cyber_systems.pdf

Luca Pezzarossa - 2021
16/48 DTU Compute, Technical University of Denmark
Embedded systems overview
• Embedded computing systems
– Computing systems embedded within electronic
devices
– Hard to define -- nearly any computing system
other than a desktop computer
– Billions of units produced yearly, versus millions of
desktop units
– Perhaps 50 per household and per automobile
Example: Auto-focus cameras, Temperature
controller, Washers and dryers

Common characteristics
of embedded systems
• Single-functioned
– Executes a single program, repeatedly
• Tightly-constrained
– Low cost, low power, small, fast, etc.
• Reactive and real-time
– Continually reacts to changes in the system’s environment
– Must compute certain results in real-time without delay

Design challenge: optimizing design metrics
• Common metrics:
– Unit cost: the monetary cost of manufacturing each copy of the system,
excluding NRE cost
– NRE cost (Non-Recurring Engineering cost): The one-time monetary cost
of designing the system
– Size: the physical space required by the system
– Performance: the execution time or throughput of the system
– Power: the amount of power consumed by the system
– Flexibility: the ability to change the functionality of the system without
incurring heavy NRE cost
– Time-to-prototype: the time needed to build a working version of the system
– Time-to-market: the time required to develop a system to the point that it
can be released and sold to customers
– Maintainability: the ability to modify the system after its initial release
– Correctness, safety, many more…

Data representation
and operations
Byte=Octet=8-bits=10111000
bit is binary digit, 0/1

Converting Binary (2’s C) to Decimal
• If leading bit is one, take two’s complement to get a positive number
• Add powers of 2 that have “1” in the
corresponding bit positions
• If original number was negative,
add a minus sign
n 2n
0 1
1 2
2 4
3 8
4 16
5 32
6 64
7 128
8 256
9 512
10 1024
X = 01101000two
= 26+25+23 = 64+32+8
= 104ten
Assuming 8-bit 2’s complement numbers
0 ,1 ,flip+1,

More examples
n 2n
0 1
1 2
2 4
3 8
4 16
5 32
6 64
7 128
8 256
9 512
10 1024
Assuming 8-bit 2’s complement numbers
X = 00100111two
= 25+22+21+20 = 32+4+2+1
= 39ten
X = 11100110two
-X = 00011010
= 24+23+21 = 16+8+2
= 26ten
X = -26ten

Converting Decimal to Binary (2’s C)
1. Find magnitude of decimal number (always positive)
2. Divide by two – remainder is least significant bit
3. Keep dividing by two until answer is zero,
writing remainders from right to left
4. Append a zero as the MS bit;
if original number was negative, take two’s complement
X = 104ten 104/2 = 52 r0 bit 0
52/2 = 26 r0 bit 1
26/2 = 13 r0 bit 2
13/2 = 6 r1 bit 3
6/2 = 3 r0 bit 4
3/2 = 1 r1 bit 5
X = 01101000two 1/2 = 0 r1 bit 6

Sign Extension
• To add two numbers, we must represent them
with the same number of bits
• If we just pad with zeroes on the left:
• Instead, replicate the MS bit -- the sign bit:
4-bit 8-bit
0100 (4) 00000100 (still 4)
1100 (-4) 00001100 (12, not -4)
4-bit 8-bit
0100 (4) 00000100 (still 4)
1100 (-4) 11111100 (still -4)
Positive add 0
Negative add -1

Hexadecimal Notation
• It is often convenient to write binary (base-2) numbers
as hexadecimal (base-16) numbers instead
– fewer digits -- four bits per hex digit
– less error prone -- easy to corrupt long string of 1’s and 0’s
Binary Hex Decimal
0000 0 0
0001 1 1
0010 2 2
0011 3 3
0100 4 4
0101 5 5
0110 6 6
0111 7 7
Binary Hex Decimal
1000 8 8
1001 9 9
1010 A 10
1011 B 11
1100 C 12
1101 D 13
1110 E 14
1111 F 15

Models and languages
How can we precisely capture behavior?
We may think of languages (C, C++, Java, etc),
but computation model is the key
Computation models describe system behavior
Conceptual notion: recipe, sequential program, etc.
Languages capture models
Concrete form: English, C, etc.

Common computation models
• Sequential program model
– Statements, rules for composing statements, semantics for
executing them
• Communicating process model
– Multiple sequential programs running concurrently
• State machine model
– For control dominated systems, monitors control inputs,
sets control outputs
• Dataflow model
– For data dominated systems, transforms input data streams
into output streams
• Object-oriented model
– For breaking complex software into simpler, well-defined pieces
execute a list of statements one of the other
can have while, branches
Streaming video/audio
Simplify very big code with the abstraction of the objects.

