The Eight Ingredient Framework is
|“||[a] systematic and comprehensive framework that a) consists of the ingredients that make up communications infrastructure, b) includes all of these ingredients, c) specifies the 8 ingredients of environment, power, hardware, software, network, payload, ASPR (Agreements, Standards Policy and Regulations; abbreviated as Policy) and human. This framework is used for understanding and mastering vulnerabilities, identifying disciplines, decomposing attributes, preparing for new technologies, and other studies that support network, security, and emergency preparedness.||”|
|“||The eight ingredient framework was used because it brings the advantage of being comprehensive and therefore the most thorough framework for assessing infrastructure concerns. The striking advantage of using this framework is that it readily lends itself to the comprehensive listing of intrinsic vulnerabilities, which are defined as characteristics of the communications infrastructure that renders it, or some portion of it, susceptible to damage or compromise. Intrinsic vulnerabilities are finite — unlike threats, which, for practical purposes, are infinite. Present-day security approaches are for the most part founded on the threat side of the equation, which is derived from historic experience and gathered intelligence. In contrast, the intrinsic vulnerability approach, rooted in a detailed knowledge of the ingredients that make up a communications network, permits profoundly higher degrees of confidence in terms of ensuring reliability and robustness. This thoroughness is just what is needed for the foundation to meet the needs related to how important network availability and robustness are to society. The framework is also uniquely effective in defending against terrorist attacks. Because such attacks are based on surprise, the threat side, which is based on gathering intelligence, is always playing catch up. In contrast, the intrinsic vulnerability approach focuses on the other side of the equation, where vulnerabilities are stable and their properties known. The eight ingredient approach was used in the following ways:||”|
The Eight Ingredient Framework was first introduced by Bell Labs during the April 2001 IEEE CQR International workshop (Proceedings of 2001 IEEE Communications Society Technical Committee Communications Quality & Reliability (CQR) International Workshop, www.comsoc.org/~cqr), and has since been foundational in several critical analyses, including the following: a systematic list of factors influencing network reliability published in the ATIS Network Reliability Steering Committee (NRSC) 2002 Annual Report (www.atis.org/nrsc); Best Practice development based on systematic vulnerability analysis published in the Federal Communications Commission (FCC) Network Reliability and Interoperability Council (NRIC) VI Homeland Security Physical Security Focus Group Final Report, Issue 3, December 2003, NRIC VII Wireless Network Reliability Focus Group Final Report, Issue 3, October 2005, NRIC VII Public Data Network Reliability Focus Group, Issue 3, October 2005 (www.nric.org); a systematic analysis of vulnerabilities of next generation networks in the President's National Security Telecommunications Advisory Committee (NSTAC) Next Generation Networks Task Force Final Report, March 2006, and as a basis for post-9-11 proactive infrastructure protection published in "Protecting Communications Infrastructure", Bell Labs Technical Journal Homeland Security Special Issue, Volume 9, Number 2, 2004.