perfSONAR Engagements

Spring 2015 - Winter 2015

perfSONAR ("Performance focused Service Oriented Network monitoring ARchitecture") is an infrastructure for monitoring network performance. The perfSONAR software toolkit is deployed around the world, primarily at government labs and universities, to help monitor and provide network reliability information across multiple domains. Some of the virtual organizations deploying perfSONAR include ESnet, GÉANT, and Internet2.

This engagement actually consisted of two separate sub-engagements:

• Examine the current vulnerability management process, identify and address needs for improvement, evaluate the need for web100 patches to the kernel and any possibility of getting those included in the main kernel tree, and provide an outside eye to look over perfSONAR’s documentation for areas where user expectations may be better managed.
• Perform a code review of the Bandwidth Test Controller (BWCTL) component. The code review consists of two parts: a manual (human focused) First Principles Vulnerability Assessment (FPVA) and a programmatic (automated) static code analysis using the SWAMP. The final report can be found at http://hdl.handle.net/2022/20596