A statement to protect research on wireless devices

The Radio Equipment Directive (RED) of the european union regulates the requirements wireless communication devices need to fulfill to receive the CE certification, which is required to sell them on the european market. The new version of the regulation, published in 2014, adds a number of problematic clauses that may force producers of wireless hardware to restrict their users from modifying the software running on their devices.

Why is this a problem?

The ability to modify the software running on wireless devices is critical for several areas of research, including (but not limited to):

  • Evaluating existing protocols for wireless communication
  • Investigating the characteristics of wireless communication hardware
  • Developing new wireless protocols and evaluating them on off-the-shelf hardware
  • Evaluating and improving the security of wireless communication products and protocols
  • Running cost-efficient large-scale tests of new wireless (mesh) routing protocols
  • and many more

All of these areas benefit from being able to modify the software running on wireless communication devices. In fact, the Nexmon firmware modification framework, developed in our group at TU Darmstadt, has led to numerous publications in these areas and is still being actively developed and used for state-of-the-art research into security and performance of wireless devices.

A statement

Together with colleagues from my group and Prof. Paul Gardner-Stephen (Flinders University, Australia), I co-wrote a statement criticizing the EU regulation and its planned German implementation. The statement was signed by six other academic research groups, and sent to the German parliamentarians today.

In the statement, we not only criticize the relevant passages of the laws, but also provide proposals for how the laws might be adapted to avoid these problems. The full (German) statement can be found on our website.

Max Maass
PhD Student in IT Security

My research interests include transparency and its applications in improving privacy and security.