pp. 539-548 539

Securi ty of te lecommunica t ion networks * Appl icat ion in the area of {{ l ie -de-France >>

Jean B E R B I N A U **

Jean-Pie r re G U E R I N E A U ***

Abstract

d telecommunication network has to be planned taking into account overloads and failure conditions. This paper presents a chain of computer programs, which allows the optimal design and dimensioning of a network in order to satisfy a given grade of service specification in case of the interruption of a single transmission link. The additional cost of introducing security requirements is also evaluated. The method has been applied to the network of lle de France. After description of Paris extra-muros network, the paper presents general results on the best security strategy for a given loss probability. The investments required for transmission equipments represent one to two years growth.

Key words : Telecommunication network, Telephone net- work, Regional network, Traffic security, Survival, Stand-by system, Computer program, Dimensioning, Cost.

tissement d consentir en transmission reprdsente une d deux anndes de croissance.

Mots d6s : R6seau t616communication, R6seau t616phonique, R6seau r6gional, S6curit6 trafic, Survie, Installation secours, Programme ordinateur, Dimensionnement, Corot.

Contents

I. Introduction. 2. Security strategies. 3. Chain of computer programs. 4. Application to the Paris area-starting hypotheses. 5. Results for the outer ring of the greater Paris

area and generalizations. 6. Performance of the program chain. 7. Conclusion. References (8 refi).

L A SI~CURITI~ D A N S L E S R]~SEAUX

D E T I ~ L ] g C O M M U N I C A T I O N - A P P L I C A T I O N E N I L E - D E - F R A N C E

Analyse

Un rdseau tdldphonique doit ~tre confu en tenant compte de l'dventualitd de surcharges de trafic ou de ddfaillances d'dquipement. Cet article prdsente une sdrie de programmes informatiques qui permet de ddterminer la configuration optimale du rdseau pour assurer un niveau donnd de qualitd de service en cas d'interruption d'une ligne de transmission. 11 permet aussi d'dvaluer le codt additionnel de cette sdcuritd. La mdthode a did raise en wuvre sur le rdseau de Paris extra-muros. Aprds description de ce rdseau, l'article prdsente la meilleure politique de sdcuritd d appliquer

ce rdseau en fonction du taux de perte admis. L'inves-

1. I N T R O D U C T I O N

A t e l ephone n e t w o r k shou ld e n a b l e calls to be set up n o t on ly when all e q u i p m e n t is w o r k i n g n o r m a l l y b u t a l so when fa i lures occu r in s o m e places. W h e n des ign ing the ne twork , i ts b e h a v i o u r u n d e r i m p a i r e d c o n d i t i o n s shou ld be t a k e n i n to accoun t . I n s t ead o f j u s t d e t e r m i n i n g an e c o n o m i c o p t i m u m in n o r m a l cond i t i ons , the inf luence on the n e t w o r k o p e r a t i o n o f the va r ious traffic a n d c i rcu i t r o u t i n g s t ra tegies shou ld be o p t i m i z e d so as to m a i n t a i n a high qua l i t y o f service level even in case o f fa i lures .

I t is the re fo re necessa ry to be ab l e to de t e rmine the bes t s t ra tegy fo r ensu r ing n e t w o r k secur i ty fo r a g iven cos t a n d to ca lcu la te the qua l i t y o f service offered c o n d i t i o n s w h i c h such a s t ra tegy enab les one to reach .

Th is p a p e r discusses the use o f a cha in o f c o m p u t e r p r o g r a m s d e v e l o p e d fo r th is p u r p o s e a n d p resen t s

* Cet article correspond/~ la communication pr6sent6e au Colloque << Planification des r6seaux de t616communications >>, h Paris, sep- tembre 1980. Une version franqaise est disponible aupr6s des auteurs. ** Chef du groupement << Planification strat6gique ~> - DGT - SPES - 20, avenue de Segur, 75700 Pads. *** CNET - Pads A - ATR - 92131, Issy-les-Moulineaux.

1/10 ANN. TI~LI~COMMUN., 36, n o 9-10, 1981

540 J. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS

the results obtained for a very large real network (several hundreds of transmission links and switching nodes and several thousands of t runk groups) : the network o f the Paris region excluding Paris itself (Paris extra-muros).

In [1], a method was proposed for dimensioning a network to satisfy a minimal grade of service constraint (better than X 70 in case of failure condi- tions). The chosen principle was that interrupted trunk groups should overflow on to oversized hierar- chical t runk groups, the security of the latter being assured by stand-by transmission systems (stand-by capacity network).

