DTN GoNoGo Phase I to II - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

DTN GoNoGo Phase I to II

Description:

Distribution Statement: Distribution Limited to DoD and DoD Contractors Only. Phase 1 ... Disruption Tolerant Networking ... FCS Vehicle, Ft. Benning 2006. 4 ... – PowerPoint PPT presentation

Number of Views:57
Avg rating:3.0/5.0
Slides: 27
Provided by: Mars194
Category:
Tags: dtn | gonogo | benning | fort | phase

less

Transcript and Presenter's Notes

Title: DTN GoNoGo Phase I to II


1
Disruption Tolerant Networking (DTN) Program
Phase 1 And Phase 2/3 Program 23 March 2006
Preston Marshal, Program Manager Preston.marshall_at_
darpa.mil 703-696-5273
2
Disruption Tolerant Networking (DTN)Program
Concept
End-to-end severely disrupted by one bad link
Custodian-to-custodian connections isolate
disrupted regions
DTNs Goal is to is to develop and demonstrate
technology that will provide network services in
the face of disruption and massive differences in
delay and bandwidth and to reduce demands on
network resources by integrating storage into the
network
3
Military Need
FCS Vehicle, Ft. Benning 2006
  • FCS Communications Position Reports Used as
    Measure
  • Highly Favorable Metric Used
  • Loss of 2 Successive (1 Sec Interval) Reports
    Considered as Disconnected

Wireless networks can be good for local connect,
but often cant reach back to infrastructure Local
storage caching can create access to
information after infrastructure connectivity
loss.
  • Relying on IP for tactical military networks is
    dangerous
  • Episodically connected military MANETs see rapid
    topology changes
  • Tactical radios know names, not destination
    addresses
  • Tactical/edge military networks may be a mix of
    IP and non-IP radios

4
All Bandwidth is Not Equally Important
  • Networks are not hierarchies of bandwidth, they
    are islands
  • Bandwidth within islands not as important as
    bandwidth between islands
  • DTN augmentation within islands provides major
    performance benefits between islands
  • Nodes can use local bandwidth to obtain DTN
    services, even if not on own node
  • Similar to DARPA
  • Highly reliable, high speed (1 Gigabit) from
    servers on campus
  • Several Megabits in and out to Internet

Bandwidth/Reliability
64 Kilobps Episodic Connectivity
GIG Fiber Core
Distance
10 Gigabps Highly Reliable Connectivity
DTN Can Augment Existing Networks without Being
Inserted into Topology
10 Megabps Highly Reliable Connectivity
Wireless Enclaves
5
DTN Network Persistence Can Solve Fundamental
Internet Application Shortfalls
  • DTN makes applications over disrupted networks
    robust
  • DTN is also an Opportunity to solve Fundamental
    Problems weve never before had a handle on,
    using Network-Managed Persistence
  • Access information by content or type rather than
    by network address
  • I want maps for my area instead of I want to
    ftp to 192.168.4.17
  • Retrieve once, provide to local users as
    requested
  • Learn from actual network usage
  • Exploit in-network storage/caches and pub/sub
    protocols to create a dynamic and self-forming
    Akamai
  • Use temporal security rather than physical
    security

Temporal Security Model
Time
6
Todays Network Push or Pull, Neither Optimal
Conventional Pull Copies to every requestor
Only those who ask, get but with delay N
requests use N times the bandwidth
Multicast Push Data goes to everyone
I need a map
I need a map
I need a map
I need a map
I need a map
Connected Network
I need a map
Connected Network
I need a map
I need a map
I need a map
I need a map
I need a map
Only one transfer, but data flows to everyone in
the multicast group, not necessarily when / where
the data is needed
I need a map
DTN Resolves Both Inefficiencies.. Pulls One
Time, Distributes Locally To Requestors
7
DTN Phase 1 Results
  • Demonstrated DTN v TCP with typical USMC wireless
    connectivity patterns (MITRE/CONDOR)
  • Demonstrated Network Delivery (BBN)
  • Demonstrated Trusted Delivery Resistance to
    DDoS (Lehigh)
  • Designed architecture intrinsic ability of DTN
    to operate to the extremes of the network without
    segmenting to match network characteristics
    meta-architecture (MITRE/JPL)
  • Potential to move this extensible framework to
    other building blocks of the network
  • Have to adapt Cisco/Nortel/Lucent/Juniper
    behaviors
  • Implemented Experimental Operating Wireless DTN
    (GaTech/UMass)

