Fig 2 - uploaded by Poul E. Heegaard
Content may be subject to copyright.
Source publication
Software-Defined Networking (SDN) promises to improve the programmability and flexibility of networks, but also brings new challenges that need to be explored. The main objective of this paper is to include failure correlation in a quantitative assessment of the properties of SDN backbone networks to determine whether they can provide similar avail...
Contexts in source publication
Context 1
... this paper, we analyse the availability of a nation-wide backbone network that consists of 10 nodes across 4 cities, and two dual-homed SDN controllers. See Figure 2 for an illustration of the topology. The nodes are located in the four major cities in Norway, Bergen (BRG), Trondheim (TRD), Stavanger (STV), and Oslo (OSL). ...
Context 2
... results of the evaluation of the unavailability of the principal minimal-cut sets in three scenarios are depicted in Figure 22. The figure highlights the following observations: ...
Context 3
... When the failure correlation increases, the failure modes with three failed network elements get an increased impact on the network unavailability in both traditional network and SDN, although the failure modes getting an increasing dominance are different (see Figure 22). There are few empirical studies on correlated network failures, apart from those due to catastrophic environmental events, such as hurricanes and earthquakes. ...
Similar publications
Network function virtualization (NFV) is a promising technique of high quality, flexible and scalable service for telecommunication companies clients and for enterprise data center clients. One of the important capabilities of this technique is providing a virtual service as a combination of multiple virtual functions. There are two types of virtua...
In this work we demonstrate an automatic intent-based encryption layer selection and configuration for a multilayer network covering IP and optical utilizing an open source SDN orchestrator. Results indicate that the processing impact of a secure channel creation is negligible.
Citations
... The cluster is composed of multiple SW and HW instances that share the computational load and enable redundancy. This approach is similar to the one used to model the Software-Defined Networking (SDN) controller [35,36]. The SDN is a networking paradigm that separates the control plane and the data plane and logically centralizes the control plane in one element, the controller [37]. ...
... Using the values in Table 3, we numerically evaluate the unavailability under the proposed model, also in comparison with the baseline model from [8]. Note that the numbers given in Table 3 are mean values, mostly taken from the literature and statistical reports [32,36,14]. However, the difference in actual values can be high, depending on several factors. ...
Multi-access Edge Computing (MEC) is an essential technology for the fifth generation (5G) of mobile networks. MEC enables low-latency services by bringing computing resources close to the end-users. The integration of 5G and MEC technologies provides a favorable platform for a wide range of applications, including various mission-critical applications, such as smart grids, industrial internet, and telemedicine, which require high dependability and security. Ensuring both security and dependability is a complex and critical task, and not achieving the necessary goals can lead to severe consequences. Joint modeling can help to assess and achieve the necessary requirements. Under these motivations, we propose an extension of a two-level availability model for a 5G-MEC system. In comparison to the existing work, our extended model (i) includes the failure of the connectivity between the 5G-MEC elements and (ii) considers attacks against the 5G-MEC elements or their interconnection. We implement and run the model in M\"{o}bius. The results show that a three-element redundancy, especially of the management and core elements, is needed and still enough to reach around 4-nines availability even when connectivity and security are considered. Moreover, the evaluation shows that slow detection of attacks, slow recovery from attacks, and bad connectivity are the most significant factors that influence the overall system availability.
... However, the recall (or TPR) is modest, meaning the RLV may overlook some instances of fake links (see Table IV). Note that in some applications, such as the SDN IP backbone [40], which contains hundreds of high bandwidth links, the RLV system must ensure high precision, even at the expense of a modest recall, to prevent the unwarranted removal of a normal link. We can improve the modest recall in RLV through subsequent rounds of model training and testing. ...
