| | 1 | [[TOC]] |
| | 2 | |
| | 3 | |
| | 4 | = Conducting Experiments in DETERLab = |
| | 5 | |
| | 6 | DETERLab is regarded as a scientific instrument to |
| | 7 | create knowledge and understanding through |
| | 8 | observation and measurement of cyber security |
| | 9 | technologies. DETERLab provides a |
| | 10 | flexible software framework to |
| | 11 | structure the experiment environment |
| | 12 | and execute the procedue |
| | 13 | while ensuring experiment validity and repeatability. |
| | 14 | In this section we discuss each of these aspects in |
| | 15 | detail. |
| | 16 | |
| | 17 | == Environment == |
| | 18 | |
| | 19 | The experiment environment defines the set of |
| | 20 | resources required to configure a DETERLab experiment. |
| | 21 | It consists of three planes: |
| | 22 | |
| | 23 | * '''an experiment plane: ''' |
| | 24 | |
| | 25 | The plane that carries the experiment traffic. |
| | 26 | It consists of the set of experiment nodes, substrates, |
| | 27 | and their topological structure. |
| | 28 | The functional behaviors are |
| | 29 | mapped onto the experiment nodes. |
| | 30 | The structure is defined in the TopDL/ns-2 |
| | 31 | description file. |
| | 32 | |
| | 33 | |
| | 34 | * '''a control plane: ''' |
| | 35 | The plane to send and receive control specific instructions and |
| | 36 | signalling commands to the experiment nodes. |
| | 37 | In addition to the experiment nodes, other control-specific |
| | 38 | nodes such as an orchestrator and a bridge may also belong to the control plane. |
| | 39 | The topological structure of the control plane |
| | 40 | is defined by the testbed or configured per experiment |
| | 41 | in the TopDL/MesDL description file. |
| | 42 | The topology consists of directors, bridges, overlays, and orchestrators |
| | 43 | |
| | 44 | * '''a data plane: ''' |
| | 45 | The plane to carry measurement specific traffic for |
| | 46 | for analysis and visualization. |
| | 47 | In addition to the experiment nodes, other data specific |
| | 48 | nodes, such as aggregators and collectors, |
| | 49 | may also belong to the data plane. |
| | 50 | The topological structure of the data plane |
| | 51 | is defined by the testbed or configured per experiment |
| | 52 | in the description TopDL/MesDL file. |
| | 53 | The topology consists of sensors, collector, aggregators and queriers |
| | 54 | |
| | 55 | Each of the above plane may be combined |
| | 56 | due to resource constraints on the testbed. |
| | 57 | |
| | 58 | == Workflow == |
| | 59 | |
| | 60 | The experiment workflow defines the dynamic |
| | 61 | procedure enacted to conduct a DETERLab experiment. |
| | 62 | It consists of three main activities: |
| | 63 | |
| | 64 | * '''Event Streams: ''' |
| | 65 | An event is a signal to invoke a particular behavior on the experiment nodes. |
| | 66 | The event streams in an experiment are |
| | 67 | partially ordered set of events defined as a directed acyclic graph. |
| | 68 | An experiment workflow consists on one or more event streams |
| | 69 | defined in an AAL description file. |
| | 70 | All event signals are sent over the control plane |
| | 71 | typically by the orchestrator. |
| | 72 | |
| | 73 | * '''Triggers: ''' |
| | 74 | A synchronization point in the dynamic experiment workflow. |
| | 75 | The trigger may be ''time-based'', that is the orchestrator waits for |
| | 76 | a particular amount of time to lapse or ''event-based'', where the |
| | 77 | orchestrator waits to receive a signal before proceeding with the |
| | 78 | workflow. Triggers can be used to synchronize one or more event streams. |
| | 79 | All triggers are sent over the control plane. |
| | 80 | Triggers are defined as part of the experiment workflow in |
| | 81 | the AAL description file. |
| | 82 | |
| | 83 | |
| | 84 | * '''Collectors: ''' |
| | 85 | A signal to enable sensing and collection of experiment measurements for |
| | 86 | feedback as |
| | 87 | triggers and for analysis. |
| | 88 | All sensing and collection measurements are sent over the data plane. |
| | 89 | Collectors may be defined within the procedure description AAL file. |
| | 90 | |
| | 91 | |
| | 92 | == Validity Management == |
| | 93 | |
| | 94 | The experiment validity is maintained by a set of constraints and |
| | 95 | invariants asserted throughout the experiment lifecycle. |
| | 96 | They relate to the experiment environment and the workflow as follows: |
| | 97 | |
| | 98 | * '''Environment:''' |
| | 99 | During the process of defining and configuring the environment, |
| | 100 | the constraints and invariants can be used to |
| | 101 | ensure the validity of a particular configuration step. |
| | 102 | Some constraints and invariants may indicate key |
| | 103 | capacity requirements for validity, |
| | 104 | for example, CPU requirements for experiment nodes, |
| | 105 | while some may be functional requirements, such as, |
| | 106 | number of available client hosts. |
| | 107 | The constraints and invariants are defined in an ECL description file |
| | 108 | and processed by the DETERLab validity management framework. |
| | 109 | |
| | 110 | * '''Workflow:''' |
| | 111 | During experiment execution, the constraints and invariants |
| | 112 | can be used to ensure that the experiment proceeds in accordance |
| | 113 | with these assumptions. The constraints can thus be used to ensure |
| | 114 | ''safety'', that is, the experiment will not do anything bad and |
| | 115 | ''liveness'' that is, the experiment will do something useful. |
| | 116 | The constraints and invariants are defined in an ECL description file |
| | 117 | and processed by the DETERLab validity management framework. |
| | 118 | |
| | 119 | |
| | 120 | |
| | 121 | |
| | 122 | == Repeatability == |
| | 123 | |
| | 124 | Take a description, resolve it, and rerun it again and again |
