DOCSLIB.ORG

Industrial Control Systems: Understanding Vulnerabilities, Risk and Mitigation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Industrial Control Systems: Understanding Vulnerabilities, Risk and Mitigation Antonio Mauro, PHD Caroline Akawi, MBA December 09, 2020 Industrial Control Systems: Understanding Vulnerabilities, Risk and Mitigation Abstract This paper will introduce and explore the topic of Industrial Control Systems (ICS) from a cybersecurity perspective. It is designed to understand what exactly ICS is, where we find them, the different types of systems that can be found within the ICS framework. The paper is divided into three sections, the first being an introduction to the Internet of Things (IoT) and ICS systems. In this section the reader can expect a thorough analysis of what Operational Technology (OT) is, how it differs from Information Technology (IT) and how it plays a role in our lifeline industries. Section two will explore the technical side of ICS with an analysis of ICS standards and protocols and how these differ depending on the industry. The final section will break down the vulnerabilities in ICS systems, the risks and the mitigation process. This section includes both theoretical and practical knowledge such as understanding what risk is and how to calculate it using the risk formula. It also touches on the securities levels of vulnerabilities and ways to implement mitigation tactics into your own ICS. This section also explores legacy control systems and the differences in risks and mitigation compared to that of a modern system. It is important to note that this paper was majorly influenced by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST). Section 1: Introduction to IoT, ICS and SCADA Systems According to the National Institute of Standards and Technology (NIST), "the Internet of Things (IoT) refers to systems that involve computation, sensing, communication, and actuation” [1]. It can be seen as a network of physical objects and these “things” can be considered as embedded sensors, software and other technologies that contribute to the connecting and exchanging of data between devices and systems via the internet. These products can range from household devices to the industrial devices, which will be further touched on in the next section. There is not necessarily a clear definition of IoT, and companies have a difficult time understanding the network of interconnected systems. The goal of IoT is to create new products and services by adding connectivity to objects and machines while increasing data knowledge. The OSI reference model describes the architectural layers of IoT products which include physical layer, the data-link layer, the network layer, the transport layer, the session layer, the presentation layer, and the application layer [2]. The model begins with the physical layer which describes the sensors, actuators, devices and machines which are then connected to a set of networking technologies and protocols in a connecting phase. The data from these devices are to be collected and analyzed by inferring new knowledge both online and offline through data analytics and machine learning techniques. Finally, there is the application layer that implements business/ operational decisions based on data acquired and inferred from the devices [2]. OSI MODEL APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL [3] Industrial Control Systems describes any system that has the ability to gather information in an industrial process and modify, regulate and manage the process to a desired state. These systems produce and distribute goods and services that we use on a daily basis. There are a few ICS systems that are important to note: -Supervisory Control and Data Acquisition (SCADA) -Distributed Control System (DCS) -Process Control System (PCS) -Energy Management System (EMS) -Automation System (AS) - Safety Instrumented System (SIS) - Any other automated control system The most common types of ICS systems are SCADA, DCS and PCS. SCADA systems are used to transport processes which include oil, gas, water, electricity, and people [3]. DCS are used in refineries and chemical plants whereas PCS are usually used in manufacturing facilities as well as in small chemical plants. ICS systems improve the quality of these products and services by ensuring lower costs and an increase in safety [3]. ICS systems provide valuable business making decisions as they are able to implement real-world actions making them very powerful but also very dangerous. ICS/SCADA systems are different from IT systems and unlike IT systems, they lack standard security guidelines. It is the responsibility of companies that should create, maintain and manage system specific ICS cybersecurity practices which should be documented, enforced and updated on a regular basis. [4] The control system environment can be a sensitive area particularly when it comes to internet connection and bringing in outside devices. The applications in the control room should never connect with the internet, however if they must, a restricted proxy must be used [5]. If internet access is needed in the environment, then it should be access from a different network than that of the control system network. If internet traffic is allowed in the control room, for example downloading software upgrades, then the downloads should be scanned for malware prior to installation on the control system device [5]. Computers are not allowed in a control system unless they are needed for operations, the reason this is critical is because emails, websites and files are common sources of malware and some companies do not have internet connection in the control room for this reason [5]. Because the systems are so delicate and hold so much value, they have become targets from cyber attackers due to the real- world kinetic events. One small case of unauthorized access or manipulation of an ICS can cause a destructive impact that will affect many people.