8
Demonstrated DTN v. TCP with USMC Wireless
Connectivity Patterns
INMARSAT terminal
Cisco 2811
KG-250
DTN
10 KByte File Transfers in 24 hours
Abandoned 10-KByte File Transfers in 24 hours
4000
140
user
Cisco 3725
EPLRS
3500
120
HTTP
HTTP
3000
CONDOR Gateway cable map
DTN
100
DTN
2500
80
2000
3580
..
DTN Is A Deployable Technology With Massive
Performance Benefits for DoD
115
60
1500
1000
40
500
20
368
0
0
0
Completed
Abandoned
Demonstrated that DTN is Useful Feasible, and
that DTN can be Transitioned to COTS-based
Military Systems
9
Phase 1 Go/NoGo Metric Demonstrate DTN Network
Performance in Disrupted Network Evaluation
Platform Hardware in the loop emulation of
actual DTN nodes
  • 100 Reliable Delivery with
  • 80 Utilization over
  • 20 Available Links

ACHIEVED
  • Link characteristics
  • capacity 19.2 kb/s
  • delay 5 ms
  • MTU 1480 bytes
  • Bundle traffic
  • size 2800 bytes
  • total originated 264
  • Network Transit
    time gt620ms
  • Link StateTransit time
    4.3s
  • Mean time between link transitions 5s
  • Run time 3600 s

DTN would have delivered all traffic given enough
time
For random link dynamics, at most 16 (out of 31)
bi-directional links were up at any time
Network changes faster than it updates.. never
static. IP would never have correct topology..
would fail in a conventional MANET
10
Delivered Bundles Vs. Path DistanceRun at 20
Target Availability Random Link Dynamics
  • Opportunistic Routing Found Ways to Deliver All
    Traffic, Regardless of Hops
  • TCP (End to End) Could Not Find Opportunities
  • End to End requires Complete Path be Available
  • End to End is Fundamentally Unsuited for Military
    Operations
  • 80 Links are only 20 Network Connected at 7
    Hops
  • 20 Links are 0.001 Network Connected at 7 Hops
  • End to End IP (Without TCP) Shares All these
    Issues

Delivery Performance for DTN and TCP
DTN
TCP End to End Transfer
11
Delivery Ratio Worst Case DynamicsDTN versus
End-to-End (E2E) Baseline
  • DTN Accomplished All Deliveries for
    Availabilities Above Go/NoGo Criteria
  • Would Complete All if Longer Duration created
    Opportunities
  • End to End Could Not Find Sufficient
    Opportunities in Any Disrupted Scenario
  • Failed Completely Below 50 Availability

DTN
End to End
12
Link Utilization Using DTN
  • DTN Effectively Used All Available Link Capacity
  • Network Was So Dynamic that End to End Would not
    be Aware of Opportunities to Use
  • Efficiency Decreases at High Availability, as
    More Overhead, and Early Completion of Transfers
  • Phase 2 Will Develop Technology to Adapt and Use
    both End to End and DTN Based on Which Would be
    Most Effective

13
Trusted Delivery GNG Metric ACHIEVED
Phase 1 Go/No Go Demonstrate Trusted Delivery
?
  • Demonstrate rejection of message from
    unauthenticated sender
  • Demonstrate authentication and forwarding of
    message from trusted sender
  • Demonstrate payload data encryption

?
?
DTN will not propagate Distributed
Denial-of-Service Attack DTN will Detect Reject
Fraudulent (Forged Address) Messages
14
Trusted Delivery GNG Metric ACHIEVED
Demonstrate rejection of message from
unauthenticated sender
  • Two sending nodes - one legitimate, one malicious
    - attempt to send a bundle in a network with the
    BAH feature enabled
  • The malicious node (M1) sends a bundle without
    the appropriate BAH to the forwarding node (N2)
  • Result N2 rejects the bundle - ACHIEVED
  • The legitimate sender (N1) sends a bundle with
    the appropriate BAH, allowing for successful
    authentication
  • Result N2 forwards the bundle to the
    destination (N3)

