Introduction to DDS: Context, Information Model, Security, and Applications.
0 likes48 views
The document discusses the Data Distribution Service (DDS) and its applications in the Industrial Internet of Things (IIoT), highlighting its role in achieving high levels of interoperability, reliability, and security across various industries. It outlines the connectivity standards and middleware required for application development, showcasing use cases in energy, healthcare, and military sectors. DDS is emphasized as a proven, modular solution that supports real-time data exchange and system integration.
Introduction to DDS: Context, Information Model, Security, and Applications.
- 1. Data-Distribution Service (DDS) Gerardo Pardo, Ph.D. RTI CTO Co-Chair OMG DDS SIG September 2018
- 2. 2 Understanding Connectivity Understanding DDS DDS Applications
- 3. © 2018 Object Management Group 3 The Industrial IoT is Smart Machine Infrastructure Industrial Internet of Things (IIoT) Consumer Internet of Things (CIoT) 80% of hype 80% of value
- 4. Industrial Internet Consortium: ~250 Companies, 30+ Countries IIC Founding and Contributing Members The World’s Largest IoT Consortium The IIC created the IIoT market
- 5. IIoT Connectivity Stack Model Participant X Connectivity Information Networking IICF Focus Information (Data in Context) Participant X Transport Link Framework Distributed Data Interoperability and Management Physical Network Participant Y Data (State, Events, Streams) Messages Packets Frames Bits Transport Link Framework Distributed Data Interoperability and Management Physical Network Technical Interoperability (bytes) Syntactic Interoperability (data structures) Semantic Interoperability (data context)
- 6. IIOT Connectivity Standards Manufacturing Origin TSN / Ethernet (802.1, 802.3) DDS Wireless PAN (802.15) Wireless 2G/3G/LTE (3GPP) Wireless LAN (802.11 Wi- Fi) Internet Protocol (IP) CoAP MQTT Web Services Wireless Wide Area (802.16) HTTP DDSI-RTPS oneM2M OPC-UA OPC-UA Bin Telecommunications Origin UDP TCP TCP Transport Link Framework Distributed Data Interoperability and Management Physical Network Healthcare Transportation Manufacturing … … Energy & Utilities
- 7. Selection Criteria Core Standard Criterion DDS Web Services OPC-UA oneM2M 1 Provide syntactic interoperability ✔ Need XML or JSON ✔ ✔ 2 Open standard with strong independent, international governance ✔ ✔ ✔ ✔ 3 Horizontal and neutral in its applicability across industries ✔ ✔ ✔ ✔ 4 Stable and proven across multiple vertical industries Software Integration & Autonomy ✔ Manufacturing Smart City Pilots* 5 Have standards-defined Core Gateways to all other core connectivity standards Web Services, OPC-UA, oneM2M* DDS, OPC-UA, oneM2M Web Services, DDS, oneM2M* Web Services, DDS* 6 Meet the connectivity framework functional requirements ✔ ✗ Pub-Sub in development 7 Meet non-functional requirements of performance, scalability, reliability, resilience ✔ ✗ Real-time in development Reports not yet documented or public 8 Meet security and safety requirements ✔ ✔ ✔ ✔ 9 Not require any single component from any single vendor ✔ ✔ ✔ ✔ 10 Have readily-available SDKs both commercial and open source ✔ ✔ ✔ ✔ * = work in progress , ✔ = supported, ✗ = not supported GREEN = Gating Criteria
- 8. Using Connectivity Middleware for Application Development Application Middleware Operating System Network Application Middleware Operating System Application Middleware Operating System
