1 / 36

Self-healing networks

Self-healing networks 2001 IPA Spring Days on When the going gets tough, the tough get going Security L.Spaanenburg. Groningen University, Department of Computing Science. P.O. Box 800, 9700 AV, Groningen. Mail: ben @cs.rug.nl , http://www.cs.rug.nl/~ben

ivanbritt
Download Presentation

Self-healing networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Self-healing networks 2001 IPA Spring Days on When the going gets tough, the tough get going Security L.Spaanenburg. Groningen University, Department of Computing Science. P.O. Box 800, 9700 AV, Groningen. Mail: ben@cs.rug.nl, http://www.cs.rug.nl/~ben

  2. Security involves the guaranteed access to all resources at all times with top quality Threats: - from outside - from inside Here: internal diseases only Motivation What is security? IPA Spring Days - Security

  3. The nature of the net Disasters with central control The nature of self-healing In-line monitoring A hardware / software perspective Research view Agenda What we need and what we can’t IPA Spring Days - Security

  4. A network is billions of tightly connected distributed heterogeneous components Things happen on a wide time/spatial scale with massive interaction A local disturbance can spread widely in zero time Relationships and interdependencies are too complex for mathematical theories The weak spot It is the small dog that bites! IPA Spring Days - Security

  5. User’s perspective on networks An integrated Power Information Communication technology IPA Spring Days - Security

  6. Telephone network A network can be a tree with central control long distance 1st-order exchange medium distance 2nd-order exchange short distance local exchange connection IPA Spring Days - Security

  7. Data Network Connectionless communication by broadcast Host Router Subnet LAN IPA Spring Days - Security

  8. Synchronous PDH: Plesiochronous Digital Hierarchy SDH: Synchronous Digital Hierarchy ISDN: Integrated Services Digital Network Asynchronous FDDI: Fiber Distributed Data Interface FR: Frame Relay ATM: Asynchronous Transfer Mode Means of Communication Sigh, there are some many ways to communicate IPA Spring Days - Security

  9. Attacks from the outside world(service attack) Hick-ups in the network communication Failures on the network nodes It’s a detection problem! Sources of Abnormality What goes wrong, will go wrong IPA Spring Days - Security

  10. On 10 August 1996, the Keeler-Allston 500 kV power line tripped creating voltage depression and the McNary Dam went to maximum The Ross-Lexington 230 kV line also tripped and pushed the McNary Dam over the edge The McNary Dam sets off oscillations that went to 500 MW within 1.5 minutes The North-South Pacific INTER-tie isolated 11 US states and 2 Canadian provinces The Keeler-Allston disaster The network is vulnerable for local abnormalities IPA Spring Days - Security

  11. In May 1998, the Galaxy-IV satellite was disabled by unknown causes US National Public Radio and 40M pagers went out, airline flights delayed and data networks had to be manually reconfigured Many geo-stationary satellites are 800 – 1400 km; 13 (60-), 35 (70-), 69 (80-) and 250 (90-) 10 million pieces of debris > 1 mm The 1998 Galactic page out The weak belly of the Earth IPA Spring Days - Security

  12. Finagle’s Law “Anything that can go wrong, will” Antibiotics cause resistance (DDT) Code replication also works for errors Other fault cascades Cause/effect relations occur frequently IPA Spring Days - Security

  13. 1993 AT&T announced the self-healing wireless network 1998 SUN bought the RedCape Policy Framework for self-healing software 1998 HP released the sefl-healing version of OpenView Network Node Manager 2001 Concord Com. Announced self-healing for the home Self-healing in history The name has been used before IPA Spring Days - Security

  14. Application handling the communication Presentation message formatting Session controls traffic between parties Transport converts packets into framesv.v. Network controls frame routing Data Link frames of bit sequences Physical relays physical quantities Self-Healing ingredients Self-healing = Detection + Diagnosis + Self-Repair Network Test Node Test Recon- figure IPA Spring Days - Security

  15. The CIN/SI is funded by the Electronic Power Research Institute and the US Dept. of Defense as part of the Government-Industry Collaborative University Research program 28 universities in 6 consortia started Spring 1999 to spent $30 M in 5 years The approach is multi-agent technology An Initiative in Self-Healing The Complex Interactive Networks/Systems Initiative IPA Spring Days - Security

  16. [CalTech] CIN Mathematical Foundation [CMU] Context-dependent Agents [Cornell] Failure Minimization [Harvard] Modeling and Diagnosis [Purdue] Intelligent Management [Washington] Defense to Attacks CIN/SI consortia The different aspects of self-healing IPA Spring Days - Security

