This document outlines a specification for adding security features to the Data Distribution Service (DDS) protocol. It discusses the status of the specification, scope of security features, potential threats, and requirements from a request for proposals. The specification will define security plugins for authentication, access control, cryptography, data tagging, and data logging to address threats like unauthorized data access, tampering, and insider threats. It also describes the security model and how DDS and RTPS protocols will support integrated security capabilities.
Revised Submission to the OMG Security RFP. Covers the plugin architecture and the proposed builtin plugins to provide Authentication, Access Control, Key Management, Confidentiality (Encryption), Message Authentication, and Auditing
The Industrial IoT depends on connectivity and information exchange. Much of the business value derives from the ability to have independent systems share information in order to derive knowledge, make "smart decisions", and offer behavior and functionality never before possible.
Many industrial systems were designed with a focus on reliability and safety at a time were implicit trust of all components and communication was the norm. Restricting physical access is currently the only practical method for protecting this existing critical infrastructure. This includes the electrical power grid, process control, transportation, or manufacturing systems. This is changing with increased connectivity to the Internet and personal computers as well as awareness of malicious insider threats. Many industrial systems are being (or want to be) connected to external networks using standard technologies like Ethernet and the Internet Protocol Suite (TCP/UDP/IP). These technologies make systems more functional and efficient, unfortunately they also open the critical infrastructure to cyber attacks.
New IIoT Systems are being designed with security as a key concern. New systems can leverage a solid set of security technologies and building blocks for Authentication, Cryptography, Integrity, etc. However these security technologies must be used correctly and in ways that do not disrupt the performance or access to the legitimate applications/devices, yet limit legitimate access to just the needed information (to minimize the insider threats) and denies access to all others. Adding to this difficulties the new systems need to co-exist and (securely) exchange information with the already-deployed legacy systems which were built without such security elements.
Secure DDS (a recent standard from the OMG) is a "secure connectivity middleware" technology that can be used to address these three needs: (1) Build modern secure IIoT systems, (2) Secure legacy Industrial systems being connected on the Internet, and (3) Securely bridge between new and legacy systems. Secure DDS extends the proven Data-Distribution Service (DDS) and Real-Time Publish-Subscribe Protocol (DDS-RTPS) standards with enterprise-grade authentication, encryption and fine-grained security controls while maintaining the peer-to-peer, robustness and scalability features (including secure multicast) that have made DDS a clear choice for critical infrastructure systems.
This presentation introduces the DDS Security specification and provide describe several use-cases that exemplify how these standards are deployed in real-world applications.
Interoperability demonstration between 6 different products that implement the OMG DDS Interoperability Wire Protocol (DDS-RTPS).
The demonstration took place at the March 2012 OMG technical meeting in Washington DC.
The following companies demonstrated interoperability between their products: RTI (Connext DDS). TwinOaks Computing (CoreDX), PrismTech (OpenSpliceDDS), OCI (OpenDDS), ETRI (ETRI DDS), IBM.
Revised Submission to the OMG Security RFP. Covers the plugin architecture and the proposed builtin plugins to provide Authentication, Access Control, Key Management, Confidentiality (Encryption), Message Authentication, and Auditing
The Industrial IoT depends on connectivity and information exchange. Much of the business value derives from the ability to have independent systems share information in order to derive knowledge, make "smart decisions", and offer behavior and functionality never before possible.
Many industrial systems were designed with a focus on reliability and safety at a time were implicit trust of all components and communication was the norm. Restricting physical access is currently the only practical method for protecting this existing critical infrastructure. This includes the electrical power grid, process control, transportation, or manufacturing systems. This is changing with increased connectivity to the Internet and personal computers as well as awareness of malicious insider threats. Many industrial systems are being (or want to be) connected to external networks using standard technologies like Ethernet and the Internet Protocol Suite (TCP/UDP/IP). These technologies make systems more functional and efficient, unfortunately they also open the critical infrastructure to cyber attacks.