This method has been improved to enable the determination of the optimal compromise between providing security by overflow as in [1] and by stand- by capacity. The programs have also been improved (optimization of algorithms and coding) to enable the processing of large networks within reasonable time limits (*).

2.2. Network protection.

There are numerous possible methods of providing network security which introduce a large number of degrees of freedom ; in the present state of Opera- tional Research, it is not possible to determine exactly the optimal minimum cost network configuration. We have therefore used heuristic techniques to deter- mine configurations which satisfy the required quality of service and which are close to the optimum.

Security is taken into account when the network is planned by installing the necessary reserve capa- cities and distinct transmission media. A certain number of actions can be taken in real time : filtering of calls towards a given direction, modification of traffic routing, choice of a path in the stand-by capa- city network. Table I summarizes the different types of security strategy at switching and transmission levels and for each kind of action : preventive or in real time.

2. SECURITY STRATEGIES

2.1. Service impairments and security objectives.

The network should carry the offered traffic with a given grade of service. However, this objective is not always reached :

- - the offered traffic may be different f rom that forecast,

- - t h e network capacity is reduced because of some failure conditions.

In case o f service impairments, the network is affected either at the level of the switching centres (mainly in the c ommon control) or at the level of the transmission systems.

The reasons can sometimes be foreseen, for example when equipment is put out of service by the operating staff or when traffic peaks occur due to phone-in radio games. Impairments can also happen by acci- dent (cables cut by mechanical diggers, etc.).

In the following study, the aim is to ensure, in case of the interruption of a single transmission link, an end-to-end blocking probability on all traffic streams of less than X 70, X being fixed. It has been assumed that the probabili ty for two links to be simultaneously interrupted is too small for it to be worthwhile providing for network security in such a case. Service impairments inside switching centres have not been taken into account and we have assumed that their internal blocking was constant. We there- fore only consider the blocking probability due to trunk group congestion as in [1].

(*) Using the rm 6080 computer at the CNET.

TABLE I. - - Security strategy. Pofitique de sdcuritd.

Switching

Transmission

Preventive security

Occupancy limitation Systematic overflow or not. Load sharing Overdimensioning of hierarchical trunk-groups.

Multitechniques (radio-cable sharing) multirouting.

Decisions to be taken in real time

Traffic routing modificatiop in real time. Call fltering towards the disturbed area.

Use of a stand-by capacity network in case of partial failure.

It should also be noted that, in the network designed to carry the nominal traffic, the limitation of occu- pancy on trunk groups and the overflow of some small trunk groups already constitute ways of pro- viding network security.

In this study, the parameters taken into account are the following : the use or not of systematic over- flow on to hierarchical t runk groups, t runk group multirouting, overdimensioning of the hierarchical trunk groups and the use of a stand-by capacity network [2].

3. CHAIN OF C O M P U T E R P R O G R A M S

3.1. Description of the chain (Fig. 1).

3.1.1. SPARTACUS.

The program known as SPARTACUS [3] optimizes the network cost bearing in mind technical and

ANN. T~L~COMMUN., 36, n ~ 9-I0, 1981 2/10

J. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS 541

Traffic matrix

-- f Ii SPARTACUS

MAL PESTE II

I Overdimensi~ ~--"- I I ALCOR / I cost in circuits " 4 ( '

Cost of the reserve capacity J

FIo. 1. - - Chain of programs.

Chafne de programmes.

management constraints. I t determines the traffic routing of trunk groups in a hierarchical network taking into account a maximal loss probabil i ty on trunk groups and a limitation of the mean occupancy of the non-overflowing t runk groups. The latter constraint has an effect on network security.

3 . 1 . 2 . SECURAD.

The p rogram known as SECURAD [4] optimizes the circuit routing of t runk groups calculated by SPARTA- CUS ; three cases have been examined :

�9 monorout ing : a t runk group is routed on one pa th only ;

�9 birouting : a t runk group is routed on two distinct paths in the n e t w o r k ;

�9 enhanced routing : according to its size, a t runk group is routed on one or several paths :

- - t r u n k groups under 20 circuits : rout ing on one pa th ;

- - t runk groups between 20 and 100 circuits : routing on two p a t h s ;

- - t runk groups over 100 circuits : rout ing on three paths.

