Time as a Metric for Defence in Survivable Networks

Critical infrastructures of today’s society are built over networks that require a degree of survivability not foreseen when they were built. This paper reports on work in progress in a European project that aims to safeguard critical infrastructures such as electricity and telecom networks. It assumes that there will be accidents, attacks, and failures in parts of a network. The goal of safeguard is to enable delivery of the essential services despite these. Hence, we define a metric for network level survivability in terms of a continuous function of critical components’ availability and integrity. We further go on to measure the survivability of the system in terms of the time taken to breach of survivability. In a system where the implemented defence/recovery mechanisms are not adequate, this time is finite. In a system that implements self-healing, the presence of attacks and failures is continuously compensated by defence and recovery mechanisms. Again, a measure of time to recover from component failures is a key to increased network survivability. The paper presents a preliminary study of defence mechanisms in a telecom management network, and illustrates how simulations of the network and harmful data can be used to identify trade-offs that are central to increased survivability. Keywords—Survivability, Simulation, Intrusion Tolerance, Dependability, Timely defence.

[1]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[2]  Sven Dietrich,et al.  The survivability of survivability , 2001 .

[3]  Simin Nadjm-Tehrani,et al.  Evaluation of Defence Mechanisms in Survivable Networks , 2003 .

[4]  Nancy R. Mead,et al.  Survivable Network System Analysis: A Case Study , 1999, IEEE Softw..

[5]  Peter G. Neumann,et al.  Practical Architectures for Survivable Systems and Networks , 1999 .

[6]  Referencemodel Andusecases Malicious-and Accidental-fault Tolerance for Internet Applications , .

[7]  John A. Zinky,et al.  Open implementation toolkit for building survivable applications , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[8]  Nancy R. Mead,et al.  Survivability: Protecting Your Critical Systems , 1999, IEEE Internet Comput..

[9]  John C. Munson,et al.  Watcher: the missing piece of the security puzzle , 2001, Seventeenth Annual Computer Security Applications Conference.

[10]  Peter G. Neumann,et al.  Practical Architectures for Survivable Systems and Networks: Phase-One Final Report , 1999 .

[11]  Nancy R. Mead,et al.  The Survivability Imperative: Protecting Critical Systems , 2000 .

[12]  Matthew C. Elder,et al.  On computer viral infection and the effect of immunization , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[13]  Brian Randell,et al.  Fundamental Concepts of Dependability , 2000 .

[14]  Suresh L. Konda,et al.  A Simulation Model for Managing Survivability of Networked Information Systems , 2000 .