Post on 14-Apr-2018
7/30/2019 Self Healingnetworksben
1/36
Self-healing networksWhen the going gets tough, the tough get going
L.Spaanenburg. Groningen University, Department of Computing Science. P.O. Box 800, 9700 AV, Groningen.Mail: ben @cs.rug.nl , http://www.cs.rug.nl/~ben
2001 IPA Spring Dayson
Security
mailto:martijn@cs.rug.nlmailto:martijn@cs.rug.nl7/30/2019 Self Healingnetworksben
2/36
April 2001 IPA Spring Days - Security 2
Motivation
Security involves the guaranteed access
to all resources at all times with top quality
Threats: - from outside
- from inside
Here: internal diseases only
What is security?
7/30/2019 Self Healingnetworksben
3/36
7/30/2019 Self Healingnetworksben
4/36
April 2001 IPA Spring Days - Security 4
The weak spot
A network is billions of tightly connecteddistributed heterogeneous components
Things happen on a wide time/spatial scale withmassive interaction
A local disturbance can spread widely in zero
time Relationships and interdependencies are too
complex for mathematical theories
It is the small dog that bites!
7/30/2019 Self Healingnetworksben
5/36
April 2001 IPA Spring Days - Security 5
Users perspective on networks An integrated Power Information
Communication technology
7/30/2019 Self Healingnetworksben
6/36
April 2001 IPA Spring Days - Security 6
Telephone network A network can be a tree with central control
connectionlocalexchange
2nd-order exchange
1st-order exchange
short distance
medium distance
long distance
7/30/2019 Self Healingnetworksben
7/36
April 2001 IPA Spring Days - Security 7
Data Network Connectionless communication by broadcast
Subnet
LAN
Host Router
7/30/2019 Self Healingnetworksben
8/36
April 2001 IPA Spring Days - Security 8
Means of Communication
Synchronous PDH: Plesiochronous Digital HierarchySDH: Synchronous Digital HierarchyISDN: Integrated Services Digital Network
AsynchronousFDDI: Fiber Distributed Data InterfaceFR: Frame RelayATM: Asynchronous Transfer Mode
Sigh, there are some many ways to communicate
7/30/2019 Self Healingnetworksben
9/36
April 2001 IPA Spring Days - Security 9
Sources of Abnormality
Attacks from the outside world
(service attack) Hick-ups in the network communication Failures on the network nodes
Its a detection problem!
What goes wrong, will go wrong
7/30/2019 Self Healingnetworksben
10/36
April 2001 IPA Spring Days - Security 10
The Keeler-Allston disaster
On 10 August 1996, the Keeler-Allston 500 kVpower line tripped creating voltage depressionand the McNary Dam went to maximum
The Ross-Lexington 230 kV line also trippedand pushed the McNary Dam over the edge
The McNary Dam sets off oscillations that wentto 500 MW within 1.5 minutes The North-South Pacific INTER-tie isolated 11
US states and 2 Canadian provinces
The network is vulnerable for local abnormalities
7/30/2019 Self Healingnetworksben
11/36
April 2001 IPA Spring Days - Security 11
The 1998 Galactic page out
In May 1998, the Galaxy-IV satellite wasdisabled by unknown causes
US National Public Radio and 40M pagerswent out, airline flights delayed and datanetworks had to be manually reconfigured
Many geo-stationary satellites are 800 1400km; 13 (60-), 35 (70-), 69 (80-) and 250 (90-) 10 million pieces of debris > 1 mm
The weak belly of the Earth
7/30/2019 Self Healingnetworksben
12/36
April 2001 IPA Spring Days - Security 12
Other fault cascades
Finagles Law
Anything that can go wrong, will
Antibiotics cause resistance (DDT)Code replication also works for errors
Cause/effect relations occur frequently
7/30/2019 Self Healingnetworksben
13/36
April 2001 IPA Spring Days - Security 13
Self-healing in history
1993 AT&T announced the self-healingwireless network
1998 SUN bought the RedCape PolicyFramework for self-healing software
1998 HP released the sefl-healing version
of OpenView Network Node Manager 2001 Concord Com. Announced
self-healing for the home
The name has been used before
7/30/2019 Self Healingnetworksben
14/36
April 2001 IPA Spring Days - Security 14
Self-Healing ingredients
Application handling the communication
Presentation message formatting Session controls traffic between parties Transport converts packets into frames v.v. Network controls frame routing Data Link frames of bit sequences Physical relays physical quantities
Self-healing = Detection + Diagnosis + Self-Repair
Network
TestNodeTest
Recon-figure
7/30/2019 Self Healingnetworksben
15/36
April 2001 IPA Spring Days - Security 15
An Initiative in Self-Healing
The CIN/SI is funded by the Electronic Power
Research Institute and the US Dept. of Defenseas part of the Government-IndustryCollaborative University Research program
28 universities in 6 consortia started Spring
1999 to spent $30 M in 5 years The approach is multi-agent technology
The Complex Interactive Networks/Systems Initiative
7/30/2019 Self Healingnetworksben
16/36
April 2001 IPA Spring Days - Security 16
CIN/SI consortia
[CalTech] CIN Mathematical Foundation
[CMU] Context-dependent Agents [Cornell] Failure Minimization [Harvard] Modeling and Diagnosis
[Purdue] Intelligent Management [Washington] Defense to Attacks
The different aspects of self-healing
7/30/2019 Self Healingnetworksben
17/36
April 2001 IPA Spring Days - Security 17
Key issues
Pre-programming misses the target by lack of context dependence
No damage would have occurred if the load onthe McNary Dam would have decreased by0.4% during the next 30 minutes
Local agents making real-time decision wouldhave eliminated the Keeler-Allson disaster.
