Resilience of Service-oriented and Time-sensitive Mission-critical Networks

Abstract

Modern mission-critical systems (MCSs) have become complex technological ecosystems that consist of several inter-connected services with various quality of service (QoS) and resilience requirements. Their increasing heterogeneity and connectivity make MCSs vulnerable to further safety and security threats. Moreover, traditional system design and networking technologies remain inadequate due to their limitations on configurability and extensibility. Therefore, two new design paradigms, service-oriented architecture (SOA) and IEEE 802.1 Time-sensitive Networking (TSN) protocols, have been recently employed in MCSs to fulfill their evolving requirements. SOA enables allocating service instances on top of virtualized embedded nodes, which provides significant design flexibility. TSN unifies various networking equipment and protocols to forward time-sensitive data streams on top of standard Ethernet technologies that are less costly and easy to deploy. Both paradigms enable novel countermeasures against safety and security threats, thus increasing the resilience of MCSs. However, this induces additional complexity for distributing services and configuring time-sensitive streams, which can introduce additional safety and security threats that should be rigorously investigated.

Accordingly, in this cumulative thesis, we present several contributions to collectively build resilient, service-oriented, and time-sensitive MCSs. These contributions constitute the complementary design artifacts for the initial configuration, maintenance, and protection of MCSs. They are further aligned with our primary resilience goals: fault tolerance, autonomy, and security.

For resilient service-oriented design, we first optimally allocate resources for mixed-criticality services and data routing satisfying their QoS requirements. This also includes reserving backup resources for fault tolerance in case of node and link failures. Then, we develop a distributed and autonomous orchestration mechanism to maintain this service configuration without relying on a centralized controller. Lastly, we model defensive strategies by redistributing services and rerouting their communication paths for an increased security against targeted attacks.

For resilient time-sensitive networking, firstly, we optimally schedule time-sensitive streams by developing an autonomous configuration mechanism for a prominent TSN scheduling protocol. We then propose a strategy to find the most reliable redundant paths against multiple link failures and configure them for the only fault tolerance protocol among TSN standards. Lastly, we explore potential attack vectors against TSN protocols and propose an open-source security monitoring system.

Finally, we discuss several potential research topics to address further complexity, interconnectivity, and security issues regarding MCSs as future work.