26 research outputs found
Failure Analysis in Next-Generation Critical Cellular Communication Infrastructures
The advent of communication technologies marks a transformative phase in
critical infrastructure construction, where the meticulous analysis of failures
becomes paramount in achieving the fundamental objectives of continuity,
security, and availability. This survey enriches the discourse on failures,
failure analysis, and countermeasures in the context of the next-generation
critical communication infrastructures. Through an exhaustive examination of
existing literature, we discern and categorize prominent research orientations
with focuses on, namely resource depletion, security vulnerabilities, and
system availability concerns. We also analyze constructive countermeasures
tailored to address identified failure scenarios and their prevention.
Furthermore, the survey emphasizes the imperative for standardization in
addressing failures related to Artificial Intelligence (AI) within the ambit of
the sixth-generation (6G) networks, accounting for the forward-looking
perspective for the envisioned intelligence of 6G network architecture. By
identifying new challenges and delineating future research directions, this
survey can help guide stakeholders toward unexplored territories, fostering
innovation and resilience in critical communication infrastructure development
and failure prevention
Recommended from our members
Intelligent and bandwidth-efficient medium access control protocols for IEEE 802.11p-based Vehicular Ad hoc Networks
Vehicle-to-Vehicle (V2V) technology aims to enable safer and more sophisticated transportation via the spontaneous formation of Vehicular Ad hoc Networks (VANETs). This type of wireless networks allows the exchange of kinematic and other data among vehicles, for the primary purpose of safer and more efficient driving, as well as efficient traffic management and other third-party services. Their infrastructure-less, unbounded nature allows the formation of dense networks that present a channel sharing issue, which is harder to tackle than in conventional WLANs.
This thesis focuses on optimising channel access strategies, which is important for the efficient usage of the available wireless bandwidth and the successful deployment of VANETs. To start with, the default channel access control method for V2V is evaluated hardware via modifying the appropriate wireless interface Linux driver to enable finer on-the-fly control of IEEE 802.11p access control layer parameters. More complex channel sharing scenarios are evaluated via simulations and findings on the behaviour of the access control mechanism are presented. A complete channel sharing efficiency assessment is conducted, including throughput, fairness and latency measurements. A new IEEE 802.11p-compatible Q-Learning-based access control approach that improves upon the studied protocol is presented. The stations feature algorithms that “learn” how to act optimally in VANETs in order to maximise their achieved packet delivery and minimise bandwidth wastage. The feasibility of Q-Learning to be used as the base of selflearning protocols for IEEE 802.11p-based V2V communication access control in dense environments is investigated in terms of parameter tuning, necessary time of exploration, achieving latency requirements, scaling, multi-hop and accommodation of simultaneous applications. Additionally, the novel Collection Contention Estimation (CCE) mechanism for Q-Learning-based access control is presented. By embedding it on the Q-Learning agents, faster convergence, higher throughput, better service separation and short-term fairness are achieved in simulated network deployments.
The acquired new insights on the network performance of the proposed algorithms can provide precise guidelines for efficient designs of practical, reliable, fair and ultra-low latency V2V communication systems for dense topologies. These results can potentially have an impact across a range of related areas, including various types of wireless networks and resource allocation for these, network protocol and transceiver design as well as QLearning applicability and considerations for correct use
Real-Time Sensor Networks and Systems for the Industrial IoT
The Industrial Internet of Things (Industrial IoT—IIoT) has emerged as the core construct behind the various cyber-physical systems constituting a principal dimension of the fourth Industrial Revolution. While initially born as the concept behind specific industrial applications of generic IoT technologies, for the optimization of operational efficiency in automation and control, it quickly enabled the achievement of the total convergence of Operational (OT) and Information Technologies (IT). The IIoT has now surpassed the traditional borders of automation and control functions in the process and manufacturing industry, shifting towards a wider domain of functions and industries, embraced under the dominant global initiatives and architectural frameworks of Industry 4.0 (or Industrie 4.0) in Germany, Industrial Internet in the US, Society 5.0 in Japan, and Made-in-China 2025 in China. As real-time embedded systems are quickly achieving ubiquity in everyday life and in industrial environments, and many processes already depend on real-time cyber-physical systems and embedded sensors, the integration of IoT with cognitive computing and real-time data exchange is essential for real-time analytics and realization of digital twins in smart environments and services under the various frameworks’ provisions. In this context, real-time sensor networks and systems for the Industrial IoT encompass multiple technologies and raise significant design, optimization, integration and exploitation challenges. The ten articles in this Special Issue describe advances in real-time sensor networks and systems that are significant enablers of the Industrial IoT paradigm. In the relevant landscape, the domain of wireless networking technologies is centrally positioned, as expected
MP-CFM: MPTCP-Based communication functional module for next generation ERTMS
184 p.
