Enhancing SENDSim With Optimization

by David Davis

SENDSim is designed for human experimentation.  In the initial tests of SENDSim, a human will modify policies, procedures, and other parts of a network strategy, and then observe the effects as the simulation shows how a network with those policies, procedures, and strategies is impacted by the introduction of malicious software code like Conficker.

Human interaction is one valuable use of SENDSim. Perhaps equally valuable is another capability of the system—optimization. Use of an optimizer in conjunction with SENDSim allows us to find the best policies and procedures, given the constraints and various goals that are set by the user.

An optimizer is a computerized technique that finds very good solutions, often by exploring more solutions than a human would have time or inclination to explore. Optimizers can use the techniques humans would use to find solutions, but in addition they frequently use techniques for finding solutions that are unlike those a human would look employ. For this reason, optimizers often find solutions that are unlike those humans would find, and that are better.

The distinction between a person interacting with SENDSim to study a problem and the use of an optimizer to find solutions is an important one. A human’s interaction with SENDSim may well rely on the human’s past experience and intuition. Human operators or analysts may configure the simulated network as they have done in the past, unaware that there are better configurations and better uses of network resources.

An optimizer is able to explore new strategies, view the results of thousands of scenarios, and find new techniques and outcomes that experts may have overlooked.

There are a number of advantages to linking an optimizer with a simulation like SENDSim. These advantages include the potential to:

• find different solutions than those a human expert would discover
• find better solutions than those a human expert would unearth
• improve on the solutions produced by human experts
• find solutions more quickly than a human expert
• react to changing conditions more quickly than a human expert

These points are worth making in more detail.

An optimizer can find different solutions from those a human expert would find because it is not bound by its experience—it approaches the problem without preconceptions. In computer security, this feature may be especially beneficial, since we may be able to use diverse novel solutions to avoid a configuration monoculture that can more easily be exploited by malware.

An optimizer can find better solutions because it is able to consider many more solutions than a human expert would typically have time to consider.

An optimizer can improve on solutions produced by human experts, if it uses the human’s solution as a base for optimization and begins the optimization process there.

An optimizer can find solutions more quickly than a human expert if the optimizer uses a network of computers or grid computing to consider large numbers of solutions in parallel.

An optimizer reacts to changing conditions more quickly than an expert, in that it can accommodate changes in technology and changes in policy options without being bound by the way it has solved problems in the past.

An optimizer is a good tool for understanding what-if situations. What if we had a better firewall? What if we had instantaneous reaction to attacks? Humans have a more difficult time finding good solutions when technology changes significantly. An optimizer, working without presuppositions, adjusts to changes without difficulty.

In addition to these advantages, optimization allows us to better understand what-if scenarios. The design documents for SENDSim describe a range of questions that can be studied using SENDSim. Let's consider several of them, together with the way that an optimizer would add value to a human’s study of those questions.

How can a change in policy (enforced by Human Resources, for example, or enforced by technology) increase network security without decreasing worker productivity?

Suppose we are considering a change in network policy. An optimizer can be used to discover what other changes in policy and/or changes in worker behaviors would best be instituted together with the change that is envisioned. Human experts who have not worked with the new policy in place may not be aware of other changes that will increase its impact and decrease its negative effects.

Design documents for SENDSim describe a range of questions that can be studied using SENDSim.  Here I’ll consider several of them and describe the way that an optimizer would add value to a human’s study of those questions.

Q: Which solution results in a better outcome: expanding the IT security and administration staff or educating and empowering workers?

An optimizer can be used to explore a wide range of potential changes, finding the best combination of new approaches to security. Making changes to a complicated network often has unintended consequences—some of them undesirable. SENDSim will model these consequences. The optimizer can discover and exploit the desirable, unintended consequences while it avoids the undesirable ones.

Q: What does the timescale of a Conficker infection look like, given my particular network and worker profiles? What aspects of my worker policies and network policy are enabling or counteracting the spread?

An optimizer can be used to find the best combination of worker behaviors and network policies to slow the spread of an infection. In a complicated situation, like that of a working computer network, the best action to take in a new situation can be unlike anything seen in an expert’s prior experience.

Q: How might my staff react to combat a “zero-day” Conficker attack? How would network functionality and worker productivity change, and hopefully recover, over time?

