Patent Grant
8494313
The present invention relates generally to detection of fiber taps in optical networks. More particularly, the invention relates to monitoring fiber dispersion modes to detect fiber taps.
Creating a comprehensive security strategy for networks is a multifaceted problem requiring protection techniques at a number of different layers of the network. Physical intrusion at layer 0 of the network—for example the optical fibers that carry the signals in an optical network—can not always be effectively dealt with at higher layers. For example; some encryption techniques are inadequate; sometimes only data is encrypted leaving source and destination addresses exposed. Even traffic level monitoring can be analyzed to reveal important information about real time events. Additionally, jamming or denials of service techniques are harder to stop once an intruder has access to the fiber. Though a large range of possible solutions has been investigated over the past few years, from quantum physics to artificial intelligence processing, no simple, effective mechanism exists today to automatically detect physical fiber intrusion.
In accordance with the invention, there is provided a relatively low cost and relatively simple approach that can automatically detect any real time attempted tapping of a fiber link by monitoring polarization changes of the fiber.
A method of the invention includes the steps of monitoring the state of polarization of an optical fiber, and determining that a fiber tap has occurred if the state of polarization changes beyond a first predetermined amount. The method can further include the step of determining, alternately, that a fiber tap has occurred if the state of polarization changes beyond a second predetermined amount and in an approximately continuous, non-random direction. More particularly, the step of monitoring includes the steps of monitoring a first state of polarization of an optical fiber; waiting for a time period; and monitoring a second state of the polarization of the optical fiber. The step of determining includes determining that a fiber tap has occurred if the second state of polarization changes beyond a first predetermined amount from the first state of polarization. The time period is chosen to be less than a time during which the state of polarization of the optical fiber is expected to drift. This step eliminates false positives due to natural fiber PMD drift. The first predetermined amount is approximately 2.4 radians, as this has been shown to be the minimal polarization rotation caused by a fiber tap.
Apparatus of the invention includes logic for monitoring the state of polarization of an optical fiber, and logic for determining that a fiber tap has occurred if the state of polarization changes beyond a first predetermined amount. The apparatus can further include logic for determining, alternately, that a fiber tap has occurred if the state of polarization changes beyond a second predetermined amount and in an approximately continuous, non-random direction. More particularly, logic for monitoring includes the logic for monitoring a first state of polarization of an optical fiber; logic for waiting for a time period; and logic for monitoring a second state of the polarization of the optical fiber.
The logic for determining includes logic for determining that a fiber tap has occurred if the second state of polarization changes beyond a first predetermined amount from the first state of polarization. The time period is chosen to be less than a time during which the state of polarization of the optical fiber is expected to drift. This step eliminates false positives due to natural fiber PMD drift. The first predetermined amount is approximately 2.4 radians, as this has been shown to be the minimal polarization rotation caused by a fiber tap.
A program product of the invention is embodied by a computer readable medium having embodied therein a computer program for storing data. The computer program includes logic for monitoring the state of polarization of an optical fiber, and logic for determining that a fiber tap has occurred if the state of polarization changes beyond a first predetermined amount. The program product can further include logic for determining, alternately, that a fiber tap has occurred if the state of polarization changes beyond a second predetermined amount and in an approximately continuous, non-random direction. More particularly, logic for monitoring includes the logic for monitoring a first state of polarization of an optical fiber; logic for waiting for a time period; and logic for monitoring a second state of the polarization of the optical fiber.
The logic for determining includes logic for determining that a fiber tap has occurred if the second state of polarization changes beyond a first predetermined amount from the first state of polarization. The time period is chosen to be less than a time during which the state of polarization of the optical fiber is expected to drift. This step eliminates false positives due to natural fiber PMD drift. The first predetermined amount is approximately 2.4 radians, as this has been shown to be the minimal polarization rotation caused by a fiber tap.
The advantages of this invention may be better understood by referring to the following description in conjunction with the accompanying drawings, in which like numerals indicate like structural elements and features in various figures. The drawings are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the invention.
Referring now to
Interlopers may be trying to gather different information about the network. It is certainly interesting to be able to detect a channel and ascertain the information being transmitted on the channel, particularly in a non-destructive manner. However, simple monitoring of traffic levels, or the very presence or absence of signals themselves, can also be considered interesting information to interlopers. An optical fiber tap can provide any of this information. There are many known methods for tapping an optical fiber via easy to use commercial equipment. Thus, an effective fiber tap detection technique must be able to detect the slightest physical intrusion common to all these techniques.
