SlideShare a Scribd company logo

Enterprise Cyber-Physical Edge Virtualization Engine (EVE) Project.pdf

D
Dmitri Shiryaev

The document discusses the Enterprise Cyber-Physical Edge Virtualization Engine (EVE) project, highlighting its architecture and key components aimed at managing edge computing environments securely and efficiently. It supports zero trust and zero touch principles for application and device management while providing solutions for data analysis and integration in edge environments. Additionally, the project includes tools for device onboarding, connectivity, and security within a decentralized infrastructure.

Software
Related topics:
Edge ComputingNetwork Security
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
Enterprise Cyber-Physical Edge Virtualization Engine (EVE) Project Oleg Sadov, Petr Fedchenkov – ITMO University Roman Shaposhnik, Dr. Dmitri Chiriaev – ZEDEDA
Evolution in a Connected World Requires an Open Edge 2
› Bare metal device onboarding and management at scale › Application/runtime deployment, update, and management at scale › On devices in remote locations › Don't introduce security issues › Run different applications/runtimes Key Requirements ZERO TRUST ZERO TOUCH ANY APP | HARDWARE | NETWORK APP ? EDGE CONTAINERS 3
Sensors, Equipment, PLCs… The Enterprise Cyber-Physical Edge Stack Reduce outages Improve predictability Increase efficiencies Customer Business Outcomes Cloud/DC Edge Software Edge Hardware Machines & Assets Open source edge runtime for ubiquity Infra Services Layer: Virtualize & Abstract Edge EVE-OS: EdgeVirtualization Engine Data Services Layer: Abstract & Distribute IoT Data IoT Edge Greengrass Fledge
Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles
Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles Device Identity Onboarding Security Foundation Self update Device connect- ivity Device APIs Edge Container runtime Edge Container connect- ivity Deployed Edge Containers
EdgeVirtualization Controller Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles Device Identity Onboarding Security Foundation Self update Device connect- ivity Device APIs Edge Container runtime Edge Container connect- ivity Deployed Edge Containers EVC sample:Adam Commercial EVC:
Deployment Models 8 • Extract data for local analysis / cloud and connect to new sensors • No interference with existing setup • Secure apps with private networks IoT Data Analytics IoT Edge Router Security Appliance • Added security for current/legacy IoT • Deploy a network proxy application (e.g., MQTT) • Add app to update firmware of legacy hardware • Deploy and manage security apps • Add SPAN port collector to network • Gain visibility and monitor traffic with network security apps (e.g. Nozomi) Legacy Hardware IT, ERP, MES IoT Edge Compute EVE Node Node Storage Service WAN/Internet Node IoT Edge Compute Network Probe IoT Edge Compute IDS WAN/Internet SPAN PORT Node Node Node EVC EVC EVC EVE EVE
EDEN – Go-based testing/modelling environment 9 PC File/OCI Registry Streaming DB ADAM EDEN test binaries EDEN CLI EVE QEMU EVE RPi4 Cloud EVE GCP ● Framework/CLI for managing EVE and ADAM infrastructure. ● Test binaries that can be used to write test scripts and detect some specific EVE states. DockerHub Public VMs
Resources › Project: https://www.lfedge.org/projects/eve/ › Whitepapers: › architecture: https://zededa.com/wp-content/uploads/2021/03/ZEDEDA-Architecture- WP-Feb2021.pdf › security: https://zededa.com/wp-content/uploads/2021/03/ZEDEDA-Security-WP- Feb2021.pdf › EDEN Quick Start: https://github.com/lf-edge/eden 10

More Related Content

PPT
Madness of the Clouds
gazdagf
 
PPTX
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
mfrancis
 
PPTX
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Nur Shiqim Chok
 
PPTX
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
PPTX
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
PDF
Provisioning the IoT
Sander Mak (@Sander_Mak)
 
PPT
Web Services and Devices Profile for Web Services (DPWS)
Jorgen Thelin
 
PDF
5G transformation with Open Source (on ONF)
gangiliu
 
Madness of the Clouds
gazdagf
 
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
mfrancis
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Nur Shiqim Chok
 
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Provisioning the IoT
Sander Mak (@Sander_Mak)
 