New IIoT Systems are being designed with security as a key concern. New systems can leverage a solid set of security technologies and building blocks for Authentication, Cryptography, Integrity, etc. However these security technologies must be used correctly and in ways that do not disrupt the performance or access to the legitimate applications/devices, yet limit legitimate access to just the needed information (to minimize the insider threats) and denies access to all others. Adding to this difficulties the new systems need to co-exist and (securely) exchange information with the already-deployed legacy systems which were built without such security elements.
Secure DDS (a recent standard from the OMG) is a "secure connectivity middleware" technology that can be used to address these three needs: (1) Build modern secure IIoT systems, (2) Secure legacy Industrial systems being connected on the Internet, and (3) Securely bridge between new and legacy systems. Secure DDS extends the proven Data-Distribution Service (DDS) and Real-Time Publish-Subscribe Protocol (DDS-RTPS) standards with enterprise-grade authentication, encryption and fine-grained security controls while maintaining the peer-to-peer, robustness and scalability features (including secure multicast) that have made DDS a clear choice for critical infrastructure systems.
This presentation introduces the DDS Security specification and provide describe several use-cases that exemplify how these standards are deployed in real-world applications.
Interoperability demonstration between 6 different products that implement the OMG DDS Interoperability Wire Protocol (DDS-RTPS).
The demonstration took place at the March 2012 OMG technical meeting in Washington DC.
The following companies demonstrated interoperability between their products: RTI (Connext DDS). TwinOaks Computing (CoreDX), PrismTech (OpenSpliceDDS), OCI (OpenDDS), ETRI (ETRI DDS), IBM.
Multiple protocols have been positioned as “the” application-layer messaging protocol for the Internet of Things (IoT) and Machine-to-Machine (M2M) communication. In fact, these protocols address different aspects of IoT messaging and are complementary more than competitive (other than for mindshare). This presentation compares two of these protocols, MQTT and DDS, and shows how they are designed and optimized for different communication requirements.
Overview of the RPC over DDS specification (in-progress as the OMG). Significance to Industrial Internet applications. Significant to people migrating from a legacy CORBA system
Short summary of the OMG DDS-WEB specification. This recently adopted standard enables thin-client applications (e.g. JavaScript applications in a browser) to access the real-time data on a DDS Domain. Industrial Internet applications built using DDS can now have a REST API.
This presentation introduces the key concepts at the foundation of DDS, the data distribution service for real-time systems. Wether you are a new to DDS or a relatively experienced user, you'll find this presentation a good source of information.
Current implementation of Transport Security and Mandatory Access Controls for Data Distribution OMG Standard. A new Request for proposal has been issued at the OMG to make such implementation inter-operable.
The Data Distribution Service (DDS) is a standard for efficient and ubiquitous data sharing built upon the concept of a, strongly typed, distributed data space. The ability to scale from resource constrained embedded systems to ultra-large scale distributed systems, has made DDS the technology of choice for applications, such as, Power Generation, Large Scale SCADA, Air Traffic Control and Management, Smart Cities, Smart Grids, Vehicles, Medical Devices, Simulation, Aerospace, Defense and Financial Trading.
This two part webcast provides an in depth introduction to DDS – the universal data sharing technology. Specifically, we will introduce (1) the DDS conceptual model and data-centric design, (2) DDS data modeling fundamentals, (3) the complete set of C++ and Java API, (4) the most important programming, data modeling and QoS Idioms, and (5) the integration between DDS and web applications.
After attending this webcast you will understand how to exploit DDS architectural features when designing your next system, how to write idiomatic DDS applications in C++ and Java and what are the fundamental patterns that you should adopt in your applications.
DDS is a very powerful technology built around a few simple and orthogonal concepts. If you understand the core concepts then you can really quickly get up to speed and start exploiting all of its power. On the other hand, if you haven’t grasped the key abstractions you might not be able to exploit all the benefits that DDS can bring.
