A Situation-Aware Information Infrastructure
Lead Research Organisation:
Lancaster University
Department Name: Computing & Communications
Abstract
Resilience is a vital property of communications systems and unified ICT environments, and is achieved mainly by infrastructural redundancy, and static security and network control (e.g., through multipath routing protocols, signature-based intrusion detection systems). This results in mostly monolithic solutions that are service and location-specific, and they protect the infrastructure against a static and well-defined set of threats. However, current approaches do not incorporate, nor do they take advantage of, the wealth of spatio-temporal information available in today's ICT environments, such as sensing, logs, packet data, or external global media feeds. Such diverse data and information sources from heterogeneous environments unified over ICT infrastructures can be exploited to create situation awareness, and can help protect the infrastructure from a range of dynamic and emerging adversarial events (e.g., from new types of failures due to complexity and centralisation, to denial of service attacks and natural disasters) that current static approaches fail to provide [1][2][3].
At the same time, today's ICT environments are evolving as crucial, mission-critical socio-economic systems, and their optimal performance depends on adaptive and intelligent schemes to ensure resilient operation at the onset of legitimate or malicious adversarial events. In order to realise this aim, there needs to be a suitable instrumentation, measurement, analysis, and control infrastructure that will operate natively with, and add intelligence to, the unified networked environment.
In this project, we propose to design and develop a generic, resilient and adaptive situation-aware information infrastructure that would predict and confront the broad range of challenges faced by the network. We aim to provide novel and practical mechanisms that will enable a deeper understanding of the dynamic and non-stationary evolution of mission-critical systems through harnessing 'big data' sets of relevant internal (monitored) and external (global media feeds) spatio-temporal information - what we call 'context'. Our mechanisms will be incorporated as a protocol suite within a Software-Defined architecture, integrated as a native component in (future) computer networks design. This project is not simply aiming at integrating off-the-shelf solutions into a unified scheme, but rather to revisit the resilience challenge in mission-critical ICT environments and contribute new solutions to the information processing, algorithmic, networking and systems aspects of such undertakings.
The research will be carried out over two years jointly at the Universities of Lancaster and Glasgow, involving investigators with a wide range of expertise (from resilient and autonomic communications, through network instrumentation and management, to information retrieval) and in collaboration with a number of leading industrial partners in the areas of safety-critical systems (NATS), industrial control networks (EADS-IW), and hardware-accelerated custom computation products (Solarflare). This consortium will ensure delivery of excellent research results with direct industrial applicability and transformative effects on future intelligent mission-critical infrastructures.
[1]. Windows Azure service interruption:
http://blogs.msdn.com/b/windowsazure/archive/2012/08/02/root-cause-analysis-for-recent-windows-azure-service-interruption-in-western-europe.aspx
[2]. Air Traffic Management system malfunction at Dublin Airport:
http://www.computerworld.com/s/article/9110319/Dublin_Airport_radar_system_brought_down_by_faulty_network_card
[3]. Power outage hits London Data Centre:
http://www.theregister.co.uk/2012/07/10/data_centre_power_cut/
At the same time, today's ICT environments are evolving as crucial, mission-critical socio-economic systems, and their optimal performance depends on adaptive and intelligent schemes to ensure resilient operation at the onset of legitimate or malicious adversarial events. In order to realise this aim, there needs to be a suitable instrumentation, measurement, analysis, and control infrastructure that will operate natively with, and add intelligence to, the unified networked environment.
In this project, we propose to design and develop a generic, resilient and adaptive situation-aware information infrastructure that would predict and confront the broad range of challenges faced by the network. We aim to provide novel and practical mechanisms that will enable a deeper understanding of the dynamic and non-stationary evolution of mission-critical systems through harnessing 'big data' sets of relevant internal (monitored) and external (global media feeds) spatio-temporal information - what we call 'context'. Our mechanisms will be incorporated as a protocol suite within a Software-Defined architecture, integrated as a native component in (future) computer networks design. This project is not simply aiming at integrating off-the-shelf solutions into a unified scheme, but rather to revisit the resilience challenge in mission-critical ICT environments and contribute new solutions to the information processing, algorithmic, networking and systems aspects of such undertakings.
The research will be carried out over two years jointly at the Universities of Lancaster and Glasgow, involving investigators with a wide range of expertise (from resilient and autonomic communications, through network instrumentation and management, to information retrieval) and in collaboration with a number of leading industrial partners in the areas of safety-critical systems (NATS), industrial control networks (EADS-IW), and hardware-accelerated custom computation products (Solarflare). This consortium will ensure delivery of excellent research results with direct industrial applicability and transformative effects on future intelligent mission-critical infrastructures.
