Your SlideShare is downloading. ×
  • Like
  • Save
Decentralized fully redundant cyber secure governmental communications concept
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Decentralized fully redundant cyber secure governmental communications concept

  • 199 views
Published

IEEE publications: This paper focuses on future requirements of broadband data transmission of public protection and disaster relief, critical infrastructure protection and military, and presents the …

IEEE publications: This paper focuses on future requirements of broadband data transmission of public protection and disaster relief, critical infrastructure protection and military, and presents the concept of redundant and secure data communication network system in ...

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
199
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Decentralized Fully Redundant Cyber Secure Governmental Communications Concept Dr. Jyri Rajamäki, Paresh Rathod and John Holmström Finland
  • 2. Outline • Background and motivation ▶ Public safety communications (PSC), (mission) critical communications ▶ Multi organizational environment ▶ Multichannel communications • Empirical case ▶ DSiP - Decentralized fully redundant cyber secure communications in a multi organizational environment • Discussions and Future work 12/4/2013 Presenter: Paresh Rathod 2
  • 3. Public Safety Communications 12/4/2013 Presenter: Paresh Rathod 3
  • 4. Main Challenges in European Governmental Communications Lack of interoperability limits the effectiveness of public safety and security actors in actual operations • • Gaps in technology, procedure and procurement or research Lack of standardization Lack of broadband connectivity of wireless communications for existing and future public safety and security applications. Lack of secure decentralized and redundant data communications 12/4/2013 Presenter: Paresh Rathod 4
  • 5. Multi organizational environment Core Services & data storage Interface nodes Organization A DSiP Router Organization E Public Safety Communications, PSC DSiP Router Organization B DSiP Router Organization D Organization C 12/4/2013 Presenter: Paresh Rathod 9.3.2011 Page 5 5Ajeco Oy
  • 6. Market Need for Critical Communications • Military, PPDR (public protection and disaster relief) & CIP (critical infrastructure protection [e.g. energy supply]) actors have similar needs for communications • In many connections (e.g. PSCE conference 7-8 June 2011), common secure network for MIL, PPDR & CIP is needed • TETRA/TETRAPOL based voice • LTE based data (operational from 2020’s, common European wide frequency allocation needed) • Roaming is essential • cross-border PPDR operations, • multinational CI; power (electricity, gas) networks and companies 12/4/2013 Presenter: Paresh Rathod 6
  • 7. Important topics when considering PSC 1(2) 1. Technical reliability and trustworthiness  The communication must be safe and ”unbreakable” 2. Considering the long time investment  Solutions must withstand time as technology constantly evolves 3. ”Special circumstances” may occur at any time  The telecom operator may not ALWAYS be there? 12/4/2013 Presenter: Paresh Rathod 7
  • 8. Important topics when considering PSC 2(2) 4. Co-operation between different actors  Users may have different ”statuses” and ICT-policies. For example: Government vs. Civilian as in Army, Public Safety and Industry – yet users may need to interact on the same communications platform. Solutions should support, not suppress, co-operation 5. Freedom of choice  The customer should be the ”master” of his application, not the telecom operator or vendor 6. Special situations  Communication solutions should allow Ad-hoq users in a safe way – Safety and Reliability first 12/4/2013 Presenter: Paresh Rathod 8
  • 9. What is multichannel communication? Presenter: Paresh Rathod 9