FSM formal definition
• An FSM is a 6-tuple <S, I, O, F, H, s0>
– S is a set of all states {s0, s1, …, sl}
– I is a set of inputs {i0, i1, …, im}
– O is a set of outputs {o0, o1, …, on}
– F is a next-state function (S x I → S)
– H is an output function (S → O or S x I → O)
– s0 is an initial state
• Moore-type
– Associates outputs with states (as given above, H maps S → O)
• Mealy-type
– Associates outputs with transitions (H maps S x I → O)
• FSMs use only Boolean data types and operations, no variables
Outputs are set in each state
Set states on the arrows
conditions

Finite-state machine
with datapath (FSMD) model
• FSMD: 7-tuple <S, I, O, V, F, H, s0>
– S is a set of states {s0, s1, …, sl}
– I is a set of inputs {i0, i1, …, im}
– O is a set of outputs {o0, o1, …, on}
– V is a set of variables {v0, v1, …, vn}
– F is a next-state function (S x I x V → S)
– H is an action function (S → O + V or S x I → O + V)
– s0 is an initial state
• I, O, V may represent complex data types
– (integers, floating point, etc.)
• F, H may include arithmetic operations
• H is an action function, not just an output function
– outputs + variable updates
FSMD extends FSM
with complex data
types and variables
for storing data
Moore Mealy
Complete system state
now consists of
current state S, and
values of all variables
Example: GCD calculation

FSMD block diagram
The FSMD computational model is a mathematical abstraction
that describes a computing systems behavior and functionality as:
– a controller: which controls the program flow
– a datapath: performs data processing operations
Datapath inputs
Controller Datapath Variables
Datapath outputs
Control
inputs
Status signals
Control
signals

Operations, instructions, and conditions
The datapath:
– performs operations on the set of variables depending on the
control signals
– a series of operations is called instruction
– generates the status signals, by evaluating conditions
on the variables and returning Boolean values
Datapath inputs
Controller Datapath Variables
Datapath outputs
Control
inputs
Status signals
Control
signals
X
Y

Test 1: simple Mealy FSMD
• No interaction with the external environment
• Two variables: var_A and var_TH
• After initialization, in each cycle, var_A is decremented by 1 if greater than
the threshold var_TH and incremented by 1 if smaller than var_TH
• When var_A is equal to var_TH, the FSMD terminates its execution
INITIALIZE
DONE
True / init_A init_TH
A_equal_TH / NOP
A_greater_TH /
decr_A
True / NOP
COMPUTE
TH_greater_A /
incr_A

Test 2: Moore FSMD for GCD calculation
INITIALIZE
TEST
FINISH
init_A init_B
BMINA
B_minus_A
A_greater_B
NOP
AMINB
A_minus_B
NOP
B_greater_A
A_equal_B
True
True
True
True
• FSMD calculates the greatest common divisor between two numbers
provided as input during initialization using Euclidian algorithm
• Two inputs: in_A and in_B
• Two variables: var_A and var_B
• When the execution is complete, both the variables contain the calculated
greatest common divisor
Euclidian algorithm
var_a = in_a
var_b = in_b
while var_a ≠ var_b
{
if var_a > var_b
var_a := var_a − var_b;
else
var_b := var_b − var_a;
}

24
Pre-Process
Compile
Link
Modifies the original program
according to the directives that start
with #. Involve straight substitution. It
processes include-files and macros.
Involves the process of combining
multiple object files to produce on single
executable file.

65
Compile
Type-checking
Compilationphases

Luca Pezzarossa (Presenter: Prof. Jan Madsen) - 2021
Next lectures
How can the computer hardware execute a certain
computation task?
• Processor
– Digital circuit that performs a
computation tasks
– Controller and datapath
– General-purpose: variety of
computation tasks
– Single-purpose: one particular
computation task
• A single-purpose processor may be:
– Fast, small, low power
– But, high NRE, longer
– time-to-market, less flexible
Microcontroller
CCD
preprocessor
Pixel coprocessor
A2D
D2A
JPEG codec
DMA controller
Memory controller ISA bus interface UART LCD ctrl
Display ctrl
Multiplier/Accum
Digital camera chip
lens
CCD
Non-recurring engineering cost
medium high unit cost
Non-recurring engineering (NRE) cost refers to the one-time cost to
research, design, develop and test a new product or product enhancement.
Time-to-market: it is the time between when the team starts work and when
the first unit is sold.
Processor consists of two main components:
CPU
Ex CSP circuit to nd GCD

CMOS transistor for digital circuits
• Complementary Metal Oxide Semiconductor
• We refer to logic levels
– Typically 0 is 0V, 1 is 5V (or 3.3V or 1.8V)
• Two basic CMOS types
– nMOS conducts if gate=1
– pMOS conducts if gate=0
– Hence “complementary”
gate
source
drain
nMOS
Conducts
if gate=1
gate
source
drain
pMOS
Conducts
if gate=0