El contenido de los capítulos 4,5,6,7,8 y 9 está sujeto a confidencialidadEl Sistema Europeo de Gestión del Tráfico Ferroviario (ERTMS, por sus siglasen inglés), fue originalmente diseñado para los ferrocarriles europeos. Sinembargo, a lo largo de las dos últimas décadas, este sistema se ha convertidoen el estándar de-facto para los servicios de Alta Velocidad en la mayoría depaíses desarrollados.El sistema ERTMS se compone de tres subsistemas principales: 1) el Sistemade Control Ferroviario Europeo (ETCS, por sus siglas en inglés), que actúacomo aplicación de señalización; 2) el sistema Euroradio, que a su vez estádividido en dos subsistemas, el Módulo de Seguridad Funcional (SFM, porsus siglas en inglés), y el Módulo de Comunicación Funcional (CFM, porsus siglas en inglés); y 3) el sistema de comunicaciones subyacente, GSM-R,que transporta la información intercambiada entre el sistema embarcado enel tren (OBU, por sus siglas en inglés) y el Centro de Bloqueo por Radio(RBC, por sus siglas en inglés). El sistema de señalización ETCS soporta tresniveles dependiendo del nivel de prestaciones soportadas. En el nivel 3 seintroduce la posibilidad de trabajar con bloques móviles en lugar de bloquesfijos definidos en la vía. Esto implica que la distancia de avance entre dos trenesconsecutivos puede ser reducida a una distancia mínima en la que se garanticela seguridad del servicio, aumentando por tanto la capacidad del corredorferroviario. Esta distancia de seguridad viene determinada por la combinaciónde la distancia de frenado del tren y el retraso de las comunicaciones deseñalización. Por lo tanto, se puede afirmar que existe una relación directaentre los retrasos y la confiabilidad de las transmisiones de las aplicaciones deseñalización y la capacidad operacional de un corredor ferroviario. Así pues,el estudio y mejora de los sistemas de comunicaciones utilizados en ERTMSjuegan un papel clave en la evolución del sistema ERTMS. Asimismo, unaoperatividad segura en ERTMS, desde el punto de vista de las comunicacionesimplicadas en la misma, viene determinada por la confiabilidad de lascomunicaciones, la disponibilidad de sus canales de comunicación, el retrasode las comunicaciones y la seguridad de sus mensajes.Unido este hecho, la industria ferroviaria ha venido trabajando en ladigitalización y la transición al protocolo IP de la mayor parte de los sistemasde señalización. Alineado con esta tendencia, el consorcio industrial UNISIGha publicado recientemente un nuevo modelo de comunicaciones para ERTMSque incluye la posibilidad, no solo de operar con el sistema tradicional,basado en tecnología de conmutación de circuitos, sino también con un nuevosistema basado en IP. Esta tesis está alineada con el contexto de migraciónactual y pretende contribuir a mejorar la disponibilidad, confiabilidad yseguridad de las comunicaciones, tomando como eje fundamental los tiemposde transmisión de los mensajes, con el horizonte puesto en la definición deuna próxima generación de ERTMS, definida en esta tesis como NGERTMS.En este contexto, se han detectado tres retos principales para reforzar laresiliencia de la arquitectura de comunicaciones del NGERTMS: 1) mejorarla supervivencia de las comunicaciones ante disrupciones; 2) superar laslimitaciones actuales de ERTMS para enviar mensajes de alta prioridad sobretecnología de conmutación de paquetes, dotando a estos mensajes de un mayorgrado de resiliencia y menor latencia respecto a los mensajes ordinarios; y3) el aumento de la seguridad de las comunicaciones y el incremento de ladisponibilidad sin que esto conlleve un incremento en la latencia.Considerando los desafíos previamente descritos, en esta tesis se proponeuna arquitectura de comunicaciones basada en el protocolo MPTCP, llamadaMP-CFM, que permite superar dichos desafíos, a la par que mantener laretrocompatibilidad con el sistema de comunicaciones basado en conmutaciónde paquetes recientemente propuesto por UNISIG. Hasta el momento, esta esla primera vez que se propone una arquitectura de comunicaciones completacapaz de abordar los desafíos mencionados anteriormente. Esta arquitecturaimplementa cuatro tipos de clase de servicio, los cuales son utilizados porlos paquetes ordinarios y de alta prioridad para dos escenarios distintos; unescenario en el que ambos extremos, el sistema embarcado o OBU y el RBC,disponen de múltiples interfaces de red; y otro escenario transicional en el cualel RBC sí tiene múltiples interfaces de red pero el OBU solo dispone de unaúnica interfaz. La arquitectura de comunicaciones propuesta para el entornoferroviario ha sido validada mediante un entorno de simulación desarrolladopara tal efecto. Es más, dichas simulaciones demuestran que la arquitecturapropuesta, ante disrupciones de canal, supera con creces en términos derobustez el sistema diseñado por UNISIG. Como conclusión, se puede afirmarque en esta tesis se demuestra que una arquitectura de comunicaciones basadade MPTCP cumple con los exigentes requisitos establecidos para el NGERTMSy por tanto dicha propuesta supone un avance en la evolución del sistema deseñalización ferroviario europeo