[1]. Windows Azure service interruption:
http://blogs.msdn.com/b/windowsazure/archive/2012/08/02/root-cause-analysis-for-recent-windows-azure-service-interruption-in-western-europe.aspx
[2]. Air Traffic Management system malfunction at Dublin Airport:
http://www.computerworld.com/s/article/9110319/Dublin_Airport_radar_system_brought_down_by_faulty_network_card
[3]. Power outage hits London Data Centre:
http://www.theregister.co.uk/2012/07/10/data_centre_power_cut/
Planned Impact
This project has excellent potential for significant direct and indirect impact for a range of beneficiaries. This is already partly evident from the explicit interest and contributions offered by our four leading industrial partners, namely EADS-IW, NATS, Solarflare and JANET that are offering significant resources and data to tackle the objectives of this work.
We will also participate in appropriate standardization activities with ENISA and organize workshops co-located with prestigious conferences such as ACM SIGCOMM, ACM SIGIR and IEEE INFOCOM. Apart from aiming to publish in these conferences we will also target major events such as IFIP/IEEE IM, IFIP/IEEE NOMS, and high-profile journals such ACM/IEEE Transaction in Networking, i.e we are also aiming for high impact in the scientific domain alongside industrial and societal impact.
Directly, the outcomes of this work will have immediate and longer-term impact for the following beneficiaries:
Mission-critical infrastructure and service providers - The situation-aware information infrastructure that will result from this work, integrated with next generation networking architectures, will significantly improve the resilience, adaptability and seamless operation of future unified ICT environments at the onset of adversarial events. Results from this work will increase service predictability and dependability and will have a direct positive impact on return on investment.
Hardware and network equipment vendors - Results from this work will provide new insights in the instrumentation, measurement, and analysis support that will need to be provided natively and at very high-speeds by future resilient and situation-aware infrastructures. We will produce prototype hardware-accelerated processing modules that equipment vendors can then optimize and incorporate into their future platforms. ASIC, FPGA, and switch/router equipment vendors (e.g., Cisco, HP, Juniper) are particularly likely to benefit.
Software-Defined Networking (SDN) vendors - This work will provide a new suite of situation-aware protocols that will operate as part of a framework for fast and flexible, programmable service deployment in short timescales. We will extend the current SDN model to provide for increased distributed intelligence alongside the centralised abstraction of the network control plane. SDN and Openflow software and equipment vendors will benefit from this extended functionality.
Security solutions providers - The proposed work will develop novel online anomaly and intrusion detection algorithms that will harness both operational data and external information sources of input in order to detect, identify and remediate threats to the infrastructures. This will shed new light on combinatorial information processing and potentially to novel patterns of abnormal system-wide behaviour. Security software warehouses and security assessment companies will particularly benefit from these outcomes.
Information retrieval and filtering software providers - The parallel processing of global public content sources to extract information relevant to particular infrastructures while simultaneously creating notions of locality, time, and incident context, will shed new light on processing high-volume, high velocity, and high-noise information feeds.
Indirectly, the following will benefit:
Users - The provision of native resilience mechanisms will benefit the many users who are increasingly using shared infrastructures, and will indirectly facilitate IT-as-a-Utility by making infrastructures more dependable.
The RAs working on this project will develop unique research and development skills in cutting-edge networking, machine learning, and information retrieval and filtering technologies, while working closely with leading industry providers.
We will also participate in appropriate standardization activities with ENISA and organize workshops co-located with prestigious conferences such as ACM SIGCOMM, ACM SIGIR and IEEE INFOCOM. Apart from aiming to publish in these conferences we will also target major events such as IFIP/IEEE IM, IFIP/IEEE NOMS, and high-profile journals such ACM/IEEE Transaction in Networking, i.e we are also aiming for high impact in the scientific domain alongside industrial and societal impact.
Directly, the outcomes of this work will have immediate and longer-term impact for the following beneficiaries:
Mission-critical infrastructure and service providers - The situation-aware information infrastructure that will result from this work, integrated with next generation networking architectures, will significantly improve the resilience, adaptability and seamless operation of future unified ICT environments at the onset of adversarial events. Results from this work will increase service predictability and dependability and will have a direct positive impact on return on investment.
Hardware and network equipment vendors - Results from this work will provide new insights in the instrumentation, measurement, and analysis support that will need to be provided natively and at very high-speeds by future resilient and situation-aware infrastructures. We will produce prototype hardware-accelerated processing modules that equipment vendors can then optimize and incorporate into their future platforms. ASIC, FPGA, and switch/router equipment vendors (e.g., Cisco, HP, Juniper) are particularly likely to benefit.
Software-Defined Networking (SDN) vendors - This work will provide a new suite of situation-aware protocols that will operate as part of a framework for fast and flexible, programmable service deployment in short timescales. We will extend the current SDN model to provide for increased distributed intelligence alongside the centralised abstraction of the network control plane. SDN and Openflow software and equipment vendors will benefit from this extended functionality.
