IRRIIS- FP6-2005–IST-4

EC - LOGO

MIT Requirements for TLC

IRRIIS MIT Conference ROME 8 February 2007

Giustino FUMAGALLIArnaud ANSIAUX

IRRIIS

ICT networks and systems are the nervous system of our modern technological society.

The dependencies of other services (energy, transportation …) supply on ICT networks have grown ever more complex.

ICT : Information Communications Technology

General context

(www.interscience.wiley.com)

PUBLIC HEALTHFINANCIAL LAW ENFORCEMENT

TRANSPORTATION ENERGY

Communications Infrastructure

Other Infrastructures

PUBLIC HEALTHPUBLIC HEALTHFINANCIALFINANCIAL LAW ENFORCEMENTLAW ENFORCEMENT

TRANSPORTATIONTRANSPORTATION ENERGYENERGY

Communications Infrastructure

Other InfrastructuresOther Infrastructures

IRRIIS

Because of this interconnectedness and an increasing reliance on ICT networks, services critical to society and economy are becoming more fragile and may fall faster than ever before because of a major technological collapse of an ICT network or system.

ICT : Information Communications Technology

General context

IRRIIS

The IRRIIS project will provide a novel technology, named « MIT system » aiming at enhancing the dependability, the survivability and the resilience of LCCIs.

MIT system will :

o Improve the networks’ operators mutual awareness;

o Improve the negotiation capacity between different networks;

o Reduce the chance that failures spread;

o Mitigate the cascading effects.

MIT : Middleware Improved Technology;

LCCI : Large Complex Critical Infrastructure.

IRRIIS project

IRRIIS

Why MIT System for Telco ?

Telecommunication infrastructure is defined as « Organizations, personnel, procedures, facilities and networks » employed to

transmit and receive information.(www.bitpipe.com/tlist/Telecommunications-Infrastructure.html)

TELCO infrastructure is definitly a very complexe system to be handled in globality.

PUBLIC HEALTHFINANCIAL LAW ENFORCEMENT

TRANSPORTATION ENERGY

Communications Infrastructure

Power

Environment

Software

Hardware

Human

Policy

Payload

Networks

Other Infrastructures

PUBLIC HEALTHPUBLIC HEALTHFINANCIALFINANCIAL LAW ENFORCEMENTLAW ENFORCEMENT

TRANSPORTATIONTRANSPORTATION ENERGYENERGY

Communications Infrastructure

Power

Environment

Software

Hardware

Human

Policy

Payload

Networks

Communications Infrastructure

Power

Environment

Software

Hardware

Human

Policy

Payload

Networks

Power

Environment

Software

Hardware

Human

Policy

Payload

Networks

Other InfrastructuresOther Infrastructures

Eight Ingredient Framework of

Communications Infrastructure

IRRIIS

“Intradependencies” in Telco

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

NetworkOperator

Intradepencies

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

NetworkOperator

Intradepencies

Intradependencies must be taken into account inside a single operator telecommunication network.

SGT SGU

SGU

SL

Area di commutazione

Area Gateway

Area cavo 1

Area cavo 3

Area cavo 2

Area di centrale

= Armadio di distribuzione

= Box di distribuzione

SL i

iSubnetworkNetwork

IRRIIS

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

Operator 1

Operator 2

Operator 3

Operator 4

Operator i

Interdepencies

Telco domain

Intradepencies

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

Operator 1

Operator 2

Operator 3

Operator 4

Operator i

Interdepencies

Telco domain

Intradepencies

•Internationalization of Business;

•Overall mobility of clients;

•Convergence of telecoms and IT;

• …

Increase the number of interdependencies between telecommunication operators.

“Interdependencies” in Telco

IRRIIS

To grant its own service delivery each CI operator needs to be granted on the service delivery provided by others CI operators;

Service Level Agreements with others CI operators (both for electricity or Telco);

Service Level Agreements for a certain service could include regulation about the exchange of information concerning the status of the provided service;

The nature of the information exchanged often requires feed-back mechanisms.

Fast alerting about SLA reduction should be useful to implement countermeasures on-time, avoiding critical malfunctions afterwards;

Automatic negotiated service restoration after a malfunction, may help cooperation to a faster and safer return to a “normal state” of all CI’ service deliveries. Moreover, it may help civil protection emergency activities.

Interdependencies means interworking needs

IRRIIS

No-one can understand better his own risk in the “service delivery” than the “service provider” itself : Share his own risk perception with others CI operators should be very important.

BUT!!! Automatic data exchange doesn’t mean automatic reaction : internal procedures for

the risk management must be respected; “Service consumer” operator need to trust in data received. Share only relevant data to others: “service consumer” is interested in being

informed about service delivery, not about “service producer troubles”.SO

Exchange service relevant data in a simple format:– Risk estimation;– Where (Location and expected area involved);– When (Time and how long).