Various known methods for fiber tapping are herein considered. Bend Induced Coupling is one of the most economical and straightforward methods. Several manufacturers produce devices for controlling bending of the fiber and capturing the light lost from the core in the bend. The bend method is also considered to be one of the methods with the lowest risk, as the optical signal propagating through the fiber to be tapped does not need to be interrupted. Side Polishing is another form of fiber tapping wherein the fiber is carefully polished to remove the cladding from one side of the fiber. Another fiber is then brought into close proximity to the core of the target fiber in order to make an evanescent coupler. Side Polishing takes a skilled technician a long time to accomplish. Index Change is another form of fiber tapping wherein the index of refraction of the core is changed through any of various methods. The core index of refraction can be permanently altered by applying a high-intensity pulsed laser to write a grating on the core. Or, a wedge shape can be cut from the fiber, close enough to the core to disturb the optical field in order to couple light out of the core. Or, a temporary refractive index change can be induced by way of an acousto-optic effect. Another form of fiber tapping is known as a Fused Fiber Coupler. This involves twisting the fibers together, etching the cladding away, and then pulling and heating the fibers to form the coupler. A fiber tap can also be formed by producing a small break in a fiber to cause some the light to propagate across the break into the cladding, producing a fabry-perot cavity. And, it is feasible for a skilled interloper to break and splice a fiber—but this cause blocking of the transmission path for at least several milliseconds, which should cause higher level protocol alarms (e.g. a SONET LoS failover within 50 ms).
The transport fiber can be deployed in various states. The fiber may be buried in protective cabling, under the ground or under the ocean (submarine), or it may be hung from poles (aerial) with minimal environmental protection. Once physical access to the fiber has been obtained, all tapping methods will require fiber manipulation.
What was sought was a way to characterize, measure, and monitor an effect common to all the different types of fiber taps so that a fiber tap can be identified and reported as it occurs. The different types of fiber taps cause various anomalies including insertion loss, polarization dependent loss, and polarization mode dispersion (PMD). In accordance with the invention it has been realized that in order to cause light to escape the fiber to get any type of fiber tap to work, birefringence occurs in the fiber. These birefringences in turn cause a change in the state of polarization (SOP) of the fiber—in particular, polarization rotation occurs. It was realized that the level of birefringence caused by the bending and tapping produces polarization rotations to a degree significant enough to be detected and measured.
PMD is a form of modal dispersion wherein two different polarizations of light travel down a fiber at different speeds. It is typically characterized by a three-component dispersion vector known as a Stokes vector, and is visualized as plotted on the Poincare sphere. Polarization states will be described herein in terms of Stokes vectors and the Poincare sphere.
Once it was understood that polarization rotation is the signature of physical intrusion, analytical and experimental investigation was undertaken to ascertain which fiber tap method produced the lowest polarization rotation. If the method producing the lowest polarization rotation produces enough to be detected, then all methods can be detected. It was determined that the Bend Method of fiber tap described above produced the smallest polarization rotation, a minimum of 2.4 radians, as shown on the Poincare sphere plot 20 of
Thus in accordance with the invention, as shown in
However, it is also understood that natural PMD drift can occur in fiber networks, so in accordance with the invention, a robust detection system accounts for this natural drift to minimize false positive results.
The properties of transport fiber vary with time. PMD (due to birefringence), PDL, chromatic dispersion, etc. all occur and vary. The variations depend in part on the manner in which the fiber is deployed. For instance, dispersion properties of submarine fiber tend to vary slowly, on the order of months, while dispersion in aerial fiber tends to vary more quickly, on the order of hours, due to wind and temperature change. The magnitude of the drift can be as substantial as the polarization state change caused by a fiber tap, but the drift occurs much more slowly.
In
Thus, in further accordance with the invention, as shown in
Also in accordance with the invention, the natural PMD drift of the fiber is accounted for to provide a robust solution. Referring to
Referring to
It is understood that, with powerful enough processing, the monitor window T can be reduced to minutes, or seconds.
In accordance with one embodiment of the invention as shown in the system 100 of
Thus as shown in
A block diagram of the preferred embodiment of the invention is shown in
The optical path consists of multiplexers 214, transmission fiber 216, amplifiers 218, and de-multiplexers 220. Each of these components causes various impairments which may include polarization rotation, chromatic dispersion (CD) and PMD.