An optimizer can find the best combination of network configuration and worker policies in order to minimize the impact of a zero-day event. In some cases, the optimizer might even uncover solutions that have not been seen or practiced before.

Q: What combination of policy and network design will help me meet my security and productivity goals?

The optimizer can be given a “budget” of dollars to spend and a limit on the magnitude of changes it can make to network policies. It will find the best way to spend that budget and institute changes within constraints in order to trade off improvements in network security while allowing workers to do their jobs.

The ability of an optimizer to provide high-quality answers to these types of questions is one of the strengths of the synergies we find in simulation enhanced with optimization. We’ll explore more opportunities to integrate simulation and optimization in future blogs.

NOTE:  Dr. David Davis is the president of VGO Associates, one of the original participants in the SENDS Consortium.

SENDS 2010: The Year in Review

by Carl Hunt, Bob Schapiro and Craig Harm

In sports, when an underdog team surprises everyone and gets into the playoffs, they can’t wait until the next game.  That’s what the SENDS team is feeling right now: the thrill of anticipation as we see our season extended and the team getting better and better when it counts.

Our goal has always been to empower the public to create the future of cyberspace and become part of the SENDS team.  A few months ago, we were in the odd position of being able to open positions on the team, but not having a lot of people to join.  Now that is changing...fast.

From the beginning, SENDS has been fortunate to enjoy the active participation of great thinkers...including some of the people who actually set the course for the future of the Internet.  Most of these people work for the government and major software firms, hired for their expertise in cyber-security.  But as scientists, they wish to transcend that role and discover what makes cyberspace tick.  They know this can only be discovered by working with the people who use the Internet every day; in short, almost everyone – it’s a big team!

That’s where SENDS comes in.

To be blunt, until a few months ago, our resources for reaching the public were not what we hoped they’d be.  But the seeds we planted started to thrive, growing stronger every day.  With this posting, we have now published 31 blogs in the 3½ months from the first entry.  We’ve been fortunate to be highlighted in several online fora, including James Fallows’ Atlantic Magazine blog, the DoD’s Armed with Science blog, and an interesting site called “OhMyGov!”  We’ve even been invited to two Highlands’ Forum meetings to talk about SENDS and participate in discussions of Design in Cyberspace.

The important thing is that you are reading this blog...and if you’re like most of the people who now read and contribute, six months ago you had no idea what SENDS was.  You joined the team!

In 2011, we look forward to empowering people in many ways, as with our initiative for you to help create the new vocabulary of cyberspace.  In fact, thanks to contributors, we have a lot to build on to strengthen and broaden the team.  As 2010 draws to a close, however, it’s worth talking about the direction the SENDS Pilot project has traveled from its inception and to try to put it into context.  That, along with new team members’ contributions, creates the synergy for 2011.

SENDS began in 2009 as a proposal to address the observations of a December, 2008 US Department of Energy White Paper entitled “A Scientific Research and Development Approach To Cyber Security.”  Thus, SENDS began as a project to address cyberspace security, expanding on several of the thoughts from that very fine DOE paper.

It became clear after a 90-day study, however, that in order for the US and indeed all users of cyberspace to explore and exploit the environment, security was necessary but not a sufficient condition to unleash the potential cyberspace has to enhance prosperity on a national and global scale.  We took this challenge to potential government sponsors and they agreed.

In a June, 2010 interagency, multidisciplinary forum in Arlington, VA, the current SENDS Pilot Project was initiated, identifying four main tasks to accomplish in the 12-month pilot.

As we embarked on the project, new ideas came to light as a result of the collaboration of the diverse SENDS participants.  The SENDS tasks were still relevant, but we found that we needed to look through the lenses of living systems and ecology to develop holistic perspectives about the greatest connecting fabric mankind has known.

Several prominent advisors told us that the ecological perspective is a valuable way to think about the challenges of cyberspace prosperity and security, particularly when considered through the standpoint of what is found in wicked problem resolution literature.  The wicked problem resolution advice is good because it also helps us think about the social context of problem definition and resolution: it’s a people challenge, just as are cyberspace prosperity and security.

We took this good advice and blended it with the thoughts of guest bloggers to produce what we think is an objective viewpoint about how cyberspace is emerging around us and how it will affect us in the future.  We looked at people, processes and technology as a convergent and emergent phenomenon (starting here).  These insights have been continuously informed by multiple perspectives, possible through the connectivity that cyberspace offers.