This presentation provides you with an introduction to the core DDS concepts and illustrates how to program DDS applications. The new C++ and Java API will be explained and used throughout the webcast for coding examples thus giving you a chance to learn the new API from one of the main authors!
DDoS Defense for the Hosting Provider - Protection for you and your customersStephanie Weagle
Distributed Denial of Service (DDoS) attacks are major threats to hosting providers as well as datacenter operators, and traditional game plans for protecting shared infrastructure should be revisited to better protect availability and allow hosting providers to potentially create incremental revenue streams. DDoS attacks can have a devastating impact on not only the customer under attack, but also on the hosting provider and other customers within the same shared network infrastructure.
The Object Management Group (OMG) Data Distribution Service (DDS) and the OPC Foundation OLE for Process Control Unified Architecture (OPC-UA) are commonly considered as two of the most relevant technologies for data and information management in the Industrial Internet of Things. Although several articles and quotes on the two technologies have appeared on various medias in the past six months, there is still an incredible confusion on how the two technology compare and what’s their applicability.
This presentation, was motivated by the author's frustration with reading and hearing so many mis-conceptions as well as “apple-to-oranges” comparisons. Thus to contribute to clarity and help with positioning and applicability this webcast will (1) explain the key concepts behind DDS and OPC-UA and relate them with the reason why these technologies were created in the first place, (2) clarify the differences and applicability in IoT for DDS and OPC-UA, and (3) report on the ongoing standardisation activities that are looking at DDS/OPC-UA inter-working.
By John Breitenbach, RTI Field Applications Engineer
Contents
Introduction to RTI
Introduction to Data Distribution Service (DDS)
DDS Secure
Connext DDS Professional
Real-World Use Cases
RTI Professional Services
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)zOSCommserver
Back in 2017, we introduced you to a new capability called z/OS Encryption Readiness Technology (zERT). zERT provides z/OS network security administrators the data they need to understand and assess the quality of the cryptographic protection being applied to their z/OS network traffic. This session will cover new zERT features that have been added, including the zERT Network Analyzer (a z/OSMF plugin), a healthy list of IBM and ISV products that consume zERT SMF data, some new configuration options, and a few hints and tips.
Multiple protocols have been positioned as “the” application-layer messaging protocol for the Internet of Things (IoT) and Machine-to-Machine (M2M) communication. In fact, these protocols address different aspects of IoT messaging and are complementary more than competitive (other than for mindshare). This presentation compares two of these protocols, MQTT and DDS, and shows how they are designed and optimized for different communication requirements.
Overview of the RPC over DDS specification (in-progress as the OMG). Significance to Industrial Internet applications. Significant to people migrating from a legacy CORBA system
Short summary of the OMG DDS-WEB specification. This recently adopted standard enables thin-client applications (e.g. JavaScript applications in a browser) to access the real-time data on a DDS Domain. Industrial Internet applications built using DDS can now have a REST API.
This presentation introduces the key concepts at the foundation of DDS, the data distribution service for real-time systems. Wether you are a new to DDS or a relatively experienced user, you'll find this presentation a good source of information.
Current implementation of Transport Security and Mandatory Access Controls for Data Distribution OMG Standard. A new Request for proposal has been issued at the OMG to make such implementation inter-operable.
The Data Distribution Service (DDS) is a standard for efficient and ubiquitous data sharing built upon the concept of a, strongly typed, distributed data space. The ability to scale from resource constrained embedded systems to ultra-large scale distributed systems, has made DDS the technology of choice for applications, such as, Power Generation, Large Scale SCADA, Air Traffic Control and Management, Smart Cities, Smart Grids, Vehicles, Medical Devices, Simulation, Aerospace, Defense and Financial Trading.
This two part webcast provides an in depth introduction to DDS – the universal data sharing technology. Specifically, we will introduce (1) the DDS conceptual model and data-centric design, (2) DDS data modeling fundamentals, (3) the complete set of C++ and Java API, (4) the most important programming, data modeling and QoS Idioms, and (5) the integration between DDS and web applications.