3 . 1 . 3 . MALEPESTE.

The next p rog ram of the chain can be considered as its central point. For each failure ( interrupt ion of a link), the p rog ram MALEPESTE [1] recalculates the number of circuits on the last choice t runk groups necessary to ensure the required grade o f service when they carry the additional traffic overflowing f rom the interrupted t runk groups.

The results o f MALEPESTE are output to a file giving, for each interrupted link, the number of circuits which are not interrupted and the number of circuits which are necessary on each last choice t runk group f rom which it is possible to calculate the number of last choice circuits to be securized by s tand-by capacity.

I t may be noted that the same overdimensioning can be used for different non-s imul taneous link interruptions which makes it cost-saving.

On the other hand, when the last choice t runk group is also carried on the interrupted link or is used only for a few cases of failure, the overdimension- ing may not be justifiable. In this case, it is bet ter to provide for the security of overflowing t runk groups with s tand-by capacity.

3.1.4. ALCOR.

The next p rogram, known as ALCOR [5], optimizes, for each link, the choice between the use of overflow and s tand-by capacity. This choice depends on the cost o f a circuit on the overdimensioned route and the cost o f a s tand-by circuit for the interrupted t runk group. The result o f ALCOR is a file giving the type of securization for each link, and for each case of link failure the number of circuits to be securized by s tand-by (they are called circuits in italics) and the number of circuits to be added on to overdimen- sioned routes.

3 . 1 . 5 . SUPERSEC.

F r o m the file of circuits, the p rog ram known as SUPERSEC [6] optimizes a stand-by transmission net-

3/10 ANN. T~L~COMMUN,, 36, n ~ 9-10, 1981

542 j. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS

work under the hypothesis of single link failure. In this program, we determine the number of sections o f circuits in the stand-by capacity network and its total length in channel-kilometres. A circuit section is that part of a circuit carried by a given link.

low filling rate and consequently to higher trans- mission costs than monorout ing or enhanced routing. For this study, the filling coefficients have been calculated with a grouping program.

3 .2 . I n t r o d u c t i o n o f c o s t s in the cha in .

3.2.1 Costs taken into account by SPARTACUS :

- - cost of the local switching centres ;

- - cost of the transit switching centres ;

- - cost of circuit junctors ;

- - cost of transmission assuming the trunk groups to be monorouted by the shortest path on the trans- mission link network.

3.2.2. Costs taken into account by SECU~dg.

We calculate the ratio of the average circuit length with multirouting to the average length with mono- routing. This enables us to recalculate the trans- mission cost given by SPARTACUS ; strictly speaking, the result given by SPARTACUS depends on the routing strategy but this is not taken into account here.

3.2.3. Costs taken into account by ALCOR :

- -ove rd imens ion ing cost of a circuit : junctor and transmission ;

- - securization cost of a circuit section (by stand- by capacity).

3.2.4. Costs taken into account by SUPERSEC "

Transmission cost in the network of links. This enables us to calculate the cost per securized section which is a part of the section transmission cost. A SUPERSEC run securizing the network only by stand- by capacity, enables us to obtain the approximate securization cost required by ALCOR.

In order to determine the optimal network, it would be necessary to reintroduce the cost obtained by SUPERSEC in the ALCOR program and to repeat the optimization until we have the same cost in both programs. This has not been done in our study as the program run times are too long. We have taken the cost obtained by SUPERSEC in securizing the net- work wholly by stand-by capacity and we have used this to test the various security strategies. We then verified that this cost does not vary a lot according to the obtained stand-by capacity network.

3.2.5. Transmission cost (grouping).

In fact, the transmission costs depend on the filling rate of the multiplex groups. In particular, if a homogeneization policy is chosen with only one trunk group per PCM or supergroup, a policy of systematic birouting of the t runk groups leads to a

4. A P P L I C A T I O N TO THE PARIS A R E A

STARTING H Y P O T H E S E S

4.1 . G e o g r a p h i c a l d i s tr ibut ion .

The studied network is the network of the Direction

de Paris extra-muros. The Direction de Paris extra-muros consists of the

four departments of the outer ring of the greater Paris area : Essonne, Seine-et-Marne, Val-d'Oise and Yvelines as well as the outlying districts of the three departments of the first ring, comprising 14 % of the population of the Hauts-de-Seine, 16 ~ of the popu- lation of the Val-de-Marne and 35 % of the population of the Seine-Saint-Denis (Fig. 2).

