WO2018196974A1 - Controlling wireless transmission of data from a wireless device - Google Patents

Controlling wireless transmission of data from a wireless device Download PDF

Info

Publication number
WO2018196974A1
WO2018196974A1 PCT/EP2017/060035 EP2017060035W WO2018196974A1 WO 2018196974 A1 WO2018196974 A1 WO 2018196974A1 EP 2017060035 W EP2017060035 W EP 2017060035W WO 2018196974 A1 WO2018196974 A1 WO 2018196974A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
wireless transmission
function
policy
control unit
Prior art date
Application number
PCT/EP2017/060035
Other languages
French (fr)
Inventor
Bengt Lindoff
Patrik Ekdahl
Magnus ÅSTRÖM
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to PCT/EP2017/060035 priority Critical patent/WO2018196974A1/en
Publication of WO2018196974A1 publication Critical patent/WO2018196974A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/12Details of telephonic subscriber devices including a sensor for measuring a physical value, e.g. temperature or motion

Definitions

  • Embodiments presented herein relate to a method, a control unit, a computer program, and a computer program product for controlling wireless transmission of data from a modem function of a wireless device.
  • machine type communication devices In general terms, machine type communication devices range from devices being consumers of comparative large amounts of network resources, such as video surveillance equipment, cameras for self-driving cars, to devices being consumers of comparative small amounts of network resources, such as sensors, actuators, and meters.
  • network resources such as video surveillance equipment, cameras for self-driving cars
  • Machine type communication devices could be powered by operating on battery, solar and/or wind power.
  • Machine type communication devices could be configured to sparsely report different kind of data such as environmental parameters (e.g. temperature, carbon dioxide levels, wind and water flow, lighting conditions), consumption (e.g. gas, power, water; utilization of finite resources), utilization (e.g. volume treated by an air pollution filter, volume treated by a water filter or treatment device), machine operation time for machine including moving parts e.g. ball bearings and sprockets).
  • Machine type communication devices could be configured to control (directly or indirectly) environmental variables (e.g. ventilation, lighting, temperature) or operation (e.g. water treatment, air pollution treatment).
  • Machine type communication devices could be wirelessly connected to a cellular communications system and transmit a small amount of data sparsely in time and hence may have a battery life length of up to several years.
  • LPWAN Low Power Wide Area Network
  • NB-IoT NarrowBand IoT
  • eMTC enhanced Machine Type Communication
  • LTE-M Long Term Evolution
  • LTE-MTC Long Term Evolution
  • LoRa LoRa
  • Fig. l illustrates a communications system 100 where a number of wireless devices ti, t2, t8 (one of which is identified at reference numeral 300) are operatively connected to a cellular network node 110.
  • Each wireless device ti- t8 represents a machine type communications device.
  • Each of the wireless devices ti-t8 may sparsely wirelessly connect to the cellular network node 110 (and, via the cellular network node 110, further on to a server node) in order to report data 120, such as sensor, actuator, or meters values.
  • the number of wireless devices ti-t8 served by the cellular network node 110 in a cell may be huge, but by proper scheduling the load in the communications system 100 could be kept at an acceptable level, as illustrated in Fig.
  • Fig. 2(a) is a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110. As can be seen in the example of Fig. 2(a) the transmission of data 120 is scheduled such that the cellular network node 110 receives an even flow of data from the wireless devices ti-t8.
  • the wireless devices ti-t8 might be running low-power processors incapable of supporting sophisticated security. Furthermore, embedded wireless devices could be configured to continue to operate for years after their last software patch, and can even outlive the demise of their manufacturer, and hence may therefore be a victim for possible hacker attacks.
  • Hacker attacks are generally designed with the purpose of causing security issues, or general network malfunction, in the communication system 100, often far beyond the cellular network node 110. For instance, there is a potential use of distributed denial of service (DDoS) attacks using any of the wireless devices ti-t8 to disrupt critical infrastructure, including for instance cellular communication systems.
  • DDoS distributed denial of service
  • Fig. 2(b) shows a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110 according to one possible attack scenario for congesting the radio interface of the cellular network node 110.
  • the wireless devices ti-t7 are, by the hacker, configured to perform synchronized connection setup and connection release on regular basis. This could cause proper data 130 transmitted by wireless device t8 (not under control of the hacker) to not reach its destination.
  • Fig. 2(c) shows a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110 according to another possible attack scenario, with the potential to draining the power resources (such as a battery) of wireless devices ti-t7. Since the wireless devices ti-t7 could be designed for a life length of several years, only small amount of data transmission, sparsely in time, is expected, the hacker might configure the wireless devices ti-t8 to transmit dummy data over long time (as in the illustrative example of Fig. 2(c)), and hence drain the battery.
  • the power resources such as a battery
  • the cellular network node 110 might experience issues relating to network capacity, at least while the wireless devices ti-t7 are still powered. This could, again, causes proper data 130 transmitted by wireless device t8 (not under control of the hacker) to not reach is destination.
  • the wireless devices ti-t7 may anyway still try to perform a new connection setup attempt (by transmitting a new random access preamble, for instance).
  • An object of embodiments herein is to provide efficient control of wireless transmission of data.
  • a method for controlling wireless transmission of data from a modem function of a wireless device is performed by a control unit.
  • the method comprises
  • control signals pertaining to the wireless transmission of the data from the modem function.
  • the control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function.
  • the method comprises preventing the wireless transmission of the data when the control signals cause a policy to be violated.
  • the policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
  • a control unit for controlling wireless transmission of data from a modem function of a wireless device.
  • the control unit comprises processing circuitry.
  • the processing circuitry is configured to cause the control unit to monitor control signals pertaining to the wireless transmission of the data from the modem function.
  • the control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function.
  • the processing circuitry is configured to cause the control unit to prevent the wireless transmission of the data when the control signals cause a policy to be violated.
  • the policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
  • a control unit for controlling wireless transmission of data from a modem function of a wireless device.
  • the control unit comprises processing circuitry and a storage medium.
  • the storage medium stores instructions that, when executed by the processing circuitry, cause the control unit to perform operations, or steps.
  • the operations, or steps, cause the control unit to monitor control signals pertaining to the wireless transmission of the data from the modem function.
  • the control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function.
  • the operations, or steps cause the control unit to prevent the wireless transmission of the data when the control signals cause a policy to be violated.
  • the policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
  • a control unit for controlling wireless transmission of data from a modem function of a wireless device.
  • the control unit comprises a monitor module configured to monitor control signals pertaining to the wireless transmission of the data from the modem function.
  • the control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function.
  • the control unit comprises a prevent module configured to prevent the wireless transmission of the data when the control signals cause a policy to be violated.
  • the policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
  • a computer program for controlling wireless transmission of data from a modem function of a wireless device comprising computer program code which, when run on a control unit, causes the control unit to perform a method according to the first aspect.
  • a computer program product comprising a computer program according to the fifth aspect and a computer readable storage medium on which the computer program is stored.
  • the computer readable storage medium could be a non-transitory computer readable storage medium.
  • Fig. 1 is a schematic diagram illustrating a communication system according to embodiments
  • Fig. 2 schematically illustrates wireless transmissions of data along a timeline
  • FIG. 3 schematically illustrates a wireless device according to embodiments
  • Figs. 4 and 5 are flowcharts of methods according to embodiments
  • Fig. 6 is a schematic diagram showing functional units of a control unit according to an embodiment
  • Fig. 7 is a schematic diagram showing functional modules of a control unit according to an embodiment.
  • Fig. 8 shows one example of a computer program product comprising computer readable storage medium according to an embodiment.
  • the hacker may in the application function request a connection setup and release in a synchronized fashion (over all wireless devices ti-t7 under the control of the hacker) and by that get some uncontrolled behavior of the communication system 100.
  • this may for instance imply congestion in the random access channel (or congestion in other parts on the NW node, or prevention for other channels to be transmitted properly, e.g., due to increased interference) thereby disrupting the connection possibilities to the cellular network node no for all its served wireless devices ti-t8 (thus also affecting wireless device t8).