Basic logic gates
F = x y
AND
F = (x y)’
NAND
F = x y
XOR
F = x
Driver
F = x’
Inverter
(NOT)
x F
F = x + y
OR
F = (x+y)’
NOR
x F
x
y
F
F
x
y
x
y
F
x
y
F
x
y
F
F = x y
XNOR
F
y
x
x
0
y
0
F
0
0 1 0
1 0 0
1 1 1
x
0
y
0
F
0
0 1 1
1 0 1
1 1 1
x
0
y
0
F
0
0 1 1
1 0 1
1 1 0
x
0
y
0
F
1
0 1 0
1 0 0
1 1 1
x
0
y
0
F
1
0 1 1
1 0 1
1 1 0
x
0
y
0
F
1
0 1 0
1 0 0
1 1 0
x F
0 0
1 1
x F
0 1
1 0

CMOS transistor implementations
• Basic gates
– Inverter, NAND, NOR
x F = x'
1
Inverter
0
F = (xy)'
x
1
x
y
y
NAND gate
0
1
F = (x+y)'
x y
x
y
NOR gate
0
F = (x y)’
NAND
F = x’
Inverter
x F
F = (x+y)’
NOR
x
y
F
x
y
F
x
0
y
0
F
1
0 1 1
1 0 1
1 1 0
x
0
y
0
F
1
0 1 0
1 0 0
1 1 0
x F
0 1
1 0

Two types of logic
• Combinational logic
– The outputs of the circuit depend only on the actual inputs
– No memory
– Used for computation
• Sequential logic
– The outputs of the circuit depend on the actual inputs
and on the previous values of the output
– Implements memory
– Uses a clock signal

General-purpose processor
• General-Purpose Processor
– Processor designed for a variety of computation tasks
– Low unit cost, in part because manufacturer spreads NRE over large
numbers of units
• Very large market
• Can yield good performance, size and power
– Low NRE cost, short time-to-market/prototype, high flexibility
• User just writes software; no processor design
– a.k.a. “microprocessor” – “micro” used when they were implemented
on one or a few chips rather than entire rooms
Performance depends on CPU, medium power
Ex microcontroller
Programmable device

Basic architecture
• Control unit and
datapath
– Note similarity to
single-purpose
processor
• Key differences
– Datapath is general
– Control unit doesn’t
store the algorithm
– The algorithm is
“programmed” into
the memory
Processor
Control unit Datapath
ALU
Registers
IR
PC
Controller
Memory
I/O
Control
/Status

Memory
• Contains data and
instruction
• Can be written or read
by the processor
• Organized in memory
locations addressable
with an unique address
Similar to an array, where
the index correspond to the
memory address
Processor
Control unit Datapath
ALU
Registers
IR
PC
Controller
Memory
I/O
Control
/Status

Control unit
• Control unit: configures the
datapath operations
– Sequence of desired operations
(“instructions”) stored in
memory – “program”
• Instruction cycle – broken into
several sub-operations:
– Fetch: Get next instruction into
IR
– Decode: Determine what the
instruction means
– Fetch operands: Move data from
memory to datapath register
– Execute: Move data through
the ALU
– Store results: Write data from
register to memory
IR=CIR=Current instruction
register
Program counter= IAR=Instruction
address register

Instruction-set architecture
• The instruction-set architecture is basically machine
language, it defines the set of elementary commands that
a processor is able to perform
• It defines everything a machine language programmer
needs to know in order to program a computer
opcode operands
Instruction
C compiler Assembler
opcode operands
add $2, $4, $2

Instruction-set architecture
• Describes the instructions the CPU can execute
• Instruction types:
– Arithmetic and logic
– Data transfer
– Control and flow
R3 = R0 - R1
R3 R0 R1
operands
opcode
SUB
Memory
Jump

Software development process
Compiler
Linker
C File C File Asm. File
Binary File Binary File Binary File
Exec. File
Assembler
Library
Implementation Phase
Debugger
Profiler
Verification Phase
Which time
consuming much time
or power

• Memory can be implemented with different technologies
• Memory technologies have vastly different trade-offs between
capacity, access latency, bandwidth, energy, and cost.
Memory technology
Flash memory is an electronic non-volatile computer memory
storage medium that can be electrically erased and
reprogrammed. Flash memory cards contain flash memory on a
removable device instead of a chip.
Slow
Fast
very expensive

Cache Memory
• Memory access may be slow
• Cache is small but fast memory close
to processor
– Holds copy of part of memory
– Hits and misses
• Use fast small memory close to the
processor and slow large memory
far from the processor
Processor
Memory
Cache
Fast/expensive technology,
usually on the same chip
Slower/cheaper technology,
usually on a different chip
RAM Memory CPU

Instruction set architecture

• Control a physical system output by setting the system input
• For example:
– Controlling the temperature of a room…
… by acting on a heating/cooling element
– Perturbation: thermal dissipation/absorption
Introduction
Controller Physical system
Sensor
On/off
Physical system input
(Heating/cooling element)
System output
(temperature)
Desired input
(temperature)
Perturbation
Room
+
-
rt et vt
Tracking error:
et = rt - Vt
ut
depending on the
error, make a choice

Tracking
• Control systems aim to track the system output to the reference
input (desired output)
• The system output is affected by perturbations (or disturbances)
graph

Open-loop and close-loop control
• Control a physical system output by setting the system input
• Two types of controllers: open-loop and closed-loop
• Open-loop controller: not measuring the controlled parameter
• Close-loop controller: using the measure of the controller
parameter as feedback
Thermostat
Toaster
You can select power
and time, go certain
power at certain time.

