“That said, new issues do have to be addressed as any network is only as strong as its weakest link. For example, in the UK, the governmental security body – the CESG – has banned the use of Bluetooth headsets with TETRA public safety terminals because of security concerns there.

“When it comes to the broadband future – and, more specifically, the use and sharing of LTE networks – this is an area that we’re very actively involved in with our partners Alcatel-Lucent. LTE already gives us a good toolbox to start with, although the integration of TETRA into this environment will bring new levels of complexity that will require a degree of customization in handsets, for example, to support closed VPN services. 

“Similar issues apply to the increased use of IP-based backbones,” he adds. “This move can – in theory – lead to some new weaknesses emerging, but the technologies such as end-to-end encryption needed to operate over shared IP infrastructure are well understood.”

A similar perspective is shared by Iain Ivory, strategic planner at Motorola. He comments, “Many people don’t appreciate the layering of security in TETRA. AIE protects the TETRA signalling as well as the payload, and we also have the ability to partition shared networks in TETRA using Group Cipher Keys and many European public safety organizations have migrated to use this platform.

“As we move into using other networks and technologies, it’s also possible – and indeed desirable – to look at encrypting the payload end-to-end as it moves through various networks and backbones. As ever, though, your security is only as good as the key management principles that support it. If you don’t change and protect your crypto keys, then encryption won’t offer you the protection you need.”

Those human and organizational issues – within the TETRA context – are supported by Euros Evans, chief technical officer at Airwave, the UK TETRA service provider: “Due to the technical security that TETRA affords, where the security features are implemented, the weakest link is generally going to be the human one. Here the TETRA compromise functions such as Stun, Kill and Ambience Listening can help – but only as long as reporting processes are followed effectively when radio terminals are lost or stolen.”

New devices

The introduction of new classes of devices like tablets and PDAs to the public safety arena is also driving innovation. At the European Security and Information Security Congress in October in Paris, Thales, for example, launched its TEOPAD security environment for PDAs and tablets. Initially supporting the Android operating system, TEOPAD creates a secure, end-to-end applications platform for enterprise and public safety users that can safely coexist alongside the unsecured free-for-all world of downloadable personal applications that users may want to run. The secured applications space runs on a corporate server, with all those applications verified by Thales.

“The current move to LTE interworking is going to increase the need for devices that can play dual-mode roles as both personal and commercial/public safety devices”, says Sébastien Sabatier, in charge of strategy and sales at Thales Professional Mobile Radio. “That’s also going to increase the need for end-to-end security using techniques such as IPSec as well to deal with what is going to be a very dynamic environment that potentially includes roaming between networks as well.”