  • the embodiments disclosed herein therefore relate to mechanisms for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300.
  • a control unit a method performed by the control unit, and a computer program product comprising code, for example in the form of a computer program, that when run on a control unit, causes the control unit to perform the method.
  • Figs. 3(a), 3(b), and 3(c) are block diagrams of a generic wireless device 300 according to embodiments.
  • the wireless device 300 comprises at least an application function 320, a modem function 310, and a control unit 200.
  • the application function 320 and the modem function 310 may be implemented in software, hardware, or a combination of software and hardware.
  • the application function 320 is under supervision of an operating system of the wireless device 300.
  • the modem function 310 is configured to handle communication of the wireless device 300 with other devices, entities, and nodes, such as the network node 110.
  • the application function 320 and the modem function 310 communicate data and control signals between each other.
  • the application function 320 sends data 120 ("Data") and control signals ("Ctrl") to the modem function 310 over an interface 340, where the control signals instruct the modem function 310 when and where to send the data 120.
  • Data 120 collected by the application function 320 is thereby enabled to be reported to the network node 110 by means of wireless transmission from the modem function 310 (for further distribution in the communication system 100, e.g., to a cloud application or server).
  • the control unit 200 monitors control signals sent by the application function 320 and pertaining to wireless transmission of data 120 from the modem function 310.
  • the control unit 200 is co-located with the modem function 310.
  • the control unit 200 may thus be part of the modem function 310 and share software as well as hardware resources with the modem function 310.
  • the control unit 200 is provided in a trusted execution environment (TEE) 330 and the functionality of the control unit 200 thus runs as a so-called trusted application inside the TEE 330.
  • TEE trusted execution environment
  • a TEE 330 is a secure area of the main processor.
  • the TEE 330 guarantees code and data loaded inside to be protected with respect to confidentiality and integrity.
  • the TEE 330 as an isolated execution environment provides security features such as isolated execution, integrity of trusted applications along with confidentiality of their assets.
  • TEE 330 offers an execution space that provides a higher level of security than the application function 320.
  • the TEE 330 is separated from the application function 320 and the modem function 310.
  • Fig. 3(c) shows a block diagram where the control unit 200 runs inside the TEE 330, and where the TEE 330 in turn is run at the application function 320.
  • the TEE 330 could thus be co-located with the application function 320.
  • the TEE 300 could thus be implemented as part of the application function 320 or as a standalone circuit monitoring the control signaling interface between the application function 320 and the modem function 310. Further aspects, properties, and functionality of the control unit 200 will be disclosed next.
  • Figs. 4 and 5 are flowcharts illustrating embodiments of methods for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300. The methods are performed by the control unit 200. The methods are advantageously provided as computer programs 820. Reference is now made to Fig. 4 illustrating a method for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 according to an embodiment.
  • control unit 200 monitors control signals pertaining to the wireless transmission of the data 120 from the modem function 310.
  • the control signals are issued by an application function 320 of the wireless device 300.
  • the control signals are monitored at an interface 340 between the modem function 310 and the application function 320.
  • the control signals could, for example, be routed through the control unit 200.
  • Different examples of how the control unit 200 could be arranged in the wireless device 300 in relation to the application function 320 and the modem function 310 have been disclosed above with reference to Fig. 3.
  • the control unit 200 could be regarded as implementing a behavior policy enforcer, and once an out-of-policy behavior is detected, the control unit 200 prevents the wireless transmission of the data 120.
  • the control unit is configured to perform step S106:
  • the control unit 200 prevents the wireless transmission of the data 120 when the control signals cause a policy to be violated.
  • the policy defines how the application function 320 is allowed to control the wireless transmission of the data 120 from the modem function 310. Examples of policies will be disclosed below. Examples of how the control unit 200 could prevent the wireless transmission of the data 120 will be disclosed below.
  • the control unit 200 could prevent cellular network DDoS attacks as well as battery draining attacks.
  • the wireless device 300 as a whole (including the application function 320 and the modem function 310) could thereby be certified not to behave in a way that would violate the policy.
  • Embodiments relating to further details of controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 will now be disclosed.
  • the data 120 could be wirelessly transmitted by the modem function 310 using any of the standards NR (New Radio), LPWAN, NB-IoT, eMTC, LTE, LTE-M, LTE-MTC, Sigfox, LoRa, or GSM (short for Global System for Mobile communications).
  • NR New Radio
  • LPWAN Long WAN
  • NB-IoT eMTC
  • LTE Long Term Evolution
  • LTE-M Long Term Evolution-M
  • LTE-MTC Long Term Evolution-M
  • the policy could relate to an allowed number of connection setup/release attempts (such as random access attempts) made under a first time period, an allowed time for continuous or consecutive data transmission, an allowed time fraction in active mode under a second time period, or an allowed amount of data 120 to be transmitted.
  • the policy relates to the amount of connection setup or connection release the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to make within a certain first time period (such as, but not limited to, a maximum of two connection setups or connection releases per minute). That is, according to an
  • the policy defines an allowed maximum number of connection setups/releases to be made by the modem function 310 during a given time period. Then, the policy could be regarded as violated when the control signals cause a higher number of connection setups/releases to be made by the modem function 310 than the allowed maximum number to be made during the given time period.
  • the policy relates to the amount of allowed time for continuous and/or consecutive wireless transmission (such as, but not limited to, from a few seconds up to in the range of a minute) of the data 120 the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to make. That is, according to an
  • the policy defines an allowed maximum time for continuous and/or consecutive wireless transmission of the data 120 from the modem function 310. Then, the policy could be regarded as violated when the control signals cause longer continuous and/or consecutive wireless transmission of the data 120 from the modem function 310 than the allowed maximum time.
  • the policy relates to the allowed fraction of the time the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to be in connected mode/active mode during a specific second time period i.e. the duty cycle of the modem function 310 (such as, but not limited to, a maximum fraction of five minutes in connected mode/active mode per hour). That is, according to an embodiment the policy defines an allowed fraction of time for the modem function 310 in active and/or connected mode during a given time period. Then, the policy could be regarded as violated when the control signals cause the modem function 310 to be in active and/or connected mode a higher fraction of time than the allowed fraction of time during the given time period.
  • the duty cycle of the modem function 310 such as, but not limited to, a maximum fraction of five minutes in connected mode/active mode per hour. That is, according to an embodiment the policy defines an allowed fraction of time for the modem function 310 in active and/or connected mode during a given time period. Then, the policy could be
  • the policy relates to the amount of data 120 (such as, but not limited to, the amount specified by the type of data (such as temperature values, humidity values, or other types of sensor or meter readings) the application function 320 is configured to report) the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to wirelessly transmit. That is, according to an embodiment the policy defines an allowed maximum amount of data 120 to be wirelessly transmitted from the modem function 310 during a given time period. Then, the policy could be regarded as violated when the control signals cause more data 120 to be wirelessly transmitted from the modem function 310 than the allowed maximum amount during the given time period. In some aspects the wireless transmission of the data 120 is only to be prevented during a certain third time period.
  • the wireless transmission of the data 120 is in step S106 prevented until expiration of a timer.
  • the timer is started upon the control unit 200 detecting that the control signals cause the policy to be violated. How long the timer runs (and thus how long the wireless transmission of the data 120 is to be prevented) is defined by the above mentioned third time period.
  • the third time period corresponds to one of the first time period and the second time period defined above.
  • the modem function 310 Upon expiration of the timer the modem function 310 could again be allowed to wirelessly transmit data 120 according to control signals received from the application function 320 until the control unit 200 again detects that the control signals violates the policy, and so on. However, as will be disclosed below, the control unit 200 could obtain instructions that cause the control unit 200 to perform an action in order to prevent the application function 320 to, by means of its control signals, again breach the policy.
  • the policy is defined by at least one of the above disclosed examples of policies.
