Guest talk: Managing computer networks for resilience, Paul Smith
Paul Smith, Managing computer networks for resilience: it’s complicated, and going to get worse (but we have solutions), Dec 6, 11am, SBA Research
For various reasons, it is now well-understood that we cannot build perfectly secure computer networks — they’re too complicated and we simply do not have the budget. We need to start from the assumption that an attacker, at some point, will be successful; but we still want some service from the network. Therefore, we need to make the computer networks that support our critical information infrastructures resilient to attacks and a wide-range of other challenges, such as mis-configurations. In this talk, I will introduce a framework for network management, which can be used to support network operators when trying to ensure the resilience of their infrastructures. One of the key concepts in the framework is the idea of management patterns — recipes that can be applied to mitigate particular challenges. Looking ahead, this problem is only going to be more difficult, as computer networks are used to support new cyber-physical systems such as the smart grid. I will point to new research directions, in particular, in the application of patterns in this context.
Dr Paul Smith is a Senior Scientist in the Safety and Security Department of the AIT, Austrian Institute of Technology. Previous to this appointment he was a Senior Research Associate at Lancaster University, UK. He received his PhD in September 2003 and graduated in 1999 with an honours degree in Computer Science from Lancaster. Paul’s research interests lie in the various ways that networked (socio-technical) systems fail to provide a desired service when under duress from various challenges, such as attacks and mis-configurations. He has participated in a number of international research projects, including the EU-funded ResumeNet project which investigated a framework for network resilience. Currently, he is primarily working on the EU-funded PRECYSE and SECCRIT projects, which are investigating the security and resilience of critical information infrastructures.