Security solutions providers - The proposed work will develop novel online anomaly and intrusion detection algorithms that will harness both operational data and external information sources of input in order to detect, identify and remediate threats to the infrastructures. This will shed new light on combinatorial information processing and potentially to novel patterns of abnormal system-wide behaviour. Security software warehouses and security assessment companies will particularly benefit from these outcomes.
Information retrieval and filtering software providers - The parallel processing of global public content sources to extract information relevant to particular infrastructures while simultaneously creating notions of locality, time, and incident context, will shed new light on processing high-volume, high velocity, and high-noise information feeds.
Indirectly, the following will benefit:
Users - The provision of native resilience mechanisms will benefit the many users who are increasingly using shared infrastructures, and will indirectly facilitate IT-as-a-Utility by making infrastructures more dependable.
The RAs working on this project will develop unique research and development skills in cutting-edge networking, machine learning, and information retrieval and filtering technologies, while working closely with leading industry providers.
Organisations
- Lancaster University (Lead Research Organisation)
- UNIVERSITY OF GLASGOW (Collaboration)
- UNIVERSITY OF LEEDS (Collaboration)
- Austrian Institute of Technology (Collaboration)
- Jisc (Project Partner)
- Solarflare Communications (Project Partner)
- EADS Defense and Security Systems Ltd (Project Partner)
- National Air Traffic Services (United Kingdom) (Project Partner)
Publications
Alayed W
(2017)
Evaluation of RPL's Single Metric Objective Functions
Csikor L.
(2018)
HARMLESS: Cost-Effective Transitioning to SDN for Small Enterprises
in 17th International IFIP TC6 Networking Conference, Networking 2018
Cui L
(2017)
PLAN: Joint Policy- and Network-Aware VM Management for Cloud Data Centers
in IEEE Transactions on Parallel and Distributed Systems
Cziva R
(2018)
Dynamic, Latency-Optimal vNF Placement at the Network Edge
Cziva R
(2017)
Ruru
Description | The grant is proceeding well, and is in its final phase -- reporting on findings will be done in due course. |
Exploitation Route | We are discussing engagement with ENISA, the European Network and Information Security Agency, to promote our results as well as the new discipline of resilience. This is in addition to working with our industry use case partners, with GCHQ, and the UK Academic Resilience Forum. Most recently, we have established a broader technical liaison with JISC/JANET under a NDA. |
Sectors | Aerospace Defence and Marine Digital/Communication/Information Technologies (including Software) Energy Environment Financial Services and Management Consultancy Healthcare Manufacturing including Industrial Biotechology Security and Diplomacy Transport |
Description | We have used the work to contribute to a study of resilient systems following the recent floods and consequent disruption of the electricity supply in the Lancaster area. One of the academics also spoke at a breakfast meeting in London at the Houses of Parliament, on research in resilient systems. Our work has enabled further discussion with AIT in Vienna about future testbeds and research on resilient systems enabled by situational awareness. The case study with JISC/JANET has yielded interesting new technical directions. |
First Year Of Impact | 2016 |
Sector | Digital/Communication/Information Technologies (including Software),Energy,Environment |
Impact Types | Cultural Societal Policy & public services |
Description | COST |
Amount | € 100,000 (EUR) |
Funding ID | CA15127 |
Organisation | European Cooperation in Science and Technology (COST) |
Sector | Public |
Country | Belgium |
Start | 03/2016 |
End | 02/2020 |
Description | Resilient and energy-aware computer networks |
Organisation | University of Leeds |
Department | Faculty of Medicine and Health |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | Working with University of Leeds (Professor Jaafar Elmirghani), we have spent a large amount of academic time on the collaboration -- contributing mainly expertise, intellectual input and also access to the testbeds at Lancaster University's InfoLab21. |
Collaborator Contribution | Professor Elmirghani led the EPSRC funded INTERNET Programme Grant; I was an adviser on the project. Later, we teamed up on a new research proposal, which we are currently preparing -- including work with industrial partners. |
Impact | None yet -- awaiting funding ... |
Start Year | 2015 |
Description | Resilient and secure systems |
Organisation | Austrian Institute of Technology |
Country | Austria |
Sector | Private |
PI Contribution | We provide consultancy and know-how in resilient systems design |
Collaborator Contribution | They provide real-world examples of problems, and contacts with industry partners |
Impact | Several so far, including publications and two international, collaborative workshops -- one held in Germany on flexible networked systems and the other in Austria on Critical Infrastructures Protection |
Start Year | 2013 |
Description | Situational awareness for resilient systems |
Organisation | University of Glasgow |
Country | United Kingdom |
Sector | Academic/University |
PI Contribution | We are providing the know-how on resilient computer networks management |
Collaborator Contribution | They are providing data science inputs and know-how. |
Impact | Multi-disciplinary within the general field of computer science; but also people and organisational issues. This project has only recently started ... |
Start Year | 2015 |