Since July 2015, I’ve been involved in Lancaster University’s activities in the EC FP7 SECCRIT (SEcure Cloud computing for CRitical infrastructure IT) project, a multidisciplinary research project with the mission to analyse and evaluate cloud computing technologies with respect to security risks in sensitive environments, and to develop methodologies, technologies, and best practices for creating a secure, trustworthy, and high assurance cloud computing environment for critical infrastructure IT.
We specifically look into network resilience with anomaly detection in the cloud, using the well-known D2R2+DR (Defence, Detect, Remediate, Recover, Diagnose and Refine) principle. The first phase of D2R2 begins with defence, making the network as resistant as possible to challenges. Inevitably however, a network will be threatened and it must be able to detect this automatically. It will then remediate any damage to minimize the overall impact, and finally will recover as it repairs itself and transitions back to normal operation. The second longer-term phase DR consists of diagnosing any design flaws that permitted the defences to be penetrated, followed by a refinement of network behaviour to increase its future resilience. From this strategy, we derive a set of design principles leading to resilient networks.