Network Vulnerability Assesment: A Multi-layer Approach to Adaptivity
Adaptivity requires at least frequent, and ideally real-time, updates and also requires the ability to analyze, respond and reconfigure. Such network management flexibility requires several types of information and capabilities, which include response of the network to node failure, reachability of nodes, and boundary control. the first issue determines how the network will respond to a "problem", which might be caused by an internal defect of the node or by a failure caused by external faults through the environment, accidental user error, or malicious input. in this event, network analysis on reachability can provide input for routing around the disabled node in order to maintain connectivity for as much of the network as possible. Furthermore, upfront reachability analysis also helps to identify potential access which is unwanted and thus aids in intrusion avoidance. the problem is exacerbated when multiple nodes fail, e.g., distributed denial of service. in this case, boundary control is important in order to isolate affected subnets, to keep these nodes from affecting additional nodes, and to provide limited services until the full system can be restored. This paper presents a multi-layer analysis of a small (30 node) factory automation laboratory, used in Supervisory Control and Data Acquisition (SCADA) applications. Our approach views the network and applications as a system of systems. Network vulnerability is assessed at several layers; results and recommendations are discussed. Finally, considerations for extension and scalability are presented.
A. K. Miller and K. T. Erickson, "Network Vulnerability Assesment: A Multi-layer Approach to Adaptivity," RTO-MP-IST-041 - Adaptive Defence in Unclassified Networks, North Atlantic Treaty Organization (NATO), Jan 2004.
RTO Information Systems Technology Panel (IST) Symposium on “Adaptive Defence in Unclassified Networks” (2004: Apr. 19-20, Toulouse, France)
Electrical and Computer Engineering
Los Alamos National Laboratory
Keywords and Phrases
Network Vulnerability; Supervisory Control and Data Acquisition (SCADA)
Article - Conference proceedings
© 2004 North Atlantic Treaty Organization (NATO), All rights reserved.
01 Jan 2004