- 9. 4th Gen Middleware: Data-Centric Publish-Subscribe Broadcast Publish/Subscribe Fieldbus, CANbus, OPC UA Pub-Sub Data-Centric Publish-Subscribe DDS Brokered Publish/Subscribe Queueing MQTT, XMPP AMQP, Kafka Brokered ESB Daemon Point-to-Point Client/Server TCP, REST, WS*, OPC UA CORBA, Thrift Shared Data Model DataBus
- 10. 10 Complexity of the Application Code Network Application Middleware Operating System Application Operating System Quality of Service Discovery Data Resource Model Id and Addressing Data Type System State Management Connectivity Transport Connectivity Framework Application Operating System Quality of Service Discovery Data Resource Model Id and Addressing Data Type System State Management Connectivity Transport
- 11. DDS–Based Integration Light-Weight Clients Connectivity Core Standard (HTTP/REST) DDS-WEB Gateway IIoT System Real-Time Decisions Gateway Sleep/Wake Clients OPC UA/DDS Gateway Connectivity Core Standard (OPC-UA) Connectivity Core Standard (DDS) Manufacturing Workcells Mobile and Web User Interfaces Autonomy Equipment
- 12. DDS is broadly used across the IIoT Real World Systems in: – Healthcare – Transportation – Communications – Energy – Industrial – Defense
- 13. Example: Grand Coulee Dam Radar Radar Displays Logging Existing SCADA (to be replaced) Alarming Monitor Interested in many quantities IPC IPC IPC Segment Bus (DDS) Redundant Routing IPC IPC IPC Segment Bus (DDS) IPC IPC IPC Segment Bus (DDS) VPN/Firewall Local quantity interest TCP (WAN) VPN/Firewall VPN/Firewall Control Room Bus (DDS) Control Room Migration Server
- 14. Example: Autonomous Vehicles Sensing Planning Vehicle Control Logging DDS DATABUS Traffic Maps Error Management Situation Awareness Situation Awareness Cameras, LIDAR, Radar… Cameras, LIDAR, Radar… Cameras, LIDAR, Radar… Data Fusion Cameras, LIDAR, Radar… Localization Vehicle Platform Visualization Navigation DDS DATABUS
- 15. Example: Clinical Decision System Architecture Room Domain Bus Central Domain Bus Room Domain Bus Admin Domain Bus (Cloud) Patient Monitoring Devices Workstations, Storage, Historian Gateway, IX, Enterprise, 3rd Party DDS Router DDS Router DDS Router
- 16. Understanding the DDS Connectivity Framework
- 17. DDS Specification family DDS v 1.4 RTPS v2.2 DDS-SECURITY DDS-RPC DDS-XTYPES Application TCP UDP DTLS TLS DDS-C++ DDS-JAVA DDS-IDL-C DDS-IDL-C# SHARED-MEMORY IP IDL 4. TSN Ethernet DDS-WEB DDS-OPC UA HTTP UA TCP
- 18. Timeline D D S D D S - R T P S 2 . 0 D D S - X T Y P E S O P C U A / D D S G a t e w a y D D S - X R C E D D S - S e c u r i t y D D S - P S M - C + + D D S - P S M - J a v a D D S - R P C D D S - X M L D D S - S e c u r i t y 1 . 1 D D S - X T Y P E S 1 . 2 D D S - W E B D D S - R T P S 2 . 2 D D S - R T P S 2 . 1 D D S 1 . 2 I D L 4 . 1 D D S 1 . 1 2004 2006 2007 2008 2010 2012 2014 2016 2018 2017 2015 2013 2005 2009 2011
- 19. DDS Model: Virtual Global Data Space Topic A QoS Topic C QoS Topic D QoS DDS DOMAIN Persistence Service Recording Service CRUD operations Topic B : “Turbine State” Source (Key) Speed Power Phase WPT1 37.4 122.0 -12.20 WPT2 10.7 74.0 -12.23 WPTN 50.2 150.07 -11.98 QoS
- 20. Data-Centric Communications Model • Participants scope the global data space (domain) • Topics define the data-objects (collections of subjects) • DataWriters publish data on Topics • DataReaders subscribe to data on Topics • QoS Policies are used configure the system • Listeners are used to notify the application of events Reader “Alarm” Domain Participant Writer “Alarm” Domain Participant Listener Offered QoS Listener Got new data Requested QoS New subscriber! “Alarm” Topic Topic2 Topic2 Request <= Offered QoS compatibility checking and run-time monitoring