BAH Bundle Authentication Header
Security Perimeter
N1
N2
N3
M1
Should have been part of the Internet from the
beginning
15
Trusted Delivery GNG Metric ACHIEVED
Demonstrate 1.) Authentication and Forwarding
of Message From Trusted Sender and 2.) Payload
Data Encryption
  • N1 sends a bundle to N4 (thru N2) with only the
    BAH activated
  • The link between N2 and N3 is insecure, so policy
    at N2 requires payload data encryption
  • N2 encrypts the payload, adds the PSH, and
    becomes the PSH-source, with destination N4 the
    PSH-destination for the bundle
  • N4 receives the encrypted bundle from N3 (thru
    N2) and decrypts the message ACHIEVED

N3
N1
N2
N4
PSH-Source
PSH-Destination
BAH Bundle Authentication Header PSH Payload
Security Header Red Cleartext Black Ciphertext
DTN Enables Security Partitioning Based on
Traffic Policies Rather than Physical Topology
16
DTN System Architecture
Bundle Engine
API Legend
Protocol Composition API
Management API
Autoconfiguration/ Neighbor Discovery
Bundle Custody Transfer
Bundle Encryption
Bundle End-to-end Reliability
Bundle Flow/Congestion Ctl.
Bundle TBD Services
DTN Policy/Management
DARPA Routing Protocol
Environmental Awareness
DTNRG Routing Protocol
Other Routing Protocol
RoutingAPI
Configuration API
EnvironmentalAwareness API
Convergence Layer
Plug-ins/DLLs
Process Rendezvous
Single DTN Standard Will Be Extensible for
Commercial or Uniquely Structured Military Apps
Such As UAV Overflight, Sensor Nets, Tactical
Disruption
17
Technology for a Common Routing Structure with
Mission-Unique Algorithms
  • Wireless networks need diverse routing behaviors
  • Open Biggest Battery First (Battery-powered
    systems)
  • Use Advantaged Node Last (Transient aircraft
    nodes)
  • Open Least Tx Energy Path First (Energy-starved
    systems)
  • Open Least Used Reasonable Path First
    (Fairness)
  • Extend - dont replace - COTS products

Commercial World
DoD Infrastructure
DoD Sensor Field
minimal protocol set
Core/Interoperable
Core/Interoperable
Core/Interoperable
GIG-unique routing algo.
battery-aware routing algo.
UAV flight schedule
UAV flight schedule
Core/Interoperable
vendor-unique extension
Buy commercial, specialize to military
Color Legend
Commercial DTN Extension
IRG DTN Network Standard Core
Military DTN Extensions
18
DieselNetInitial Deployment May 2004
  • University DTN testbeds (GaTech/UMass) urban ops
    experiment with multipath and rapid topology
    change (route breakage)
  • Long-term 24/7 Experiment at Low Cost with Mobile
    nodes, sensors, and throwboxes analogs of
    tactical military wireless networks urbanrural
    manned vehicular

DieselNet routers in 40 busses in Amherst
19
Algorithmic Results
  • Knowledge management Uniform information
    dissem-ination and improvement of buffer usage
  • Resource management Virtual infrastructure with
    transport frames improves delivery rate in
    bottleneck scenarios
  • Opportunistic Routing SCaTR framework improves
    delivery rate and reduces signaling overhead
  • Reflective Route Planning First DTN routing
    algorithm based on formal reasoning technology
  • Flexible network simulation models with
    user-defined physical resource schedules

20
DTN Progressive Maturity
  • Integrate Push and Pull Metaphors
  • Cognitive Caching
  • Information Addressing (not Network Addressing)
  • Multiple Native Networks (JTIDS, IP, EPLRS, )
  • Initial Demo Board Implementation

Protected, High Performance DTN for Static
Applications with Store and Forward
Phase 1
  • Self-Organizing in Response to Network needs
  • Large Scale
  • Red/Black Management of Persistent Data

