top of page
image_edited.jpg

Secure Industrial Radio Certification
Securing Radio Communications in Operational Technology Environments

From consumer gadgets to critical infrastructure

 

Across the UK and internationally, radio communications are not limited to consumer devices or convenience systems. They are a fundamental part of operational technology (OT) environments, linking control rooms to remote and often unmanned sites that support essential services.

 

These radio links carry commands and telemetry that enable operators to manage critical processes safely and efficiently, including:

  • Starting and stopping pumping stations that maintain water pressure across towns and cities

  • Adjusting chemical dosing in treatment works to ensure drinking water quality

  • Opening and closing sluice gates and flood defences during adverse weather

  • Triggering controlled shutdowns in energy networks to prevent overload

  • Switching circuits in electrical substations supplying hospitals, schools, and homes

  • Controlling railway signalling and level crossings

  • Operating remote injection, pumping, or control equipment in industrial environments

 

For decades, these radio systems have been valued for their reliability, simplicity, and ease of maintenance. In many cases, they have remained unchanged for long periods and are treated as trusted infrastructure components.

Video Introduction to SIR Certification
Watch how a single intercepted radio signal could disrupt critical infrastructure—and how SIR stops it.

An evolving risk landscape

Many industrial radio systems currently in service were designed in an era when cybersecurity threats were not a primary consideration. As a result, some legacy radio deployments:

  • Transmit commands and telemetry without strong authentication

  • Lack cryptographic protection of data in transit

  • Do not include protections against replay or signal manipulation

  • Operate outside the visibility of wider OT cybersecurity programmes

 

With the increasing availability of low-cost software-defined radio (SDR) equipment and publicly accessible technical information, the barrier to intercepting or replaying radio signals has reduced significantly.

 

In these scenarios, a radio command received by a control system may appear legitimate, even if it has been captured or manipulated in transit. Because the communication occurs over the air, such activity may not be visible through traditional network monitoring tools.

Why communications integrity matters in OT

In OT environments, radio communications are often part of an operational or safety-related control loop. The integrity and authenticity of the data being received is therefore as important as the security of the control system itself.

If commands or telemetry cannot be reliably trusted, the system may behave as designed — but based on incorrect or manipulated inputs. This can lead to operational disruption, safety risks, or environmental impact, even in the absence of a traditional “cyber breach.”

What SIR Certification addresses

SIR Certification provides an independent assurance framework focused specifically on the security and resilience of radio communications used within OT environments.

Rather than acting as a software patch or configuration change, SIR Certification assesses whether a radio system is capable of supporting fundamental security controls appropriate to its operational role, including:

  • Encryption to protect the confidentiality of commands and telemetry

  • Authentication to ensure only authorised sources can issue control signals

  • Key management and rotation to reduce long-term exposure

  • Replay-attack mitigation to prevent captured signals from being reused

  • Clear system boundaries and documented assumptions

 

Where legacy radio platforms do not support these capabilities, configuration alone may be insufficient to address the underlying risk. In such cases, SIR Certification helps organisations understand the limitations of existing systems and make informed, proportionate decisions.

Vendor neutrality and technology assessment

SIR Certification is vendor-neutral. It does not mandate specific manufacturers or technologies.

Radio platforms are assessed against defined assurance criteria based on capability, behaviour, and operational suitability. Where a system meets the framework’s requirements, it can achieve SIR Certification regardless of vendor.

Some modern industrial radio platforms already incorporate security features such as encryption, authentication, secure firmware handling, and replay protection. Others may not. SIR Certification provides a consistent way to evaluate these differences within an OT context.

Beyond spectrum regulation

In the UK, Ofcom regulates and manages the radio spectrum, ensuring that critical services have access to licensed frequencies and that interference and illegal transmissions are investigated.

However, spectrum regulation focuses on who may transmit and where, not on the cybersecurity of the data being transmitted. Controls such as encryption, authentication, and replay protection are outside the scope of spectrum licensing.

SIR Certification complements spectrum regulation by addressing the security and resilience of the radio payload itself. Where spectrum management helps keep the airwaves orderly, SIR Certification helps ensure that the communications carried over them can be trusted within modern OT environments.

A proportionate assurance approach

SIR Certification is intended to support understanding, governance, and risk management — not to drive unnecessary change.

By providing clear, independent assurance of radio communications used in OT systems, SIR Certification helps organisations:

  • Identify previously unassessed risks

  • Document system limitations and dependencies

  • Align radio communications with wider OT cybersecurity programmes

  • Support informed decision-making over the system lifecycle

Level_1_Logo.png
Level_2_Logo.png
Level_3_Logo.png

How SIR Certification Works

 

SIR Certification is structured into three progressive levels, allowing operators to build security step by step, from basic protections to advanced, enterprise-grade safeguards.

Level 1 – Foundational Controls

For low-risk or legacy-constrained environments

  • Unique device identification to reduce the risk of unauthorised or generic device control

  • Removal of default credentials and insecure factory configurations where supported

  • Defined fail-safe behaviours to reduce unintended operation during loss of communications

  • Basic local access controls to limit unauthorised physical or maintenance access

 

Level 1 establishes a baseline level of assurance, helping organisations document and reduce obvious exposures in legacy or low-impact deployments.

Level 2 – Enhanced Communications Assurance

 

For operationally significant systems where communications integrity is important

  • Integrity protection mechanisms to detect unauthorised modification of messages

  • Measures to reduce the risk of replay or repeated command injection

  • Secure firmware or configuration update mechanisms where supported

  • Role-based access controls for operational and maintenance functions

 

Level 2 provides increased confidence in the authenticity and integrity of radio communications, and is typically appropriate for modern industrial sites where radio systems influence operational outcomes.

Level 3 – Advanced Assurance

For high-impact, safety-critical, or regulated environments

  • Strong cryptographic protection for radio communications

  • Robust key management and rotation practices

  • Comprehensive device and system authentication mechanisms

  • Enhanced monitoring, diagnostics, and audit capabilities appropriate to system criticality

 

Level 3 is intended for environments where loss of communications integrity could result in significant safety, environmental, or operational consequences, and where higher levels of assurance are required to support governance and oversight.

Some modern industrial radio platforms, including certain ELPRO models, incorporate security capabilities aligned with the requirements of higher SIR assurance levels, such as encryption, authentication, replay-attack mitigation, and secure key management.

Through its tiered structure, SIR Certification provides operators, asset owners, and regulators with a clear, testable assurance framework. This enables proportionate, step-by-step security improvement while maintaining operational reliability and system availability.

© 2025 Spotcom Ltd. All rights reserved.
SIR Certified™ and its associated certification levels are trademarks of Spotcom Ltd.
The name, logo, and certification marks are protected under UK intellectual property law.
Unauthorised use, reproduction, or distribution of these marks is strictly prohibited.
You are welcome to share or reference this content for awareness or educational purposes, provided attribution to Spotcom Ltd. is maintained and the material is not altered or misrepresented.

Authorised Distributor in the UK and Ireland for ELPRO Radio Equipment

Westermo
Sim Ranger
LCA
clark_elec_logo_bright_red
header1
kilderry logo
SSE-Logo
LOW CARBON HUB LOGO small
Sandhurst_Inst_logo_1L_rgb-1-e1484150881347
bottom of page