  • 10. Multichannel communication is the ability to communicate over multiple physical connections simultaneously and in parallel so that all communication links appear like a single uninterruptable and robust link People can do this (if they want) IP: x.y.z.q Computers can’t generally do this even if “they would want to” IP: q.w.e.r The IP protocol used for data transfer can not bind a socket over two or more physical connections simultaneously 12/4/2013 Presenter: Paresh Rathod 9.3.2011 Page 10 10Ajeco Oy
  • 11. How Multi-modems work Each modem will get its own ip-address from their operators At this point, the ”control room” application will see connection attempts fom 3 different IP-addresses 3G ADSL TETRA The ”remote” application 123.nn.12.3 88.pp.1.5 45.qq.54.19 tt.pp.12.20 ADSL The ”control room” application A ”multimodem” system cannot share communication between different physical media without re-writing the application program to do so. The reason is: TCP/IP does not support multichannel communication! Re-writing an application to support multichannel communication is practially very difficult in most cases. Presenter: Paresh Rathod 12/4/2013 11
  • 12. Multi-channel communication All the separate IP-addresses should ”merge”. NO changes to the application should need to be done! The ”remote” application The ”control room” application Multichannel Router 123.nn.n.3 3G ADSL TETRA 88.tt.t.5 45.qq.q.19 nn.tt.12.20 ADSL Multichannel router The structure should make the applications ”to believe” that they are communicating over a single connection, however, the communication is spread over multiple physical connections which may be IP or non-IP based! The possibility of combining multiple communication channels into a single enables regular telecommunication to be used in mission critical systems – the demand for secure communication is huge and ever increasing! Presenter: Paresh Rathod 12/4/2013 12
  • 13. Multichannel communication is: Parallel use of data links regardless of technology All the multiple parallel communication paths must appear as a SINGLE uninterruptable communications channel REMOTE SITE or LAN WEATHER TELECOMMUNICATION SAT CONTROL ROOM or HQ LAN CAMERA LAN EXT 3G, UMTS RADIOLINK TETRA… 12/4/2013 Presenter: Paresh Rathod 13
  • 14. Reasons for developing a new protocol 1. Cyber warfare IS REALITY – Viruses, Denial of Service attacks etc. 2. The IP protocol can’t do multichanneling and multichanneling VPN’s do NOT solve the problem 3. More and more applications use IP-protocol for transfer 4. Machines and Software are not compatible 5. Mixing teleoperators and the application can be problematic 6. Taking future protocols into account: IP v4, IP v6 and others 12/4/2013 Presenter: Paresh Rathod Copyright (C) Ajeco Oy 14
  • 15. Empirical case DSiP – Distributed Systems intercommunication Protocol ® Presenter: Paresh Rathod 15
  • 16. DSiP Consists of two types ofstart, they Nodes and Routers make When the nodes and routers software; interconnect. Routers Nodes are the interface points in a DSiP routing network neighbour connections and nodes connect to one or more router All connections are authenticated Multichannel connections! 3G/4G, SAT TETRA, TEDS, VHF, LAN… DSiP node DSiP Router DSiP Router DSiP Router Multichannel connection OBSERVE: Nodes may connect to multiple routers 12/4/2013 Presenter: Paresh Rathod IP and non-IP traffic 16
  • 17. DSiP Consists of two types of software; Nodes and Routers Nodes are the ending/interface points in a DSiP routing network All connections are authenticated DSiP node DSiP Router Routers do also have Multichannel connections! Routers also interconnect over multiple channels DSiP Router DSiP Router Multichannel connection 12/4/2013 Presenter: Paresh Rathod IP and non-IP traffic 17
  • 18. With DSiP you can interconnect any device or network segment using any kind of media, be it IP or Non-IP, in a redundant and secure way 12/4/2013 Presenter: Paresh Rathod 18
  • 19. With DSiP the connections between network segments and devices will be unbreakable because they interconnect using Multichannel technique. All connections are authenticated DSiP Router 3G, TETRA SAT, TEDS, VHF, LAN Etc… DSiP Router DSiP Router All connections are Multichannel 12/4/2013 Presenter: Paresh Rathod Connections can be IP and non-IP traffic 19