This holistic view is why SENDS is more than just another cyberspace security project.

Through the efforts of a variety of authors, the SENDS Blog has been fortunate to provide diverse perspectives on the SENDS tasks through several backgrounds…the SENDS wiki site has augmented and expanded these perspectives.

Broad thinking about one of the two most long-term focused SENDS tasks, Education and Academic Curricula, for example, has led to contributions from no less than four authors about this important topic.  We have had the good fortune to hear from a school teacher in Canada, an Emmy-Award winning documentary director/ producer, a director of a nationally recognized science center in Florida and a retired military officer (here and here), each sharing distinctive perceptions about how America must look at education in the connected age.

Another long-term task, a Center for Cyberspace Science, has generated equally important and diverse perspectives, ranging from the use of advanced modeling and simulation capabilities to the development of a “cyberspace laboratory.”  When put into the context of better understanding concepts like community in cyberspace and formulating meaningful inquiry about this new environment, a center for studying the remarkable power of cyberspace connectivity seems mandatory for better understanding this new world.

The task to develop relevant models and simulations (M&S) as a “laboratory” for cyberspace is indeed one of the tasks we have invested considerable resources in.  The SENDS M&S team collected data from a variety of subject matter experts, including military, law enforcement and commercial practitioners to develop SENDSim.  This M&S environment, shown in its early stages here, is one of the first products of the Center.

We are also developing SENDSim to become a useful tool to gain insights on the kind of socio-technological convergence issues we’ve been discussing above.  Speaking of understanding socio-technological convergence, the SENDS team has also been fortunate to publish the insights of a senior media analyst to help clarify challenges to look at cyberspace in this way (here and here).  We’ve even had an innovative software developer write about the development of programming languages in the context of socio-technological convergence and ecology!

Another early product of the Center is a White Paper on the Development of a Science of Cyberspace, that while in early draft form, may serve as a framework for the consideration of important topics to demonstrate how such a discipline would be studied.  We will see more similar products from the Center as the Pilot continues, and we expect to write about them here in this blog.

The first six months of the SENDS Pilot Project have been exciting, and chronicling it within the pages of the SENDS Blog has been rewarding considering the diversity of the authors who have contributed.  The remaining six months of the Pilot should be equally rewarding as we see the maturity of SENDSim emerge.

We look forward to experiencing greater government, commercial, academic and even individual relationships as we improve on the Science White Paper through more diverse input, and synergize SENDS through collaboration with other efforts.  We also look forward to formalizing relationships that move the Center for Cyberspace Science into a suitable home.

In coming weeks, we’ll port over this blog and much of the wiki material to a SENDS-dedicated site at www.sendsonline.org.  We’ll announce the movement of the site in this blog and on the wiki when we’re up and running.  Please visit us there, and continue to send your thoughts to words@sendsonline.org or through comments within this blog.

It’s been a great first six months for the rapidly growing SENDS team and we can hardly wait for the next six.  The playoffs await and the season continues!

Graphical Languages in the Cyberspace Ecospace

by Sandy Klausner

editor’s note: Sandy Klausner is the founder and CEO of CoreTalk Corporation, the designer of the Cubicon programming language, described at http://www.coretalk.net/.  The opinions and concepts proposed by Sandy reflect his thinking about new types of programming languages, and web-based architectures including Cubicon.  SENDS does not endorse any specific product, but seeks to ensure members and guests of the Private-Public partnership of the SENDS Consortium are aware of novel thinking proposed by those associated with the Consortium and its efforts.

As reflected throughout the SENDS Blog (here and  here, for example), the SENDS Project seeks to understand the nature of cyberspace as a complex adaptive system (CAS) as well as reflectively thinking about cyberspace itself as a meta-system.  Not only is cyberspace characterized as such a CAS, but increasingly the computer architectures and programming languages that support cyberspace-based communications must also support these levels of functionality.

This functionality, discussed previously, includes the processes of exchange, self-organization and emergence.  Let’s look at each of these through the lens of computer network architecture.

Exchange – The exchange of concepts and information requires a semantic basis to enable software agents to infer relationships and manage content and services without human intervention.  This machine processing requires unprecedented levels of automation to support massive exchanges between billions of people and information transactions around the world.  New graphical languages must enable domain experts to create, share and execute software agents that process knowledge, transact services and enable social networking to evolve to new levels of collective intelligence.