Other characteristics of open-loop
• Feed-forward control
• Delay in actual change of the output
• Controller doesn’t know how well thing goes
• Simple
• Best use for predictable systems
No measuring, so no back ways for data to go

Close-loop control systems (more later)
• Sensor: measure the plant output (actual speed)
• Error detector: detect error (subtraction)
• Control systems with feedback
• Aim: minimize tracking error

General control system
• Objective
– Causing output to track a reference even in the presence of:
Measurement noise
Model error
Disturbances
• Metrics
– Stability
Output remains bounded
– Performance
How well an output tracks the reference
– Disturbance rejection
– Robustness
Ability to tolerate modeling error of the plant

Universal PID controller
• Off-the-shelf controller (analog or digital)
• Largely used for process control in many
industrial (and non) applications
• 3 parameters to tune:
– P: proportional
– I: integral
– D: derivative

Proportional controller (P)
• A controller that multiplies the tracking error by a constant
– ut = P ∙ (et)
• P affects:
– Transient response (how fast the controller reacts)
• Pꜛ -> Faster response
• Faster response vs. oscillation
– Steady state error
• Pꜛ -> Steady state errorꜜ
Figures source: http://reference.wolfram.com/language/example/PIDControllerArchitectures.html
Action is proportional to the error
Fast system react
Steady state error
P controller will always end up with steady state error
Response

Proportional/Derivative controller (PD)
and consider the variation of the error over time
– ut = P ∙ et + D ∙ (et - et-1)
• Intuitively:
– Want to “push” more if the error is not reducing fast enough
– Want to “push” less if the error is reducing really fast
• D affects:
– Oscillation
– Overshot
– Rate of convergence
• Still steady state error
Heat more
Heat less
D try to compress the oscillation,
because when you oscillate, error
changes fast.

Proportional/Integral controller (PI)
and sums up the error over time
– ut = P ∙ et + I ∙ (e0 + e1 + … + et)
• Sum up error over time
• Error history may be limited to a certain interval (windup)
• I affects:
– Oscillation
– Rate of convergence
– Steady state converge
• Steady state error
– Ensure reaching desired output
The sum will become very high,
so push more

PID controller
• Proportional/Integral/Derivative controller
– ut = P ∙ et + I ∙ (e0 + e1 + … + et) + D ∙ (et - et-1)
• The parameters P, I, and D
need to be tuned to achieve the
desired behavior
• Analytically deriving P, I, D may
not be possible
– Physical model not available, or
to costly to obtain
Figures source:
http://reference.wolfram.com/lang
uage/example/PIDControllerArchit
ectures.html
Not response fast enough
Big state error
Oscillation

PID tuning
P affects:
- Transient response
- Stability vs. oscillation
I affects:
- Oscillation
- Rate of convergence
D affects:
- Oscillation
- Overshot
- Rate of convergence
Figure source: https://en.wikipedia.org/wiki/PID_controller

Fall 2021 5
Basic Network Concepts
A computer network is a set of nodes connected by
communication links.
Nodes may be:
End systems, on which applications can run
Communication nodes, which just pass data
with the purpose of transmitting, exchanging or
sharing data and resources.
Ex. Laptops, Smart
phones
Ex. Routers, Bridges,
wireless access
points

Fall 2021 6
Types of Computer Network
Computer networks are often classified into:
Local Area Networks (LAN): Size up to a few kilometers,
typically covering a building, company or institution.
Wide Area Networks (WAN): Large geographical
coverage, perhaps world-wide.
Metropolitan Area Networks (MAN): Covering a town or
other relatively large area.

A distributed system is a computing environment in which various
components are spread across multiple computers (or other computing
devices) on a network. These devices split up the work, coordinating their
eﬀorts to complete the job more eﬃciently than if a single device had
been responsible for the task.

Fall 2021 8
Concepts of Layering
Layer N offers a service (a set of facilities) to its
“users” in the layer above, layer (N+1).
The service offered by layer N builds on the facilities
offered by the layer below, layer (N-1).
Added value offered by layer N is achieved by exchange
of messages following a set of rules characteristic for
that layer: the (N)-protocol. Example:
Layer (N-1) offers an insecure service where data may be
overheard by intruders.
(N)-protocol specifies that messages sent via the (N-1)-
service must be encrypted using secret key encryption.
Layer N offers a secure, confidential service.

