Network Vulnerability Assesment: A Multi-layer Approach to Adaptivity

Author

Ann K. Miller, Missouri University of Science and TechnologyFollow
Kelvin T. Erickson, Missouri University of Science and TechnologyFollow

Abstract

Adaptivity requires at least frequent, and ideally real-time, updates and also requires the ability to analyze, respond and reconfigure. Such network management flexibility requires several types of information and capabilities, which include response of the network to node failure, reachability of nodes, and boundary control. the first issue determines how the network will respond to a "problem", which might be caused by an internal defect of the node or by a failure caused by external faults through the environment, accidental user error, or malicious input. in this event, network analysis on reachability can provide input for routing around the disabled node in order to maintain connectivity for as much of the network as possible. Furthermore, upfront reachability analysis also helps to identify potential access which is unwanted and thus aids in intrusion avoidance. the problem is exacerbated when multiple nodes fail, e.g., distributed denial of service. in this case, boundary control is important in order to isolate affected subnets, to keep these nodes from affecting additional nodes, and to provide limited services until the full system can be restored. This paper presents a multi-layer analysis of a small (30 node) factory automation laboratory, used in Supervisory Control and Data Acquisition (SCADA) applications. Our approach views the network and applications as a system of systems. Network vulnerability is assessed at several layers; results and recommendations are discussed. Finally, considerations for extension and scalability are presented.

Recommended Citation

A. K. Miller and K. T. Erickson, "Network Vulnerability Assesment: A Multi-layer Approach to Adaptivity," RTO-MP-IST-041 - Adaptive Defence in Unclassified Networks, North Atlantic Treaty Organization (NATO), Jan 2004.

Meeting Name

RTO Information Systems Technology Panel (IST) Symposium on “Adaptive Defence in Unclassified Networks” (2004: Apr. 19-20, Toulouse, France)

Department(s)

Electrical and Computer Engineering

Sponsor(s)

Los Alamos National Laboratory

Keywords and Phrases

Network Vulnerability; Supervisory Control and Data Acquisition (SCADA)

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2004 North Atlantic Treaty Organization (NATO), All rights reserved.

Publication Date

01 Jan 2004