Dynamic Network Reconfiguration in Safety-Critical Aeronautical Systems

Today's safety-critical aeronautical networks use two networks concurrently for redundancy. Furthermore, the most critical applications have additional hard-wired end-to-end links for resilience. However, with such networks increasingly being connected to the Internet for added functionality they face risks that cannot be mitigated thus. Consequently, mechanisms permitting network reconfiguration during runtime such as software-defined networking (SDN) receive interest, even though they have not been designed for safety-critical systems. To ensure that safety is maintained at all times, further mechanisms are required. Hence, this paper proposes a novel approach dynamic network reconfiguration (DRN). Using pre-calculated configuration templates obtained using linear optimisation, one of two concurrently served node-and link disjoint paths can safely be reconfigured using SDN processes. To validate the DNR solution, a sample avionics network has been build in Mininet and failures randomly triggered. Experimental results show that using the DRN solution allows to mitigate up to 14 successive failures without loosing safety-critical traffic. Consequently, our solution not only provides more resilience against failures than current solutions, but can also be used to mitigate the effects of network attacks.

[1]  James P. G. Sterbenz,et al.  Modelling communication network challenges for Future Internet resilience, survivability, and disruption tolerance: a simulation-based approach , 2013, Telecommun. Syst..

[2]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[3]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[4]  Jérôme Ermont,et al.  Methods for bounding end-to-end delays on an AFDX network , 2006, 18th Euromicro Conference on Real-Time Systems (ECRTS'06).

[5]  Nicholas Kyriakopoulos,et al.  A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability , 2009, IEEE Communications Surveys & Tutorials.

[6]  Brian Randell,et al.  System structure for software fault tolerance , 1975, IEEE Transactions on Software Engineering.

[7]  Duminda Wijesekera,et al.  Security and Dependability in Train Control Systems , 2010 .

[8]  Robert E. Lyons,et al.  The Use of Triple-Modular Redundancy to Improve Computer Reliability , 1962, IBM J. Res. Dev..

[9]  Bernhard Plattner,et al.  Network resilience: a systematic approach , 2011, IEEE Communications Magazine.

[10]  Georg Carle,et al.  Adaptive Network Management for Safety-Critical Systems , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[11]  Liming Chen,et al.  N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..