Fall 2021 9
(N+1)-
Layer
(N)-
Layer
(N-1)-
Layer
Concepts of Layering (2)
Exchange controlled
by (N)-protocol
(N+1)-
entity
(N+1)-
entity
(N)-layer offers
(N)-service
System A System B
(N)-
entity
(N)-
entity
(N)-layer uses
(N-1)-service

Fall 2021 10
OSI Reference Model
Physical
Direct support to application processes
(File transfer, e-mail, transactions,…)
End-to-end transfer of data
(End-to-end error, sequence & flow control)
Transfer of data between arbitrary systems
(Routing, multiple subnets, flow control)
Transfer of data between directly connected
systems (Error, sequence & flow control)
Signalling on physical medium
Data Link
Network
Transport
Session
Presentation
Application
Organisation of dialogues
(Synchronisation points, token control)
Transformation to suitable syntactic form
(Character sets, data structures,…)
MEDIUM (cable, fibre, wireless,…)
Open System Interconnection model
The OSI model is a conceptual model
that characterises and standardises
the communication functions of a
telecommunication or computing
system without regard to its
underlying internal structure and
technology.
The session layer manages the
connection between two
communicating endpoints.https://
www.google.com/amp/s/
www.techtarget.com/
searchnetworking/definition/

Fall 2021 11
Internet Layered Architecture
A simplified model, with OSI Upper Layers reduced to
a single layer:
Application
Transport
Network
Data Link
Physical
systems
Signalling on physical medium

Fall 2021 13
Services
Service describes what facilities are offered by a layer
viewed as a “black box”, for example:
Sequence preservation
Freedom from error
Connection-orientation
Simplex/duplex/multiplex operation
Security
Service does not tell us how these features are
achieved.

Fall 2021 14
Are the “data units” received by the receiver(s) the
same size as those sent by the sender?
Message(/block-) oriented services:
Stream-oriented services:
Data unit synchronisation
Service
Service
Clip
anywhere
Data synchronization is the process of establishing
consistency among data from a source to a target data
storage and vice versa and the continuous harmonization
of the data over time.

Fall 2021 15
Connection-mode services
Users have to establish a logical channel between
one another before they can exchange actual data.
Simple example: Telephone service.
Advantages:
Administrative info. such as full address of destination,
security parameters, etc., only needs to be exchanged when
connection is being set up.
Gives a “context” for the subsequent exchange of messages,
making it possible to keep track of lost or misordered
messages during a conversation.
Disadvantages:
Inefficient if only a small amount of data to be exchanged.

Fall 2021 16
Connectionless-mode services
No connection set up before exchange of data.
Each message is sent independently of the others.
Simple example: Postal service.
Advantages:
Less administration if small amount of data.
May be faster: No need to wait for delivery of predecessors.
Disadvantages:
All administrative info. has to be carried round in all
messages, as the service has no memory of previous
messages (stateless service).
No guarantee of delivery in right order.
No guarantee of delivery at all (“send-and-pray”).

Fall 2021 17
N-plex services
Simplex service: Transfers messages in one direction
only through logical or physical channel.
Duplex service: Messages can pass between two
parties in both directions.
Half-duplex: Only one direction at a time.
Full duplex: Both directions at once.
Multiplex service: Many users can use the logical or
physical channel, via some sharing mechanism. E.g.:
Frequency-division multiplexing: Use different frequencies
(radio, TV, optical,…)
Time-division multiplexing: Share the available time between
the users.
physical channel: optical fiber, cable
Logical channel: Provide services
for the Medium Access Control
(MAC) layer within the LTE protocol
structure.
Cable television, in which many television channels are carried simultaneously
on a single cable.
It allows the division of the overall time domain into
various fixed length time slots. A frame is transmitted
at a time that is composed of one unit of each source.
https://electronicscoach.com/time-division-
multiplexing.html

Fall 2021 18
Security
Typical aims of a secure service are to ensure:
Confidentiality: Protection of information in transit
from being picked up by unauthorised parties.
Integrity: Protection of information in transit from
being modified by alteration, deletion, replaying or
insertion of new messages.
Authentication: Correct identification of the origin
of a message or electronic document.
Non-repudiation: Protection against the sender or
receiver denying that a message was transferred
between them.
Availability: Protection against service being
denied to authorised users.

Fall 2021 19
Quality of Service (QoS)
Summarises quantitative properties of a service:
Throughput (bits/unit time)
Delay (for connection setup, transfer, connection release)
Reliability (in connection setup, transfer, connection release)
Resilience (probability of unrequested disconnection)
Error rate (BER, RER)
Protection against intruders (passive, active,…)
Priority (in delivery, in maintaining service quality)
Throughput is the rate of successful message delivery over a
communication channel.

Fall 2021 21
Protocols
Specify rules for how to provide the desired service:
Rules of procedure: Which messages to exchange in
response to events occurring at the interface to the layer or
internally (e.g. timeout).
Message formats: Format and encoding of messages to be
transferred between the parties involved.
OSI notation:
Service Data Unit (SDU): A message supplied by a user
of a service.
Protocol Data Unit (PDU): A message exchanged
between two or more parties as part of a protocol.