Segment Routing based Traffic Engineering
In modern networks, the increasing volume of network traffic and the diverse range of services with varying requirements necessitate the implementation of more advanced routing decisions and traffic engineering. This academic study proposes a QoS adaptive mechanism called ”Sepitto”, which utilizes Segment routing protocols, specifically SRv6, to address network-traffic control and congestion avoidance. Sepitto leverages data-plane traffic to convey Linux Qdisc statistics, such as queue size, packet drops, and buffer occupancy, in each Linux-based virtual router. By incorporating this information, edge routers become aware of the current network status, enabling them to make informed decisions regarding traffic paths based on QoS classes. SRv6 is employed to direct traffic along desired paths, avoiding congested links and minimizing queuing delays and overall latency. Moreover, Sepitto offers network administrators an interface to customize decision-making processes based on their policies, assigning costs to network graph edges by associating the provided statistics to a certain cost. To incorporate these costs, the implementation employs the Dijkstra algorithm to determine the path with the lowest cost. Performance analysis of Sepitto reveals minimal overhead compared to traditional routing methods, while effectively mitigating network congestion. The results demonstrate that Sepitto reduces traffic round-trip time during congestion while maintaining differentiated treatment for various QoS classes
Real-Time Application of Deep Learning to Intrusion Detection in 5G-Multi-Access Edge Computing
In this thesis, we explore networks for 5G mobile telecommunication, with a real-time
detection of malicious traffic using Deep Learning (DL) and 5G mobile telecommunication
testbeds. To investigate the performance of the core network, Software Defined Networking
(SDN) and Programming Protocol-independent Packet Processors (P4) were selected due to
the potential for programming at the both control and data forwarding layer. SDN and P4 have
predominately been researched on an individual basis with limited research combining the
two to evaluate improvements to the performance of SDN. We have conducted experiments
to explore the hypothesis that combining programmability at both the control plane and
data plane provides a platform with better performance in comparison to that achieved with
SDN+OvS multi-path, grid and transit-stub network models.
A real-time 5G mobile telecommunication testbed has been constructed combining
both software and hardware components. A P4 switch was integrated into the 5G testbed
motivated by the performance gains observed in our initial experiments with P4 and OvS
switch. Service providers use Multi-access Edge Computing (MEC) technology to provide
services on-the-go with low latency, high availability, and high bandwidth, however, MEC
nodes are subject to low processing power, which leaves them susceptible to adversaries
that may target the platform for malevolent purposes. As a result, we built a 5G testbed that
included an MEC node to generate datasets representing both malicious and non-malicious
traffic for use in evaluating algorithms intended to detect malicious network traffic.
A new Intrusion Detection System (IDS) has been developed using a 3-layer
Convolutional Neural Network (CNN), capable of identifying malicious network traffic.
The IDS employs a new injective algorithm capable of encoding network traffic without
loss of information as improved RGB images. A separate algorithm capable of decoding
RGB images back to network traffic was also developed. The IDS was evaluated in terms
of its computational complexity in for example: time, memory and CPU utilisation for the
encoding and decoding algorithms, and its accuracy and loss during training and detection.
We also applied a Convolutional Neural Network to the dataset created on our testbed and
for comparative purposes, to the publicly available datasets UNSW NB-15 and InSDN. The
5G-MEC datasets and detection rate suggest that the employment of current public datasets
for research into 5G-MEC security are now inappropriate.
