SATURN (Self-organising Adaptive Technology underlying Resilient Networks)

The overall project aims are to develop a middleware layer to provide an agile and dependable service-based information infrastructure capable of supporting critical functions. The Warwick effort underpins this by fundamental research into the nature and communicability of interdependencies between organisations providing components of the infrastructure and analysis of the consequent risks.The complexity of systems today makes risk management a difficult task: often mitigation strategies become out of date as technology is installed and processes evolve. The agile nature of business and the fast-paced development of technology results in information infrastructures which are highly dynamic, changing both in configuration of their technology and in their use. The problem is aggravated when we consider a system of enterprises, where vulnerabilities are pervasive, and the infrastructures are interconnected via the Internet or some other common element (which might include members of staff). Here we need to be able to understand the potential impact of a single attack or set of events upon a whole system of systems, where the resilience mechanisms deployed may vary and where the risk management methods adopted may not be consistent. It is currently not possible to predict such an impact beyond the simplest cases (such as where the attack exploits an obvious vulnerability in a common piece of technology, which has a clear impact upon the organisations under attack, and where the potential for an attacker to exploit that vulnerability is known). However, where the potential impact of an attack is not known even within a single organisation, then understanding the cascade effects across a system of such organisations is exceptionally difficult. It is this interdependency problem which we seek to address.We will use our expertise in resilience, formal analysis, intelligence systems (and in particular data fusion) and threat modelling to develop an ontology and generic model of resilience mechanisms and risk-management methodologies, based on those in use in typical representatives of key domains, and to use this to assess the potential for cascade failures across a system of organisations, under a variety of vulnerability and threat models. Specifically, we will explore the relevant technology, process, standards, compliance, human and social (such as economics, WARP, social networking and other forms of collaboration) factors which could directly influence points of vulnerability and weakness. Logical abstractions will be developed and automated inference and model-checking tools will be used to explore the model and run 'what-if' scenarios in order to explore critical dependencies, and the degree of impact which attacks on vulnerabilities might have across the system of systems. The model will be extended to incorporate a formal representation of the SATURN self-healing functionality, allowing for 'what-if' scenarios to be explored and, in particular, potential conflicts between differing systems' strategies for healing and the overall impact on the CNI system of systems. The outputs of the mechanised analysis will be used to scope the experiments to be run on the Cyber Range; identifying potential areas of interest and concern, and healing strategies worthy of realistic simulation and further investigation using the range tools. The key outputs of this analysis will be: * a capability to model (subsets of) CNI as systems of systems, to assess the impact of the varying risk management approaches upon the exposure to threats and vulnerabilities. This capability will be based upon a formal model and automated analysis tools, and will be validated via the Cyber Range experimentation. * specific recommendations resulting directly from the experiments run on the Cyber Range on how organisations adopting differing risk management methodologies might collaborate to manage risk in a joined-up fashion.