Fall 2021 22
Protocol Control Information (PCI)
Information used to control the exchange of PDUs
according to the rules of the protocol, such as:
Identification of source and destination of PDU.
Sequence numbers used to detect lost or misordered PDUs.
Checksums used to detect corrupted PDUs.
Timestamps used to detect outdated PDUs.
Security-related information.
An administrative PDU (e.g. acknowledgement for
receipt of data) may consist just of PCI.
In a Data PDU, PCI is added as a header and/or
trailer to (part of) an SDU supplied by the user.

Fall 2021 23
Embedding of layered PDUs
In a layered architecture, PCI will be added in each
layer. Simple case:
Application data
APDU
TPDU
NPDU
DPDU
User
A
T
N
D
Layer
SDU

Fall 2021 25
Internet Protocols
In the OSI model:
Application
Transport
Network
Data Link
Physical
FTP, SMTP, HTTP, POP, NNTP,...
TCP, UDP
IP
systems
Physical signalling on the medium
(wire or fibre)
FTP: File transfer protocol
SMTP: Simple mail transfer protocol
POP: Post oﬃce protocol
HTTP: Hypertext transfer protocol, communication
between web browsers and web servers

Fall 2021 26
Internet Protocol (IP)
Implements a connectionless-mode, full duplex,
stream service for data transfer between arbitrary
systems.
Can offer point-to-point or multicast service.
Available in two versions:
Version 4 (IPv4), described in Internet RFC791.
• Identifies systems by 32-bit addresses.
Version 6 (IPv6), described in RFC1883 and RFC2373.
• Identifies systems by 128-bit addresses.
• Offers improved facilities for dealing with different traffic
classes, security, etc.
No connection set up before exchange.
Messages can pass between two parties in both directions at once.
Stream service ex: Unlike downloaded media, IPTV oﬀers the ability to stream the source media
continuously. As a result, a client media player can begin playing the content (such as a TV
channel) almost immediately. This is known as streaming media.
Multicast and broadcast service is a point-to-multipoint
communication scheme where data packets are transmitted
simultaneously from a single source to multiple destinations.

Fall 2021 27
IP Addresses
An IP address identifies a system (network interface)
IPv4: 32 bits, written as 4 dec. numbers, each
representing 8 bits, e.g.: 130.225.76.44
IPv6: 128 bits, written as 8 hex. numbers, each
repres. 16 bits: ff:aec1:0:0:0:ffff:fffe:1
Hexadecimal

Fall 2021 28
Internet Names
A name identifies a system (network interface),
independently of its geographical position.
No fixed length, structure reflects the administrative
domains responsible for allocating the name:
www.rfc-editor.org
hobbits.middle_earth.net
esmeralda.imm.dtu.dk
stop.it
Most significant
Least significant
Mapping between names and addresses maintained
by Domain Name Service (DNS).
Information inserted into and retrieved from DNS by
using DNS A-layer protocol to contact DNS server.
With this name you can not reach the
destination, but this name allows you to look
up its IP address.
Internet name -> DNS
IP <- DNS

Fall 2021 29
Transmission Control Protocol
TCP implements a connection-mode, full duplex,
stream service for point-to-point data transfer
between arbitrary processes.
Multiple flows of data between given source and
dest. IP addresses distinguished by port numbers.
Source Destination

Fall 2021 30
TCP Ports
Port numbers lie in range [0..65535].
Subintervals of range are used for specific purposes:
[0..1023] Assigned for use by servers for standard
Internet applications, e.g.:
• 25: SMTP
• 53: DNS
• 80: HTTP.
Only use assigned ports for their assigned purpose!
[1024..49151] Can be registered with Internet Application
Naming Authority (IANA) for use with specific applications.
See www.iana.org for details.
[49152..65535] Freely available for use, for example when
ports have to be dynamically allocated.

Fall 2021 7
Application Layer protocols
Are based on a (more or less reliable) Transport
service — in the Internet, typically provided by TCP
or UDP.
May support various ways of organising an
application. Common examples:
Peer-to-peer: Two or more participants with equal status.
Client/server: Two participants. One party (server) offers
services to the other (client).
Grid: Very large number of parties offer services, and
system will find the most appropriate one.
Agent-based: Several parties collaborate in an “intelligent”
way.
Client
Messenger, you -> server -> others
Even though one node dies in the network, it does not mean anything.

Fall 2021 8
Client/server Systems
A popular paradigm for design of distributed systems:
Processes acting as Servers offer to perform
services for processes acting as Clients.
Most simple Internet applications rely on a Client/server
architecture.
Client Server
Client/server
protocol
Why so popular?
Client/server is distributed analogue of the Object
Oriented programming paradigm: The server is an
object whose methods can be invoked by the client.
Most applications are programmed using object-oriented programming. Client/server model match this kind of
programming very well. Because you can see server as a object on which you can call methods. The servers is
some entity leaves somewhere in the world, you see it as alive on your machine, then you write .send .get etc, so
you are calling the method on that object(server), actually this method is executed somewhere else in the world, we
consider everything are living inside our machine.

