%% You should probably cite rfc9055 instead of this I-D. @techreport{ietf-detnet-security-09, number = {draft-ietf-detnet-security-09}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-detnet-security/09/}, author = {Tal Mizrahi and Ethan Grossman}, title = {{Deterministic Networking (DetNet) Security Considerations}}, pagetotal = 40, year = 2020, month = mar, day = 19, abstract = {A DetNet (deterministic network) provides specific performance guarantees to its data flows, such as extremely low data loss rates and bounded latency. As a result, securing a DetNet implies that in addition to the best practice security measures taken for any mission-critical network, additional security measures may be needed whose purpose is exclusively to secure the intended operation of these novel service properties. This document addresses specifically those security considerations, with the assumption that the reader is already familiar with network security best practices for the data plane technologies underlying a given DetNet implementation. This document defines a threat model and a taxonomy of relevant attacks, including their potential impacts and mitigations. A given DetNet may require securing only certain aspects of DetNet performance, for example extremely low data loss rates but not necessarily bounded latency. Therefore this document provides an association of threats against various use cases by industry, and also against the individual service properties as defined in the DetNet Use Cases. This document also addresses common DetNet security considerations related to the IP and MPLS data plane technologies (the first to be identified as supported by DetNet), thereby complementing the Security Considerations sections of the various DetNet Data Plane (and other) DetNet documents.}, }