Security key for next-generation PSAPs
Next-generation 911 (NG-911) architectures based on Internet Protocol (IP) promise to present security challenges to public-safety answering point (PSAP) directors, but those threats are manageable, according to panelists participating in a webinar last week hosted by the National Emergency Number Association (NENA).
Although timetables may be sketchy, the movement of 911 networks to an IP-based platform is “pretty much inevitable … there’s no turning back,” said Walt Magnussen, director for telecommunications at the Texas A&M University Internet2 Technology Evaluation Center, who has played a key role in the U.S. Department of Transportation’s NG-911 project.
Migrating to next-generation architecture will allow many more methods of communication within the 911 network, as well as greatly enhance information exchanges between PSAPs, such as when an emergency call needs to be transferred between call centers. However, as with any IP-based network, next-generation emergency calling networks could be susceptible to computer viruses and hackers trying to infiltrate and disrupt the system.
It’s important that PSAP officials and personnel not “underestimate the threat, because it’s real,” said John Pirc of IBM Internet Security Systems. Fortunately, the first version of a cyber security standard — dubbed NG-SEC, Version 1, focusing on edge networks of the 911 system — released by the NENA working group is expected to be released by the end of this year or early next year, said Jeremy Smith, senior cyber security consultant for Kimball and co-chair of the NENA security working group.
Such standards are particularly important within the next-generation architecture, because PSAPs will be connected via IP links, meaning that a virus could spread quickly throughout the 911 system if not handled properly, Magnussen said.
“You don’t want any holes [in the network],” he said.
While securing the next-generation 911 system will be challenging, it is “doable,” Magnussen said. A prime example of the ability to make security work is online banking, which has become commonplace in recent years. With proper security measures in place, a device with a potentially damaging computer virus can connect to the 911 without hampering the emergency network, he said.
“In other words, it lets the information in a call through, but other information that is not legit is chopped off and eliminated at that point,” Magnussen said.
Such a solution would allow PSAPs to receive calls, text, photos and video from devices that have been infected with a virus — perhaps unknowingly to the user seeking emergency help — without compromising the network and without having to block potentially legitimate communications, Magnussen said.
