IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
C Q R C Q R
Some Remarks
Karl F. RauscherChair, IEEE CQR Advisory Board
Bell Labs FellowExecutive Director, Bell Labs
Network Reliability & Security Office, Alcatel-Lucent
Some Remarks
Karl F. RauscherChair, IEEE CQR Advisory Board
Bell Labs FellowExecutive Director, Bell Labs
Network Reliability & Security Office, Alcatel-Lucent
Ft. Myers, Florida, USA
16 May 2007
Ft. Myers, Florida, USA
16 May 2007
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Questions you may be asking . . .
What is the IEEE CQR?
What is the purpose of CQR?
How do I become a member of CQR?
How do I get more involved in CQR?
What is the value of CQR?
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Questions you may be asking . . .What is the IEEE CQR? - a professional
society
What is the purpose of CQR? - to build YOU up
How do I become a member of CQR? - you already are
How do I get more involved in CQR? - ICC, GLOBECOM, workshops, journals,
something new . . .
What is the value of CQR? - networking, peer review, special workshops, coaching
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Step back in time to the 2001 CQR International Workshop
Issue discussed in a facilitated discussion:
What is the complete list of things that can cause outages in emerging data networks?
Background: took a while to learn circuit switched business . . . would be nice to have a faster learning curve.
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
A Running Jump onto a New S-Curve
CostCost
Rel
iab
ilit
yR
elia
bil
ity
Circuit-SwitchedCircuit-Switched
Packet-SwitchedPacket-Switched
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
A Running Jump onto a New S-Curve
CostCost
Rel
iab
ilit
yR
elia
bil
ity
Circuit-SwitchedCircuit-Switched
Packet-SwitchedPacket-Switched
Historic Historic Insights Insights
NonNon-Historic -Historic Insights Insights + +
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Proceedings from the 2001 CQR International Workshop
IEEE CQROutline of Packet Switched Network Vulnerabilities Hardware, FirmwareSoftwareProtocolsInteroperability Human Performance and ProceduresPhysical EnvironmentNetwork Design and PlanningNetwork Congestion / Traffic EngineeringPowerRapid Pace of Growth, Change, ComplexityMalicious Attacks, Security Disasters
IEEE CQROutline of Packet Switched Network Vulnerabilities Hardware, FirmwareSoftwareProtocolsInteroperability Human Performance and ProceduresPhysical EnvironmentNetwork Design and PlanningNetwork Congestion / Traffic EngineeringPowerRapid Pace of Growth, Change, ComplexityMalicious Attacks, Security Disasters
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Different sides of an equation
Vulnerability A characteristic of any aspect of the communications infrastructure that renders it, or some portion of it, susceptible to damage or compromise
Threat Anything with the potential to damage or compromise the communications infrastructure or some portion of it
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Some Characteristics of Ts and Vs
Vulnerabilities (intrinsic) finite fixed and well known only way threats can impact
Threats ~ infinite in number knowledge value is fleeting each has permutations
•
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Do you want to be responsible for this?
“Terrorism depends on surprise.”
“Failure of imagination.”
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
The Forces
+ + +IEEE CQR
Outline of Packet Switched Network Vulnerabilities
Hardware, Firmware Software Protocols Interoperability Human Performance and Procedures Physical Environment Network Design and Planning Network Congestion / Traffic Engineering Power Rapid Pace of Growth, Change, Complexity Malicious Attacks, Security Disasters
IEEE CQROutline of Packet Switched Network Vulnerabilities
Hardware, Firmware Software Protocols Interoperability Human Performance and Procedures Physical Environment Network Design and Planning Network Congestion / Traffic Engineering Power Rapid Pace of Growth, Change, Complexity Malicious Attacks, Security Disasters
Vulnerabilities (intrinsic) finite fixed and well known
only way threats can impact
Threats ~ infinite in number knowledge value is fleeting each has permutations
•
CostCost
Rel
iab
ility
Rel
iab
ility
CircuitCircuit--SwitchedSwitched
PacketPacket--SwitchedSwitched
The need. The knowledge. The physics. The expecation.
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
8-Ingredient Framework
. . .