  • the term policy should throughout this disclosure be interpreted as at least one policy, and the control unit 200 could thus in step S 106 be configured to prevent the wireless transmission of the data 120 when the control signals cause at least one policy has herein disclosed to be violated.
  • Fig. 5 illustrating methods for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 according to further embodiments. It is assumed that steps S104, S106 are performed as described above with reference to Fig. 4 and a thus repeated description thereof is therefore omitted.
  • control unit 200 may obtain the policy.
  • control unit 200 is configured with the policy by a mobile network operator (MNO), such as the MNO of the wireless device 300.
  • MNO mobile network operator
  • the control unit 200 is configured to perform optional step S102: S102: The control unit 200 obtains the policy from a network node 110.
  • the policy could in step S102 be obtained by the control unit 200 as part of the first enrollment of the wireless device 300 in the cellular network of the MNO, and where the policy is downloaded to the control unit 200 from the MNO via the network node 110.
  • the policy could be defined, and provided to the control unit 200, by the maker of the wireless device 300 and/or the maker of the application function 320.
  • the policy could thereby be provided to the control unit 200 during manufacturing of the wireless device 300 and/or during installment of the application function 320.
  • the policy could be signed by an authorized actor in order for the control unit 200 to accept the policy and act according to the policy.
  • control unit 200 prevents the wireless transmission of the data 120 in step S106.
  • control unit 200 is configured to perform any of optional steps Sio6a, Sio6b, Sio6c as part of preventing the wireless transmission of the data 120 in step S106.
  • the prevention of wireless transmission of data involves the control unit 200 to disable the modem function 310.
  • Sio6a The control unit 200 disables the modem function 310 for wireless transmission of the data 120, thereby preventing the wireless transmission of the data 120.
  • the prevention of wireless transmission of data involves the control unit 200 to disable the interface 340 between the modem function 310 and the application function 320.
  • Sio6b The control unit 200 disables the interface 340 between the modem function 310 and the application function 320, thereby preventing the wireless transmission of the data 120.
  • the prevention of wireless transmission of data involves the control unit 200 to instruct modem function 310 to not transmit data 120 (e.g. for the modem function 310 to ignore instructions and/or request from the application function 320 relating to wireless transmission of data).
  • Sio6c The control unit 200 instructs the modem function 310 to refrain from the wireless transmission of the data 120, thereby preventing the wireless transmission of the data 120.
  • any breach of the policy is reported, via the modem function 310 to a remote server node, via the network node 110.
  • the server node could be the node the wireless device 300 is instructed to report the data 120 to, hence making a central control system of the wireless device 300 aware of the problem (such as a potential hacker attack) occurring on the wireless device 300.
  • the control unit 200 is configured to perform step S108: S108: The control unit 200 provides a report indicative of that the control signals cause the policy to be violated to a network node 110.
  • the network node 110 or another device, entity or node, in the communication system 100, once having obtained the report indicative of that the control signals cause the policy to be violated, determines
  • the network node 110 could then provide the instructions to the control unit 200 such that the control unit 200 could take the appropriate action in order to restore the functionality of the application function 320.
  • control unit 200 is configured to perform steps S110 and S112:
  • the control unit 200 obtains instructions from the network node 110 in order to mitigate that the policy is violated.
  • the control unit 200 performs an action relating to the instructions.
  • the action performed by the control unit 200 in step S112 is not related to the instructions obtained in step S110.
  • the control unit 200 could be configured to perform an action in response to having detected that the control signals cause the policy to be violated.
  • Each such action could be associated with its own set of instructions that are obtained by the control unit 200 in step S110, or hardcoded in the control unit 200.
  • the action pertains to performing a restart of software run by the application function 320, or performing a firmware upgrade of the application function 320, or reinstalling a firmware of the application function 320.
  • FIG. 6 schematically illustrates, in terms of a number of functional units, the components of a control unit 200 according to an embodiment.
  • Processing circuitry 210 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 810 (as in Fig. 8), e.g. in the form of a storage medium 230.
  • the processing circuitry 210 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing circuitry 210 is configured to cause the control unit 200 to perform a set of operations, or steps, S102-S112, as disclosed above.
  • the storage medium 230 may store the set of operations, and the processing circuitry 210 may be configured to retrieve the set of operations from the storage medium 230 to cause the control unit 200 to perform the set of operations.
  • the set of operations may be provided as a set of executable instructions.
  • the storage medium 230 may also comprise persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
  • the control unit 200 may further comprise a
  • the communications interface 220 at least configured for communications at least with the modem function 310, the application function 320, and the network node 110.
  • the communications interface 220 may comprise one or more transmitters and receivers, comprising analogue and digital components.
  • the processing circuitry 210 controls the general operation of the control unit 200 e.g. by sending data and control signals to the
  • control unit 200 controls the communications interface 220 and the storage medium 230, by receiving data and reports from the communications interface 220, and by retrieving data and instructions from the storage medium 230.
  • Other components, as well as the related functionality, of the control unit 200 are omitted in order not to obscure the concepts presented herein.
  • Fig. 7 schematically illustrates, in terms of a number of functional modules, the components of a control unit 200 according to an embodiment.
  • the control unit 200 of Fig. 7 comprises a number of functional modules; a monitor module 210b configured to perform step S104, and a prevent module 210c configured to perform step S160.
  • the control unit 200 of Fig. 7 comprises a number of functional modules; a monitor module 210b configured to perform step S104, and a prevent module 210c configured to perform step S160.
  • the control unit 200 of Fig. 7 schematically illustrates, in terms of a number of functional modules, the components of a control unit 200 according to an embodiment.
  • the control unit 200 of Fig. 7 comprises a number of functional modules; a monitor module 210b configured to perform step S104, and a prevent module 210c configured to perform step S160.
  • 7 may further comprise a number of optional functional modules, such as any of an obtain module 210a configured to perform step S102, a disable module 2iod configured to perform step Sio6a, a disable module 2ioe configured to perform step Sio6b, an instruct module 2iof configured to perform step Sio6c, a provide module 2iog configured to perform step S108, an obtain module 2ioh configured to perform step S110, and a perform module 2101 configured to perform step S112.
  • optional functional modules such as any of an obtain module 210a configured to perform step S102, a disable module 2iod configured to perform step Sio6a, a disable module 2ioe configured to perform step Sio6b, an instruct module 2iof configured to perform step Sio6c, a provide module 2iog configured to perform step S108, an obtain module 2ioh configured to perform step S110, and a perform module 2101 configured to perform step S112.
  • each functional module 2ioa-2ioi may in one embodiment be implemented only in hardware and in another embodiment with the help of software, i.e., the latter embodiment having computer program
  • one or more or all functional modules 2ioa-2ioi may be implemented by the processing circuitry 210, possibly in cooperation with the communications interface 220 and/or the storage medium 230.
  • the processing circuitry 210 may thus be configured to from the storage medium 230 fetch instructions as provided by a functional module 2ioa-2ioi and to execute these instructions, thereby performing any steps as disclosed herein.
  • the control unit 200 may be provided as a standalone device or as a part of at least one further device.
  • the control unit 200 may be provided in the wireless device 300. Examples of where the control unit 200 could be implemented in relation to the wireless device 300 have been disclosed above with reference to Fig. 3.
  • Fig. 8 shows one example of a computer program product 810 comprising computer readable storage medium 830.
  • a computer program 820 can be stored, which computer program 820 can cause the processing circuitry 210 and thereto operatively coupled entities and devices, such as the communications interface 220 and the storage medium 230, to execute methods according to embodiments described herein.
  • the computer program 820 and/or computer program product 810 may thus provide means for performing any steps as herein disclosed.
  • the computer program product 810 is illustrated as an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc.
  • the computer program product 810 could also be embodied as a memory, such as a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), or an electrically erasable programmable read-only memory (EEPROM) and more particularly as a non-volatile storage medium of a device in an external memory such as a USB (Universal Serial Bus) memory or a Flash memory, such as a compact Flash memory.
  • the computer program 820 is here schematically shown as a track on the depicted optical disk, the computer program 820 can be stored in any way which is suitable for the computer program product 810.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