The strategic town-planning scheme for the greater Paris area published in 1965, after recognizing the

FIG. 2. - - Position of Paris extra-muros area within the Paris region.

Place de la rdgion de Paris extra-mutes dans la rdgion d'lle-de-France.

[] Region de Paris extra-muros : 11 475 km 2, 4 600000 inhabitants, 1 138 133 subscriber main lines. ] ~--~1 Region de Paris intra-muros : 495 km 2, 5 500000 inhabi-

tants, 1 935 964 subscriber main lines. I/-77771 Part of the first ring ofdepartments presently appertaining

to Paris extra-muros. ......... Department limit. �9 Prefecture

1985 91 92 EM

H 375 33

E 339 70

93 EM

170

94 E__L 7___7 7___8

77 353 337 455

52 272 290 453

EM " extra-muros H : Households in thousands E : Jobs in thousands

ANN. TI~L~COMMUN., 36, n ~ 9-10, 1981 4/10

J. BERBINAU. -- SECURITY OF TELECOMMUNICATION NETWORKS 543

need to stabilize the populat ion of Paris at its present level, expresses the wish of the Government :

- - t o create new urban centres ;

- - to channel the development of built-up a r e a s

along preferential axes on which the growth of new towns would be poss ib le ;

- - to assure a modera te development of the small and medium size towns of the per iphery ;

u to improve the housing-employment balance by a better distr ibution of activities, with priority given to the u rban centres of the periphery and to the East rather than to the West of the region.

I t was thus the outer ring which was destined to absorb the natural growth as well as the growth resulting f rom the decisions of restriction concerning the stability of the Paris population.

It is clear that the telephone network had to be designed and developed with respect to the strategic scheme of the Paris region.

Consequently, we had to deal with a rapid growth network. F r o m the end of 1975 to 1985 the Paris extra-taurus area will face a growth in the number of subscribers f rom 800 000 to 1 900 000 ( + 138 ~ ) ; during this same period, the total traffic will be multi- plied by a factor close to 3.

In this network, the planner has felt the necessity to rely more than ever on computerized planning tools. The network was well suited to a study of securization because of :

- - the existence of data bases ;

the economic impor tance of the traffic of the subscribers which it serves.

This last point enabled the top management to appreciate the impor tance which should be attached to the implementat ion of a security strategy.

4 . 2 . N e t w o r k d e s c r i p t i o n a n d s t a r t i n g h y p o t h e s e s .

The studied ne twork is the Direction de Paris extra-muros network for the year 1985.

The traffic has been extrapolated f rom present data for the year 1982.

The network consists o f 245 switching centres, 4 000 trunk groups and 165 000 circuits ; the carried traffic amounts to 96 000 E (erlangs). In the trans- mission network, there are 186 buildings and 423 arcs f rom the network of links including 15 hanging arcs i.e. arcs for which there is only this one path between both ends of the arc (see Table II). SECtmAD only takes account of 109 000 circuits and 3 109 t runk groups.

Starting hypotheses.

The network calculated by SPARTACUS is the starting ne twork ; the start ing circuit routing is given by SECtmAD based on the assumption that t runk groups must be monorouted . The additional cost o f the

TABLE II. Characteristics of the starting network ~< Paris extra-muros ~

(unirouting). Caractdristiques du rdseau de ddpart ~ Paris extra-taurus ~

(uniroutage).

Number of switching centres Number of trunk groups of which 2 200

overflowing circuits Number of circuits Carried traffic Maximal loss per flow in normal conditions Percentage of additional circuits due to 0.7

occupancy limitation on hierarchical trunk groups

245

4000

165 000 96000 E

1.5%

12%

Number of buildings Number of arcs in the transmission network Number of hanging arcs Number of trunk groups routed by SECURAD Number of circuits routed by SECUreD PCM filling rate Number of channel kilometres Average channel length Number of circuit sections *

186 423

15 3109 109 000

0 .8

2353.10 a 21.4 km

312000

* A section is that part of a circuit routed on one link.

different securization policies leading to an equipment redundancy will be calculated in relation to this network. The object of the study is to distribute this redundancy as intelligently as possible.

The network security s tudy has only been made for the Paris ext ra-muros area, without taking account of the t runk groups connecting this area to Paris tandem exchanges. Nei ther has the cost of securi- zation of hanging arcs or o f t runk groups inside the buildings been taken into consideration.