Self-organization – People, systems and information need the ability to self-organize through cyberspace.  Such capability mandates a new computer science, infused with the inspirations of complexity science, where software artifacts are inherently recombinant to energize self-organization.  This first principle science will enable unprecedented levels of interactions and interoperability that can be visualized as dynamic system models.

Emergence – As noted in Carl Hunt’s earlier blog, this self-organization process is the transmission that moves exchange into emergence.  Emergence of novel behaviors, fresh opportunities and new organizational structures must be simulated in new graphical languages that support cyberspace evolution, providing insights into complex cyberspace realms.  These visual simulations will be easily shared across domains, providing novel ways to understand complex systems and provide continuous dynamic feedback to all participants in knowledge evolution.

Knowledge Processing

Borrowing from the SENDS blog on “Ecospace”, Figure 1, below, helps to visualize the major interactions that take place to create both the opportunity and the requirements for coevolution within cyberspace and its interacting elements.  Service exchanges and knowledge processing are at the heart of this interaction.  The figure also depicts several categories of emergence that are both ingredients and products of the coevolving world of massive interconnectivity that cyberspace enables.

There are two basic forms of systems that coevolve with each other through exchanges and processing that compose cyberspace: human systems and machine systems (together they accommodate the production of something useful).  Emergent characteristics from human and machine behaviors, technologies, cultures and governances all synergize to produce what we recognize as cyberspace.

The services that we introduce to make the network valuable as well as the threats to those services are also part of the coevolving landscapes.  Just as in predator-prey models of ecosystems, the threat is an integral consideration of a holistic perspective of cyberspace.  Finally, both natural and artificial adaptations take place that ensure cyberspace is a constantly changing, coevolving environment that truly requires the augmentation of more modern architectures and graphical programming languages.

Figure 1 - The Programming Language-Architecture View of the Cyberspace Ecology (courtesy CoreTalk Corp.)

New Software Paradigm will Manage Systems Complexity

The gap between generational advances in hardware (Moore’s Law), users’ application demands, and software’s ability to productively utilize both continues to expand … with no end in sight.  This gap can only be closed by greatly automating the software life cycle that can effectively overcome complexity bottlenecks.

A new software paradigm must address seven fundamental cyberspace complexity challenges that can be characterized in the following ways:

Semantic Web – As RDF & OWL remain underutilized, a graphical language must provide the required formalization of ‘context’ and ‘community’ architecture to fully support a global semantic substrate across cyberspace

Service-oriented Architecture – As SOA remains too ad hoc, new approaches must provide the requisite technology for machine-to-machine (M2M) interactions to truly scale across billions of devices

Smart Grid – As hard real-time environments are difficult to encode, a graphical language and a contextualized infrastructure must provide the following capabilities for a National “Smart Grid” to be realized sooner:

- ability to create and evolve interoperable standards

- mediation of services between disparate devices in a community

- execution environment that deterministically processes events in real time

“Manycore” processing – As threading is failing to scale, a fused software/hardware architecture must provide an effective parallel programming mechanism that can harness the power of emerging “manycore” processors

Software re-use – As current programming language ecosystems lack componentry architecture, a recombinant technology must enable a fertile exchange of high value intellectual property assets

Malware – As current immunization technologies are increasingly less effective, next generation programming must prevent malware infiltration through a robust ‘whitelist’ security model for all software components and apps

IP (intellectual property) tracking & licensing – As the Open Source model lacks a viable business model, a graphical language must ultimately support the ‘Open Design’ software model that provides direct compensation/recognition for authors based on virtual supply chains

Conclusions

As a proponent of what the SENDS Project calls “Open-Source Science,” these discussions about new, exchange-based programming languages and architectures are an important augmentation not only to a science-based approach to understanding cyberspace, but to spur greater innovation in the development of these capabilities.

I think the Cubicon programming language that CoreTalk has designed is consistent with the principles SENDS initially proposes for architecture and language development.  As is the case with all open-source evolution, however, the market and its users will decide.  In the meantime, the public-private partnership SENDS seeks to leverage is a viable path forward to doing good science in cyberspace and generating more secure environments for national and global prosperity.