There is provided mechanisms for controlling wireless transmission of data from a modem function of a wireless device. A method is performed by a control unit. The method comprises monitoring control signals pertaining to the wireless transmission of the data from the modem function. The control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function. The method comprises preventing the wireless transmission of the data when the control signals cause a policy to be violated. The policy defines how the application function is allowed to control the wireless transmission of the data from the modem function

Description

CONTROLLING WIRELESS TRANSMISSION OF DATA
FROM A WIRELESS DEVICE
TECHNICAL FIELD
Embodiments presented herein relate to a method, a control unit, a computer program, and a computer program product for controlling wireless transmission of data from a modem function of a wireless device.
BACKGROUND
It is currently predicted that billions of machine type communication (MTC) devices, or simply machine-to-machine (M2M) devices, will be network connected and thus be part of the so-called Internet of Things (IoT), in the near future. In general terms, machine type communication devices range from devices being consumers of comparative large amounts of network resources, such as video surveillance equipment, cameras for self-driving cars, to devices being consumers of comparative small amounts of network resources, such as sensors, actuators, and meters. Machine type
communication devices could be powered by operating on battery, solar and/or wind power. Machine type communication devices could be configured to sparsely report different kind of data such as environmental parameters (e.g. temperature, carbon dioxide levels, wind and water flow, lighting conditions), consumption (e.g. gas, power, water; utilization of finite resources), utilization (e.g. volume treated by an air pollution filter, volume treated by a water filter or treatment device), machine operation time for machine including moving parts e.g. ball bearings and sprockets). Machine type communication devices could be configured to control (directly or indirectly) environmental variables (e.g. ventilation, lighting, temperature) or operation (e.g. water treatment, air pollution treatment).
Machine type communication devices could be wirelessly connected to a cellular communications system and transmit a small amount of data sparsely in time and hence may have a battery life length of up to several years. For such applications several different cellular standards have been defined, for instance a Low Power Wide Area Network (LPWAN) radio technology standard such as NarrowBand IoT (NB-IoT), enhanced Machine Type Communication (eMTC; also referred to as LTE-M or LTE-MTC, where LTE is short for Long Term Evolution), Sigfox, LoRa, etc.
Fig. l illustrates a communications system 100 where a number of wireless devices ti, t2, t8 (one of which is identified at reference numeral 300) are operatively connected to a cellular network node 110. Each wireless device ti- t8 represents a machine type communications device. Each of the wireless devices ti-t8 may sparsely wirelessly connect to the cellular network node 110 (and, via the cellular network node 110, further on to a server node) in order to report data 120, such as sensor, actuator, or meters values. The number of wireless devices ti-t8 served by the cellular network node 110 in a cell may be huge, but by proper scheduling the load in the communications system 100 could be kept at an acceptable level, as illustrated in Fig. 2(a). Fig. 2(a) is a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110. As can be seen in the example of Fig. 2(a) the transmission of data 120 is scheduled such that the cellular network node 110 receives an even flow of data from the wireless devices ti-t8.
The wireless devices ti-t8 might be running low-power processors incapable of supporting sophisticated security. Furthermore, embedded wireless devices could be configured to continue to operate for years after their last software patch, and can even outlive the demise of their manufacturer, and hence may therefore be a victim for possible hacker attacks. Hacker attacks are generally designed with the purpose of causing security issues, or general network malfunction, in the communication system 100, often far beyond the cellular network node 110. For instance, there is a potential use of distributed denial of service (DDoS) attacks using any of the wireless devices ti-t8 to disrupt critical infrastructure, including for instance cellular communication systems.
Assume therefore, for illustrative purposes, that a hacker has taken control of wireless devices ti-t7 (thus all but wireless device t8), and that the hacker adapts the application functions running on wireless devices ti-t7 in order for the hacker to, say, perform a DDoS attack in the communication system 100, and particularly towards the cellular network node no.
Fig. 2(b) shows a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110 according to one possible attack scenario for congesting the radio interface of the cellular network node 110. According to the illustrative example of Fig. 2(b) the wireless devices ti-t7 are, by the hacker, configured to perform synchronized connection setup and connection release on regular basis. This could cause proper data 130 transmitted by wireless device t8 (not under control of the hacker) to not reach its destination.
Fig. 2(c) shows a timeline of transmission of data 120 from the wireless devices ti-t8 to the cellular network node 110 according to another possible attack scenario, with the potential to draining the power resources (such as a battery) of wireless devices ti-t7. Since the wireless devices ti-t7 could be designed for a life length of several years, only small amount of data transmission, sparsely in time, is expected, the hacker might configure the wireless devices ti-t8 to transmit dummy data over long time (as in the illustrative example of Fig. 2(c)), and hence drain the battery. Further, by requesting transmission of dummy data, the cellular network node 110 might experience issues relating to network capacity, at least while the wireless devices ti-t7 are still powered. This could, again, causes proper data 130 transmitted by wireless device t8 (not under control of the hacker) to not reach is destination.
Even if the cellular network node 110 may bar possible connection setup, the wireless devices ti-t7 may anyway still try to perform a new connection setup attempt (by transmitting a new random access preamble, for instance).
Hence, there is a need for mechanisms that at least mitigates the above disclosed security issues caused by the hacker. SUMMARY
An object of embodiments herein is to provide efficient control of wireless transmission of data.
According to a first aspect there is presented a method for controlling wireless transmission of data from a modem function of a wireless device. The method is performed by a control unit. The method comprises
monitoring control signals pertaining to the wireless transmission of the data from the modem function. The control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function. The method comprises preventing the wireless transmission of the data when the control signals cause a policy to be violated. The policy defines how the application function is allowed to control the wireless transmission of the data from the modem function. Advantageously this method provides efficient control of wireless
transmission of data, leading to mitigation of the above disclosed security issues caused by the hacker.
Advantageously this method ensures that the wireless device behave in a controlled way with respect to wireless transmission of data. According to a second aspect there is presented a control unit for controlling wireless transmission of data from a modem function of a wireless device. The control unit comprises processing circuitry. The processing circuitry is configured to cause the control unit to monitor control signals pertaining to the wireless transmission of the data from the modem function. The control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function. The processing circuitry is configured to cause the control unit to prevent the wireless transmission of the data when the control signals cause a policy to be violated. The policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
According to a third aspect there is presented a control unit for controlling wireless transmission of data from a modem function of a wireless device. The control unit comprises processing circuitry and a storage medium. The storage medium stores instructions that, when executed by the processing circuitry, cause the control unit to perform operations, or steps. The operations, or steps, cause the control unit to monitor control signals pertaining to the wireless transmission of the data from the modem function. The control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function. The operations, or steps, cause the control unit to prevent the wireless transmission of the data when the control signals cause a policy to be violated. The policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