[6] As previously mentioned, ICS/SCADA systems are different from IT. Information Technology (IT), refers to anything that relates to computing technology for example data servers and could fall under OT. Operational Technology (OT) refers to a system that monitors events, processes and devices that are able to implement adjustments to industrial operations [7]. In the IT area, confidentiality is the highest priority followed by integrity and then availability, however, in OT areas, availability has the highest priority, followed by integrity then lastly, confidentiality. The reason for this is because having access to the OT systems is crucial, followed by ensuring that the information they do have access to is reported properly. Having unauthorized users with access to this information or manipulating it can cause more catastrophe than ensuring the data hasn’t been leaked [4]. It is important to merge together IT and OT because the two departments usually do not have cross training and in many instances many companies believe there is little to no cross-over between the departments [4]. The goal of this merger is to secure both environments to create a working team that can better provide cybersecurity to the system [9]. Legacy systems are outdated pieces of technology; in particular software and hardware that are still meet the required needs that it is intended for. They pose a high risk and carry may vulnerabilities and it is not easy to replace the aging systems due to cost and disruption to operations [8]. These systems were originally designed to implement efficient and safe operations that is required to have high availability as well as to be used on systems isolated from untrusted networks. [8] However, with an average life cycle of 15 years, these systems were not designed to provide protection from modern-day attacks, and they may not be updated to provide those protective mechanisms developed since being in service. There is a security vulnerability in legacy systems particularly in ICS that are a product of previous engineering and development activities that have been discovered through ongoing assessments, cybersecurity research, and self- disclosure forms from vendors [8]. Legacy control systems contain features that pose a risk to the system due to their vulnerabilities. Many of the same features could be used to harm the system if used by a disgruntled operator or if an unauthorized user acquires access and issues an attack to the system. Due to the older technology posing security risks as it cannot keep up with modern applications and this can be seen as one of the root causes of ICS cyber vulnerabilities is that legacy control systems. The ideology of “if it isn’t broken, then don’t fix it” cannot always provide protection to the system, and it will be clear why this is not a viable solution [8]. There are different types of ICS depending on the production/ distribution of different goods and services. For example, SCADA systems are used particularly to transport processes such as oil, gas, water, electricity and people. DCS are used particularly in refineries and chemical plants and PCS are used in manufacturing facilities and come small chemical refineries. SCADA systems have certain digital assets that can be targeted by an attacker. These include but are not limited to; Programmable logic controllers (PLCs) which act as an actuator for field devices, Remote terminal units (RTUs) which interface the sensors to SCADA by transmitting telemetry data, human machine interface (HMI) that is a console responsible for the data presentation to a human operator, the supervisory system that acquires data and controls the process activities, and communication infrastructure that connects to the RTUs [19]. Section 2: ICS/SCADA Standards and Protocols Protocols are developed for applications of vendors that are specific for each product and can depend on the requirements of the business or system. Often times there are different priorities (needs and prices) from management and the reliability a system need [11]. Some of these protocols are created for a particular product that can only actually be used for a couple vendors.
Load more

Recommended publications
  • ISSN: 2320-5407 Int. J. Adv. Res. 5(4), 422-426 RESEARCH ARTICLE
    ISSN: 2320-5407 Int. J. Adv. Res. 5(4), 422-426 Journal Homepage: - www.journalijar.com Article DOI: 10.21474/IJAR01/3826 DOI URL: http://dx.doi.org/10.21474/IJAR01/3826 RESEARCH ARTICLE CHALLENGING ISSUES IN OSI AND TCP/IP MODEL. Dr. J. VijiPriya, Samina and Zahida. College of Computer Science and Engineering, University of Hail, Saudi Arabia. …………………………………………………………………………………………………….... Manuscript Info Abstract ……………………. ……………………………………………………………… Manuscript History A computer network is a connection of network devices to data communication. Multiple networks are connected together to form an Received: 06 February 2017 internetwork. The challenges of Internetworking is interoperating Final Accepted: 05 March 2017 between products from different manufacturers requires consistent Published: April 2017 standards. Network reference models were developed to address these challenges. Two useful reference models are Open System Key words:- Interconnection (OSI) and Transmission Control Protocol and Internet OSI, TCP/IP, Data Communication, Protocol (TCP/IP) serve as protocol architecture details the Protocols, Layers, and Encapsulation communication between applications on network devices. This paper depicts the OSI and TCP/IP models, their issues and comparison of them. Copy Right, IJAR, 2017,. All rights reserved. …………………………………………………………………………………………………….... Introduction:- Network reference models are called protocol architecture in which task of communication can be broken into sub tasks. These tasks are organized into layers representing network services and functions. The layered protocols are rules that govern end-to-end communication between devices. Protocols on each layer will interact with protocols on the above and below layers of it that form a protocol suite or stack. The most established TCP/IP suite was developed by Department of Defence's Project Research Agency DARPA based on OSI suite to the foundation of Internet architecture.