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Intrinsic Vulnerabilities
Packet-SwitchedPacket-Switched
VULNERABILITY
unpredictable variation extremes in loadcorruptioninterceptionemulationencapsulation of malicious contentauthentication (mis-authenticaton)insufficient inventory of critical componentsencryption (prevents observablity)
VULNERABILITY
unpredictable variation extremes in loadcorruptioninterceptionemulationencapsulation of malicious contentauthentication (mis-authenticaton)insufficient inventory of critical componentsencryption (prevents observablity)
VULNERABILITY
accessibleexposed to elementsdependence on other infrastrucurescontaminate-ablesubject to surveillancecontinuously being alteredidentifiableremotely managednon-compliance with established protocols and procedures
VULNERABILITY
accessibleexposed to elementsdependence on other infrastrucurescontaminate-ablesubject to surveillancecontinuously being alteredidentifiableremotely managednon-compliance with established protocols and procedures
VULNERABILITY
uncontrolled fuel combustionfuel contaminationfuel dependencybattery combustionbattery limitationsbattery durationmaintenance dependencyrequire manual operationpower limitationsfrequency limitationssusceptibility to spikesphysical destruction
VULNERABILITY
uncontrolled fuel combustionfuel contaminationfuel dependencybattery combustionbattery limitationsbattery durationmaintenance dependencyrequire manual operationpower limitationsfrequency limitationssusceptibility to spikesphysical destruction
VULNERABILITY
Lack of ASPR (agreements, standards, policies, regulations)Conflicting ASPROutdated ASPRUnimplemented ASPR (complete or partial)Interpretation of ASPR (mis- or multi-)Inability to implement ASPREnforcement limitationsBoundary limitationsPace of development Information leakage from ASPR processesInflexible regulationExcessive regulationPredictable behavior due to ASPRASPR dependence on misinformed guidanceASPR ability to stress vulnerabilitiesASPR ability to infuse vulnerabilitiesInappropriate interest influence in ASPR
VULNERABILITY
Lack of ASPR (agreements, standards, policies, regulations)Conflicting ASPROutdated ASPRUnimplemented ASPR (complete or partial)Interpretation of ASPR (mis- or multi-)Inability to implement ASPREnforcement limitationsBoundary limitationsPace of development Information leakage from ASPR processesInflexible regulationExcessive regulationPredictable behavior due to ASPRASPR dependence on misinformed guidanceASPR ability to stress vulnerabilitiesASPR ability to infuse vulnerabilitiesInappropriate interest influence in ASPR
VULNERABILITY
physical (limitations, fatigue)cognitive (distractibility, forgetfulness, ability to deceive, confusion)ethical (divided loyalties, greed, malicious intent)user environment (user interface, job function, corporate culture)human-user environment interaction
VULNERABILITY
physical (limitations, fatigue)cognitive (distractibility, forgetfulness, ability to deceive, confusion)ethical (divided loyalties, greed, malicious intent)user environment (user interface, job function, corporate culture)human-user environment interaction
VULNERABILITY
capacity limitspoints or modes of failurepoints of concentration (congestion)complexity dependence on synchronizationinterconnection (interoperability, interdependence, conflict)uniqueness of mated pairsneed for upgrades and new technologyautomated control (*via software)accessibility (air, space or metallic or fiber)border crossing exposures
VULNERABILITY
capacity limitspoints or modes of failurepoints of concentration (congestion)complexity dependence on synchronizationinterconnection (interoperability, interdependence, conflict)uniqueness of mated pairsneed for upgrades and new technologyautomated control (*via software)accessibility (air, space or metallic or fiber)border crossing exposures
VULNERABILITY
chemical (corrosive gas, humidity, temperature, contamination)electric (conductive microfiber particles – carbon bombs) radiological contaminationphysical (shock, vibration, strains, torque)electromagnetic energy (EMI, EMC, ESD, RF, EMP, HEMP, IR)environment (temperature, humidity, dust, sunlight, flooding)life cycle (sparing, equipment replacement, ability to repair, aging)logical (design error, access to, self test, self shut off)
VULNERABILITY
chemical (corrosive gas, humidity, temperature, contamination)electric (conductive microfiber particles – carbon bombs) radiological contaminationphysical (shock, vibration, strains, torque)electromagnetic energy (EMI, EMC, ESD, RF, EMP, HEMP, IR)environment (temperature, humidity, dust, sunlight, flooding)life cycle (sparing, equipment replacement, ability to repair, aging)logical (design error, access to, self test, self shut off)
VULNERABILITY
ability to control (render a system in an undesirable state, e.g., confused, busy)
accessibility during development (including unsegregated networks)
accessible distribution channels (interception)
accessibility of rootkit to control kernal/coredeveloper loyalties errors in coding logiccomplexity of programsdiscoverability of intelligence (reverse engineer, exploitable code disclosure)
mutability of deployed code (patches)
VULNERABILITY
ability to control (render a system in an undesirable state, e.g., confused, busy)
accessibility during development (including unsegregated networks)
accessible distribution channels (interception)
accessibility of rootkit to control kernal/coredeveloper loyalties errors in coding logiccomplexity of programsdiscoverability of intelligence (reverse engineer, exploitable code disclosure)
mutability of deployed code (patches)
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
Use of 8 Ingredient Model
Format of Key Findings in Section 3
Title
Concise statement of observation Impact**
Associated ingredients*
Power
Environment
Software
Hardware
Payload
Network
Human
Policy
*
**statements in red indicate a negative impact; statements in blue indicate a positive impact
Robustness - service types:
Enhanced Basic Emergency (112) Priority
Ava
ilab
ility
*
CrisisCrisis
*Overall availability is inversely related to network traffic volume
Time
Normal Normal/Recovery /Recovery
99
11
887766
5544
3322
1010
44 55
1010 9988776644 55
1010
GoodGood
WWIRELESS IRELESS EEMERGENCY MERGENCY RRESPONSE ESPONSE TTEAMEAM
2004 Annual Report
2004 Annual Report
IEEECOMMUNICATIONS SOCIETY
Karl Rauscher
October 17, 2006
- stay engaged - contribute (ICC, Globecom, International workshops, special workshops, journals, your own idea, …)- step up to more responsibilities
‘Take Aways’
Top Related