According to a fourth aspect there is presented a control unit for controlling wireless transmission of data from a modem function of a wireless device. The control unit comprises a monitor module configured to monitor control signals pertaining to the wireless transmission of the data from the modem function. The control signals are issued by an application function of the wireless device and are monitored at an interface between the modem function and the application function. The control unit comprises a prevent module configured to prevent the wireless transmission of the data when the control signals cause a policy to be violated. The policy defines how the application function is allowed to control the wireless transmission of the data from the modem function.
According to a fifth aspect there is presented a computer program for controlling wireless transmission of data from a modem function of a wireless device, the computer program comprising computer program code which, when run on a control unit, causes the control unit to perform a method according to the first aspect.
According to a sixth aspect there is presented a computer program product comprising a computer program according to the fifth aspect and a computer readable storage medium on which the computer program is stored. The computer readable storage medium could be a non-transitory computer readable storage medium.
It is to be noted that any feature of the first, second, third, fourth, fifth and sixth aspects may be applied to any other aspect, wherever appropriate. Other objectives, features and advantages of the enclosed embodiments will be apparent from the following detailed disclosure, from the attached dependent claims as well as from the drawings.
Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the element, apparatus, component, means, module, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, module, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS
The inventive concept is now described, by way of example, with reference to the accompanying drawings, in which:
Fig. 1 is a schematic diagram illustrating a communication system according to embodiments;
Fig. 2 schematically illustrates wireless transmissions of data along a timeline;
Fig. 3 schematically illustrates a wireless device according to embodiments; Figs. 4 and 5 are flowcharts of methods according to embodiments;
Fig. 6 is a schematic diagram showing functional units of a control unit according to an embodiment;
Fig. 7 is a schematic diagram showing functional modules of a control unit according to an embodiment; and
Fig. 8 shows one example of a computer program product comprising computer readable storage medium according to an embodiment.
DETAILED DESCRIPTION
The inventive concept will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the inventive concept are shown. This inventive concept may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and will fully convey the scope of the inventive concept to those skilled in the art. Like numbers refer to like elements throughout the description. Any step or feature illustrated by dashed lines should be regarded as optional.
As disclosed above there is a need for mechanisms that at least mitigates the above disclosed security issues caused by the hacker. Even if the modem function of the wireless devices ti-t7 may be sufficiently secured, and hence the hacker may not be able to change the software running on the modem function, the hacker may in the application function request a connection setup and release in a synchronized fashion (over all wireless devices ti-t7 under the control of the hacker) and by that get some uncontrolled behavior of the communication system 100. On the radio access layer, this may for instance imply congestion in the random access channel (or congestion in other parts on the NW node, or prevention for other channels to be transmitted properly, e.g., due to increased interference) thereby disrupting the connection possibilities to the cellular network node no for all its served wireless devices ti-t8 (thus also affecting wireless device t8).
The embodiments disclosed herein therefore relate to mechanisms for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300. In order to obtain such mechanisms there is provided a control unit, a method performed by the control unit, and a computer program product comprising code, for example in the form of a computer program, that when run on a control unit, causes the control unit to perform the method. Figs. 3(a), 3(b), and 3(c) are block diagrams of a generic wireless device 300 according to embodiments. The wireless device 300 comprises at least an application function 320, a modem function 310, and a control unit 200. The application function 320 and the modem function 310 may be implemented in software, hardware, or a combination of software and hardware. The application function 320 is under supervision of an operating system of the wireless device 300. The modem function 310 is configured to handle communication of the wireless device 300 with other devices, entities, and nodes, such as the network node 110. The application function 320 and the modem function 310 communicate data and control signals between each other. Typically, the application function 320 sends data 120 ("Data") and control signals ("Ctrl") to the modem function 310 over an interface 340, where the control signals instruct the modem function 310 when and where to send the data 120. Data 120 collected by the application function 320 is thereby enabled to be reported to the network node 110 by means of wireless transmission from the modem function 310 (for further distribution in the communication system 100, e.g., to a cloud application or server).
As will be disclosed in more detail below, the control unit 200 monitors control signals sent by the application function 320 and pertaining to wireless transmission of data 120 from the modem function 310. In the example of Fig. 3(a) the control unit 200 is co-located with the modem function 310. The control unit 200 may thus be part of the modem function 310 and share software as well as hardware resources with the modem function 310. In the examples of Fig. 3(b) and 3(c) the control unit 200 is provided in a trusted execution environment (TEE) 330 and the functionality of the control unit 200 thus runs as a so-called trusted application inside the TEE 330. In general terms, a TEE 330 is a secure area of the main processor. The TEE 330 guarantees code and data loaded inside to be protected with respect to confidentiality and integrity. The TEE 330 as an isolated execution environment provides security features such as isolated execution, integrity of trusted applications along with confidentiality of their assets. TEE 330 offers an execution space that provides a higher level of security than the application function 320. In the example of Fig. 3(b) the TEE 330 is separated from the application function 320 and the modem function 310. In the example of Fig. 3(c) shows a block diagram where the control unit 200 runs inside the TEE 330, and where the TEE 330 in turn is run at the application function 320. The TEE 330 could thus be co-located with the application function 320. The TEE 300 could thus be implemented as part of the application function 320 or as a standalone circuit monitoring the control signaling interface between the application function 320 and the modem function 310. Further aspects, properties, and functionality of the control unit 200 will be disclosed next.
Figs. 4 and 5 are flowcharts illustrating embodiments of methods for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300. The methods are performed by the control unit 200. The methods are advantageously provided as computer programs 820. Reference is now made to Fig. 4 illustrating a method for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 according to an embodiment.
All control signals sent from the application function 320 to the modem function 310 are monitored by the control unit 200. Hence, the control unit is configured to perform step S104: S104: The control unit 200 monitors control signals pertaining to the wireless transmission of the data 120 from the modem function 310. The control signals are issued by an application function 320 of the wireless device 300. The control signals are monitored at an interface 340 between the modem function 310 and the application function 320. The control signals could, for example, be routed through the control unit 200. Different examples of how the control unit 200 could be arranged in the wireless device 300 in relation to the application function 320 and the modem function 310 have been disclosed above with reference to Fig. 3. The control unit 200 could be regarded as implementing a behavior policy enforcer, and once an out-of-policy behavior is detected, the control unit 200 prevents the wireless transmission of the data 120. Hence, the control unit is configured to perform step S106:
S106: The control unit 200 prevents the wireless transmission of the data 120 when the control signals cause a policy to be violated. The policy defines how the application function 320 is allowed to control the wireless transmission of the data 120 from the modem function 310. Examples of policies will be disclosed below. Examples of how the control unit 200 could prevent the wireless transmission of the data 120 will be disclosed below. By preventing the application function 320 from causing the modem function 310 to wirelessly transmit data 120 when the control signals cause a policy to be violated the control unit 200 could prevent cellular network DDoS attacks as well as battery draining attacks.
The wireless device 300 as a whole (including the application function 320 and the modem function 310) could thereby be certified not to behave in a way that would violate the policy.
Embodiments relating to further details of controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 will now be disclosed. The data 120 could be wirelessly transmitted by the modem function 310 using any of the standards NR (New Radio), LPWAN, NB-IoT, eMTC, LTE, LTE-M, LTE-MTC, Sigfox, LoRa, or GSM (short for Global System for Mobile communications). There could be different examples of policies that define how the application function 320 is allowed to control the wireless transmission of the data 120 from the modem function 310. In short, the policy could relate to an allowed number of connection setup/release attempts (such as random access attempts) made under a first time period, an allowed time for continuous or consecutive data transmission, an allowed time fraction in active mode under a second time period, or an allowed amount of data 120 to be transmitted.
In some aspects the policy relates to the amount of connection setup or connection release the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to make within a certain first time period (such as, but not limited to, a maximum of two connection setups or connection releases per minute). That is, according to an
embodiment the policy defines an allowed maximum number of connection setups/releases to be made by the modem function 310 during a given time period. Then, the policy could be regarded as violated when the control signals cause a higher number of connection setups/releases to be made by the modem function 310 than the allowed maximum number to be made during the given time period.
In some aspects the policy relates to the amount of allowed time for continuous and/or consecutive wireless transmission (such as, but not limited to, from a few seconds up to in the range of a minute) of the data 120 the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to make. That is, according to an
embodiment the policy defines an allowed maximum time for continuous and/or consecutive wireless transmission of the data 120 from the modem function 310. Then, the policy could be regarded as violated when the control signals cause longer continuous and/or consecutive wireless transmission of the data 120 from the modem function 310 than the allowed maximum time.
In some aspects the policy relates to the allowed fraction of the time the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to be in connected mode/active mode during a specific second time period i.e. the duty cycle of the modem function 310 (such as, but not limited to, a maximum fraction of five minutes in connected mode/active mode per hour). That is, according to an embodiment the policy defines an allowed fraction of time for the modem function 310 in active and/or connected mode during a given time period. Then, the policy could be regarded as violated when the control signals cause the modem function 310 to be in active and/or connected mode a higher fraction of time than the allowed fraction of time during the given time period.
In some aspects the policy relates to the amount of data 120 (such as, but not limited to, the amount specified by the type of data (such as temperature values, humidity values, or other types of sensor or meter readings) the application function 320 is configured to report) the application function 320 is allowed to instruct, by means of control signals, the modem function 310 to wirelessly transmit. That is, according to an embodiment the policy defines an allowed maximum amount of data 120 to be wirelessly transmitted from the modem function 310 during a given time period. Then, the policy could be regarded as violated when the control signals cause more data 120 to be wirelessly transmitted from the modem function 310 than the allowed maximum amount during the given time period. In some aspects the wireless transmission of the data 120 is only to be prevented during a certain third time period. The policy could thus define a "soft ban". Hence, according to an embodiment the wireless transmission of the data 120 is in step S106 prevented until expiration of a timer. The timer is started upon the control unit 200 detecting that the control signals cause the policy to be violated. How long the timer runs (and thus how long the wireless transmission of the data 120 is to be prevented) is defined by the above mentioned third time period. In some aspects the third time period corresponds to one of the first time period and the second time period defined above.
Upon expiration of the timer the modem function 310 could again be allowed to wirelessly transmit data 120 according to control signals received from the application function 320 until the control unit 200 again detects that the control signals violates the policy, and so on. However, as will be disclosed below, the control unit 200 could obtain instructions that cause the control unit 200 to perform an action in order to prevent the application function 320 to, by means of its control signals, again breach the policy.
In some aspects the policy is defined by at least one of the above disclosed examples of policies. Hence, the term policy should throughout this disclosure be interpreted as at least one policy, and the control unit 200 could thus in step S 106 be configured to prevent the wireless transmission of the data 120 when the control signals cause at least one policy has herein disclosed to be violated.
Reference is now made to Fig. 5 illustrating methods for controlling wireless transmission of data 120 from a modem function 310 of a wireless device 300 as performed by the control unit 200 according to further embodiments. It is assumed that steps S104, S106 are performed as described above with reference to Fig. 4 and a thus repeated description thereof is therefore omitted.
There may be different ways for the control unit 200 to obtain the policy. In some aspects the control unit 200 is configured with the policy by a mobile network operator (MNO), such as the MNO of the wireless device 300.
Thereby the policy could be defined by the MNO as part of the agreement to serve the wireless device 300 in its cellular network. Hence, according to an embodiment the control unit 200 is configured to perform optional step S102: S102: The control unit 200 obtains the policy from a network node 110. The policy could in step S102 be obtained by the control unit 200 as part of the first enrollment of the wireless device 300 in the cellular network of the MNO, and where the policy is downloaded to the control unit 200 from the MNO via the network node 110. Alternatively, the policy could be defined, and provided to the control unit 200, by the maker of the wireless device 300 and/or the maker of the application function 320. The policy could thereby be provided to the control unit 200 during manufacturing of the wireless device 300 and/or during installment of the application function 320. In any of the above alternatives the policy could be signed by an authorized actor in order for the control unit 200 to accept the policy and act according to the policy.
There could be different ways for the control unit 200 to prevent the wireless transmission of the data 120 in step S106. According to an embodiment the control unit 200 is configured to perform any of optional steps Sio6a, Sio6b, Sio6c as part of preventing the wireless transmission of the data 120 in step S106.
In some aspects the prevention of wireless transmission of data involves the control unit 200 to disable the modem function 310. Thus: Sio6a: The control unit 200 disables the modem function 310 for wireless transmission of the data 120, thereby preventing the wireless transmission of the data 120.
In some aspects the prevention of wireless transmission of data involves the control unit 200 to disable the interface 340 between the modem function 310 and the application function 320. Thus:
Sio6b: The control unit 200 disables the interface 340 between the modem function 310 and the application function 320, thereby preventing the wireless transmission of the data 120. In some aspects the prevention of wireless transmission of data involves the control unit 200 to instruct modem function 310 to not transmit data 120 (e.g. for the modem function 310 to ignore instructions and/or request from the application function 320 relating to wireless transmission of data). Thus: Sio6c: The control unit 200 instructs the modem function 310 to refrain from the wireless transmission of the data 120, thereby preventing the wireless transmission of the data 120.
In some aspects any breach of the policy is reported, via the modem function 310 to a remote server node, via the network node 110. The server node could be the node the wireless device 300 is instructed to report the data 120 to, hence making a central control system of the wireless device 300 aware of the problem (such as a potential hacker attack) occurring on the wireless device 300. Hence, according to an embodiment the control unit 200 is configured to perform step S108: S108: The control unit 200 provides a report indicative of that the control signals cause the policy to be violated to a network node 110.
In some aspects the network node 110, or another device, entity or node, in the communication system 100, once having obtained the report indicative of that the control signals cause the policy to be violated, determines
instructions to be provided to the control unit 200. The network node 110 could then provide the instructions to the control unit 200 such that the control unit 200 could take the appropriate action in order to restore the functionality of the application function 320.
Hence, according to an embodiment the control unit 200 is configured to perform steps S110 and S112:
S110: The control unit 200 obtains instructions from the network node 110 in order to mitigate that the policy is violated.
S112: The control unit 200 performs an action relating to the instructions. In other aspects the action performed by the control unit 200 in step S112 is not related to the instructions obtained in step S110. For example, the control unit 200 could be configured to perform an action in response to having detected that the control signals cause the policy to be violated. There could be different types of actions for the control unit 200 to perform. Each such action could be associated with its own set of instructions that are obtained by the control unit 200 in step S110, or hardcoded in the control unit 200. According to an embodiment the action pertains to performing a restart of software run by the application function 320, or performing a firmware upgrade of the application function 320, or reinstalling a firmware of the application function 320. This enables the control unit 200 to perform self-healing on the wireless device 300 and thus enables the wireless device 300 to operate according to its intended purpose once again, possibly without the application function 320 to again breach the policy. Fig. 6 schematically illustrates, in terms of a number of functional units, the components of a control unit 200 according to an embodiment. Processing circuitry 210 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 810 (as in Fig. 8), e.g. in the form of a storage medium 230. The processing circuitry 210 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
Particularly, the processing circuitry 210 is configured to cause the control unit 200 to perform a set of operations, or steps, S102-S112, as disclosed above. For example, the storage medium 230 may store the set of operations, and the processing circuitry 210 may be configured to retrieve the set of operations from the storage medium 230 to cause the control unit 200 to perform the set of operations. The set of operations may be provided as a set of executable instructions. Thus the processing circuitry 210 is thereby arranged to execute methods as herein disclosed. The storage medium 230 may also comprise persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory. The control unit 200 may further comprise a
communications interface 220 at least configured for communications at least with the modem function 310, the application function 320, and the network node 110. As such the communications interface 220 may comprise one or more transmitters and receivers, comprising analogue and digital components. The processing circuitry 210 controls the general operation of the control unit 200 e.g. by sending data and control signals to the
communications interface 220 and the storage medium 230, by receiving data and reports from the communications interface 220, and by retrieving data and instructions from the storage medium 230. Other components, as well as the related functionality, of the control unit 200 are omitted in order not to obscure the concepts presented herein.
Fig. 7 schematically illustrates, in terms of a number of functional modules, the components of a control unit 200 according to an embodiment. The control unit 200 of Fig. 7 comprises a number of functional modules; a monitor module 210b configured to perform step S104, and a prevent module 210c configured to perform step S160. The control unit 200 of Fig. 7 may further comprise a number of optional functional modules, such as any of an obtain module 210a configured to perform step S102, a disable module 2iod configured to perform step Sio6a, a disable module 2ioe configured to perform step Sio6b, an instruct module 2iof configured to perform step Sio6c, a provide module 2iog configured to perform step S108, an obtain module 2ioh configured to perform step S110, and a perform module 2101 configured to perform step S112.
In general terms, each functional module 2ioa-2ioi may in one embodiment be implemented only in hardware and in another embodiment with the help of software, i.e., the latter embodiment having computer program
instructions stored on the storage medium 230 which when run on the l8 processing circuitry makes the control unit 200 perform the corresponding steps mentioned above in conjunction with Fig 7. It should also be mentioned that even though the modules correspond to parts of a computer program, they do not need to be separate modules therein, but the way in which they are implemented in software is dependent on the programming language used. Preferably, one or more or all functional modules 2ioa-2ioi may be implemented by the processing circuitry 210, possibly in cooperation with the communications interface 220 and/or the storage medium 230. The processing circuitry 210 may thus be configured to from the storage medium 230 fetch instructions as provided by a functional module 2ioa-2ioi and to execute these instructions, thereby performing any steps as disclosed herein.
The control unit 200 may be provided as a standalone device or as a part of at least one further device. For example, the control unit 200 may be provided in the wireless device 300. Examples of where the control unit 200 could be implemented in relation to the wireless device 300 have been disclosed above with reference to Fig. 3.
Fig. 8 shows one example of a computer program product 810 comprising computer readable storage medium 830. On this computer readable storage medium 830, a computer program 820 can be stored, which computer program 820 can cause the processing circuitry 210 and thereto operatively coupled entities and devices, such as the communications interface 220 and the storage medium 230, to execute methods according to embodiments described herein. The computer program 820 and/or computer program product 810 may thus provide means for performing any steps as herein disclosed.
In the example of Fig. 8, the computer program product 810 is illustrated as an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc. The computer program product 810 could also be embodied as a memory, such as a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), or an electrically erasable programmable read-only memory (EEPROM) and more particularly as a non-volatile storage medium of a device in an external memory such as a USB (Universal Serial Bus) memory or a Flash memory, such as a compact Flash memory. Thus, while the computer program 820 is here schematically shown as a track on the depicted optical disk, the computer program 820 can be stored in any way which is suitable for the computer program product 810.
The inventive concept has mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the inventive concept, as defined by the appended patent claims.