    [Show full text]
  • RT-ROS: a Real-Time ROS Architecture on Multi-Core Processors
    Future Generation Computer Systems 56 (2016) 171–178 Contents lists available at ScienceDirect Future Generation Computer Systems journal homepage: www.elsevier.com/locate/fgcs RT-ROS: A real-time ROS architecture on multi-core processors Hongxing Wei a,1, Zhenzhou Shao b, Zhen Huang a, Renhai Chen d, Yong Guan b, Jindong Tan c,1, Zili Shao d,∗,1 a School of Mechanical Engineering and Automation, Beihang University, Beijing, 100191, PR China b College of Information Engineering, Capital Normal University, Beijing, 100048, PR China c Department of Mechanical, Aerospace, and Biomedical Engineering, The University of Tennessee, Knoxville, TN, 37996-2110, USA d Department of Computing, The Hong Kong Polytechnic University, Hong Kong, China article info a b s t r a c t Article history: ROS, an open-source robot operating system, is widely used and rapidly developed in the robotics Received 6 February 2015 community. However, running on Linux, ROS does not provide real-time guarantees, while real-time tasks Received in revised form are required in many robot applications such as robot motion control. This paper for the first time presents 20 April 2015 a real-time ROS architecture called RT-RTOS on multi-core processors. RT-ROS provides an integrated Accepted 12 May 2015 real-time/non-real-time task execution environment so real-time and non-real-time ROS nodes can be Available online 9 June 2015 separately run on a real-time OS and Linux, respectively, with different processor cores. In such a way, real-time tasks can be supported by real-time ROS nodes on a real-time OS, while non-real-time ROS nodes Keywords: Real-time operating systems on Linux can provide other functions of ROS.
    [Show full text]
  • OSI Model and Network Protocols
    CHAPTER4 FOUR OSI Model and Network Protocols Objectives 1.1 Explain the function of common networking protocols . TCP . FTP . UDP . TCP/IP suite . DHCP . TFTP . DNS . HTTP(S) . ARP . SIP (VoIP) . RTP (VoIP) . SSH . POP3 . NTP . IMAP4 . Telnet . SMTP . SNMP2/3 . ICMP . IGMP . TLS 134 Chapter 4: OSI Model and Network Protocols 4.1 Explain the function of each layer of the OSI model . Layer 1 – physical . Layer 2 – data link . Layer 3 – network . Layer 4 – transport . Layer 5 – session . Layer 6 – presentation . Layer 7 – application What You Need To Know . Identify the seven layers of the OSI model. Identify the function of each layer of the OSI model. Identify the layer at which networking devices function. Identify the function of various networking protocols. Introduction One of the most important networking concepts to understand is the Open Systems Interconnect (OSI) reference model. This conceptual model, created by the International Organization for Standardization (ISO) in 1978 and revised in 1984, describes a network architecture that allows data to be passed between computer systems. This chapter looks at the OSI model and describes how it relates to real-world networking. It also examines how common network devices relate to the OSI model. Even though the OSI model is conceptual, an appreciation of its purpose and function can help you better understand how protocol suites and network architectures work in practical applications. The OSI Seven-Layer Model As shown in Figure 4.1, the OSI reference model is built, bottom to top, in the following order: physical, data link, network, transport, session, presentation, and application.
    [Show full text]
  • Fedramp Master Acronym and Glossary Document
    FedRAMP Master Acronym and Glossary Version 1.6 07/23/2020 i​[email protected] fedramp.gov Master Acronyms and Glossary DOCUMENT REVISION HISTORY Date Version Page(s) Description Author 09/10/2015 1.0 All Initial issue FedRAMP PMO 04/06/2016 1.1 All Addressed minor corrections FedRAMP PMO throughout document 08/30/2016 1.2 All Added Glossary and additional FedRAMP PMO acronyms from all FedRAMP templates and documents 04/06/2017 1.2 Cover Updated FedRAMP logo FedRAMP PMO 11/10/2017 1.3 All Addressed minor corrections FedRAMP PMO throughout document 11/20/2017 1.4 All Updated to latest FedRAMP FedRAMP PMO template format 07/01/2019 1.5 All Updated Glossary and Acronyms FedRAMP PMO list to reflect current FedRAMP template and document terminology 07/01/2020 1.6 All Updated to align with terminology FedRAMP PMO found in current FedRAMP templates and documents fedramp.gov page 1 Master Acronyms and Glossary TABLE OF CONTENTS About This Document 1 Who Should Use This Document 1 How To Contact Us 1 Acronyms 1 Glossary 15 fedramp.gov page 2 Master Acronyms and Glossary About This Document This document provides a list of acronyms used in FedRAMP documents and templates, as well as a glossary. There is nothing to fill out in this document. Who Should Use This Document This document is intended to be used by individuals who use FedRAMP documents and templates. How To Contact Us Questions about FedRAMP, or this document, should be directed to ​[email protected]​. For more information about FedRAMP, visit the website at ​https://www.fedramp.gov​.
    [Show full text]
  • A Comparative Evaluation of OSI and TCP/IP Models
    International Journal of Science and Research (IJSR) ISSN (Online): 2319-7064 Index Copernicus Value (2013): 6.14 | Impact Factor (2013): 4.438 A Comparative Evaluation of OSI and TCP/IP Models P. Ravali Department of Computer Science and Engineering, Amrita Vishwa Vidhyapeetham, Bengaluru Abstract: Networking can be done in a layered manner. To reduce design complexities, network designers organize protocols. Every layer follows a protocol to communicate with the client and the server end systems. There is a piece of layer n in each of the network entities. These pieces communicate with each other by exchanging messages. These messages are called as layer-n protocol data units [n-PDU]. All the processes required for effective communication are addressed and are divided into logical groups called layers. When a communication system is designed in this manner, it is known as layered architecture. The OSI model is a set of guidelines that network designers used to create and implement application that run on a network. It also provides a framework for creating and implementing networking standards, devices, and internetworking schemes. This paper explains the differences between the TCP/IP Model and OSI Reference Model, which comprises of seven layers and five different layers respectively. Each layer has its own responsibilities. The TCP/IP reference model is a solid foundation for all of the communication tasks on the Internet. Keywords: TCP/IP, OSI, Networking 1. Introduction Data formats for data exchange where digital bit strings are exchanged. A collection of autonomous computers interconnected by a Address mapping. single technology is called as computer networks.
    [Show full text]
  • Internet of Things (Iot): Protocols White Paper
    INTERNET OF THINGS (IOT): PROTOCOLS WHITE PAPER 11 December 2020 Version 1 1 Hospitality Technology Next Generation Internet of Things (IoT) Security White Paper 11 December 2020 Version 1 About HTNG Hospitality Technology Next Generation (HTNG) is a non-profit association with a mission to foster, through collaboration and partnership, the development of next-generation systems and solutions that will enable hoteliers and their technology vendors to do business globally in the 21st century. HTNG is recognized as the leading voice of the global hotel community, articulating the technology requirements of hotel companies of all sizes to the vendor community. HTNG facilitate the development of technology models for hospitality that will foster innovation, improve the guest experience, increase the effectiveness and efficiency of hotels, and create a healthy ecosystem of technology suppliers. Copyright 2020, Hospitality Technology Next Generation All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior permission of the copyright owner. For any software code contained within this specification, permission is hereby granted, free-of-charge, to any person obtaining a copy of this specification (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the above copyright notice and this permission notice being included in all copies or substantial portions of the Software.