The traffic rout ing hypotheses are the following :

- - t h e transit threshold is fixed at 4 E ;

- - t h e occupancy l imitat ion is fixed at 0.7 on hierarchical t runk g r o u p s ;

- - t h e loss probabi l i ty of a hierarchical t runk group is 0.5 ~ ;

- - the min imum size of a non-overflowing t runk group is 10 c i rcu i t s ;

- - the min imum size of a t runk group is 4 circuits.

The occupancy l imitat ion of 0.7 already gives the network some security. With the MALEPESTE program, the size of hierarchical t runk groups has been recalcu- lated without taking account of this limitation, the loss being limited to 0.5 ~o. The number of circuits then decreases by 12 ~o. The value of the occupancy limitation is mainly noticed when traffic overloads occur and when it is necessary to route an excess o f overflowing traffic when a l ink is interrupted. On the other hand, the use of s tand-by circuits is always necessary when the last choice t runk group itself is interrupted.

5/10 ANN. TgL~COMMUN., 36, n ~ 9-10, 1981

544 j. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS

In our study, it is assumed that the stand-by capa- city network is digital and that the circuits due to overdimensioning are routed by PCM. In fact, for 1982, 2/3 of the network calculated by SPARTACUS is constituted by PCM channels.

. R E S U L T S F O R T H E O U T E R RING O F T H E G R E A T E R PARIS AREA

A N D G E N E R A L I Z A T I O N S

5.1. Values o f t h e v a r i o u s p a r a m e t e r s .

5.1.1. Traffic routing.

We have compared the cost in the case where systematic overflow of the t runk groups on to the hierarchical t runk group is allowed to the cost in the case where this is not possible.

5.1.2. Circuit routing (Table III).

We have compared the cost in case of monorout ing, birouting or enhanced routing.

TABLE III. - - Studied circuit routings. Routages dtttdids.

Enhanced Unirouting Birouting routing

Number of arcs 423 423 423

Length of channels 8153.108 8153.103 8153.103 offered (krn)

Length of channels 2353.108 2537.103 2558.103 used (kin)

Average channel 21.4 23.1 23.3 length (kin)

PCM filling rate 0.8 0.6 0.7

The grouping p rog ram has given the following filling rates :

- - monorout ing : 0.8,

- - birouting : 0.6,

- - enhanced routing : 0.7

which enables us to modi fy the transmission costs in consequence.

5.1.3 . Loss probability.

The network behaviour has been studied for a wide range of end-to-end loss probabilities. These various values allow us to obtain the variat ion of the security cost for bo th the s tand-by capacity network and the overdimensioned hierarchical t runk groups.

In this study, two values of end-to-end loss have been considered for which, even in case of impaired

conditions, the grade of service does not vary signifi- cantly so that the subscriber is not obliged to modify his behaviour.

These end-to-end loss values are : 3 % and 9 %. The two other values are relative to much greater

loss probabilities and though it has not been taken into consideration here, we must not forget that in this case the subscriber may modify his behaviour and make repeat at tempts. The inefficacity rate sub- jectively felt by the subscriber is then clearly superior to the blocking rate considered here which can be assimilated to the blocking rate due to trunk group congestion.

These end-to-end values are : 30 % and 50 %. The network studied here only consists o f one

transit level : a traffic s t ream only passes through two transit centres at a maximum. I t can be shown that it is sufficient to limit the loss probabili ty per trunk group to 1%, 3 %, 11% and 2 1 % respectively to satisfy the end-to-end loss values above.

For each hypothesis, we have determined the number of overdimensioning circuits, the number of sections in the s tand-by capacity network and the cost of security considered as an additional cost with respect to the total cost o f the network given by SPARTACUS and SECURAD (monorouted without security constraints). The transmission cost is a little less than a half of the total cost of the starting network.

The results shown in Tables IV, V, VI can be used according to several points of view :

- - f o r a given circuit routing, the costs for the various considered grades of service can be compared ;

- - i t is also possible to look for the strategy offering the best quality o f service for a fixed additio- nal cost ;

- - we may want to know how the additional cost due to security varies according to the grade of service level when the least cost network structure is chosen for each grade.

Multirouting leads to an increase in the number of circuit sections. When birouting is used this number grows by about 10 % compared to monorouting. The number of sections is nearly the same for birout- ing and enhanced routing. On the other hand, the PCM filling rate is not the same for all types of circuit routing : 0.8 for monorout ing ; 0.6 for birouting ; 0.7 for enhanced routing.

When a monorou t ing network is required, Table IV shows that it is better that the security of the entire network be assured by s tand-by capacity if the end-to- end loss under impaired conditions is 3 % or 9 %. I f a loss of 50 % is accepted, the minimal cost is reached by securizing nearly all the trunk groups by overdimensioning with s tand-by capacity for the last choice trunk groups.

In all cases, the systematic overflow of trunk groups on to the h ierarc~cal route gives the most costly network.

ANN. Tt~L~COMMUN., 36, n ~ 9-10, 1981 6/10

J. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS

TABLE IV. - - Additional security cost for the monorouted network.

Coat additionnel de la sdcuritd pour le rdseau uniroutd.

545

e,

/:

Grade of service

Overdimensioning cost (in circuits)

Stand-by capacity cost (in sections)

Cost (in % of the starting network)

Overdimensioning cost (in circuits)

Stand-by capacity cost (in sections)

Cost (in % of the starting network)

Arcs securized by overdimensioning + stand-by for last choice t runk groups

I 9 30 50

14755 I 11743 7378 4743

188.10 a 165.10 a 140.10 a 120.10 a

9.6 8.3 6 4.65 i I

20291 ! 16918 11419 7777

170.103 157.10 z 133.10 a 114.10 z

10.8 I 9.5 7 5.4

271

257.10 a

6.9

313

255.103

6.8

Mixed securization strategy

1015

241.103

6.7

553

249.103

6.7

30

4012

170.103

5.7

4795

188.103

6.4

50

4294

124.103

4.6

5907

126.10 a

5.1

A r c s securized

by stand-by

262.10 a

7

0

262.103

The bold-faced type shows the cases where the exact opt imum has not been reached.

TABLE V. - - Additional security cost for the birouted network.

Coat additionnel de la sdcuritd pour le rdseau biroutd.

o

~ o

C o

Grade of service

Arcs securized by overdimensioning + stand-by for last choice trunk groups

3 9

Overdimensioning m cost 6246 4235 (in circuits)

Stand-by capacity cost 154.103 127.10 ~ (in sections)

Cost (irt % of the starting 8.2 6.9 network)

Overdimensioning cost 8618 6359 (in circuits)

Stand-by capacity cost (in sections)

Cost (in of the starting network)

147.103 121.10 a

8.8 7.4

30

1823

79.5.103

4.8

3186

76.103

5.2

50

762

40 .10 3

3.4

F d I

1582

39.5.103

3.6

5390

157.10 z

7192

152.103

8.5

Mixed securization strategy

3840

128.103

6.7

5249

126.10 a

7.2

30

1685

79.5.103

4.8

2779

77.103

50

721

40.1(Y

3.4

1345

41.1&

3.6

A r c s securized

by stand-by

253.103

0

253.103

The bold-faced type shows the cases where the exact opt imum has not been reached.

In case of birouting, the situation is totally different to that of monorouting. For any grade of service, the minimum additional security cost is not very

different from that obtained when all the trunk groups are securized by overdimensioning with stand-by capacity for the last choice trunk groups. Here also,

7/10 ANN. T~L~COMMUN., 36, n ~ 9-10, 1981

546 J. BERBINAU. - SECURITY OF TELECOMMUNICATION NETWORKS

TABLE V I . - - Additional security cost for the enhanced routing network.

Co~t additionnel de la sdcuritd pour le rdseau avec routage dlabord.

o

o

E ~ o O

. = O

Grade of service

Overdimensioning cost (in circuits)

Stand-by capacity cost (in sections)

Cost (in % of the starting network)

Overdimensioning cost (in circuits)

Stand-by capacity cost (in sections)

Cost (in % of the starting network)

Arcs securized by overdimensioning + stand-by for last choice trunk groups

Mixed securization strategy

30 50 30 50

A r c s

securizod by

stand-by

12318 9596 5565 3258 1523 3314 5137 3218 0

142.10 a 121.10 ~ 65.10 a 40.10 a 225.10 a 200.10 a 70.103 40.10 ~ 246.103

9.3 7.9 5 3.5 8.1 5 3.5 8.5

11609 14650 6931

63.103

5.4

137.10 a

4129

39.10 a

3.8

8.3

1259

231.103

8.4

3 3 1 4

199.10 a

8.1 9.9

6188

69,5 .103

5 .35

m _ _

110.10 z

40O0

39.10 z

3.8 8.2

246.10 a

8.5

The bold-faced type shows the cases where the exact optimum has not been reached.

