SCION is the name of the next-generation internet architecture developed by ETH Zurich together with partners such as Swisscom. It aims to make the global network more efficient, flexible, accessible and secure than it is today. ETH professor and SCION founder Adrian Perrig explains how in an interview.
Text: Florian Maag, Photo: Swisscom, November
SCION is considered so secure that the Swiss National Bank and SIX are building a network on it for the highly sensitive exchange of data between banks. But many other critical infrastructures can also benefit from it. No one knows better than Adrian Perrig how SCION works and what its benefits are. ETH started the SCION project twelve years ago.
Professor Perrig, you have been developing the internet architecture SCION at ETH for the last eight years. Can you briefly explain what is so innovative about SCION and how the architecture came about?
When we started our research, the main objective for the SCION architecture was to achieve high availability, even in the presence of attackers. In essence, the ‘isolation domains’ concept provides a higher level of security. Other key innovations are the discovery and dissemination of secure paths, the highly efficient packet processing system, the key distribution system and the global Quality of Service system.
The Secure Swiss Finance Network (SSFN) is one of the first communication networks to be built on SCION. SIX and the SNB launched it this summer. Are the banks already using it?
The Swiss banks are the first businesses to use the SCION network, which has been in operation since August 2017. Together with partners such as Swisscom, we have tested it extensively. The number of applications has grown over time, so today there are many productive applications.
What would you say if I, as a bank manager, asked you why we should use the SSFN as a communication network?
The SSFN offers unprecedented efficiency, flexibility, availability and resilience against attacks based on a network such as the Internet. The security of a public SCION network is similar to that of a private network. Thanks to SCION’s integrated DDoS defence mechanisms (for selected use cases), efficiency is an additional advantage.
Which other industries and applications could benefit from the SCION secure communication network in the future? ?
In addition to the banking sector, many other critical infrastructures can benefit from SCION’s high security, availability and multi-provider operation: the healthcare, energy or transport sectors, to name just a few. The gaming and VR/AR industry could also benefit from low-latency communication in the future. ESG activities can also benefit from SCION’s capacity to estimate the carbon footprint of a path (to support reporting) and reduce it by choosing the most appropriate path. The video-conference sector benefits from the selection of paths that offer the highest voice and video quality. Video streaming can benefit from SCION’s QoS enhancements, since it reduces buffering and optimises the rate of the paths used. Even normal web surfing can benefit from multiple paths and speed up downloading from websites by 10-20%. These examples show that the benefits of SCION offer a first-class Internet experience for everyone.
“In addition to the banking sector, many other critical infrastructures can benefit from […] SCION: the healthcare, energy or transport sectors […]”
Prof. Dr. Adrian Perrig, ETH Zurich
Is SCION an Internet architecture developed in Switzerland for Switzerland, or could it also be used internationally?
SCION is a global Internet architecture. Although it is already very useful for applications within Switzerland, it will achieve its full potential in a global environment. For the benefits are greater as distances increase. This is because, over larger distances, the number of different delivery paths grows, increasing the choice of available paths. In today’s single-path Internet, only one path is used, regardless of the distance between the source and the target.
Are there similar initiatives across the world, or is SCION unique?
Over the last 25 years, numerous projects have been devoted to building a “Next Generation Internet” from scratch. Most of these projects were finished within a few years. Named Data Networking (NDN) and Recursive InterNetwork Architecture (RINA) are also currently active. Both projects deal with higher-level features and both can benefit from a SCION communication structure. Of all these projects, SCION is the first to be practically deployed and used, which bears testimony to the innovative strength of Swisscom and the Swiss ISP landscape and financial sector.
“These examples show that the benefits of SCION offer a first-class Internet experience for everyone.”
Prof. Dr. Adrian Perrig, ETH Zurich
KThe SCION Foundation will soon be established – can you tell us a bit about what it hopes to achieve?
The SCION Foundation will work towards standardisation, introduce certification procedures, manage the SCION open-source software and build a synergistic ecosystem of application developers, ISPs, router providers and domain operators.
A professor of information security at the Swiss Federal Institute of Technology in Zurich (ETH) since 2012, Adrian Perrig is an internationally renowned specialist in information security. Swisscom supported the creation of his professorship at the ETH with a donation of CHF 10 million. The aim of the partnership was and remains to boost Swiss research in the field of information security, to establish Switzerland as one of the world’s leading research centres and to create a knowledge-sharing platform between science and business. The SCION project, launched in 2009 to create a secure next-generation Internet, is a good example of this. SCION was developed with the collaboration and support of various academic and private commercial stakeholders.
Adrian Perrig studied information technology at the Swiss Federal Institute of Technology in Lausanne (EPFL) and was awarded a doctorate at Carnegie Mellon University in Pittsburgh, USA. The 49-year-old Swiss professor was at Carnegie Mellon University between 2002 and 2012, where he also managed CyLab, one of the world’s largest information security and cybersecurity research centres.
More on the topic: