CENTRAL EMULATOR DEVICE AND METHOD FOR DISTRIBUTED EMULATION

US 20180115588A1
Filed: 10/26/2016
Published: 04/26/2018
Est. Priority Date: 10/26/2016
Status: Active Grant

First Claim

Patent Images

1. An emulation system configured to hardware-emulate network security operations for a network of computing devices, the emulation system comprising:

a central controller; and

a plurality of distributed processing elements, the central controller and each of the distributed processing elements comprising processing circuitry and memory;

a portion of each distributed processing element configured to operate as a distributed emulator, each portion dedicated to emulation of the network security operations by one of the computing devices,wherein the central controller is configured to;

monitor a synchronous emulation of a network security algorithm implemented on the distributed processing elements, the synchronous emulation including random generation of security events at the distributed processing elements;

the security events comprising, at least an emulation of an attempted unauthorized access at one of the distributed processing elements, to simulate an attempted unauthorized access at one of the computing devices,in response to a security event, send a pause command to the distributed processing elements to pause the synchronous emulation and to instruct the distributed processing elements to send state variables of the distributed processing elements at a time of the security event;

determine, based at least partly on the state variables at the security event time, a security performance level of the network security algorithm for a group of settings of the network security algorithm at the security event time;

store a global snapshot of the state variables at the security event time to enable the synchronous emulation to be reverted to the security event time from arbitrary times subsequent to the security event time for security performance evaluation of the network security algorithm.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of a central emulator, distributed emulator and method for emulation of a system are generally described herein. The central emulator may receive state variables from distributed emulators at various emulation times. As an example, such an emulation time may be related to an emulation event at one of the distributed emulators. The central emulator may determine global snapshots of the system emulation for the emulation times based on the state variables. The global snapshots may be used to control a timing of the system emulation for operations such as rewinding, pausing, forwarding and/or setting to a target time.

12 Citations

View as Search Results

21 Claims

1. An emulation system configured to hardware-emulate network security operations for a network of computing devices, the emulation system comprising:
- a central controller; and
  
  a plurality of distributed processing elements, the central controller and each of the distributed processing elements comprising processing circuitry and memory;
  
  a portion of each distributed processing element configured to operate as a distributed emulator, each portion dedicated to emulation of the network security operations by one of the computing devices,wherein the central controller is configured to;
  
  monitor a synchronous emulation of a network security algorithm implemented on the distributed processing elements, the synchronous emulation including random generation of security events at the distributed processing elements;
  
  the security events comprising, at least an emulation of an attempted unauthorized access at one of the distributed processing elements, to simulate an attempted unauthorized access at one of the computing devices,in response to a security event, send a pause command to the distributed processing elements to pause the synchronous emulation and to instruct the distributed processing elements to send state variables of the distributed processing elements at a time of the security event;
  
  determine, based at least partly on the state variables at the security event time, a security performance level of the network security algorithm for a group of settings of the network security algorithm at the security event time;
  
  store a global snapshot of the state variables at the security event time to enable the synchronous emulation to be reverted to the security event time from arbitrary times subsequent to the security event time for security performance evaluation of the network security algorithm.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The emulation system according to claim 1, wherein:
    - the security event is a first security event, the security performance level is a first security performance level, and the group of settings at the first security event time is a first group of settings, andthe central controller is further configured to, for each of multiple candidate groups of settings;
      
      revert the synchronous emulation to the first security event time by sending the global snapshot of the first security event time to the distributed processing elements;
      
      instruct the distributed processing elements to resume the synchronous emulation in accordance with the candidate group of settings from the first security event time until a time of another security event; and
      
