This document reports the principles, design and prototype implementation of the fault detection, configuration, performance management, accounting and security (FCAPS) related subsystem within the SliceNet single-domain management framework. The subsystem includes modules that collect monitoring information relating to each slice according to the defined Service Level Agreements (SLAs) and apply policies upon detection of certain fault or performance related events so that either corrective actions can be applied on time or inter-domain management modules are properly informed. Accounting of the usage of available domain resources is also covered. The single domain management subsystem provides the means for slice specific customization of the FCAPS administration through an abstraction of the underlying technologies, via the usage of appropriate descriptors, that allow the resource offerings of Network Service Providers (NSPs) to be addressed by Digital Service Provider (DSP) processes in a common way.
This document also describes the security and privacy mechanisms for the establishment of end-to-end encrypted channels between the different architectural elements of the SliceNet architecture, including Virtual Network Functions (VNFs), security for control and data planes, security and privacy for the management plane, etc. This approach to slice security aims to mitigate risks associated with lack of authentication, encryption and security by design, protection against attacks and other threats. Security is also possible to be accommodated in the context of the FCAPS descriptor-based management for threat detection and the related control loop automation achieved via policy definitions.