Cross-domain network service management and orchestration

Abstract

The introduction of virtualization and cloud computing technologies in the telco industry has significantly changed how network services are delivered. The Network Function Virtualization paradigm leverages these technologies to replace physical network appliances with software network functions decoupled from the hardware. Moreover, the emergence of software-defined approaches such as Software Defined Networking and programmable data plane has increased network programmability. Although the combination of these paradigms provides unprecedented flexibility, a seamless orchestration of all network components is required to meet the functional and performance requirements of different types of services. This thesis addresses the management and orchestration of network services with a cross-domain study, presenting the orchestration solutions implemented during the three years of PhD. The work exploits the capabilities offered by the mentioned technologies and studies the benefits and challenges of their application in different scenarios. First, this thesis focuses on 5G network slicing, reporting the design and implementation of a network slice for mission-critical communications. Then, it discusses the orchestration of an industrial network digital twin for cybersecurity testing in a realistic virtualized environment. Finally, it presents a novel orchestration system to deploy secure machine learning pipelines for near-real-time control of network services. Two solutions are considered to secure the communications between the agents composing the pipelines. The former exploits IPsec secure channels using a Distributed Ledger Technology network for key exchange. The latter proposes in-network encryption performed with P4 programmable switches.