Fall 2021 9
Internet Client/server protocols
Well-known examples of Internet A-layer protocols following the
Client/server paradigm are:
SMTP RFC821 Simple Mail Transfer Protocol
Transfers mail to recipient’s mailbox.
POP3 RFC1939 Post Office Protocol, version 3
Retrieves mail from mailbox.
NNTP RFC977 Network News Transfer Protocol
Retrieves news from news service.
FTP RFC959 File Transfer Protocol
Transfers files.
TELNET RFC854 Virtual Terminal protocol
Uniform handling of diverse terminals.
DNS RFC1034,
RFC1035
Domain Name Service
Registers/finds IP-addresses corresponding to names.
HTTP RFC2616 Hypertext Transfer Protocol
Retrieves documents from WWW.
LDAP RFC2251 Lightweight Directory Access Protocol
Lookup service for properties of objects..
LDAP

Fall 2021 11
Simple Mail Transfer (SMTP)
A simple A-protocol using the Client/server paradigm.
Involves a dialogue between Client and Server:
HELO goofy.dtu.dk
250 design.dilbert.org
MAIL FROM <bones@goofy.dtu.dk>
250 OK
RCPT TO <grass@design.dilbert.org>
250 OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
From: Alfred Bones <bones@goofy.dtu.dk>
To: Donald Grass <grass@design.dilbert.org>
Date: 21 Aug 2000 13:31:02 +0200
Subject: Client exploder
Here are the secret plans for the client
etc. etc.
.
250 OK
Client
Server
You Mail server
newline.newline
The client’s domain name
Equivalent to say ‘Hello, my name
is goofy.dtu.dk’
The client and the server start a concise “conversation”. The client
uses commands to tell the server what to do and transfer data, like
the sender’s domain, the sender’s email address, the recipient’s
email address, and the email’s content. For each command, the
server responds with a reply such as 250 OK.

Fall 2021 14
Mail Extensions
SMTP (like many other Internet A-layer protocols)
uses ASCII encoding for all messages:
Message types and contents are expressed as sequences of
characters from the US ASCII character set.
Simple SMTP clients and servers can only deal with a
single message body in ASCII text.
Extensions are required in order to deal with:
Texts in languages with non-English letters (æþêçü...)
Non-text documents, such as images, video or audio.
Multi-part documents
Standard set of extensions: MIME
(Multipurpose Internet Mail Extensions)
SMTP protocol like several other protocols. They only support
text, so the communication between you and the server is only
text- based, in specific is ASCII-based.

Fall 2021 15
MIME Encoding
A way of encoding chunks of data (MIME entities)
which contain non-ASCII characters.
Originally defined for use with SMTP, but now also
used in other contexts.
Each entity encoded as a header followed by a body.
Header is made up of one or more header fields:
Content-type of body: text, image, video, audio,
possibly with subtype and/or parameters giving more
detailed specification.
Content-transfer-encoding describing way in which
body is encoded in addition to what is implied by type.
Content-id for referring to entity.
Content-description of entity in plain text.

Fall 2021 20
HTTP, version 1.1
A Client/server protocol for handling Web documents.
Client is (typically) integrated into Web browser.
Server is a Web server, somewhere in Cyberspace…
Conversation between Client and Server consists of a
sequence of exchanges, in each of which:
Client sends a Request which:
• Identifies a resource, by giving a file name on the server.
• Specifies an action (“method”) to be performed on it.
• Optionally gives details of rules to be followed in carrying
out the action.
Server replies with a Response which gives status and
possibly further explanation of what has happened.
Webpage hypertext
The conversation is initiated by
the client, so the sever can not
initiate itself.
the file

Fall 2021 21
HTTP Client/server exchanges
Simple example:
Client sends Request:
GET http://www.w3.org/pub/WWW/xy.html HTTP/1.1
Server sends Response:
HTTP/1.1 200 OK
<html>
<header><title>Progress on XY</title>
</header>
<body>
…
</body>
</html>
Method HTTP version
Uniform Resource Identifier (URI)
File name
Protocol+Server
Content
of
resource
Status
Small dialogue than SMTP
Path +file name+file extension

Fall 2021 28
HTML
HyperText Markup Language:
Describes the structure of a document in terms of
standard elements, such as:
Document titles
Sections with headers, paragraphs.
Lists (with numbers, bullets, descriptors) and tables
Hyperlinks to other web pages, images, video clips, etc.
Scripts which generate text, images, etc. when executed
Gives hints about the intended appearance of the
displayed document:
Font family, style, size and colour
Alignment of elements (left, right, centred…)

Fall 2021 30
JSON
JavaScript Object Notation:
Light alternative to XML
Text-based data-interchange format
Language independent
Based on a subset of the JavaScript programming
language
Easy to understand, manipulate and generate
uses human-readable text to store and
transmit data
It was derived from JavaScript, but many modern
programming languages include code to generate and parse
JSON-format data.
If you wanna transfer temperature from a computer to another
computer
u: Data->text
The other guy need to know the conversion(JSON) of this transform and
then get out of the data

Fall 2021 7
Switched Ethernet
Path between sender and receiver is set up
dynamically in a switch:
If path can be set up, full bandwidth of medium is
available between the two nodes.
Contention only for simultaneous transmissions to
same destination.

