Slashdot Mirror
Vulnerability of Telco Switching Equipment
call -151 writes: "Interesting New York times article about the Sept 11th attacks' effect
on the Verizon switches in lower Manhattan. Turns out there
was a problem in that much of the network switching was in one
building and it has taken a while to restore service. Sounds like there
is lots of pondering about the vulnerability of the network,
even when it is distributed across many physical locations.
Of course the attacks are making lots of people rethink their
vulnerabilities, but the estimate is for five years' work before there
could be redundant paths for the lines into their switches in
the one building, with no plans to spend the money to do it.
Maybe someone should send them a few hundred thousand 'self-install'
kits like they do with their DSL service ..."
Joseph Pennell, the prolific illustrator who often depicted the cityscape of Lower Manhattan in his prints, called the New York Telephone Building "the most impressive modern building in the world" when it was completed in 1926.
How antiquated it now seems.
The 32-story structure at 140 West Street, one of the city's first Art Deco skyscrapers, is now owned by New York Telephone's descendant, Verizon Communications (news/quote). And the heavy damage the building sustained on Sept. 11 underscores the vulnerability of communications networks operated by Verizon and other telephone companies -- sprawling systems that rely heavily on critical hubs.
In the days after the Sept. 11 attacks, it became commonplace to comment on how well the Internet performed because it was designed to route traffic around damage. But the telephone network, including the dedicated data lines that are used by big corporations, financial institutions and others, does not have the Internet's self-detouring abilities.
When they work, the telephone network's voice and data lines can be superior in quality and carrying capacity to the Internet. Yet when the telephone network is damaged, it cannot heal itself.
And while Verizon has worked almost around the clock the last month to restore operations at 140 West Street and service to its customers, the company has indicated that significantly reducing the building's network vulnerabilities would require more time or money than Verizon is willing to expend.
Verizon's building was near the north tower of the World Trade Center and next door to 7 World Trade Center, which collapsed several hours after the attacks. Falling rubble and steel girders tore into 140 West Street, which housed one of the nation's busiest telephone central office switching stations. When fully operable, it serves a customer base comparable in number with all the telephone lines in a city the size of Cincinnati.
After electric power for the building was interrupted, service was temporarily disrupted for more than 300,000 telephone lines and 3.6 million high-capacity data circuits, many serving the New York Stock Exchange, large financial institutions and other companies in lower Manhattan. A gaping hole was torn in a seventh-floor exterior wall, exposing and damaging huge communications switches dedicated to the information needs of the banking company J. P. Morgan Chase.
In the last month, Verizon has labored to restore service or provide new service for customers that have moved to other parts of the city or to New Jersey. Virtually all of the fiber optic lines and copper strands that had wound their way under the streets and sidewalks and into 140 West Street are being replaced. Some circuits have been rerouted to other Verizon central offices in Lower Manhattan.
"The ideas we previously had about diversifying our networks have become much more important," Lawrence T. Babbio Jr., Verizon's vice chairman, said in an interview last week as he led a small group of journalists on a tour of 140 West Street.
Until last month, the most obvious reasons for network disruptions were natural disasters like hurricanes or floods. Now, though, Verizon and other telephone companies must worry about the possibility of physical attacks on their installations. Mr. Babbio warned last week that significant harm could be done to the nation's communications system if terrorists destroyed the 50 or 100 most important central offices.
Verizon, which is the dominant telephone company on the Eastern seaboard and operates in 30 states overall, is seeking to increase security at its central offices, where it is required by federal law to lease network access to its competitors. After Mr. Babbio issued his warning last week, competitors said they would resist tighter security measures if it made it more difficult for them to conduct operations within Verizon's central offices.
Beyond physically shielding their switching centers, phone companies can protect their communications networks from direct attacks or peripheral damage from nearby attacks by routing voice and data traffic to other parts of their own networks or those of other companies.
But Mr. Babbio said that it would take Verizon five years to build alternate pathways for all the telephone lines that wind their way into and out of the New York Telephone building. And Verizon has no plans to do so.