Software-defined networking (SDN) has been widely adopted in different networks, such as datacenter and service providers. The SDN controller has the entire network view and is responsible for managing it. To obtain such a view of the network, the controller employs link discovery protocols, which are vulnerable to attacks such as link fabrication attacks (LFAs). TopoGuard and TopoGuard+ are two major systems detecting LFAs. This paper introduces a link latency attack (LLA) that can bypass the defence mechanism of both systems. LLA can poison the view of the SDN controller from the network topology and causes outages, resulting in poor quality of service (QoS) or quality of experience (QoE). To mitigate this, we develop two machine learning-based defence systems, namely machine learning-based link guard (MLLG) and real-time link verification (RLV), to preserve the required defence for LLA. The MLLG works when the network topology rarely updates, while RLV can support frequent updates. Furthermore, RLV trains itself over a link latency dataset (LLD)– including latency data of fabricated and normal links– that is captured from the ongoing packets in the network. It also implements outlier detection techniques to identify a dynamic threshold for link latency. We test both systems on different scenarios using Mininet and show that they achieve reasonable results compared with current defence algorithms. Specifically, RLV presents the highest detection performance (F1-score) to 70% at less than 0.2% false-positive rate. The system also supports the robustness features when the attack rates vary from 3% to 7% in our simulated network.
... RU, DU, CU, and MEH have instead a dedicated model. Some models are influenced by works on NFV [15], [16] and Software-Defined Networking (SDN) [18], [19]. Some concepts are reused within the models to represent similar components. ...
... Finally, Table I lists all the default values that were used to evaluate all the models and they are based on previous works with similar components [15], [19]. Some of the values are the same across the models because they represent rates in similar components. ...
Multi-access Edge Computing (MEC) is one of the enabling technologies of the fifth generation (5G) of mobile networks. MEC enables services with strict latency requirements by bringing computing capabilities close to the users. As with any new technology, the dependability of MEC is one of the aspects that need to be carefully studied. In this paper, we propose a two-level model to compute the availability of a 5G-MEC system. We then use the model to evaluate the availability of a 5G-MEC system under various configurations. The results show that having a single redundancy of the 5G-MEC elements leads an acceptable availability. To reach a high availability, the software failure intensity of the management elements of 5G and MEC should be reduced.
... A first way of evaluating the dependability of a new system is to realize dependability models. For example, this approach has been used to evaluate the availability of SDN [176] and NFV [177]. A dependability model can allow to evaluate the impact of the elements composing the MEC system and identify the critical issues. ...
The Fifth Generation (5G) of mobile networks offers new and advanced services with stricter requirements. Multi-access Edge Computing (MEC) is a key technology that enables these new services by deploying multiple devices with computing and storage capabilities at the edge of the network, close to end-users. MEC enhances network efficiency by reducing latency, enabling real-time awareness of the local environment, allowing cloud offloading, and reducing traffic congestion. New mission-critical applications require high security and dependability, which are rarely addressed alongside performance. This survey paper fills this gap by presenting 5G MEC’s three aspects: security, dependability, and performance. The paper provides an overview of MEC, introduces taxonomy, state-of-the-art, and challenges related to each aspect. Finally, the paper presents the challenges of jointly addressing these three aspects.
... This approach is particularly suitable for SDN networks as it can be implemented at the SDN controller where information about the current failure rates and status of network elements can be stored and analyzed. The issue of failure correlation between nodes in an SDN network and its impact on availability have also been studied in [27]. While most of the above studies primarily look at the data plane, the issue of reconstruction of control paths between SDN nodes and SDN controllers has been recently examined in [28]. ...
We consider the problem of SDN flow optimization in the presence of a dynamic probabilistic link failures model. We introduce a metric for path risk, which can change dynamically as network conditions and failure probabilities change. As these probabilities change, the end-to-end path survivability probability may drop, i.e., its risk may rise. The main objective is to reroute at-risk end-to-end flows with the minimum number of flow operation so that a fast flow recovery is guaranteed. We provide various formulations for optimizing network risk versus operational costs and examine the trade-offs in flow recovery and the connections between operational cost, path risk, and path survival probability. We present our suboptimal dynamic flow restoration methods and evaluate their effectiveness against the Lagrangian relaxation approach. Our results show a significant improvement in operational cost against a shortest-path approach.