Claims

1. A method for controlling wireless transmission of data (120) from a modem function (310) of a wireless device (300), the method being performed by a control unit (200), the method comprising:
monitoring (S104) control signals pertaining to the wireless
transmission of the data (120) from the modem function (310), wherein the control signals are issued by an application function (320) of the wireless device (300) and are monitored at an interface (340) between the modem function (310) and the application function (320); and
preventing (S106) the wireless transmission of the data (120) when the control signals cause a policy to be violated, the policy defining how the application function (320) is allowed to control the wireless transmission of the data (120) from the modem function (310).
2. The method according to claim 1, wherein the policy defines an allowed maximum number of connection setups/releases to be made by the modem function (310) during a given time period.
3. The method according to claim 2, wherein the policy is violated when the control signals cause a higher number of connection setups/releases to be made by the modem function (310) than the allowed maximum number to be made during the given time period.
4. The method according to any of the preceding claims, wherein the policy defines an allowed maximum time for continuous and/or consecutive wireless transmission of the data (120) from the modem function (310).
5. The method according to claim 4, wherein the policy is violated when the control signals cause longer continuous and/or consecutive wireless transmission of the data (120) from the modem function (310) than the allowed maximum time.
6. The method according to any of the preceding claims, wherein the policy defines an allowed fraction of time for the modem function (310) in active and/or connected mode during a given time period.
7. The method according to claim 6, wherein the policy is violated when the control signals cause the modem function (310) to be in active and/or connected mode a higher fraction of time than the allowed fraction of time during the given time period.
8. The method according to any of the preceding claims, wherein the policy defines an allowed maximum amount of data (120) to be wirelessly transmitted from the modem function (310) during a given time period.
9. The method according to claim 8, wherein the policy is violated when the control signals cause more data (120) to be wirelessly transmitted from the modem function (310) than the allowed maximum amount during the given time period. 10. The method according to any of the preceding claims, wherein preventing the wireless transmission of the data (120) comprises:
disabling (Sio6a) the modem function (310) for wireless transmission of the data (120).
11. The method according to any of the preceding claims, wherein preventing the wireless transmission of the data (120) comprises:
disabling (Sio6b) the interface (340) between the modem function (310) and the application function (320).
12. The method according to any of the preceding claims, wherein preventing the wireless transmission of the data (120) comprises:
instructing (Sio6c) the modem function (310) to refrain from the wireless transmission of the data (120).
13. The method according to any of the preceding claims, wherein the wireless transmission of the data (120) is prevented until expiration of a timer, the timer being started upon detection by the control unit (200) that the control signals cause the policy to be violated.
14. The method according to any of the preceding claims, further comprising:
obtaining (S102) the policy from a network node (110).
15. The method according to any of the preceding claims, further comprising:
providing (S108) a report indicative of that the control signals cause the policy to be violated to a network node (110). 16. The method according to claim 15, further comprising:
obtaining (S110) instructions from the network node (110) in order to mitigate that the policy is violated; and
performing (S112) an action relating to the instructions.
17. The method according to claim 16, wherein the action pertains to performing a restart of software run by the application function (320), or performing a firmware upgrade of the application function (320), or reinstalling a firmware of the application function (320).
18. The method according to any of the preceding claims, wherein the control unit (200) is co-located with the modem function (310). 19. The method according to any of the preceding claims, wherein the control unit (200) is provided in a trusted execution environment (330).
20. The method according to claim 19, wherein the trusted execution environment (330) is co-located with the application function (320).
21. A control unit (200) for controlling wireless transmission of data (120) from a modem function (310) of a wireless device (300), the control unit
(200) comprising processing circuitry (210), the processing circuitry being configured to cause the control unit (200) to:
monitor control signals pertaining to the wireless transmission of the data (120) from the modem function (310), wherein the control signals are issued by an application function (320) of the wireless device (300) and are monitored at an interface (340) between the modem function (310) and the application function (320); and
prevent the wireless transmission of the data (120) when the control signals cause a policy to be violated, the policy defining how the application function (320) is allowed to control the wireless transmission of the data (120) from the modem function (310).
22. A control unit (200) for controlling wireless transmission of data (120) from a modem function (310) of a wireless device (300), the control unit
(200) comprising:
processing circuitry (210); and
a storage medium (230) storing instructions that, when executed by the processing circuitry (210), cause the control unit (200) to:
monitor control signals pertaining to the wireless transmission of the data (120) from the modem function (310), wherein the control signals are issued by an application function (320) of the wireless device (300) and are monitored at an interface (340) between the modem function (310) and the application function (320); and
prevent the wireless transmission of the data (120) when the control signals cause a policy to be violated, the policy defining how the application function (320) is allowed to control the wireless transmission of the data (120) from the modem function (310).
23. A control unit (200) for controlling wireless transmission of data (120) from a modem function (310) of a wireless device (300), the control unit
(200) comprising:
a monitor module (210b) configured to monitor control signals pertaining to the wireless transmission of the data (120) from the modem function (310), wherein the control signals are issued by an application function (320) of the wireless device (300) and are monitored at an interface (340) between the modem function (310) and the application function (320); and a prevent module (210c) configured to prevent the wireless
transmission of the data (120) when the control signals cause a policy to be violated, the policy defining how the application function (320) is allowed to control the wireless transmission of the data (120) from the modem function (310).
24. The control unit (200) according to any of claims 21 to 23, further being configured to perform the method according to any of claims 2 to 20.
25. A computer program (820) for controlling wireless transmission of data (120) from a modem function (310) of a wireless device (300), the computer program comprising computer code which, when run on processing circuitry (210) of a control unit (200), causes the control unit (200) to:
monitor (S104) control signals pertaining to the wireless transmission of the data (120) from the modem function (310), wherein the control signals are issued by an application function (320) of the wireless device (300) and are monitored at an interface (340) between the modem function (310) and the application function (320); and
prevent (S106) the wireless transmission of the data (120) when the control signals cause a policy to be violated, the policy defining how the application function (320) is allowed to control the wireless transmission of the data (120) from the modem function (310).
26. A computer program product (810) comprising a computer program (820) according to claim 25, and a computer readable storage medium (830) on which the computer program is stored.
PCT/EP2017/060035 2017-04-27 2017-04-27 Controlling wireless transmission of data from a wireless device WO2018196974A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/060035 WO2018196974A1 (en) 2017-04-27 2017-04-27 Controlling wireless transmission of data from a wireless device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/060035 WO2018196974A1 (en) 2017-04-27 2017-04-27 Controlling wireless transmission of data from a wireless device

Publications (1)

Publication Number Publication Date
WO2018196974A1 true WO2018196974A1 (en) 2018-11-01

Family

ID=58668864

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/060035 WO2018196974A1 (en) 2017-04-27 2017-04-27 Controlling wireless transmission of data from a wireless device

Country Status (1)

Country Link
WO (1) WO2018196974A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070123214A1 (en) * 2005-11-25 2007-05-31 Motorola, Inc. Mobile device system and strategies for determining malicious code activity
US20130196649A1 (en) * 2012-01-27 2013-08-01 Qualcomm Incorporated Mobile device to detect unexpected behaviour
US20140323095A1 (en) * 2011-10-14 2014-10-30 Deutsche Telekom Ag Method and device for monitoring a mobile radio interface on mobile terminals
US20150237055A1 (en) * 2014-02-19 2015-08-20 Qualcomm Incorporated Network Access and Control for Mobile Devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070123214A1 (en) * 2005-11-25 2007-05-31 Motorola, Inc. Mobile device system and strategies for determining malicious code activity
US20140323095A1 (en) * 2011-10-14 2014-10-30 Deutsche Telekom Ag Method and device for monitoring a mobile radio interface on mobile terminals
US20130196649A1 (en) * 2012-01-27 2013-08-01 Qualcomm Incorporated Mobile device to detect unexpected behaviour
US20150237055A1 (en) * 2014-02-19 2015-08-20 Qualcomm Incorporated Network Access and Control for Mobile Devices

Similar Documents

Publication Publication Date Title
US10512094B2 (en) Assessment and mitigation of radio frequency interference of networked devices
EP2870790B1 (en) Use of licensed shared spectrum in a radio access network where signal propagation is unknown
US11665189B2 (en) Method for attack protection in IoT devices
US20200053567A1 (en) Security architecture for machine type communications
US20240224083A1 (en) Method and apparatus for generating policies for improving network system performance
US9800600B2 (en) Device activity and data traffic signature-based detection of mobile device health
WO2011158842A1 (en) Controlling network resource usage of machine type communication (mtc) devices
Coppolino et al. My smart home is under attack
US11533624B2 (en) On-demand security for network resources or nodes, such as for a wireless 5G network
US10652797B2 (en) Channel switching based on interference events
JP5818830B2 (en) COMMUNICATION SYSTEM, CONTROL DEVICE, APPLICATION SERVER, AND DEVICE
US20210329032A1 (en) On-demand wireless device centric security for a 5g wireless network
WO2014114354A1 (en) M2m communications between a server device and a client device
CN103052110A (en) Cell outage detection and compensation method and cell outage detection and compensation device
KR20190140000A (en) Methods, systems, and apparatus for mitigating wireless connection degradation due to wireless charging
JP2021534619A (en) Interference handling methods, equipment and systems
WO2018196974A1 (en) Controlling wireless transmission of data from a wireless device
EP3432645A1 (en) A communication device for controlling transmissions over a communication network
US11722492B1 (en) System and method for dynamically neutralizing malicious ones of communicating electronic devices
KR102174043B1 (en) Service interruption report
EP4000314B1 (en) Systems and methods for preventing undesired access barring alleviation
US11799878B2 (en) On-demand software-defined security service orchestration for a 5G wireless network
Zema et al. Healing wireless sensor networks from malicious epidemic diffusion
US10785746B2 (en) Coverage enhancement service mode selection
US11356871B2 (en) Methods and systems for spectrum license management

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17721091

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17721091

Country of ref document: EP

Kind code of ref document: A1