The reason may be a simple cost- benefit analysis. Despite its primacy to Lower Manhattan's communications network, the central office at 140 West Street accounted for less than 1 percent of the traffic on Verizon's nationwide network.
"So much of the activity on networks takes place at dispersed locations," said Roy A. Maxion, a system scientist at Carnegie Mellon University. "But the fact remains that we're vulnerable even after putting redundancy systems in place due to the physical nature of connecting to our networks. The issue should be what level of risk you're willing to live with."
Assuming they are willing to spend the money, business customers can achieve redundancy, or surplus and backup capacity, by running cables to several different central offices or, in some cases, by using several different communications carriers. Several of Verizon's competitors, in fact, have benefited from the disruptions by signing up new customers in Lower Manhattan.
"Identifying potential failures in networks is not easy," said Joe Flach, vice president of the Eagle Rock Alliance, a consulting company that provides advice on disaster planning. "The most important thing to avoid is putting all of your eggs in one basket."
Only after Sept. 11 did executives from the financial services industry in Lower Manhattan come to realize just how many of its eggs were in that one 75-year-old building.
Mr. Babbio recalled having to explain the situation at a meeting in Midtown Manhattan on Wednesday, Sept. 12, at the Park Avenue offices of the investment bank Bear, Stearns. Executives and government officials present included Richard A. Grasso, chairman of the New York Stock Exchange; Harvey L. Pitt, chairman of the Securities and Exchange Commission; Richard S. Fuld, chief executive of Lehman Brothers (news/quote); John A. Thain, a president of Goldman Sachs (news/quote); and Peter R. Fisher, under secretary for domestic finance at the Treasury Department.
The group was not happy when Mr. Babbio said how long it might take to restore basic service. Mr. Grasso had been hoping to reopen the stock exchange on Thursday or Friday. The following Monday now seemed ambitious.
"It was not an easy meeting," recalled Mr. Babbio, who spoke with the group immediately after visiting the disaster site, where his clothes had picked up the odor of smoke and ash. "I smelled awful after coming back from downtown. No one wanted to sit next to me."
------
Sig
Same thing with archives.nytimes.com
I think they got wise and worked around it..
Feel the fear and do it anyway.
Telco switches and networks are the most reliable. 99.999% (5-9's) uptime. Better than IP, cable, wireless... Just ask the dorkwads trying to get VOIP to work...
The most difficult part of installing a new switching station is managing the hundred of miles of copper and fiber that interconnect within the building. Combine that with identifing and splicing the incoming fiber, copper and coax and you have a task requiring ten (hundreds) of thousands of hours of labor. In addition, only so much work can be performed concurrently within a given area in the CO. It is a monumental task.
Building a brand new CO is far easier than repairing or perfroming MAC work at an exisitng facility (ask any old Bellhead).
Paul Robinson <Postmaster@paul.washington.dc.us>
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
for reasons below.
Might sound like a troll, but here goes. If you would like more specific info on the tech, reply and I'll reply to you.
I work for a large regional telco in Canada.
I routinely work on various switching and transport equipment. I think I'm finally somewhat qualified to post to slashdot on atleast one topic.
Modern telco equipment is VERY expensive. Large transport shelves will range anywhere from $150 000 to $400 000 per shelf (Canadian, transport being the fibre equipment) There will be several of these shelves per Central Office.(found in every neighborhood) Cards to fill these shelves will range from $8000 to $70000. (they burn out WAY more than I like, usually at 3 in the morning) Switching equipment is even more expensive, the prevelent DMS technology from Nortel Networks is per capita is even more expensive. I would imagine their competitors prices are about the same, although don't quote me. You will have several of these shelves per office as well.
As well, any good telco will have spare equipment on hot standby - major components at 1:1 and lesser at maybe 1 to 10 or 1 to 8 depending on manufacturing
Incidently, you also need expensive people to program and maintain the equipment. A good example is a DMS technician who will get paid the same as an excellent UNIX admin. (and rightfully so, the DMS is a convuluted enviroment to work in)
Each Office needs to be built to the highest standards, physical security, enviromental controls, backup battery plant and huge power systems to feed the equipment
Outside Plant, (that being the fibre and copper cable), is expensive as well, and even more expensive to maintain, this is why you see very few redundant routes, possibly only within a city. Often there is only 1 redundant route, in the classic SONET ring configuration, and often both sides of the ring have to terminate in one physical location. (office building collapses, phones don't work)
I don't know anything about the telco in manhatten, but I can imagine the catastrophe of losing a major office. If they were cutting corners on redundandcy, (which thankfully happens very seldom in Canada due to the regulations here) I could see major routing problems.