the use o f sys t ema t i c overf low leads to a h ighe r cost. The case o f e n h a n c e d rou t i ng is s i t ua t ed in between

the o t h e r two. F o r a 3 ~o e n d - t o - e n d loss, the ne tw ork 10 t o t a l l y secur ized b y s t a n d - b y c a p a c i t y gives a cost c lose to the m i n i m u m . W h e n the e n d - t o - e n d loss increases , the m i n i m u m cos t n e t w o r k con ta in s fewer a n d fewer arcs p r o t e c t e d by s t a n d - b y capac i ty . As before , the use o f sys temat ic over f low is m o r e expensive. 5

T a b l e V I I s u m m a r i z e s the t h r e sho ld s b e y o n d which

TABLE V I I . - - Thresholds of security strategies in terms of the chosen end to end blocking probability.

Seuils d'intdr~t des politiques de sdcuritd en fonction des taux de blocage point d point choisis.

Threshold for network security wholly by stand-by capacity.

Threshold for network security entirely by overdimensioning.

Monorouting

T< 10%

T>~ 50%

Birouting

T>~ 3%

Enhanced routing

T < lO%

T~> 30%

the n e t w o r k shou ld be secur ized en t i re ly b y s t and-by c a p a c i t y o r en t i re ly by o v e r d i m e n s i o n e d las t choice t r u n k g roups .

F i g u r e 3 shows the m i n i m u m a d d i t i o n a l cos t for a g iven g r a d e o f service. I t var ies be tween 3.4 a n d 7 % o f the n e t w o r k to t a l cos t when g o i n g f rom

,ADDITIONAL NETWORK COST

j 50 30 o %

~oo % END-TO-END LOSS

FIG. 3. - - Minimum overcost (in % of the initial network) for a given grade of service.

Surcodt minimal d prdvoir pour une qualitd de service donnde (en pourcentage du co~t du rdseau de ddpart).

a 50 % e n d - t o - e n d loss to a 3 % loss. I t shou ld be no ted tha t fo r a 3 % loss, the o p t i m u m is a m o n o - r o u t e d n e t w o r k in wh ich all the arcs are secur ized by s t a n d - b y capac i ty .

F o r 9 %, the o p t i m u m is a lso reached wi th a m o n o - r o u t e d n e t w o r k c o n t a i n i n g a large n u m b e r o f a rcs which a re secur ized by s t and -by capac i ty .

F o r the two h ighes t end - to -end loss values , b i r o u t i n g a n d e n h a n c e d r o u t i n g give nea r ly the s ame costs a n d nea r ly a l l t r u n k g roups are secur ized b y over-

ANN. T~Ls 36, n ~ 9-10, 1981 8/10

J. BERBINAU. -- SECURITY OF TELECOMMUNICATION NETWORKS 547

dimensioning with stand-by capacity for the last choice t runk groups.

5.3. Genera l i za t ion [8].

5.3.1. Cost of the reserve capacity network.

The results of this study show that, in all cases, the cost of the stand-by capacity network is high. The security cost could be further decreased by controlling traffic routing in real time (this would have to be taken into account when designing the network) and more particularly by a real time control of overflow. Another solution which would also decrease the cost o f stand-by capacity is the multi- routing of hierarchical t runk groups with one part carrying only first choice traffic and the other carrying the overflow traffic.

5.3.2. sPc switching.

The introduction o f see switching makes it possible to consider a network in which load sharing is used. The hierarchical structure is made more flexible since a call may overflow onto routes to any of several transit centres ; i f one of the trunk groups is interrup- ted, the call can always be routed on the other trunk groups.

optimize the network calculation for each interrupted link so that we have to recalculate a minimum number of trunk groups ; as the traffic and routing matrices are large (about 300 • 300), they had to be s tored on magnetic discs and the calls to these files had to be optimized.

The ALCOR run time varies widely ; this is because the search for the opt imum can fail when considering the arcs individually and it is then necessary to consi- der them in groups. When convergence is not quick enough, the program may be stopped prematurely. The solution obtained is then close to the optimum. This program requires 70 K words of computer store.

The program SUPERSEC requires about the same time for all runs. It uses 60 K words and 0.4 h of central processor time per run. In this study SUPERSEC has been run 51 times.