  17. Pre-programming misses the target by lack of context dependence No damage would have occurred if the load on the McNary Dam would have decreased by 0.4% during the next 30 minutes Local agents making real-time decision would have eliminated the Keeler-Allson disaster. Key issues Central control comes too late by definition IPA Spring Days - Security

  18. Agents are called cognitive or rational when equipped with clear rules and algorithms Agents are called reactive when their functioning depends on the interrogation of the environment Both type of agents are required on the decision- making layers handling respectively reaction, coordination and deliberation Basic agent types What are agents? IPA Spring Days - Security

  19. CIN/SI architecture (1) Operational control of the power plant Triggering events Plans/Decisions Events/alarm Filtering Agents Model update Agents Command Agents Controls Events/ alarms Faults Isolation Agents Frequency Stability Agents Protection Agents Generation Agents Power System IPA Spring Days - Security

  20. CIN/SI architecture (2) Strategic management of the power grid Hidden Failure Monitoring Agents Reconfiguration Agents Vulnerability Assessment Agents Restoration Agents Events Identification Agents Planning Agents Triggering events Plans/Decisions Events/alarm Filtering Agents Model update Agents Command Agents IPA Spring Days - Security

  21. Monitoring the process Strategic decisions on tactic control Monitor Control Process Actuator Sensor IPA Spring Days - Security

  22. Agent Agent Agent Agent Agent Agent The network emphasis The network glues the agents together Network IPA Spring Days - Security

  23. But what we need is: Mutual observation between nodes Group decision of testing agents Implied reconfiguration of the network How can we facilitate testing with agent properties? Defect looses all Majority voting is a centralized consensus scheme IPA Spring Days - Security

  24. Agent characteristics What is security? mouse messages ... other agents messages move change appearance speak effec tors sen sors Behaviour • Independent, Reactive,Proactive, Social IPA Spring Days - Security

  25. Built-in Block Observation Testing complex systems requires autonomy generator process verifier IPA Spring Days - Security

  26. When data flows over identical nodes, the typical function can be characterized by the feedback polynomial Linear Feedback Shift-register Generation of ordered bit strings by EXORs IPA Spring Days - Security

  27. Friedmann model The aim is for a locally compacted set of patterns Process I O Q IPA Spring Days - Security

  28. A simple low-pass filter Takes a data sampling routine,multiplying adder and final function 1/N. A basic function Proto-typical software on a small PIC controller IPA Spring Days - Security

  29. A simple neuron Is similar to the low-pass filter except for the incoming data. Operates from the same input data ring-buffer. A neuron Intelligence can be built from filtering IPA Spring Days - Security

  30. A feed-forward network Differs only in the layer-by-layer switching of the I/O-blocks A neural network Where there is one neuron, there can be more IPA Spring Days - Security

  31. When data flows over identical nodes, the typical function can be characterized by the globally recurrent neural network Non-Linear Feedback SR Generation of ordered patterns by Correlators IPA Spring Days - Security

  32. Analog correlation is about finding the functional similarity Digital correlation is the same except for the effect of crisping Random access storage is always larger than storage of an ordered function The neurally approximated function allowes for a dense salvage of ordered I/O-pairs Neural Observation Analog correlation looks like digital EXOR IPA Spring Days - Security

  33. When data flows over identical nodes,the typical function can be characterized Built-In Logic Block Observation The BIFBO can also be shared with neighboring nodes Built-In Function Block Observation The local test does not differentiate between hardware and software Data-Flow Architecture Data discrepancy is low-level abnormal behavior IPA Spring Days - Security

  34. If you can not test it, then it’s not worth to design it. Hierarchical design needs a hierarchical test. Abstraction gives a condensed view on reality. Abstraction provides for scalability. Question 1 Is there an abstractional test? IPA Spring Days - Security

  35. Interaction is good, conflicts are less If resources have a state, access should be bounded by state Conflicting services pose basically a scheduling problem It’s hard to schedule over an arbitrary network Question 2 Is feature interaction really a static problem? IPA Spring Days - Security

  36. Design should be scalable; test is no exception. Detection can do without diagnosis;Diagnosis can not go without detection. Testing can be based on area (coverage) or on frontier (sensitivity) The boundary between software and hardware is still moving Question 3 Do neural networks provide for a built-in test? IPA Spring Days - Security

More Related