Advanced Vulnerability Assessment Tool for Distributed Systems

Large-scale high performance systems have significant amount of processing power. One example of such system is the HPSEE's HPC and supercomputing infrastructures, which is geologically distributed, and provides 24/7, high performance/high throughput computing services primarily for high-end research communities. Due to the direct impact on research and indirectly on economy such systems can be categorized as critical infrastructure. System features (like nonstop availability, geographically distributed and community based usage) make such infrastructure vulnerable and valuable targets of malicious attacks. In order to decrease the threat, we designed the Advanced Vulnerability Assessment Tool (AVAT) suitable for HPC/supercomputing systems. Our developed solution can submit vulnerability assessment jobs into the HP-SEE infrastructure and run vulnerability assessment on the infrastructure components. It collects assessment information by the decentralized Security Monitor and archives the results received from the components and visualize them via a web interface for the local/regional administrators. In this paper we present our Advanced Vulnerability Assessment Tool, we describe its functionalities and provide its monitoring test results captured in real systems.