Resiliency Boosts Confidence in Conference Capabilities
An Internet protocol self-healing approach ensures distributed command and control connections.
With the technology transition to voice over Internet protocol and the underlying transport shift to Internet protocol, a new methodology can be used to deploy a completely resilient distributed command and control voice conference. The technique removes the participants’ physical location associated with conference devices and allows Internet protocol capabilities to self-heal by redirecting callers to services that survived a threat.
Distributed command and control voice conferencing has traditionally been susceptible to the resiliency of the physical location that hosts the voice conference. In a distributed voice conference, multiple physical locations host conference participants and are interconnected through a physical transport such as T1. If a single physical location is disabled, the participants are removed from the conference and the distributed conference potentially is isolated from other distributed conference service nodes.
Employing a dispersed architecture provides a level of diversity to the architecture, but it is still vulnerable to disruption, so implementing intelligent self-healing techniques adds autonomous voice conference reconstitution. This provides for a resilient distributed command and control voice conference that is significantly more difficult to disrupt or obstruct.
Distributed command and control voice conferencing allows military leaders to discuss policy, situational awareness and strategic initiatives in real time during large, highly distributed voice conferences involving tens or hundreds of participants. In addition, these conferences feature unique command and control elements that provide a structured approach to voice conferencing. Voice over Internet protocol (VoIP) technology improves the resiliency of these vital connections.
In a distributed conference arrangement, multiple nodes are contributing conference participants’ audio to the larger distributed conference by establishing an audio transport, typically a channel from a T1 line to other nodes within the network in a hub and spoke array, serial arrangement or some combination of the two. But these architectures leave the conference connection susceptible to the disruption of a single node.
The advent of Internet protocol as the underpinning of the World Wide Web ushered in VoIP technology that provided new and innovative ways to solve this problem. Conference participants are redirected to a surviving node as long as the underlying IP network survives an attack. In this way, the conference self-heals around the node disruption and reestablishes the conference participants into the distributed conference automatically.
One of the key differences between VoIP and a traditional telecommunications architecture is the lack of the physical node. VoIP devices can have multiple IP addresses of softswitches from which the telephone can receive service. If the registered softswitch fails, the telephone is removed from any active conference and immediately re-registers to another available softswitch.
This process can be complicated when cybersecurity is added into the mix. To protect the telecommunications systems from cyber threats, telephones and soft-switches employ authentication and encryption techniques to ensure only authorized devices are allowed into the network and the information transferred across the network is protected. To do this, the device establishes an encrypted signaling channel with the softswitch to ensure it is authenticated to the softswitch, and communication paths are protected. Every time the telephone must register to a different softswitch, the authentication and encryption process starts again.
The addition of a conference management agent associated with each softswitch node allows all conference participants to be recognized and monitored across the distributed conferencing architecture. Each agent distributes the conference participants of the associated softswitch to all other agents, so all agents have an aggregated list of all conference participants and the associated softswitch node.
In addition to the conference management agent functionality, each VoIP telephone registers with all softswitches configured into the primary and backup softswitch registry of the telephone; however, only the primary softswitch provides service to the telephone. Because each telephone is registered with all available softswitches, the transition to an alternate softswitch is rapid and seamless if a softswitch node fails. This capability also solves the problem of the delay associated with the authentication and key exchange process normally experienced during the telephone registration process.
During the detection of a softswitch node failure, the management agents determine which alternate softswitch can reestablish the audio connection with the orphaned telephones and coordinates with the appropriate softswitch. The agent instructs the softswitch to automatically re-add the conference participants into the distributed conference with minimal audio disruptions.
The final task to reconstitute the distributed conference is to heal around the failed softswitch node. The conference management agent takes a lead role, recognizes the topology of the distributed voice conference and builds an alternate conference route between any orphaned softswitches. This problem has already been solved in IP routing networks by using one of the link-state routing protocols such as open shortest path first, which is currently used in IP routers and can be implemented within the conference management agent to determine how to rebuild the broken paths.
During a crisis when an adversary is attempting to disrupt the decision-making process of military senior leaders, resilient conferencing capabilities are critical. Deploying command and control voice conferencing in a distributed architecture provides a level of diversity to the architecture. In addition, implementing intelligent self-healing techniques add autonomous reconstitution, which not only ensures the call gets through but also that the connection is maintained.
Lynn Hitchcock is an engineering fellow at Raytheon with more than 30 years of secure voice communications experience. Both Jim Forest and Vasko Neskovski are senior principal software engineers at Raytheon with 20 years voice over Internet protocol telecommunications experience.