Phase 1 Protected, DTN for Medium Scale, Static
Applications with Caching and Distributed Query
Phase 2
Dynamically Self-Organized Organized, Secure
Local Store, Application Linkages, Proven
  • Demo in Military Scenario to Assess Utility
  • Implement in Longer term, non-Military
    Application for Operational Experience

Progressive Technology Development Resulting in
Proven and Deployable Product
Phase 3
  • Integrate into Military Networks
  • Implement in Longer term non-Military Application
    to Acquire Experience

21
Merging Information and Networking
  • Policy reasoning enable sophisticated queries
    over the network
  • I dont know exactly what Im looking for, but I
    know how to describe it
  • Late binding as a way of describing information
  • Dont have to know where information resides
    Google as a metaphor, not an overlay
  • Late binding can occur in the information domain,
    not only the addressing domain
  • Want to build a formal structure for persistence
    and networking, a structure for solving tactical
    problems
  • Analogous to akamai, but akamai is static.. In
    tactical networks must build our persistence
    architecture on the fly

22
Adaptation to Reflect Network Dynamics
  • DTN networks adapt to changing network topologies
  • Storage configures itself around paths thru the
    (intermittent) network
  • Self-forming Akamais for content distribution in
    response to network demands
  • Caching as a result of delay-bandwidth product
    discontinuities
  • Military Utility Reduce (eliminate?) burden of
    planning network deployment with unit deployment
  • Planning costs currently comparable to or greater
    than people and equipment costs
  • Network planning creates inertia/delay in
    deploying forces and reacting to unanticipated
    changes in the theatre
  • Avoid the Comms planning cycle!

23
Content-based Networking
  • Support push from core, pull from edge, and
    meet-in-the-middle content-based networking
  • Steinbet Users will pull data as needed instead
    of having massive amounts of information pushed
    to them regularly regardless of whether it is
    needed. .. a key tenet of net-centric warfare is
    that the consumers of information are smarter
    than their sources about what is needed
    operationally right now, and that they should be
    able to pull those data when they need it.
  • Enable users to subscribe to or query useful
    information services, and have data returned when
    theres a new event or query match
  • Edge networks can push data up into the network
  • Source analysis systems can query DTN storage for
    Wolfpack systems enables heterogeneous sensor
    data fusion
  • Distribute policies with bundles much of the
    flexibility of Active Networks without as much
    risk .. Update rules of engagement by
    disseminating policies thru DTN nets

24
Benefits of unifying networking and storage
  • Request information by content/type rather than
    by network address
  • I want weather for my area instead of I want
    to ftp to 192.168.4.17
  • Ability to cache rather than waste wireless
    bandwidth
  • Its way cheaper to store data rather than to
    transmit it again
  • Integrating push-pull metaphor
  • Pushing sends to everyone and wastes bandwidth,
    can pre-place data
  • Pulling serves a single user, same data requested
    multiple times wastes bandwidth, incurs large
    delays delays in disrupted networks
  • Akamai uses static caches in a wired network to
    mitigate bandwidth wastage and delay
  • DTN Push/Pull exploits DTN in-network storage
    (persistent caches) and pub/sub protocols to
    create a dynamic and self-forming akamai
  • Temporal security
  • Show the data as encrypted/unencryptd

25
A New Security Model
  • Red-black separation derives from the philosophy
    that the control center is protected once in
    the black, info is physically safe
  • With low-cost devices like WNaN, no longer true
  • How to deal with the loss of equipment at the
    tactical edge?
  • Information on this equipment is compromised with
    the equipment
  • How to change the security model to deal with
    equipment that cant be physically secured??
  • Rather than view red-black as physical
    separation, think temporal separation!
  • Keep data encrypted unless the application is
    processing it!
  • Encrypted data lives in local cache or edge
    network cache, decrypted by app
  • Use a DTN security convergence layer shim for
    apps .. Withdraw access by app by revoking cert
    or similar action.
  • DTN mechanism protects information keyboard to

    eyeball
  • Protection from app to app, not from node to node

Temporal Security Model
Time
26
Summary
  • Bigger Challenge!
  • Larger Funding!
  • Massive Need!
Write a Comment
User Comments (0)
About PowerShow.com