A basic Interdependency Risk reduction : data exchange

IRRIIS

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

Operator 1

Operator 2

Operator 3

Operator 4

Operator i

Interdepencies

Telco domain

Intradepenciesother domain 2

Interdepencies

other domain 1

other domain i

Subnetwork 1

Subnetwork 2

Subnetwork 3

Subnetwork 4

Subnetwork 5

Subnetwork i

Operator 1

Operator 2

Operator 3

Operator 4

Operator i

Interdepencies

Telco domain

Intradepenciesother domain 2

Interdepencies

other domain 1

other domain i

Environment drives also Telco

•Transformation of Telco Operators business model. The telecom carrier is becoming a global service operator (access to IT resources, hosting, outsourcing, etc …);

•Development of new technologies (high bandwidth capabilities, multimedia technologies, mobile technologies, service platforms, IP convergence…);

•Strong partnerships with other operators, ISP and content providers / Constraints due to governmental law enforcement.

•Change of habits of Clients. Development of new end to end services to their clients ( QoS, security guaranties, service profile, … );

IRRIIS

•Security Management

- “Off-line” analysis

- Network engineering;

- Risk management studies ... - Operational Continuity & Emergency Plans

- Crisis Management Process (fast reaction)

Existing solutions to enhance resilience in Telco

Prevention Incident Handling

Crisis Management

Learning

Prevention Incident Handling

Crisis Management

Learning

•Redundancies of main equipments, services and pathways inside operator networks (logically or physically)

IRRIIS

NO C

SOC

Problem Management

system

Security C orrela tion System

Security log management

Security ProblemManagement

System

NO C

SOC

Problem Management

system

Security C orrela tion System

Security log management

Security ProblemManagement

System

Network A

Network B

NOC / SOC

Collectors

NOC / SOC

Collectors

NOC / SOC

Collectors

NO C

SOC

Problem Management

system

Security C orrela tion System

Security log management

Security ProblemManagement

System

NO C

SOC

Problem Management

system

Security C orrela tion System

Security log management

Security ProblemManagement

System

Network A

Network B

NOC / SOC

Collectors

NOC / SOC

Collectors

NOC / SOC

Collectors

Network Operating Center

Security Operating Center

Existing solutions to enhance resilience in Telco

•Security Management ;- “On-line” monitoring : Supervision solutions.

- Network Operation Center (NOC);

- Security Operation Center (SOC);

IRRIIS

Remaining and new issues

•Supervision solutions- Mainly based on technical information collection ;- Large amount of data are collected from networks which

involve issues : storage and data mining, complex treatments (filtering, aggregation, correlation…) ;

- Too many supervision tools are needed which make a lot of communication interoperability issues and make decision phase more and more complex.

•IP and mobility technologies are source of new vulnerabilities, threats and malicious attacks for Telco network operators. 

 

A lot of effort should be done to develop single efficient system to enhance overall

Telco resilience.

IRRIIS

Main requirements for MIT system (1/2)

Processing functions Collect and process internal data and information,

– Embedded computing at lower level inside the network to make efficient, timely and secure the data processing ( filtering, aggregation and correlation mechanisms);

Perform analysis and diagnosis useful for the infrastructure where MIT components are installed and for other infrastructures with which they are connected;

Process data coming from other infrastructures in order to allow the operator to prevent potential cascading effects;

Security policies management capabilities to define emergency conditions and if possible automatic recovery.

IRRIIS

Main requirements for MIT system (2/2)

Communication functions Support information sharing to provide early warning to neighboring systems and

infrastructure; Exchange data with other Communication Components installed on other

infrastructures; Enhance global communication capabilities by defining communication standards to

resolve interoperability issues (ie : risk common exchange language); Define standard for scallable, tunable information on resilience and security aspects

for inter-domain level agreement.

IRRIIS

MIT System general architecture

MIT system should be implemented both at :

The management service level;

The collector level;

Inside the operator core network :

• directly on « critical » network equipments;

•using specific probes.

NO C

SOC

Problem Management

system

Security C orrelation System

Security log management

Security ProblemManagement

System

NO C

SOC

Problem Management

system

Security C orrelation System

Security log management

Security ProblemManagement

System

Network A

Network B

NOC / SOC

Collectors

NOC / SOC

Collectors

NOC / SOC

Collectors

NO C

SOC

Problem Management

system

Security C orrelation System

Security log management

Security ProblemManagement

System

NO C

SOC

Problem Management

system

Security C orrelation System

Security log management

Security ProblemManagement

System

Network A

Network B

NOC / SOC

Collectors

NOC / SOC

Collectors

NOC / SOC

Collectors

Network Operating Center

Security Operating Center

Main objectives :

Independent and modular architecture;

Define the content of RML* messages.* RML : Risk Management Language

IRRIIS

Processing functionsCommunication functions

•Because each LCCI will remain responsible for his own security management and overall technical capacity management;

•But also to ensure the most resilience and scalable capabilities within Telco interdependencies …

MIT System general architecture

MIT system general architecture has been oriented where each MIT system communicates with all interfaced MIT systems making use of client-server paradigm.

IRRIIS

other

telecom

electricity other

telecom

electricity

Extension of TELCO MIT system to other domains

– Global service continuity, resilience with limiting cascading effect between all critical infrastructures;

– Global security reaction management with support of authorized recovery;

– Global “TRUST & CONFIDENCE”.

The application of these general requirements for MIT system should enhance overall resilience of all these complex communication Infrastructures.

Because, ICT networks are the nervous system of other infrastructures, it could be then possible to extend the concept of MIT system to other interdependent domains and really start to think about :

IRRIIS

THANK YOU