      determine, for comparison to the first security performance level for the first group of settings, a security performance level of the network security algorithm for the candidate group of settings at the time of the other security event.
  - 3. The emulation system according to claim 2, wherein:
    - the central controller is further configured to store security performance levels determined at different security event times and for different groups of settings of the network security algorithm at the different event times, andthe security performance levels and the groups of settings are stored for usage in an offline determination, by a user, of a target group of settings for an implementation of the network security algorithm.
  - 4. The emulation system according to claim 2, wherein the central controller is configurable to update the group of settings of the network security algorithm based on user input or based on an automated selection, by the central controller, from a candidate group.
  - 5. The emulation system according to claim 2, wherein the settings of the network security algorithm comprise at least an encryption algorithm type or an encryption key size.
  - 6. The emulation system according to claim 2, the central controller further configured to:
    - determine multiple global snapshots at different event times or emulation times based at least partly on state variables of the computing devices received from the distributed processing elements;
      
      switch the synchronous emulation between different event times or emulation times in accordance with the global snapshots,modify or retain settings of the network security algorithm when the synchronous emulation is switched between the different event times or emulation times.
  - 7. The emulation system according to claim 2, wherein:
    - the synchronous emulation is performed in accordance with a reference timing of the central controller, andthe first security event time and the times of the other security events are based at least partly on the reference timing.
  - 8. The emulation system according to claim 2, the central controller further configured to send, to the distributed processing elements:
    - an indicator that the synchronous emulation is to revert from a current time to a prior emulation time, anda prior global snapshot for the prior emulation time.

9. A non-transitory computer-readable storage medium that stores instructions for execution by one or more processors of a central controller to perform operations to control a synchronous emulation of a network by a plurality of distributed processing elements, each distributed processing element to emulate network operations of a computing device of the network, the operations to configure the one or more processors of the central controller to:
- send a pause command to the distributed processing elements to pause the synchronous emulation at an arbitrary pause time and to instruct the distributed processing elements to send state variables of the distributed processing elements at the pause time;
  
  store a global snapshot of the state variables at the pause time to enable the synchronous emulation to be reverted to the pause time from arbitrary times subsequent to the pause time;
  
  for each of multiple candidate groups of settings of a network security algorithm;
  
  instruct the distributed processing elements to resume the synchronous emulation from the pause time and in accordance with the candidate group of settings of the network security algorithm;
  
  receive, from the distributed processing elements, an indication that a security event has been emulated;
  
  determine, based at least partly on state variables of the distributed processing elements at a time of the security event, a security performance level of the network security algorithm for the candidate group of settings of the network security algorithm;
  
  revert the synchronous emulation to the pause time by sending the global snapshot of the pause time to the distributed processing elements.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The non-transitory computer-readable storage medium according to claim 9, the operations to further configure the one or more processors of the central controller to:
    - store the security performance levels of the network security algorithm for the candidate groups of settings of the network security algorithm,wherein the security performance levels and the candidate groups of settings are stored for usage in an offline determination, by a user, of a target group of settings for an implementation of the network security algorithm.
  - 11. The non-transitory computer-readable storage medium according to claim 9, wherein the central controller is configurable to select the candidate groups of settings of the network security algorithm based on user input or based on an automated generation by the central controller.
  - 12. The non-transitory computer-readable storage medium according to claim 9, wherein:
    - the security events comprise at least an emulation of an attempted unauthorized access at one of the distributed processing elements, to simulate an attempted unauthorized access at one of the computing devices, andthe settings of the network security algorithm comprise at least an encryption algorithm type or an encryption key size.
  - 13. The non-transitory computer-readable storage medium according to claim 9, wherein:
    - the synchronous emulation is performed in accordance with a reference timing of the central controller, andthe pause time is based at least partly on the reference timing.

14. A method of controlling a synchronous emulation of a network of computing devices by a plurality of distributed processing elements, each distributed processing element to emulate network operations of one of the computing devices, the method comprising:
- sending a pause command to the distributed processing elements to pause the synchronous emulation at an arbitrary pause time and instructing the distributed processing elements to send state variables of the distributed processing elements at the pause time;
  
  storing a global snapshot of the state variables at the pause time to enable the synchronous emulation to be reverted to the pause time from arbitrary times subsequent to the pause time;
  
  for each of multiple candidate groups of settings of a network security algorithm;
  
