An "executable architecture" is defined as the use of dynamic simulation software to evaluate architecture models (DOD AFWG 2004). By modeling an existing network in the form of an "as-is" architecture, we can create a simulation model, which when stimulated with appropriate traffic, can be an executable architecture. The DOD Architecture Framework (DODAF) prescribes a modeling framework to capture high-level system design and operational requirements. The system attributes from a DODAF-compliant architecture can directly load a network simulator (Hamilton 2006). The use of network simulation to study denial of service attacks is well known. However, modeling and simulation techniques can be used to evaluate intrusion detection systems, place and configure security appliances and to design appropriate access control mechanisms. This paper will discuss the enabling technologies necessary to mainstream architecture-based network simulation including visualization of security requirements, auto generation of network architecture artifacts and application of stochastic elements to the architecture.
展开▼
