sos engineering: problems, solution and challenges 1400... · •packet encapsulations, route...

SoS Engineering: Problems, Solution and Challenges:SoS Emulation in Live-Virtual Emulation Environment

Deepinder Sidhu and Chuck BurdickTeleniX Corporation

POC Email: [email protected]

ITEA 2015 System-of-Systems Workshop: "Reducing Risk in 2020"

January 27-30, 2015

1Chuck Burdick is an Innovative Decisions, Inc. subcontractor

mailto:[email protected]

System of Systems (SoS)– Integration of component systems – Component systems independently developed and

managed• New or existing systems in various stages of

development/evolution• Have their own purpose• Can dynamically come and go from SoS

– SoS exhibits emergent behavior not otherwise achievable by component systems

– INCOSE Handbook Definition of SoS • Interoperating collection of component systems

that produce results unachievable by the individual systems alone.

2

SoS Cyber Risks

• Emergent behaviors (EBs) or states present unknown security risks

• EBs may present exploitable dynamicvulnerabilities for which there may not be any known defense

SoS Total is bigger than

sum of its parts.

Significant differences between architectural description of a System and of a System of Systems (SoS)

Challenges for Performing Realistic Network SoS Testing– Create realistic environment for SoS E&I, including using realistic

network– Conduct test and evaluation effectively with full-fidelity– Emulate SoS integration and interoperability under real-world

configurations and operational scenarios – Predict emergent behaviors – good and bad– Formulate optimization for SoS with “ill-defined” boundaries– Define robust security for a SoS with independently changing

components and independent security– Demonstrate end-to-end performance, self-stabilization, robustness,

scalability and survivability for SoS with changing boundary (component joining/leaving at any time) and component changing

Current Solution: M&S and Real Network HardwareProblems– Inevitable abstractions with modeling and simulation– Most model V&V problematic – High expense of hardware-based test ranges

Proposed Solution: Live-Virtual Emulation Environment (VEE)

– VEE uses actual Internet Software and Virtualized Hardware3

Realistic Network: clone of an

actual network, including

architectures, protocols,

technologies, configurations,

size, complexity,

speed, security, trust,

policies

1. Manually – Drag/Drop/Connect– Library of pre-config. components

• Hosts, Routers, switches, …

2. Automatically Generate Notional Networks– # nodes - 50– Aver. node degree = 3

3. Reverse Engineer from Network Data Collection– Three data feeds:

• Full capture (top middle rectangle)• Router configs (big circle)• Netflow (left and right vertical)

4

Note: Pre-configured components are clones of vendors networking products. They are created based on publically available information about these products.

VEE is Supporting Major Classified Cyber Projects: Reverse Engineering 1000+ Routers Mission Networks, Creating Cyber Situational

Awareness, Vulnerabilities Assessment, Hardening Networks, Attack Vectors Analysis, Red/Blue Teaming, Cyber Warriors Training, Cyber Command & Control

Clone a network in VEE using: – Automated Reverse Engineering Techniques – Actual protocol implementations & network

configurations with 100’s of servers, 100K devices– With complete interchangeability of code between the

real and virtual environmentsEmulate the network clone in VEE

– Conduct full-fidelity network operations under real-world configurations and operational scenarios

– Produce behaviors that are indistinguishable from the behavior of its real counterpart (confirmed by IC Red Teams) • Packet encapsulations, route tables, link bandwidth

utilization, …VEE on a laptop/server

– Avoid the expense of large-scale hardware and software maintenance/refresh costs, or power, space, & cooling (PSC)

– With minimal personnel support costs– With rapid reconfigurability and easy portability

5VEE uses actual code for all protocols powering the Global Internet

VEE Internet-in-a-Box

VEE Test Advantages

• Realistic Fidelity• Repeatability• Low Cost Test HW• Fast Reconfiguration• Full Data Collection

• Standard Commercial

Laptop Contains All

Necessary Software

• No External Connections

Required

6

Windows

Linux/UNIX

Virtual Router

Virtual Network System 1

Virtual Network System 2

Real Network Systems

Cyber

War

Gaming

Cyber

Mission

Forces

Training

Challenges

Network

RDT&E

Real Router/ Switch

Real Tactical Systems

Configuring network infrastructure– Transport: SDH, GigEthernet– Optical: WDM routing– Circuit switching: PSTN/SS7– Protocols: LANs/MANs/WANs– Addresses: IPv4, IPv6– Dual stack IPv4/IPv6, transition

addressing– IPSec, IKE/ISAKMP– Mobile-IP, NEMO– Tunneling IP6-Over-IPv4– MPLS, RSVP-TE, LDP, …– Routing: RIP, OSPF, BGP, …– Application: clients, servers, …– Services: DNS, DHCP, NTP, …

