Deterministic Networking (DetNet) Security Considerations, June 2021
- File formats:
- E. Grossman, Ed.
- detnet (rtg)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
A DetNet (deterministic network) provides specific performance guarantees to its data flows, such as extremely low data loss rates and bounded latency (including bounded latency variation, i.e., "jitter"). As a result, securing a DetNet requires that in addition to the best practice security measures taken for any mission-critical network, additional security measures may be needed to secure the intended operation of these novel service properties.
This document addresses DetNet-specific security considerations from the perspectives of both the DetNet system-level designer and component designer. System considerations include a taxonomy of relevant threats and attacks, and associations of threats versus use cases and service properties. Component-level considerations include ingress filtering and packet arrival-time violation detection.
This document also addresses security considerations specific to the IP and MPLS data plane technologies, thereby complementing the Security Considerations sections of those documents.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.