... We base our work on SANs because of their wide adoption across different domains, thanks to their flexibility and the support provided by the Möbius tool [14]. For example, recent work has employed models based on SANs to evaluate control strategies of smart grids [15], the availability of a backbone network [16], the performance of scheduling algorithms [17], performability in the railway domain [18], and the quality of experience of a distributed interactive application [19]. ...
... This kind of approach has been used by different authors in the construction of models based on SANs, but always in an informal way; see, for example, [15], [16], [19], and [46]. In fact, while an SAN can be used to accurately describe the model of a specific instance of a building block, with its specific characteristics, the general structure of the model and its possible variations can only be described with examples or with descriptions in natural language. ...
... To demonstrate the generality of our formalism, we base the BEDCS network model on the work in [16], in which the objective of the authors was to evaluate a backbone network in Norway, detailing failure correlation between system components. The model in [16] is based on SANs, and it has been defined in a modular way as typically done in the literature. ...
Model-based evaluation is extensively used to estimate the performance and reliability of dependable systems. Traditionally, these systems were small and self-contained, and the main challenge for model-based evaluation has been the efficiency of the solution process. Recently, the problem of specifying and maintaining complex models has increasingly gained attention, as modern systems are characterized by many components and complex interactions. Components share similarities, but at the same time, also exhibit variations in their behavior due to different configurations or roles in the system. From the modeling perspective, variations lead to replicating and altering a small set of base models multiple times. Variability is taken into account only informally, by defining a sample model and explaining its possible variations. In this article, we address the problem of including variability in performability models, focusing on stochastic activity networks (SANs). We introduce the formal definition of stochastic activity networks templates (SAN-T), a formalism based on SANs with the addition of variability aspects. Differently from other approaches, parameters can also affect the structure of the model, like the number of cases of activities. We apply the SAN-T formalism to the modeling of the backbone network of an environmental monitoring infrastructure. In particular, we show how existing SAN models from the literature can be generalized using the newly introduced formalism.
... Kanoun and Ortalo-Borrel [22] proposed a modular approach for modeling the dependability fault-tolerant systems using generalized stochastic Petri net for submodels and model composition. Nencioni et al. [23] present a modular approach for quantitative assessment of the properties of software-defined networking considering failure correlation. Rabah and Kanoun [24] provide an MBA for evaluating performability measures of multipurpose, multiprocessor systems using architectural models, service-level models, and maintenance policy models. ...
Safety and effectiveness are crucial quality attributes for insulin infusion pump systems. Therefore, regulatory agencies require the quality evaluation and approval of such systems before the market to decrease the risk of harm, motivating the usage of a formal Model-Based Approach (MBA) to improve quality. Nevertheless, using a formal MBA increases costs and development time because it requires expert knowledge and thorough analyses of behaviors. We aim to assist the quality evaluation of such systems in a cost-effective and time-efficient manner, providing re-usable project artifacts by applying our proposed approach (named MBA with CPN—MBA/CPN). We defined a Coloured Petri nets MBA and a case study on a commercial insulin infusion pump system to verify and validate a reference model (as a component of MBA/CPN), describing quality assessment scenarios. We also conducted an empirical evaluation to verify the productivity and reusability of modelers when using the reference model. Such a model is relevant to reason about behaviors and quality evaluation of such concurrent and complex systems. During the empirical evaluation, using the reference model, 66.7% of the 12 interviewed modelers stated no effort, while 8.3% stated low effort, 16.7% medium effort, and 8.3% considerable effort. Based on the modelers’ knowledge, we implemented a web-based application to assist them in re-using our proposed approach, enabling simulation-based training. Although a reduced number of modelers experimented with our approach, such an evaluation provided insights to improve the MBA/CPN. Given the empirical evaluation and the case study results, MBA/CPN showed to be relevant to assess the quality of insulin infusion pump systems.
... a) Dependability modelling: A first way of evaluating the dependability of a new system is to realize dependability models. For example, this approach has been used to evaluate the availability of SDN [151] and NFV [152]. A dependability model can allow to evaluate the impact of the elements composing the MEC system and identify the critical issues. ...
The main innovation of the Fifth Generation (5G) of mobile networks is the ability to provide novel services with new and stricter requirements. One of the technologies that enable the new 5G services is the Multi-access Edge Computing (MEC). MEC is a system composed of multiple devices with computing and storage capabilities that are deployed at the edge of the network, i.e., close to the end users. MEC reduces latency and enables contextual information and real-time awareness of the local environment. MEC also allows cloud offloading and the reduction of traffic congestion. Performance is not the only requirement that the new 5G services have. New mission-critical applications also require high security and dependability. These three aspects (security, dependability, and performance) are rarely addressed together. This survey fills this gap and presents 5G MEC by addressing all these three aspects. First, we overview the background knowledge on MEC by referring to the current standardization efforts. Second, we individually present each aspect by introducing the related taxonomy (important for the not expert on the aspect), the state of the art, and the challenges on 5G MEC. Finally, we discuss the challenges of jointly addressing the three aspects.
... There have also been works that addressed the CPP in the context of availability. In Ref. [25], the CPP is addressed for a multiple failure scenario to assess the network availability. In this work, the controller placement is based on a failure correlation assessment of network nodes and links. ...
In Software-Defined Networking (SDN), the control and data planes are decoupled, leading to a more programmable and efficient network management. In this paper, the controller placement problem in SDN is addressed, jointly with the problem of exploring a high-availability tree subgraph, in order to support delay and availability requirements between the switches and the controllers. We consider that each switch connects to a primary and to a backup controller. We formulate the joint optimization model as an integer linear programming model (ILP), and propose a heuristic method when the exact model becomes impractical. Furthermore, we compare two ILP formulations, and we also compare the controller redundancy solutions with those considering path redundancy alone.
... In addition, a few research studies that evaluate network reliability have been conducted utilizing different approaches at the macro-level of network topology: Minimal-cut sets [33], optimization-based class such as the method proposed in [34], enumeration-based class such as a sum of disjoint products method [35], graph-based class such as binary decision diagram (BDD) [36]- [39], decomposition technique [40], [41], and factoring theorem using polygon-to-chain reduction [42], [43]. Visual assessment of network robustness variability was proposed by Manzano et al. [44]. ...
... The closest research to ours in terms of the performance evaluation of both legacy and SDN-based networks is described in Nencioni et al. [33]. This work describes a Markov-based stochastic method to compare the availability of both network architecture designs under correlated failures. ...
... Instead, our approach in this article allows us to consider the failure at both the macro-and micro levels in legacy and SDN-based networks by considering the network topology and instantaneous network state. Furthermore, the paper in [33] is more directed to the study of the availability of network elements which is, in this sense, similar to the reachability rather than the reliability. ...
Designing survivable communication networks to achieve carrier-grade five-nines reliability is of paramount importance for the network operators. This article addresses service reliability and its related aspects such as nodal reachability, network connectivity, and edge-disjoint routing in both traditional networks and software defined networks (SDNs). The proposed roadmap is based on two phases: Fundamental analytical phase and performance evaluation phase. In the first phase, a graph operator is defined to analyze the characteristics of the reliability metric and its associated reachability feature. This phase will focus on both the macro- and micro-level properties of reliability. In the second phase, we exploit the analysis in the former phase to get an insight into the performance evaluation of traditional and SDN-based networks against the reliability metric, and then calculate the statistical significance of the mean difference of their reliability values. Reliability under edge-disjoint paths to avoid resource competition is also investigated. Various types of topologies are utilized to test the service reliability of both architecture designs. Extensive simulation results show that SDN-based networks have comparable performance to its legacy counterpart against the operational reliability metric. Our findings not only shed light on enhancing reliability using edge-disjoint paths under link failure scenarios but also expected to benefit the operators to achieve their service level objectives while migrating from legacy to SDN-based platform.