VEE• Cloned and emulated• Internet routing architectures

(OSPF/BGP)• Internet Protocol (IPSec)

security architecture and IKE/ISAKMP security negotiations

• Securing routing exchanges with IPSec

• Mobile-IP architecture • Complex IT infrastructure

deployment for IC customer• IPv6/IPv4 integration• Joint Chiefs of Staff Criteria #5

for IPv6 readiness• Label -switched path

(MPLS/LDP)• PSTN and SS7 signaling 7

Configuring wireless– IEEE 802.11, …– Tactical links– Atmospheric effects– Terrain location– …

Configuring mobility– Mobile-IP– Network Mobility (NEMO)

• Network on Navy ships– Mobile Ad hoc network (MANET)– …

8

VEE• Emulated IC customer’s

mobile architecture with nested IPSec tunneling and RC4-based WEP security

VEECloned and Emulated IEEE 802.11, Mobile-IP and routing MANETs

Configuring security– Firewalls, – Access control lists (ACLs)– Security policies, – Cross-domains solution (CDS)– IPSec/VPNs– Red/Black Boundary, HAIPE– Encryption/Authentication– Defense-in-depth– Node vulnerabilities from NVD – Malware (virus, trojan, worm,

botnet) propagation– Vendor rules sets(PCI-DSS, DISA

STIG)– Host Based Security System

(HBSS)– Computer network operations

9

VEEOffers unprecedented support to• IA & Security Engineering• Information assurance process

• Risk management• Security Standards

• IA compliance/certification /accreditations• Checking integrity and robustness of security

configurations• Emulate network state-dependent dynamic

vulnerabilities

VEEEmulated Internet security standards and security configuration• IPSec, IKE/ISAKMP, VPNs. Firewalls, ACLs, HAIPEs• Security configurations and vulnerabilities• Compliance to security standards• Attack vectors • Virus propagations

Using realistic data sets:• Of sufficient size

• Proper encapsulations

• Free from legal issues such as USSID 18

• Red teams found VEE generated synthetic data sets indistinguishable from real data

10

VEEUsed to create large (~ 5TB) data sets to support testing and training funded by DoD/IC• proper protocol encapsulations and free from legal

issues (USSID 18) using 20 million synthetic , mobile cyber personas on scale-free network infrastructures communicating using telephone (fixed and mobile) and email

VEECreated synthetic Biometric data (Iris image: 256-bytes) to test Base Access Thread in Joint Biometric architecture• Synthetic Iraqi population: 1,008,000 individuals from 24 major Iraqi cities• Demographics of Iraq with regard to ethnic-religious and occupation/industry distributions• Individuals have unique home/mobile phone numbers, email addresses, and personal data

including age, gender, personality, location, job, and ethnic-religious identity

Due to classified nature recent applications of VEE in support of significant SoSE&I,

– we use an earlier and application of VEE in support of Joint Biometric Architecture Emulation as a SoS deployment and performance analysis funded by CERDEC/CIO G6.

SoS Components of Joint Biometric Architecture are– Three Biometric Databases at Base, Regional, National levels– Three network systems at Base, Regional, National levels– Internet for global connectivity– Distributed base access application involving asynchronous

interactions among various systems across the globe

Details of SoS emulation example used are published in a refereed paper entitled,

“Building Systems with Predictable Performance: A Joint Biometrics Architecture Emulation” by Kristin Giammarco and Deepinder Sidhu, published in Proc. MILCOM 2008.

11

Clone and emulate Joint Biometrics Architecture

– Provide technical insight on systems comprising the planned FOB/AOR-level capability in a system of systems context

– Evaluate performance along some threads in operational environment

Suggested by Army Staff as first application of TeleniX Suite. Performed in support of CECOM.