- 21. Quality of Service (QoS) Policies QoS Policy DURABILITY HISTORY LIFESPAN WRITER DATA LIFECYCLE READER DATA LIFECYCLE ENTITY FACTORY RESOURCE LIMITS RELIABILITY TIME BASED FILTER DEADLINE CONTENT FILTERS Cache User QoS Delivery Presentation Availability Resources Transport QoS Policy USER DATA TOPIC DATA GROUP DATA PARTITION PRESENTATION DESTINATION ORDER OWNERSHIP OWNERSHIP STRENGTH LIVELINESS LATENCY BUDGET TRANSPORT PRIORITY
- 22. © 2010 Real-Time Innovations, Inc. RTPS Protocol optimized for real-time • Full peer-to-peer protocol • No required brokers or servers • Adaptable via QoS • Reliability, timeouts, message priority • Native reliable multicast support • Uses transport multicast, if available, else unicast UDP • Robust to disconnects • Maintains session above (UDP) transport • Efficient data encapsulation • Binary XCDR • Built-in availability and durability • Durable & Persistent data, Historical cache, Failover support RTPS
- 23. Data and Service Definition DDS-XTYPES and IDL4 standards • Logical Data Model and Service Interfaces • Portable: Language-Independent Type System • Safe: Rules for Type Compatibility • Flexible: Types/Interfaces expressed in IDL or XML • Interoperable System Evolution • Types/Services changes (add, remove, reorder, …) • Incremental/Partial upgrades • Dynamic API’s to access data and types • Systems that adapt at run-time • Efficient binary serialization @mutable struct ShapeType { @key string color; @range(0, 200) long x; @range(0, 250) long y; @optional @min(5) float size; }; struct ShapeTypeExt : ShapeType { @unit(“meter”) long x; }; /* Service definition */ enum Command { START, STOP }; @service interface RobotControl { void command(Command com); float setSpeed(float speed) raises (TooFast); float getSpeed(); };
- 24. DDS Applications
- 26. Defense
- 27. Healthcare
- 28. Transportation
- 29. Run 24x7 Across Continents We selected Object Management Group (OMG) DDS standard for its high security rating; its wide support of tools and programming languages, and its reputation for performance, scalability, and 24/7 reliability Sid Koslow, Chief Technology Officer, NAV CANADA Air Traffic Control for Canada 2nd largest ANSP in the world 7 major centers
- 30. Siemens Wind Power Distributed Control • Wind turbine farms can include 500 turbines, 100m blades • Gust control across the array requires fast communications with dynamic, selective filtering • DDS enables large, distributed intelligent machines
- 31. Grand Coulee Dam • DDS controls the 6.8 GW Grand Coulee Dam • Largest power plant in North America • Fastest-responding major power source on the Western Grid • System live since Jan 2014
- 32. Audi Hardware-in-the-loop simulation • Audi hardware-in-the-loop simulation feeds realistic data to components for testing • The system offers plug-n-play between simulation vendor solutions • DDS software enables a modular test environment that scales to work with hundreds of devices
- 33. DDS deployed across Navy Systems • Most US and NATO Navy systems • Lockheed Aegis • Raytheon DDG 1000 • Raytheon SSDS • LCS (Lockheed and GDAIS) • Raytheon LPD-17 • Many more, US and allies • Highly distributed systems include radar, weapons, displays, controls • Standards-based, high-performance middleware breaks vendor lock-in, drives interoperability ,and future- proofs the architectural design
- 34. ©2017 Real-Time Innovations, Inc. GE Transportation GE Transportation freight and passenger locomotives require safe and reliable control, signaling, and communications The system is being developed using SysML, Simulink, and DDS
- 35. Security