    [Show full text]
  • The OSI Model: Understanding the Seven Layers of Computer Networks
    Expert Reference Series of White Papers The OSI Model: Understanding the Seven Layers of Computer Networks 1-800-COURSES www.globalknowledge.com The OSI Model: Understanding the Seven Layers of Computer Networks Paul Simoneau, Global Knowledge Course Director, Network+, CCNA, CTP Introduction The Open Systems Interconnection (OSI) model is a reference tool for understanding data communications between any two networked systems. It divides the communications processes into seven layers. Each layer both performs specific functions to support the layers above it and offers services to the layers below it. The three lowest layers focus on passing traffic through the network to an end system. The top four layers come into play in the end system to complete the process. This white paper will provide you with an understanding of each of the seven layers, including their functions and their relationships to each other. This will provide you with an overview of the network process, which can then act as a framework for understanding the details of computer networking. Since the discussion of networking often includes talk of “extra layers”, this paper will address these unofficial layers as well. Finally, this paper will draw comparisons between the theoretical OSI model and the functional TCP/IP model. Although TCP/IP has been used for network communications before the adoption of the OSI model, it supports the same functions and features in a differently layered arrangement. An Overview of the OSI Model Copyright ©2006 Global Knowledge Training LLC. All rights reserved. Page 2 A networking model offers a generic means to separate computer networking functions into multiple layers.
    [Show full text]
  • 1.2. OSI Model
    1.2. OSI Model The OSI model classifies and organizes the tasks that hosts perform to prepare data for transport across the network. You should be familiar with the OSI model because it is the most widely used method for understanding and talking about network communications. However, remember that it is only a theoretical model that defines standards for programmers and network administrators, not a model of actual physical layers. Using the OSI model to discuss networking concepts has the following advantages: Provides a common language or reference point between network professionals Divides networking tasks into logical layers for easier comprehension Allows specialization of features at different levels Aids in troubleshooting Promotes standards interoperability between networks and devices Provides modularity in networking features (developers can change features without changing the entire approach) However, you must remember the following limitations of the OSI model: OSI layers are theoretical and do not actually perform real functions. Industry implementations rarely have a layer‐to‐layer correspondence with the OSI layers. Different protocols within the stack perform different functions that help send or receive the overall message. A particular protocol implementation may not represent every OSI layer (or may spread across multiple layers). To help remember the layer names of the OSI model, try the following mnemonic devices: Mnemonic Mnemonic Layer Name (Bottom to top) (Top to bottom) Layer 7 Application Away All Layer 6 Presentation Pizza People Layer 5 Session Sausage Seem Layer 4 Transport Throw To Layer 3 Network Not Need Layer 2 Data Link Do Data Layer 1 Physical Please Processing Have some fun and come up with your own mnemonic for the OSI model, but stick to just one so you don't get confused.
    [Show full text]
  • Resilient Video Coding for Wireless and Peer-To-Peer Networks
    Resilient Video Coding for Wireless and Peer-to-peer Networks Resilient Video Coding for Wireless and Peer-to-peer Networks Proefschrift ter verkrijging van de graad van doctor aan de Technische Universiteit Delft, op gezag van de Rector Magnificus Prof. dr. ir. J. T. Fokkema, voorzitter van het College voor Promoties, in het openbaar te verdedigen op 2 oktober 2007 om 10.00 uur door Jacco Reynoud TAAL elektrotechnisch ingenieur geboren te Rotterdam. Dit proefschrift is goedgekeurd door de promotor: Prof. dr. ir. R. L. Lagendijk Samenstelling promotiecommissie: Rector Magnificus, voorzitter Prof. dr. ir. R. L. Lagendijk, Technische Universiteit Delft, promotor Prof. dr. ir. P. F. A. Van Mieghem Technische Universiteit Delft Prof. dr. ir. H. J. Sips Technische Universiteit Delft Prof. dr. ir. C. H. Slump Universiteit Twente Prof. dr. ir. P. H. N. de With Technische Universiteit Eindhoven Univ.-Prof. Dr.-Ing. Eckehard Steinbach Technische Universität München Dr. A. Reibman AT&T Research A This document is typeset with the LTEX ÑeÑÓiÖ typesetting system. The photo on the cover is taken in April 2006 in the pedestrians tunnel connecting the old and new part of Shanghai. This work was carried out in the ASCI graduate school. ASCI dissertation series number 155 Advanced School for Computing and Imaging ISBN: 978-90-9022238-7 Copyright c 2007 by J. R. Taal All rights reserved. No part of this material may be reproduced or transmitted in any form or by any means, electronic, mechanical, including photocopying, recording or by any information storage and retrieval system, without the prior permission of the copyright owner.
