Service-based Resilience via Shared Protection in Mission-critical Embedded Networks

Abstract : Mission-critical networks, which for example can be found in autonomous cars and avionics, are complex systems with a multitude of interconnected embedded nodes and various service demands. Their resilience against failures and attacks is a crucial property and has to be already considered in their design phase. In this paper, we introduce a novel approach for optimal joint service allocation and routing, leveraging virtualized embedded devices and shared backup capacity for the fault-tolerant design of mission-critical networks. This approach operates in phases utilizing multiple optimization models. Furthermore, we propose a new heuristic that ensures resource efficiency and faulttolerance against single node and link failures as pre-requisite for resilience. Our experiments for different application scenarios indicate that our heuristic achieves results close to the optimum and provides 50% of capacity gain compared to a dedicated capacity protection scheme. Moreover, our heuristic ensures faulttolerance against at least 90% of all potential single node failures

 EXISTING SYSTEM :

 ? The existing embedded security methods have been found ad-hoc, passive and strongly rely on building and maintaining trust. ? To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. ? The existing embedded systems lack the capability to respond against attacks, making a need for active response against attacks a fundamental security requirement for cyber resilient embedded systems. ? Nevertheless, constantly evolving cyber attacks demand continuous reevaluation for effective response and mitigation strategies

 DISADVANTAGE :

 ? Implement the column generation method to enhance our previous model and to solve the extended problem for larger topologies and service overlays more effectively. ? The resulting model provides fault-tolerance against all single node failures. ? we introduce our service-based resilience model and the optimization models for the resilient service deployment and routing problem under shared backup capacity. ? Some other related studies present the optimization problems with resilience constraints.

 PROPOSED SYSTEM :

 • The paper establishes a strong need for embedded cyber resilience for smart technologies, due to lack of active detection, response and recovery security functionalities within existing embedded security systems. • This is due to the majority of embedded security technologies being guided by trust, which has been compromised due to a lack of runtime monitoring and system-level visibility of resources and system activities. • Therefore, this paper proposed three embedded microarchitectural characteristics, allowing independent active runtime system monitoring and active response functions to enhance, maintain and ensure secure operation during the life cycle of the device.

 ADVANTAGE :

 ? Minimizing the total path length can be considered as both performance and cost optimization. ? That is, allocating shorter paths enables establishing low-latency communications, i.e., here with less hops, and decreasing the number of occupied links, which is especially important for mission-critical networks to reduce the cost and the complexity of the system. ? To measure the performance of our optimization scheme and heuristic, we considered a number of scenarios and used a set of metrics. ? We evaluated the performance of the optimization models and the heuristic for different types of topologies and service overlays.