- 36. Copyright © 2017 OMG. All rights reserved. 36 Example Threat Analysis Duke Energy Emerging Technology Office OpenFMB Cyber Security Overview
- 37. OpenFMB Case Study Node 3G, LTE, Wi-Fi, Fiber, Ethernet, RF ISM, or PLC Node Key Observations: 1. Single-Purpose Functions 2. Proprietary & Silo’ed systems 3. Latent , Error-prone Data 4. OT/IT/Telecom Disconnected 5. No Field Interoperability! UTILITY CENTRAL OFFICE Head End A Vendor A Solution Private Carrier R Head End C Vendor C Solution Public Carrier 900MHz ISM Enterprise Service Bus Head End B Vendor B Solution Proprietary Network R UTILITY CENTRAL OFFICE Head End A Head End B Head End C Enterprise Service Bus Open Field Message Bus Any Medium CIM DNP3 61850+CIM IoT Pub/Sub Key Observations: 1. Multi-Purpose Functions 2. Modular & Scalable HW&SW 3. End-to-End Situational Awareness 4. OT/IT/Telecom Convergence 5. True Field Interoperability! Sunspec Modbus C12.22 or CoAP MESA DNP3 61850 GOOSE
- 38. •Loss of power, small areas to wide scale •Loss of life •Safety and Security Issues •Failure of critical infrastructure operation •Masquerade / Takeover control applications •Control the Switch / Breaker / Recloser / Voltage Regulator / PCC •Spoof Status •Change Setpoints, Disable Protection •Drive Distributed Denial-of-Service attack (DDoS) 38 OpenFMB Case Study Copyright © 2017 OMG. All rights reserved.
- 39. © 2018 Object Management Group 39 Connected System - Ideal 39
- 40. Connected System - Real
- 41. © 2018 Object Management Group 41 Who Uses DDS Security • Military: • Avionics • Naval • Unmanned Vehicles • Ground Stations • Commercial: • IIoT Systems • Avionics • Automotive • Consumer Electronics • Energy Solutions / Smart Grid • Medical Devices
- 42. © 2018 Object Management Group 42 DDS Security Standard • DDS entities are authenticated • DDS enforces access control for domains/Topics/… • DDS maintains data integrity and confidentiality • DDS enforces non-repudiation • DDS provides availability through reliable access to data …while maintaining DDS interoperability & high performance
- 43. © 2018 Object Management Group 43 DDS Security: Plug-in Architecture • Standardized API • Interface between modules and DDS Security protocols • Modules may be Standard or Custom • Includes all aspects of secure communications • Standardized modules • Interoperable • Use common crypto algorithms Logging Plugin Authentication Plugin Access Control Plugin Cryptographic Plugin Standardized Plugin API Security
- 44. •Apply security policies •Integrity / Encryption / Access Controls •With fine grained controls •Individual Topics •Application Data, Discovery Data, Liveliness Data 44 DDS Security: Configurability © 2018 Object Management Group Periodic Data: Discovery Open, Data Integrity Control Data: Discovery Open, Data Encrypted Config Data: Discovery Encrypted, Data Encrypted
- 45. Conclusion
- 46. Why DDS ? Data-centric Naturally modular Naturally scalable Resiliency High reliability Maximum up-time Performance Minimum latency Maximum throughput Faster development SOA-like architecture Code re-use Standards based No vendor lock-in Future proof Security Built-in Security, Fine- Grained Access Ctrl
- 47. DDS and the Industrial Internet of Things • Reliability: Severe consequences if offline for 5ms (or 5 min) • Real-time: measure in ms or µs • Interface scale: 10+ applications/teams • Dataflow complexity: data has many destinations • Architecture: Next generation IIoT Deployed in 1000s of Systems Industrial IoT Systems Industries: Energy, Industrial Control, Transportation, Healthcare, Defense 3+ Yes?