device.

612/4/2015 Security requirements in SR (0002r7, sec. 4.7) security functions, including integrity protection and the confidentiality for M2M service traffic shall be supported for M2M devices. Expected use cases for WAN M2M systems make them vulnerable to security threats in the form of physical or remote attacks on hardware, software / firmware, compromise of credentials, configuration and network attacks (e.g., denial of service). WAN M2M system should support appropriate level of authentication for the M2M device or M2M gateway to provide secure access to the authorized M2M devices. The system should support verification and validation of the exchanged data

712/4/2015 What do we need to do? 5.7 Security (from SR) –Enhanced security may require changes to the network entry/re-entry procedure. No other standardized changes in MAC / PHY are required

812/4/2015 Proposed modification to M2M PAR scope This amendment specifies IEEE Std medium access control (MAC) enhancements and minimal OFDMA PHY modifications to provide functionalities for efficient Machine to Machine communication. Enhancements are lower power consumption at the subscriber station, support by the base station of significantly larger numbers of devices, enhanced access priority, time-tolerant/controlled operation, improved device authentication at network entry and efficient support for small burst transmissions. This amendment provides continuing support for WirelessMAN- Advanced Air Interface and legacy WirelessMAN- OFDMA equipment.