|
Embedded applications, once straightforward designs using local bus architectures and basic, point-to-point communications, have become extremely sophisticated, both in concept and implementation, in order to meet today's demanding requirements. These complex applications can consist of multiple systems and subsystems residing in different physical locations that must coordinate actions and responses. These distributed applications are responsible for moving large amounts of data in a timely and reliable way, without sacrificing security. Embedded device designers are being tasked with designing and implementing solutions that meet these requirements.
Embedded designs are as diverse as the applications themselves. However, certain critical factors are found to be consistent across virtually all distributed systems. These factors include:
Performance - Performance means the ability to transfer data, events, and control information within a defined time frame. Systems which can not guarantee certain performance levels are not viable. Performance is often measured in terms of throughput and/or latency. Reliability - A system must transfer information in a consistent and predictable manner. An acceptable design must insure that the correct information is received by the appropriate entity. In addition, it is often a requirement that various information types can be prioritized for the purpose of determining the order in which it is received.
Security - The basic tenets of security are confidentiality, integrity, and authorization. As systems and networks grow in complexity, the techniques available to those who would compromise security also grow more sophisticated. Security promises to be one of the most challenging aspects of embedded design for the coming years. Simplicity - A design that works well for a 10 node system might completely break down for a 100 node system. An appropriate approach must allow a system to scale without undermining the other design factors or placing undue complexity on those responsible for implementation.
Embedded system designs continue to increase in complexity and sophistication, requiring ever more powerful tools to simplify the development of secure, distributed systems
Application areas where distributed systems are of particular interest include:
Communications Equipment Networks
consisting of various types of communication equipment are themselves distributed systems. Requirements often dictate the movement of large amounts of information through the network, usually under heavy time constraints. Data moved over public networks, in particular, is vulnerable to security breaches. A poorly designed system could easily result in sub-par performance.
Aerospace/Defense
The movement of information in a reliable, timely, and secure way is of paramount importance in defense oriented applications. Weapons systems, command and control, and sophisticated flight avionics are all examples of the need for a solid distributed system design. A failure in this class of applications can be of catastrophic proportions.
Industrial Automation
These applications, aside from their inherent complexity, often operate in harsh environments involving extreme physical conditions with millions of dollars in equipment at risk. Their physical distribution lends themselves to a distributed architecture where the design factors discussed above are critical. Equipment downtime as a result of poor software design can have disastrous financial implications.
Medical Electronics
In medical electronics, such as a patient care system, a robust distributed architecture is critical to patient safety and well being. Information must not only be moved reliably, but special care must be taken to insure that sensitive information is not exposed to unauthorized individuals. A compromised network can have severe consequences to a medical provider.
Right Tools = Right Results
In a perfect world, a set of tools would be available that would enable embedded developers to design distributed systems that meet all of the functional requirements described above. In addition, it would be possible to leverage standards where appropriate and still meet time-to-market and budget objectives. Embedded systems lend themselves to a peer-to-peer communications model where there is no central server that can fail and bring down the system. An extremely elegant form of peer-to-peer communications is the publish-subscribe model. In publishsubscribe, data is encapsulated into “topics” that are published by nodes in the system and subscribed to by other nodes. In addition to presenting a very easy API to the embedded application, programming is easy and results in highly scalable systems. This simplicity of implementation belies sophisticated and advanced features, including guaranteed delivery and ordering, and quality of service mechanisms. As a result, publish-subscribe makes an excellent choice for meeting the requirements of performance, reliability, and simplicity.
Publish-subscribe, by itself, does not directly address security issues. Additional technology is needed that integrates seamlessly into the publish-subscribe implementation to ensure distributed information is secure with regard to confidentiality. Integrity and authorization.
By choosing to implement publish-subscribe over a standard TCP/IP network, we are able to leverage standard security protocols that operate with TCP/IP. The most viable option is IPSec, which operates at the network (IP) layer of the TCP/IP stack. IPSec secures traffic independently of network topology and is completely transparent to applications running at higher layers of the stack. IPSec also leverages other important standards like IKE, the Internet Key Exchange protocol, for key sharing; authentication standards such as Kerberos, RADIUS, and X.509 digital certificates; and encryption algorithms like AES and 3DES.
SolutionSDC: Solution for Secure Distributed Computing
SolutionSDC is a product bundle that enables embedded developers to design and deploy highly scalable distributed applications that meet the requirements of performance reliability, security, and simplicity. SolutionSDC is an integration of two market leading products: NDDS from Real-Time Innovations, and V-IPSecure from TeamF1. By using SolutionSDC, developers can focus their time and effort on their application, knowing that the underlying distributed computing infrastructure delivers the core features essential to a robust, scalable, bullet-proof distributed application.
NDDS
NDDS from Real-Time Innovations is network middleware that simplifies the development of distributed real-time applications. NDDS presents application developers with a publishsubscribe model that removes the complexity from one-to-many communications, distributes data quickly and efficiently over standard networks, supports automatic discovery, and provides automatic hot swap substitution.
V-IPSecure
V-IPSecure from TeamF1 is a high-performance, lean and flexible implementation of the IPsec and IKE protocol suite which provides IP extensions needed for security at the network layer (layer 3). Because IPsec protocols secure the connection at the network layer, NDDS-based applications are automatically secured.
|
