%% You should probably cite rfc9055 instead of this I-D. @techreport{ietf-detnet-security-16, number = {draft-ietf-detnet-security-16}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-detnet-security/16/}, author = {Ethan Grossman and Tal Mizrahi and Andrew J. Hacker}, title = {{Deterministic Networking (DetNet) Security Considerations}}, pagetotal = 50, year = 2021, month = mar, day = 2, abstract = {A DetNet (deterministic network) provides specific performance guarantees to its data flows, such as extremely low data loss rates and bounded latency (including bounded latency variation, i.e., "jitter"). As a result, securing a DetNet requires that in addition to the best practice security measures taken for any mission-critical network, additional security measures may be needed to secure the intended operation of these novel service properties. This document addresses DetNet-specific security considerations from the perspectives of both the DetNet system-level designer and component designer. System considerations include a taxonomy of relevant threats and attacks, and associations of threats versus use cases and service properties. Component-level considerations include ingress filtering and packet arrival-time violation detection. This document also addresses security considerations specific to the IP and MPLS data plane technologies, thereby complementing the Security Considerations sections of those documents.}, }