    [Show full text]
  • Physical Interfaces
    N95- 14161 "..,, .....-,, "11.... / "\ RESEARCH & APPLIC_. ONS .Y SYMPOSIUM '92 ""..... A GENERIC ARCHITECTURE MODEL FOR SI CE DATA SYSTEMS RICHARD B. WRA Y ABSTRACT A Space Generic Open Avionics Architecture (SGOAA) was created for the NASA, to be the basis for an open, standard generic architecture for the entities in spacecraft core avionics. Its purpose is to be tailored by NASA to future space program avionics ranging from small vehicles such as Moon Ascent/ Descent Vehicles to large vehicles such as Mars Transfer Vehicles or Orbiting Stations. This architec- ture standard consists of several parts: (1) a system architecture, (2) a generic processing hardware architecture, (3) a six class architecture interface model, (4) a system services functional subsystem architecture model, and (5) an operations control functional subsystem architecture model. This paper describes the SGOAA model. It includes the definition of the key architecture require- ments; the use of standards in designing the architecture; examples of other architecture standards; identification of the SGOAA model; the relationships between the SGOAA, POSIX and OSI models; and the generic system architecture. Then the six classes of the architecture interface model are summarized. Plans for the architecture are reviewed. BIOGRAPHY Richard B. Wray has a dual MS/MBA in Systems Management, Acquisition, and Contracting; a MBA with Distinction Honors in General Management; a MS in Systems Engineering and a BS in Math- ematics. He is the Vice President-Technical of the National Council on Systems Engineering (NCoSE) Texas Gulf Coast Chapter, and Chairman of the NCoSE Systems Engineering Process Working Group to define a nationally recognized systems engineering process.
    [Show full text]
  • Qoe-Aware Cross-Layer Architecture for Video Traffic Over Internet
    Published in: 2014 IEEE REGION 10 SYMPOSIUM. Date Added to IEEE Xplore: 24 July 2014. Date of Conference: 14-16 April 2014 c 2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. DOI: 10.1109/TENCONSpring.2014.6863089 QoE-Aware Cross-Layer Architecture for Video Traffic over Internet Safeen Qadir1, Alexander A. Kist1 and Zhongwei Zhang2 1 School of Mechanical and Electrical Engineering fsafeen.qadir, [email protected] 2 School of Agricultural, Computational and Environmental Sciences [email protected] University of Southern Queensland, Australia Abstract—The emergence of video applications and video new mechanisms recommending video rate adaptation towards capable devices have contributed substantially to the increase of delivering enhanced Quality of Experience (QoE) at the same video traffic on Internet. New mechanisms recommending video time making room for more sessions. rate adaptation towards delivering enhanced Quality of Experi- ence (QoE) at the same time making room for more sessions. This The massive demand for video anytime and anywhere has paper introduces a cross-layer QoE-aware architecture for video led to the development of adaptive streaming solutions that are traffic over the Internet. It proposes that video sources at the able to deliver video with a maintained QoE. QoE is a measure application layer adapt their rate to the network environment of the user perceived quality of a network service.
    [Show full text]
  • ISO Reference Model for Open Systems Interconnection (OSI)
    DATA PRO Data Networking 2783 1 Standards ISO Reference Model for Open Systems Interconnection (OSI) In this report: Datapro Summary OSI Standards Progress ..... 6 The goal of Open Systems Interconnection (OS!) was designed to enable dissimilar com­ puters in multivendor environments to share information transparently. The OSI structure OSI Management ................ 8 calls for cooperation among systems of different manufacture and design. There are seven layers of the OSI model that communicate between one end system and another. The layers OSI and the Future •....••....•.. 9 cover nearly all aspects of information flow, from applications-related services provided at the Application Layer to the physical connection of devices to the communications medium Note: This report ex­ at the Physical Layer. All seven layers have long since been defmed and ISO protocols plains the OSI Seven­ ratified for each layer, though extensions have been made occasionally. Although the model Layer Reference Model at has changed the way we look at networking, the dream of complete OSI-compliance has not all layers; compares OSI come to fruition. The causes are varied, but this is essentially because OSI protocols are too to other architectures; expensive and too complex compared with other protocols that have become de facto stan­ rationalizes the need for dards in their own right. Even so, it is important to understand the model because, although standards testing and veri­ the complete stack of protocols is not much used today, the model has formed the way we fication; examines the case for OSI; profiles think of the structure of networks, and the model itself is always referred to in intemetwork­ major testing organiza­ ing matters.
    [Show full text]