  • 20. The modular DSiP system is not sensitive to DOS attacks since nodes actively maintain the connections – if a connection breaks, others will automatically form. DSiP Router 3G, TETRA SAT, TEDS, VHF, LAN Etc… DSiP Router DSiP Router 12/4/2013 Presenter: Paresh Rathod 20
  • 21. If Router to Router connections breaks, the DSiP system routes information via other DSiP routers DSiP Router 3G, TETRA SAT, TEDS, VHF, LAN Etc… DSiP Router DSiP Router 12/4/2013 Presenter: Paresh Rathod 21
  • 22. DSiP may be regarded as a multi-point to multi-point VPN tunnel with better control over priority, security and reliability 12/4/2013 Presenter: Paresh Rathod 22
  • 23. DSiP can use both IP-based networks and non-IP communication in parallel! IPv4, IPv6 and non-IP can all co-exist 12/4/2013 Presenter: Paresh Rathod 23
  • 24. DSiP may, for example, connect IP-based networks together using non-IP communication. DSiP is capable of tunneling data through itself using any kind of physical communication non-IP radiolink IP network segment DSiP Router DSiP Router DSiP Router IP network segment 12/4/2013 IP network segment IP-based network All connections are Multichannel Presenter: Paresh Rathod 24
  • 25. Remote devices may connect using non-IP communication and IP-based connections in parallel non-IP radiolink IP network segment DSiP Router DSiP Router DSiP Router Remote device, RTU or equivalent 12/4/2013 IP network segment IP-based network Non-IP and IP traffic, TETRA, TEDS all work in parallel Presenter: Paresh Rathod 25
  • 26. Applications and devices will ”see” the multiple connections as they would be a single connection No need to modify ANY application or device 12/4/2013 Presenter: Paresh Rathod 26
  • 27. Avoid drilling holes in your security, instead provide services! Core Services & data storage Interface nodes Organization A DSiP Router DSiP Router Organization E Organization B DSiP Router Organization D 12/4/2013 Presenter: Paresh Rathod Organization C 27
  • 28. DSiP Distributed Systems intercommunication Protocol ® IP TETRA 3G WiMAX WAN DSiP GPRS SATELLITE LANUSES ALL KINDS OF 4G/LTERADIO CAN COMMUNICATION ADSL RS232 PLC I2C ETHERNET MODBUS RS485 MBUS Non-IP RS422 12/4/2013 Presenter: Paresh Rathod 28
  • 29. DSiP contains tools for: Monitoring the network Centralized authentication Configuring the system 12/4/2013 Presenter: Paresh Rathod 29
  • 30. Configuration server DSiP Router DSiP Router RTU DSiP Router RTU RTU RTU RTU RTU RTU 12/4/2013 Presenter: Paresh Rathod 30
  • 31. Centralized Authentication Server DSiP Router DSiP Router RTU DSiP Router RTU RTU RTU RTU RTU RTU 12/4/2013 Presenter: Paresh Rathod 31
  • 32. Network Management Server DSiP Router DSiP Router RTU DSiP Router RTU RTU RTU RTU RTU RTU 12/4/2013 Presenter: Paresh Rathod 32
  • 33. All the aforementioned is handed to you in the DSiP multichannel communication architecture DSiP – A software solution for Secure Multichannel Communication DSiP Distributed Systems intercommunication Protocol ® 12/4/2013 Presenter: Paresh Rathod 33
  • 34. 2Com-TETRA router • • • • • Internal TETRA modem Two internal 3G modems GPS receiver External possibility for satellite modem Power relay for RTU RTU POWER CONTROL GPS SENSORS 12/4/2013 Presenter: Paresh Rathod 34
  • 35. Discussions and Future work
  • 36. Benefits In many connections (e.g. PSCE conference 78 June 2011), common secure network for MIL, PPDR & CIP is needed. Separate networks are wasting of resources! 12/4/2013 Presenter: Paresh Rathod 36
  • 37. Future work To solve 1. mission critical voice roaming in cross-border operations • TETRA push-to-talk (PTT) services over LTE 2. secure PPDR & CIP (data) communication challenges before 2020’s, when LTE based systems might be operable. • Use case: • Secure communications for multinational electricity supply • Mobile field command center for PPDR field operations 12/4/2013 Presenter: Paresh Rathod 37
  • 38. On going project 12/4/2013 Presenter: Paresh Rathod 38