For those of you who thing telephone networking is like IP routing, it's not even similar. It's a hiearchy, you cut off the head, it suffers. Many companys may only have 1 or 2 hosts (a host being the "CPU" of the network.) This is due to the expensive of running a host. Telco equip manufactures charge an arm and a leg and your first born, and the liscensing is microshod style draconian.
What I'm saying after all that is - if you want total redundancy everywhere, it's going to cost more money for service. I don't know what the competition is like in Manhatten - but if you're not paying much for your cell phone, there might be a reason.
Just a thought. Flame away.
All the wireless "basestations" have frame relay connections into one building. Same point of failure.
I was/am in the middle of converting a federal agency in 26 Federal Bldg (about 6 blocks away from WTC) from analog to ISDN phones. We had half a floor converting on 9/13- needless to say, it has been postponed. 26 Fed has about 16000 phone lines, some ISDN, some analog. Analog service is being restored quicker, but almost no ISDN lines have been restored. Overall, Verizon is restoring about 200 lines a day in the building. 3 major problems with telecom after the attacks: 1) There were COs in the WTC and the Amex building, both of which are totally destroyed. 2) The Verizon CO building was damaged, including water and shock damage (I wonder how well an E5 switch handles water). 3) Several major trunk lines were cut to downtown Manhattan. Basically, too many COs were too close together, and every CO in the bottom half of Manhattan have their circuits maxed out, so numbers can only be restored when trunk lines are re-connected. This disaster has shown how vulnerable our infrastructure can be, especially in metropolitan areas.
Vote monkeys into Congress. They are cheaper and more trustworthy.
In larger areas, for instance Cincinnati, the Bell has a number of switches (I think it's 30). Each are connected with Sonet rings. I have toured the Cincinnati Bell NOC, where they have electronic maps of the rings and the network. Each CO may be on a number of rings. There are something like 300 rings in the area, all interconnecting different sets of COs, with plenty of overlap on each CO.
For those of you not familiar with Sonet, it is a ring of nodes, with a fiber pair running in each direction (four fibers instead of the normal two). If a cut happens, traffic is instantly routed in the opposite direction, around the break.
Cincinnati Bell uses their Sonet network for all voice, ATM, etc. LD carriers can connect to the network at any point (or multiple points).
Hello little man. I will destroy you!
Your argument would be valid if it even came close to the size and breadth of the VZ network at 140 West Street. Besides the facilities that existed in the Towers themselves, West Street was our sole serving facility for most of downtown. You can't compare 30 C.O.s in Cincy to one at West Street just because the NY Times article compared 140 West to Cincinnati in terms of data travelling through it. You can't make a direct comparison from an analogy like that. It's not as if West Street is the only C.O. in Manhattan- it's just the one that was damaged when a major catastrophe occurred next door.
The biggest problem at West Street is not necessarily the damage, or the flooding in our basements- it's the fact that West Street does not have reliable records. Their switching facilities and relay racks were not mapped reliably, and as a result, they are expending just as much manpower to figure out what was going where as to run new cables out from the 4th floor.
As for why there is so much damage to begin with, we were told that either a huge internal beam or the antenna on top the north tower pierced 140 West Street, causing most of the damage. The side of the building that faced the Towers was the side that most of the switching equipment was kept on. Combine that with the fact that the basement was flooded with water and diesel fuel, and you have a building that can't really support any kind of telephone service, at least immediately after the attacks.
Besides the huge amount of data lines that are served out of West Street, most other low speed data lines were routed through there. So, if the little bodega near your apartment in the Bronx or Brooklyn stopped selling Lotto Tickets right after the attacks, that's why.
Hhope ths helps.