Lastly, we proposed, developed, deployed and evaluated a Real-Time Deep Learning
Network Intrusion Detection System (RTDL-NIDS) in an MEC node located in the newly
developed 5G-MEC mobile telecommunication testbed in real-time. The deployed Network
Intrusion Detection System, conducts a soft real-time detection. The time spent on each
detection cycle can be defined as a parameter in the RTDL-NIDS. Hence, this system can be
categorised as a soft real-time system. The RTDL-NIDS conducts an initial detection based
on known signatures, followed by the encoding of network traffic to images, detection of
malicious traffic using our CNN algorithm, and finally decoding of the images to identify
the sources of malicious users. We implemented the RTDL-NIDS to function in real-time to
collect conclusive results over the application of DL to the intrusion detection problem in
5G-MEC
Towards Massive Machine Type Communications in Ultra-Dense Cellular IoT Networks: Current Issues and Machine Learning-Assisted Solutions
The ever-increasing number of resource-constrained
Machine-Type Communication (MTC) devices is leading to the
critical challenge of fulfilling diverse communication requirements
in dynamic and ultra-dense wireless environments. Among
different application scenarios that the upcoming 5G and beyond
cellular networks are expected to support, such as enhanced Mobile
Broadband (eMBB), massive Machine Type Communications
(mMTC) and Ultra-Reliable and Low Latency Communications
(URLLC), the mMTC brings the unique technical challenge of
supporting a huge number of MTC devices in cellular networks,
which is the main focus of this paper. The related challenges
include Quality of Service (QoS) provisioning, handling highly
dynamic and sporadic MTC traffic, huge signalling overhead and
Radio Access Network (RAN) congestion. In this regard, this
paper aims to identify and analyze the involved technical issues,
to review recent advances, to highlight potential solutions and to
propose new research directions. First, starting with an overview
of mMTC features and QoS provisioning issues, we present
the key enablers for mMTC in cellular networks. Along with
the highlights on the inefficiency of the legacy Random Access
(RA) procedure in the mMTC scenario, we then present the key
features and channel access mechanisms in the emerging cellular
IoT standards, namely, LTE-M and Narrowband IoT (NB-IoT).
Subsequently, we present a framework for the performance
analysis of transmission scheduling with the QoS support along
with the issues involved in short data packet transmission. Next,
we provide a detailed overview of the existing and emerging
solutions towards addressing RAN congestion problem, and then
identify potential advantages, challenges and use cases for the
applications of emerging Machine Learning (ML) techniques in
ultra-dense cellular networks. Out of several ML techniques, we
focus on the application of low-complexity Q-learning approach
in the mMTC scenario along with the recent advances towards
enhancing its learning performance and convergence. Finally,
we discuss some open research challenges and promising future
research directions
Towards smarter SDN switches:revisiting the balance of intelligence in SDN networks
Software Defined Networks (SDNs) represent a new model for building networks, in which the control plane is separated from the forwarding plane, allowing for centralised, fine grained control of traffic in the network. The benefits of SDN range widely from reducing operational costs of networks to providing better Quality of Service guarantees to its users. Its application has been shown to increase the efficiency of large networks such as data centers and improve security through Denial of Service mitigation systems and other traffic monitoring efforts. While SDN has been shown to be highly beneficial, some of its core features (e.g separation of control and data planes and limited memory) allow malicious users to carry out Denial of Service (DoS) attacks against the network, reducing its availability and performance. Denial of Service attacks are explicit attempts to prevent legitimate users from accessing a service or resource. Such attacks can take many forms but are almost always costly to its victims, both financially and reputationally. SDN applications have been developed to mitigate some forms of DoS attacks aimed at traditional networks however, its intrinsic properties facilitate new attacks. We investigate in this thesis, the opportunity for such Denial of Service attacks in more recent versions of SDN and extensively evaluate its effect on a legitimate user’s throughput. In light of the potential for such DoS attacks which specifically target the SDN infrastructure (controller, switch flow table etc), we propose that increasing the intelligence of SDN switches can increase the resilience of the SDN network by preventing attack traffic from entering the network at its source. To demonstrate this, we put forward in this thesis, designs for an intelligent SDN Switch and implement two additional functionalities towards realising this design into a software version of the SDN switch. These modules allow the switch to efficiently handle high control plane loads, both malicious and legitimate, to ensure the network continues to provide good service even under such circumstances. Evaluation of these modules indicate they effectively preserve the performance of the network under under high control plane loads far better than unmodified switches, with no notable drawbacks