  instructing the distributed processing elements to resume the synchronous emulation from the pause time and in accordance with the candidate group of settings of the network security algorithm;
  
  receiving, from the distributed processing elements, an indication that a security event has been emulated;
  
  determining, based at least partly on state variables of the distributed processing elements at a time of the security event, a security performance level of the network security algorithm for the candidate group of settings of the network security algorithm;
  
  reverting the synchronous emulation to the pause time by sending the global snapshot of the pause time to the distributed processing elements.
- View Dependent Claims (15)
- - 15. The method according to claim 14, further comprising:
    - storing the security performance levels of the network security algorithm for the candidate groups of settings of the network security algorithm,wherein the security performance levels and the candidate groups of settings are stored for usage in an offline determination, by a user, of a target group of settings for an implementation of the network security algorithm.

16. A central emulator, comprising:
- memory; and
  
  processing circuitry, configured to;
  
  decode, from a group of emulators operating on one or more remote host devices, an indication that an event has been emulated as part of a system emulation of device operation of a group of devices;
  
  determine a global snapshot for an emulation time of the event based on one or more state variables of the emulators at the emulation time; and
  
  encode, for transmission to the emulators;
  
  an indicator that the system emulation is to be reverted from a current emulation time to the emulation time of the event, andthe global snapshot for the emulation time of the event.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The central emulator according to claim 16, wherein:
    - the group of devices emulated includes a group of one or more mobile devices and a base station to which the mobile devices communicate as part of the device operation,the event is in a group that includes, for at least one of the mobile devices, an attempt to initiate a phone call, an attempt by an external device to call or page the mobile device, an attempt by an external device to cause uplink data transmission by the mobile device or an attempt by the mobile device to update an encryption parameter used by the mobile device, andthe global snapshot includes, for at least one of the mobile devices, a mobile phone number, one or more network access restrictions, identifiers of one or more base stations to which the mobile device has communicated or a type of encryption algorithm used by the mobile device.
  - 18. The central emulator according to claim 16, wherein:
    - the group of devices emulated includes a group of one or more computers of a computer network and the device operation includes intra-network communication and/or inter-network communication,the event is in a group that includes, for at least one of the computers, an attempt to login to the computer by another computer of the computer network, an attempt to login to the computer by a component external to the computer network, an attempt to enter a password for a login to the computer, an attempt to change a user profile of the computer or an attempt to access data of the computer, andthe global snapshot includes, for at least one of the computers, a list of other computers that have accessed the computer, a list of other computers accessed by the computer, a list of components external to the computer network that have communicated with the computer, a number of password attempts that have been made by a user trying to access the computer or a type of encryption algorithm used by the computer.
  - 19. The central emulator according to claim 16, the processing circuitry further configured to:
    - encode, for transmission to the emulators, an indicator that the system emulation is to be paused;
      
      determine one or more updated device operation parameters; and
      
      encode, for transmission to the emulators;
      
      the updated device operation parameters, andan indicator that the system emulation is to be resumed in accordance with the updated device operation parameters,wherein the determination of the updated device operation parameters is based at least partly on an output from one or more emulators of the group while the system emulation is paused.
  - 20. The central emulator according to claim 16, the processing circuitry further configured to encode, for transmission to the emulators:
    - an indicator that the system emulation is to revert from the current emulation time to a prior emulation time, anda prior global snapshot that indicates a set of prior state variables of the emulators at the prior emulation time.
  - 21. The central emulator according to claim 16, wherein the central emulator is configured to operate in accordance with a KI2 Distributed System of Systems protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Raytheon Company (Rtx Corporation)
Original Assignee
Raytheon Company (Rtx Corporation)
Inventors
Wysocki, William, Snyder, Ryan S., Jensen, Peter C.

Granted Patent

US 10,264,028 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/145   involving simulating, desig...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/205   involving negotiation or de...

CENTRAL EMULATOR DEVICE AND METHOD FOR DISTRIBUTED EMULATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

CENTRAL EMULATOR DEVICE AND METHOD FOR DISTRIBUTED EMULATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links