Fall 2021 8
Wireless LAN
Important technology, allowing mobility.
Three basic setups:
(a) Basic: single Access Point (AP)
(b) Extended: multiple APs
(c) Ad hoc (peer-to-peer): no AP
Router
Node
There is a wired line and there
are multiple access points and
they all broadcast on the
same network with same
name. Every room has its own
access point.
Every node is both AP and
node.

Fall 2021 9
Communication nodes
Communication nodes typically implement OSI layers up to and
including the Network layer:
Comm. nodes are responsible for accepting PDUs on incoming
link, routing to an outgoing link and transmitting on outgoing link.
Radio wave/Optical fiber etc.
Append all the
protocol control
information
encapsulate an email
with SMTP protocol
encapsulate further
encapsulate further
encapsulate further
encapsulate
further
encapsulate
further
encapsulate
further
Decapsulate to a
point where you
can look at the IP
address, and then
it will be forward to
the next
Every node that you encounter
actually looks into the header of
your packet up to a certain
layer
Encap
sulate
again
in
order
to be
sent
out
Mainly two types of comm. nodes router
and bridge

Fall 2021 10
Routers
Implement layers up to (at least) Network layer.
Can choose a suitable route for sending an incoming
PDU on to its destination.
May be able to filter off irrelevant or unsuitable
traffic, for example:
Traffic which has taken too long time to cross the network.
Traffic from known unreliable sources.
Traffic on incoming links not “matching” the claimed source
address.
Traffic to destinations or applications which do not want it.
Traffic which misuses the protocols in some way.
Look at the IP address, so they route your package
depending on the IP address.
is not
connected
to the
router

Fall 2021 11
Implement layers up to Data Link layer.
Are used to connect segments within a given
network.
Bridges
D
Ph Ph
MEDIUM
Segment 2
MEDIUM
Segment 1
Typical functions:
Adaptation between different conventions used for signalling in
Physical layer in different segments.
Filtering to remove traffic which does not need to cross the
bridge to reach destination. (Note: not really routing!)
Bridge between two diﬀerent networks like Ethernet and
Wireless LAN. If so, the bridge change the medium from a
wire to radio. To do this, you do not need to see the IP
address, you only stop at the Data link layer.

Fall 2021 22
Data in each direction is considered as a potentially
unlimited stream of octets (bytes).
Position of a given octet in stream is given by a
sequence number.
Each PDU from A to B contains:
Seq.no.
Acknowledgment
Credit value
TCP operation
It uses some kind of agreement between the two parties so that no
packet is lost and all packets are delivered in order.

Fall 2021 23
TCP operation
Each PDU from A to B contains:
Seq.no. ns (modulo 232 ) of first octet of data in PDU.
Acknowledgment ackr , expressed as seq.no. modulo 232
of next octet expected from B. (This acknowledges receipt
of all octets up to (ackr - 1) from B.)
Credit value Wr , giving no. of octets which A is willing to
receive from B. Wr is often known as receive window
size.

Fall 2021 24
TCP PDU
Only one format,
flags are used to
distinguish types of
PDU.
Typically a PDU
from an Application
layer protocol.

Fall 2021 25
TCP operation:
3-way handshake
Send back a packet
saying okay, I
acknowledged your
SYN packet, and x+1 ,
and a random y.
Send okay, I
acknowledged, and
x+1 , and a random
y+1.
Send a packet and a
Random number

Fall 2021 26
TCP operation:
handshake + request a file

Fall 2021 27
TCP operation:
request a file on open connection
If the connection is already open, you do not need to redo the handshake
at the beginning.

Fall 2021 28
TCP operation:
packet loss and retransmission
Retransmit everything P1P2P3

Fall 2021 29
TCP operation:
closing connection
A sequence number

Fall 2021 32
User Datagram Protocol
Transport protocol in the TCP/IP suite
Provides unreliable datagram service:
Packets may be lost or delivered out of order
Users exchange datagrams (not streams)
Connection-less
Not buffered -- UDP accepts data and transmits immediately (no buffering
before transmission)
Full duplex -- concurrent transfers can take place in both directions
Source Destination
A message of defined size

cyber_systems.pdf

Recommended

Recommended

More Related Content

Similar to cyber_systems.pdf

Similar to cyber_systems.pdf (20)

Recently uploaded

Recently uploaded (20)

cyber_systems.pdf