These different values show that a study such as this can only succeed if powerful computerized means and optimized programs are used.

However, once the level of the grade of service under impaired conditions is chosen the optimal structure can be determined quickly, bearing in mind that the present study has provided general results on the best securization strategy for a given loss probability.

5.3.3. Time-division switching.

As the number o f digital switching centres increases, the cost of overdimensioning decreases. The costs of the junctors and analog digital conversion equip- ments necessary in the case of space division switch- ing now disappear.

However, a modulari ty of 30 circuits must be introduced in the traffic routing optimization and in the overdimensioning calculation. Thus, overdimension- ing is cost free if it only consists in filling an existing PCM system. On the other hand, it is expensive if it leads to the opening of an added complete PCM system for just a few added circuits.

6. P E R F O R M A N C E OF T H E P R O G R A M CHAIN

SPARTACUS has been used once only and SECURAD once for cach of the three types of routing considered.

On the other hand, MALEPESTE has been used for each level of grade of service and for each type of overflow giving a total of 24 different runs. A MALE- P~TE run on the rm 6080 for the Paris region network occupies 70 K words o f 36 bit and takes 2 h 15 of central processor time. It has been necessary to

7. C O N C L U S I O N

In this study, we have not taken into account the new possibilities offered by real time modifications to traffic routing and the use of load sharing which the progress o f technology will probably make compe- titive in the future. However, the study has allowed us to get an idea o f the volume of investment necessary in order to maintain a given end-to-end loss probabil i ty in case of the interruption of a single link.

Roughly speaking, the added investment represents between one and two years of the transmission investments depending on the chosen degree of security.

We have also seen that the additional cost for a loss probability of 9 % is double that for a loss proba- bility of 50 % and that the cost increases approxima- tely linearly between these values. I f the maximum loss probabili ty is 3 %, the additional cost amounts to 7 % of the network total cost or 15 % of the trans- mission network cost.

Manuscrit rer le 15 ddcembre 1980,

acceptd le 31 aodt 1981.

9/10 ANN. T~.L~COMMUN., 36, n ~ 9-10, 1981

548 J. BERBINAU. -- SECURITY OF TELECOMMUNICATION NETWORKS

REFERENCES

[1] BIESEL-GUITONNEAU (S.), CAMOIN (B.). Network design taking into account breakdowns and traffic overloads. Ann. Telecommunic., Ft. (mars-avr. 1980), 35, n o 3-4, pp. 143-149.

[2] LACHAISE (J.), LOUBERE (A.), SERREAULT (J. Y.). Securisa- tion of the long distance transmission network. Commut. et Transmission, Fr. (sept. 1979), n ~ I, English issue.

[3] CADE (D.), FENICHEL (P.), MATIGNON (G.). La planification d 'un grand rOseau urbain. Internat. Switching Symposium, Paris, 1979, pp. 1009-1016.

[4] SERREAULT (J. Y.), MINOUX (M.). Le programme d'admis- sibilit6 avec contraintes de sOcurit6 et coots de mutations : Application aux rOseaux de transmission mixtes (analogi- ques et numOriques). Ann. TdlOcommunic., Ft. (janv. 1980), 35, n ~ 1-2, pp. 23-38.

[5] BIESEL-GUITONNEAU (S.). Algorithmes gloutons et fonctions surmodulaires : thOorie et application /t un probl~me de s6curit6 dans les r6seaux de tOlOcommunications. Ann. Tdldcommunic., Fr. (juil.-ao0t 1980), 35, n ~ 7-8, pp. 263- 271.

[6] MINOUX (M.), SERREAULT (J. Y.). Lagrangean relaxation and decomposition for optimum multicommodity network synthesis with security constraints. X c Symp. internat, de programmation math6matique. Montr6al, aoOt 1979.

[7] BEgmNAU (J.), FENEYROL (M.), LEGARE (R.). Am6nagement de l 'Ile de France. Rev. Jr. TOldcommunic., Fr. (oct. 1978), n ~ 29, pp. 31-38.

[8] AGASSE (J.), CAMOIN (B.), CUVIEg (J. F.), MALTRY (J. P.), PEVP~IgE (M.). La s6curit6 du r6seau tOl6phonique national. Echo Rech., Fr. (juil. 1977), n ~ 89, pp. 4-15.

ANN. T~LI~COMMUN., 36, n ~ 9-10, 1981 10/10