Central control comes too late by definition
7/30/2019 Self Healingnetworksben
18/36
April 2001 IPA Spring Days - Security 18
Basic agent types
Agents are called cognitive or rational whenequipped with clear rules and algorithms
Agents are called reactive when theirfunctioning depends on the interrogation of theenvironment
Both type of agents are required on the decision-making layers handling respectively reaction,coordination and deliberation
What are agents?
7/30/2019 Self Healingnetworksben
19/36
April 2001 IPA Spring Days - Security 19
CIN/SI architecture (1)Operational control of the power plant
Power System
ProtectionAgents
GenerationAgents
Controls
Faults Isolation
Agents
Frequency Stability
Agents
Events/alarmFiltering Agents
Model updateAgents
CommandAgents
Events/ alarms
Triggering events Plans/Decisions
7/30/2019 Self Healingnetworksben
20/36
April 2001 IPA Spring Days - Security 20
CIN/SI architecture (2)Strategic management of the power grid
Events/alarmFiltering Agents
Model updateAgents
CommandAgents
Triggering events Plans/Decisions
Events IdentificationAgents
PlanningAgents
RestorationAgents
Vulnerability AssessmentAgents
Hidden FailureMonitoring Agents
ReconfigurationAgents
7/30/2019 Self Healingnetworksben
21/36
April 2001 IPA Spring Days - Security 21
Monitoring the processStrategic decisions on tactic control
Monitor
ProcessControlSensor Actuator
7/30/2019 Self Healingnetworksben
22/36
April 2001 IPA Spring Days - Security 22
The network emphasisThe network glues the agents together
Network Agent
Agent Agent
Agent Agent
Agent
7/30/2019 Self Healingnetworksben
23/36
April 2001 IPA Spring Days - Security 23
Defect looses all
But what we need is:
Mutual observation between nodes Group decision of testing agents Implied reconfiguration of the network
How can we facilitatetesting with agent properties?
Majority voting is a centralized consensus scheme
7/30/2019 Self Healingnetworksben
24/36
April 2001 IPA Spring Days - Security 24
Agent characteristicsWhat is security?
sensors
effectors
Behaviour
mousemessages...other agents
messagesmovechange appearancespeak
Independent, Reactive,Proactive, Social
7/30/2019 Self Healingnetworksben
25/36
April 2001 IPA Spring Days - Security 25
Built-in Block ObservationTesting complex systems requires autonomy
generator
process
verifier
7/30/2019 Self Healingnetworksben
26/36
April 2001 IPA Spring Days - Security 26
Linear Feedback Shift-register
When data flows over identical nodes,the typical function can be characterized
by the feedback polynomial
Generation of ordered bit strings by EXORs
016 x x x
7/30/2019 Self Healingnetworksben
27/36
April 2001 IPA Spring Days - Security 27
Friedmann modelThe aim is for a locally compacted set of patterns
ProcessI O
Q
7/30/2019 Self Healingnetworksben
28/36
April 2001 IPA Spring Days - Security 28
A basic function
A simple low-pass filter
Takes a data sampling routine,multiplying adder and final function 1/N.
Proto-typical software on a small PIC controller
1
0)(1 N
iit i xc N
z
7/30/2019 Self Healingnetworksben
29/36
April 2001 IPA Spring Days - Security 29
A neuron
A simple neuron
Is similar to the low-pass filter except forthe incoming data. Operates from thesame input data ring-buffer.
Intelligence can be built from filtering
1
0)( N
iiji xw f z
7/30/2019 Self Healingnetworksben
30/36
April 2001 IPA Spring Days - Security 30
A neural network
A feed-forward network
Differs only in the layer-by-layerswitching of the I/O-blocks
Where there is one neuron, there can be more
1
0
1
0)(
M
j
N
iiji j xw f w f z
7/30/2019 Self Healingnetworksben
31/36
April 2001 IPA Spring Days - Security 31
Non-Linear Feedback SR
When data flows over identical nodes,the typical function can be characterizedby the globally recurrent neural network
Generation of ordered patterns by Correlators
t xw
7/30/2019 Self Healingnetworksben
32/36
April 2001 IPA Spring Days - Security 32
Neural Observation
Analog correlation is about finding thefunctional similarity
Digital correlation is the same except for theeffect of crisping
Random access storage is always larger thanstorage of an ordered function
The neurally approximated function allowesfor a dense salvage of ordered I/O-pairs
Analog correlation looks like digital EXOR
7/30/2019 Self Healingnetworksben
33/36
April 2001 IPA Spring Days - Security 33
Data-Flow Architecture
When data flows over identical nodes,the typical function can be characterized
Built-In Logic Block Observation The BIFBO can also be shared with
neighboring nodes
Built-In Function Block Observation The local test does not differentiate between
hardware and software
Data discrepancy is low-level abnormal behavior
7/30/2019 Self Healingnetworksben
34/36
April 2001 IPA Spring Days - Security 34
Question 1
If you can not test it, then its not worth
to design it. Hierarchical design needs a hierarchicaltest.
Abstraction gives a condensed view onreality.
Abstraction provides for scalability.
Is there an abstractional test?
7/30/2019 Self Healingnetworksben
35/36
April 2001 IPA Spring Days - Security 35
Question 2
Interaction is good, conflicts are less
If resources have a state, access should bebounded by state Conflicting services pose basically a
scheduling problem Its hard to schedule over an arbitrary
network
Is feature interaction really a static problem?
7/30/2019 Self Healingnetworksben
36/36
April 2001 IPA Spring Da s Sec rit 36
Question 3
Design should be scalable; test is no exception.
Detection can do without diagnosis;Diagnosis can not go without detection. Testing can be based on area (coverage) or on
frontier (sensitivity) The boundary between software and hardware
is still moving
Do neural networks provide for a built-in test?