Web Services and Devices Profile for Web Services (DPWS)
Jorgen Thelin
 
5G transformation with Open Source (on ONF)
gangiliu
 

Similar to Enterprise Cyber-Physical Edge Virtualization Engine (EVE) Project.pdf (20)

PDF
08 sdn system intelligence short public beijing sdn conference - 130828
Mason Mei
 
PPTX
Security best practices for hyper v and server virtualisation [svr307]
Louis Göhl
 
PDF
Enabling SDN for Service Providers by Khay Kid Chow
MyNOG
 
PPT
E Snet Raf Essc Jan2005
FNian
 
PDF
Virtual firewall framework
Nithin Babu
 
PDF
Iot Conference Berlin M2M,IoT, device management: one protocol to rule them all?
Julien Vermillard
 
PDF
HPC Impact: EDA Telemetry Neural Networks
inside-BigData.com
 
PDF
CampusSDN2017 - Jawdat: SDN Technology Evolvement
JawdatTI
 
PDF
Securing Millions of Devices
Kai Hudalla
 
PDF
Contrail Enabler for agile cloud services
Juniper Networks (日本)
 
PDF
Simplify Networking for Containers
LinuxCon ContainerCon CloudOpen China
 
PPTX
Innovation in SDN Tools and Platforms
Umesh Krishnaswamy
 
PPTX
Managing Avionics Safety Certification for Unmanned Aircraft
Real-Time Innovations (RTI)
 
PPTX
NGSoft General Overview
Michael Starr
 
PDF
eMagic-Data Center Management System
Sandesh Sonar
 
PPTX
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Honeywell
 
PPTX
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateway
 
PPTX
Dynamic Server Provisioning With Ops Manager and Hyper-V
Amit Gatenyo
 
PPT
040711 webcast securing vmachine
Erin Banks
 
PDF
The 5 elements of IoT security
Julien Vermillard
 
08 sdn system intelligence short public beijing sdn conference - 130828
Mason Mei
 
Security best practices for hyper v and server virtualisation [svr307]
Louis Göhl
 
Enabling SDN for Service Providers by Khay Kid Chow
MyNOG
 
E Snet Raf Essc Jan2005
FNian
 
Virtual firewall framework
Nithin Babu
 
Iot Conference Berlin M2M,IoT, device management: one protocol to rule them all?
Julien Vermillard
 
HPC Impact: EDA Telemetry Neural Networks
inside-BigData.com
 
CampusSDN2017 - Jawdat: SDN Technology Evolvement
JawdatTI
 
Securing Millions of Devices
Kai Hudalla
 
Contrail Enabler for agile cloud services
Juniper Networks (日本)
 
Simplify Networking for Containers
LinuxCon ContainerCon CloudOpen China
 
Innovation in SDN Tools and Platforms
Umesh Krishnaswamy
 
Managing Avionics Safety Certification for Unmanned Aircraft
Real-Time Innovations (RTI)
 
NGSoft General Overview
Michael Starr
 
eMagic-Data Center Management System
Sandesh Sonar
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Honeywell
 
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateway
 
Dynamic Server Provisioning With Ops Manager and Hyper-V
Amit Gatenyo
 
040711 webcast securing vmachine
Erin Banks
 
The 5 elements of IoT security
Julien Vermillard
 
Ad

More from Dmitri Shiryaev (6)

PDF
Uniting Data JavaOne2013
Dmitri Shiryaev
 
PDF
RFID Technology and Internet of Things
Dmitri Shiryaev
 
PDF
Hadoop: Big Data Stacks validation w/ iTest How to tame the elephant?
Dmitri Shiryaev
 
PDF
Composite Applications with SOA, BPEL and Java EE
Dmitri Shiryaev
 
PDF
A Guide to the SOA Galaxy: Strategy, Design and Best Practices
Dmitri Shiryaev
 
PDF
SOA Strategy and Architecture
Dmitri Shiryaev
 
Uniting Data JavaOne2013
Dmitri Shiryaev
 
RFID Technology and Internet of Things
Dmitri Shiryaev
 
Hadoop: Big Data Stacks validation w/ iTest How to tame the elephant?
Dmitri Shiryaev
 
Composite Applications with SOA, BPEL and Java EE
Dmitri Shiryaev
 
A Guide to the SOA Galaxy: Strategy, Design and Best Practices
Dmitri Shiryaev
 
SOA Strategy and Architecture
Dmitri Shiryaev
 
Ad

Recently uploaded (20)

PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PDF
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PPTX
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
System and Network Administration Chapter 2
jaramharo
 
assetexplorer- product-overview - presentation
nonameist3434
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
System and Network Administraation Chapter 3
jaramharo
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 

Enterprise Cyber-Physical Edge Virtualization Engine (EVE) Project.pdf

  • 1. Enterprise Cyber-Physical Edge Virtualization Engine (EVE) Project Oleg Sadov, Petr Fedchenkov – ITMO University Roman Shaposhnik, Dr. Dmitri Chiriaev – ZEDEDA
  • 2. Evolution in a Connected World Requires an Open Edge 2
  • 3. › Bare metal device onboarding and management at scale › Application/runtime deployment, update, and management at scale › On devices in remote locations › Don't introduce security issues › Run different applications/runtimes Key Requirements ZERO TRUST ZERO TOUCH ANY APP | HARDWARE | NETWORK APP ? EDGE CONTAINERS 3
  • 4. Sensors, Equipment, PLCs… The Enterprise Cyber-Physical Edge Stack Reduce outages Improve predictability Increase efficiencies Customer Business Outcomes Cloud/DC Edge Software Edge Hardware Machines & Assets Open source edge runtime for ubiquity Infra Services Layer: Virtualize & Abstract Edge EVE-OS: EdgeVirtualization Engine Data Services Layer: Abstract & Distribute IoT Data IoT Edge Greengrass Fledge
  • 5. Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles
  • 6. Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles Device Identity Onboarding Security Foundation Self update Device connect- ivity Device APIs Edge Container runtime Edge Container connect- ivity Deployed Edge Containers
  • 7. EdgeVirtualization Controller Project EVE Architecture Hardware Layer EVE-EVC API - config, status, metrics, logs EVErouter: DHCP DNS ACLs LISP VPN EVEagent: config, status, metrics Downloader EVEmanager: instance orchestrator Verifier sha, sigs HW info, metrics Domain mgr dom0 Crypto device identity TEE/TPM Crypto instance identity Device onboarding Mesh network TLS 1.2/1.3 OCSP stapling Baseos manager Grub gpt priority boot Network interface manager Device connectivity Instance connectivity log manager Eth, RS 485, BTLE etc NAT I/O virtualizatiion and assignment switch mesh cloud Instance B Instance C Instance D Driver domain(s) Instance A EdgeVirtualization Engine Eth, wlan, wwan Hardware watchdog Linux watchdog Remote instance consoles Device Identity Onboarding Security Foundation Self update Device connect- ivity Device APIs Edge Container runtime Edge Container connect- ivity Deployed Edge Containers EVC sample:Adam Commercial EVC:
  • 8. Deployment Models 8 • Extract data for local analysis / cloud and connect to new sensors • No interference with existing setup • Secure apps with private networks IoT Data Analytics IoT Edge Router Security Appliance • Added security for current/legacy IoT • Deploy a network proxy application (e.g., MQTT) • Add app to update firmware of legacy hardware • Deploy and manage security apps • Add SPAN port collector to network • Gain visibility and monitor traffic with network security apps (e.g. Nozomi) Legacy Hardware IT, ERP, MES IoT Edge Compute EVE Node Node Storage Service WAN/Internet Node IoT Edge Compute Network Probe IoT Edge Compute IDS WAN/Internet SPAN PORT Node Node Node EVC EVC EVC EVE EVE
  • 9. EDEN – Go-based testing/modelling environment 9 PC File/OCI Registry Streaming DB ADAM EDEN test binaries EDEN CLI EVE QEMU EVE RPi4 Cloud EVE GCP ● Framework/CLI for managing EVE and ADAM infrastructure. ● Test binaries that can be used to write test scripts and detect some specific EVE states. DockerHub Public VMs
  • 10. Resources › Project: https://www.lfedge.org/projects/eve/ › Whitepapers: › architecture: https://zededa.com/wp-content/uploads/2021/03/ZEDEDA-Architecture- WP-Feb2021.pdf › security: https://zededa.com/wp-content/uploads/2021/03/ZEDEDA-Security-WP- Feb2021.pdf › EDEN Quick Start: https://github.com/lf-edge/eden 10