The receiver 202 is a Nortel Networks 40 Gb/s receiver. At the receiver 202, the modulated optical signal is split using a polarization beam splitter 222, and combined with a local oscillator laser 224 using an optical hybrid 226. Following the hybrid 226, the optical signals are detected by photodetectors 228, and then digital signal processing (DSP) 230 is done to compensate for the various optical and electrical impairments [23]. The output of the DSP 230 is further processed by a forward error-correction (FEC) chip 232 to correct errors.
The DSP 230 implements polarization tracking. So, in accordance with the invention, the receiver 202 is modified to include SOP monitor logic 234. SOP monitor logic 234 implements the methods of
However, the invention is not limited to eDCO implementations. it is feasible that other types of transmitters and receivers could be employed without departing from the principles of the invention. Any receiver capable of tracking PMD can be utilized. For example, available PMD monitoring testing devices and tools can be used.
It is also understood that fiber tapping techniques will evolve, and that eventually a fiber tapping technique may exist that causes an SOP change of less than 2.4 radians, or 90 degrees on the Poincare sphere. But some degree of SOP change is nevertheless expected, and such taps will be detectable via the methods of the invention by using different predetermined limits and sampling intervals.
Furthermore, it is understood that fiber taps can be incurred for purposes other than interloping, and the invention applies to fiber tapping or manipulation for any purpose. For example, a maintenance operation requiring a fiber tap may be ordered on a section of fiber in a metro or core network. These networks can be very large, many kilometers long, and it is important to make sure that expensive maintenance or repair operations occur on the correct spans. The fiber tapping detection mechanism of the invention can be employed along with higher level network monitoring software to ensure, for example, that the maintenance operation is occurring on the correct section of the fiber.
The SOP monitor logic of
Although the invention has been shown and described with reference to specific preferred embodiments, it should be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the following claims.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5485296 | Healey et al. | Jan 1996 | A |
| 5966224 | Hughes et al. | Oct 1999 | A |
| 6552836 | Miller | Apr 2003 | B2 |
| 6600586 | Hall | Jul 2003 | B1 |
| 6727490 | Medard et al. | Apr 2004 | B2 |
| 6792168 | Lanne et al. | Sep 2004 | B2 |
| 7016567 | Smith et al. | Mar 2006 | B2 |
| 7095559 | Taniguchi et al. | Aug 2006 | B2 |
| 7684701 | Yuan et al. | Mar 2010 | B2 |
| 7974540 | Tomita et al. | Jul 2011 | B2 |
| 20020122220 | Robinson et al. | Sep 2002 | A1 |
| 20030118263 | Phua et al. | Jun 2003 | A1 |
| 20040047535 | Ukrainczyk | Mar 2004 | A1 |
| 20040120629 | Han et al. | Jun 2004 | A1 |
| 20050276611 | Patel et al. | Dec 2005 | A1 |
| 20060072922 | MacDonald et al. | Apr 2006 | A1 |
| 20060153491 | Murphy et al. | Jul 2006 | A1 |
| 20060291795 | Murphy et al. | Dec 2006 | A1 |
| 20070069893 | Anderson | Mar 2007 | A1 |
| 20070196058 | Lee et al. | Aug 2007 | A1 |
| 20070253662 | Patel et al. | Nov 2007 | A1 |
| 20070274712 | Leppla et al. | Nov 2007 | A1 |
| 20080062407 | Boroditsky et al. | Mar 2008 | A1 |
| Number | Date | Country |
|---|---|---|
| 201032465 | Mar 2008 | CN |
| 101216149 | Jul 2008 | CN |
| 101266024 | Sep 2008 | CN |
| 2008027257 | Mar 2008 | WO |
| Entry |
|---|
| International Search Report and Written Opinion for PCT/US2010/030051 dated Jun. 7, 2010; 6 pages. |
| Extended European Search Report dated Dec. 4, 2012 issued by the European Patent Office in corresponding EP Application No. 10762287.0; 6 pages. |
| First Office Action in related Chinese patent application No. 201080015289.4, mailed on Jan. 30, 2013; 18 pages. |
| Number | Date | Country | |
|---|---|---|---|
| 20100254649 A1 | Oct 2010 | US |
