%% You should probably cite rfc9055 instead of this I-D. @techreport{ietf-detnet-security-04, number = {draft-ietf-detnet-security-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-detnet-security/04/}, author = {Tal Mizrahi and Ethan Grossman and Andrew J. Hacker and Subir Das and John Dowdell and Henrik Austad and Kevin Stanton and Norman Finn}, title = {{Deterministic Networking (DetNet) Security Considerations}}, pagetotal = 41, year = 2019, month = mar, day = 3, abstract = {A deterministic network is one that can carry data flows for real- time applications with extremely low data loss rates and bounded latency. Deterministic networks have been successfully deployed in real-time operational technology (OT) applications for some years (for example {[}ARINC664P7{]}). However, such networks are typically isolated from external access, and thus the security threat from external attackers is low. IETF Deterministic Networking (DetNet) specifies a set of technologies that enable creation of deterministic networks on IP-based networks of potentially wide area (on the scale of a corporate network) potentially bringing the OT network into contact with Information Technology (IT) traffic and security threats that lie outside of a tightly controlled and bounded area (such as the internals of an aircraft). These DetNet technologies have not previously been deployed together on a wide area IP-based network, and thus can present security considerations that may be new to IP- based wide area network designers. This draft, intended for use by DetNet network designers, provides insight into these security considerations. In addition, this draft collects all security- related statements from the various DetNet drafts (Architecture, Use Cases, etc) into a single location Section 7.}, }