12

Create a full-fidelity clone of the Joint Biometrics Architecture in VEE without the cost of buying equipment

• Provide quantitative support to acquisition decision process• Demonstrate concept of operations (CONOP)• Support risk reduction/mitigation in As-Is to To-Be

transformation• Predict performance under operational scenarios• Predict threshold and objective values of Key Performance

Parameters (KPPs)• Demonstrate Net-Ready KPPs (NR-KPPs) compliance for GIG• Support building system with predictable performance• Support architecture governance, compliance and oversight

Provide technical insight on systems comprising the planned (FY09) FOB/AOR-level capability in a system of systems context

13

VEE allows integration of existing SoS components to clone of other components in VEE as needed to emulate the entire SoS

Emulate base access thread– Verify/Validate/Enroll

Data Input– Architecture products

• OVs from AIMD, TVs from ASEO CERDEC, SVs

• Information from USCENTCOM – BioAPI

• ISO Biometrics standard– Base Access technical thread

• DoD Biometrics CONOP– Network configuration & BioDBs

synchronization • Communication with USCENTCOM

14

Assumptions (easily changeable)• BioDB sizes (1 million synthetic Iraqis)• Base arrival rate• Base access allow/deny/detain

percentages• Three-tier BioDBs hierarchy

Synthetic Iris Biometric Database– Synthetic Iraqi population of 1,008,000

individuals from 24 major Iraqi cities

– Demographics of Iraq with regard to ethnic-religious and occupation/industry distributions

– Individuals have unique home/mobile phone numbers, email addresses, and personal data including age, gender, location, job, and ethnic-religious identity

– Iris image data (256-bytes)

Biometric Database Implementation– Microsoft SQL Server, Compact Edition

– BioAPI standard15

Synthetic Biometric Database• Free from legal issues• Matches statistical

properties of a real database

• Used to train analysts• Goodfellow Air

Force Base• Tested accuracy of

biometric-based authentication products

• Supported experiments with biometric fusion techniques

16

Biometrics Architecture Emulation

Joint Biometric Architecture Emulation

17

Access Terminal Configuration


18

Bio-DB Server Configuration


19

Packets Transmitted on Link to the Base Bio-DB Server


20

Log of Events Occurring at the Base Bio-DB Server Interface


21

Access Terminal 4 Request Response time


Access Terminal 4: Response Time (us) vs. Time

0

1000000

2000000

3000000

4000000

5000000

6000000

7000000

8000000

9000000

10000000

0 2000 4000 6000 8000 10000 12000

Time (seconds)

Res

po

nse

Tim

e (u

s)

22

Access Terminal Delivered Traffic (Kbps)


A c c e s s T e rm in a l 1 /N E 2 2 : D e liv e re d tra ffic (K b p s ) v s . T im e

0

1

2

3

4

5

6

7

8

9

1 0

0 5 0 0 1 0 0 0 1 5 0 0 2 0 0 0 2 5 0 0 3 0 0 0 3 5 0 0 4 0 0 0

T im e (se c o n d s)

De

liv

ere

d tra

ffic

(K

bp

s)

23

Network Bandwidth Utilization


24

Base Bio-DB Server Delivered Traffic


Base Bio-DB Server/NE32: Delivered traffic (Kbps) vs. Time

0

1

2

3

4

5

6

7

8

9

10

0 500 1000 1500 2000 2500 3000 3500 4000

Time (seconds)

Deli

vere

d t

raff

ic (

Kb

ps)

VEE Has Demonstrated Unprecedented Capabilities for SoS Engineering & Integration including:

– Creating high-fidelity (bit-level) clones in a VEE without the high cost of buying equipment

– SoS emulation capability for developing reliable, robust, secure, survivable, and optimized Network Architectures with predictable performance in support of Warfighters

– Capability for risk reduction during As-Is to To-Be transformation– Capability for cloning and testing deployment configurations of SoS

under real-world operational scenarios that can also generate emergent states of a SoS

– Capability to provide deep technical insight about architecture KPPs and NR-KPPs gained from emulation of systems in an SoS context

– Innovative, low cost capability for providing quantitative support to MDPs, AoA, JCIDS process, and architecture governance, compliance, testing, and oversight

Summary & Conclusions

VEE allows integration of real SoS components with clones of other components in VEE to emulate the entire SoS and address

the Cyber security risks of Emergent Behaviors (EBs) 25

sos engineering: problems, solution and challenges 1400... · •packet encapsulations, route...

Documents