After attending this webcast you will understand how to exploit DDS architectural features when designing your next system, how to write idiomatic DDS applications in C++ and Java and what are the fundamental patterns that you should adopt in your applications.
DDS is a very powerful technology built around a few simple and orthogonal concepts. If you understand the core concepts then you can really quickly get up to speed and start exploiting all of its power. On the other hand, if you haven’t grasped the key abstractions you might not be able to exploit all the benefits that DDS can bring.
This presentation provides you with an introduction to the core DDS concepts and illustrates how to program DDS applications. The new C++ and Java API will be explained and used throughout the webcast for coding examples thus giving you a chance to learn the new API from one of the main authors!
DDoS Defense for the Hosting Provider - Protection for you and your customersStephanie Weagle
Distributed Denial of Service (DDoS) attacks are major threats to hosting providers as well as datacenter operators, and traditional game plans for protecting shared infrastructure should be revisited to better protect availability and allow hosting providers to potentially create incremental revenue streams. DDoS attacks can have a devastating impact on not only the customer under attack, but also on the hosting provider and other customers within the same shared network infrastructure.
The Object Management Group (OMG) Data Distribution Service (DDS) and the OPC Foundation OLE for Process Control Unified Architecture (OPC-UA) are commonly considered as two of the most relevant technologies for data and information management in the Industrial Internet of Things. Although several articles and quotes on the two technologies have appeared on various medias in the past six months, there is still an incredible confusion on how the two technology compare and what’s their applicability.
This presentation, was motivated by the author's frustration with reading and hearing so many mis-conceptions as well as “apple-to-oranges” comparisons. Thus to contribute to clarity and help with positioning and applicability this webcast will (1) explain the key concepts behind DDS and OPC-UA and relate them with the reason why these technologies were created in the first place, (2) clarify the differences and applicability in IoT for DDS and OPC-UA, and (3) report on the ongoing standardisation activities that are looking at DDS/OPC-UA inter-working.
By John Breitenbach, RTI Field Applications Engineer
Contents
Introduction to RTI
Introduction to Data Distribution Service (DDS)
DDS Secure
Connext DDS Professional
Real-World Use Cases
RTI Professional Services
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)zOSCommserver
Back in 2017, we introduced you to a new capability called z/OS Encryption Readiness Technology (zERT). zERT provides z/OS network security administrators the data they need to understand and assess the quality of the cryptographic protection being applied to their z/OS network traffic. This session will cover new zERT features that have been added, including the zERT Network Analyzer (a z/OSMF plugin), a healthy list of IBM and ISV products that consume zERT SMF data, some new configuration options, and a few hints and tips.
Four Keys to Securing Distributed Control Systems and the Industrial IoT
Originally aired November 13, 2014
View On-Demand now: http://event.on24.com/r.htm?e=879027&s=1&k=F51E9DE70EB5A3BA7A0ECB9FB2CFCB66&partnerref=rti
Control systems are at the core of critical infrastructure and industrial applications. These include the power grid, medical devices, manufacturing systems, transportation infrastructure, cars and defense systems.
Because of their essential role and the value of the information they exchange, these systems must be protected from both espionage and sabotage. This is becoming even more imperative as the enabling devices are increasingly connected into the Industrial Internet of Things to improve efficiency and availability.
Securing control systems is particularly challenging because security cannot come at the expense of other fundamental requirements, including reliability, real-time performance, autonomy and interoperability.
This webinar will introduce the new Data Distribution Service (DDS) Security standard, the first standard designed to address security for mission-critical real-time systems. It will review how the DDS standard provides authentication, confidentiality and access control while still satisfying demanding reliability and performance requirements. It will also show how DDS Security can be easily incorporated into existing systems regardless of whether or not they already use DDS.
Speaker: David Barnett, Vice President of Products and Markets
RCA OCORA: Safe Computing Platform using open standardsAdaCore
The railway sector is facing a major transition as it moves towards more fully automated systems on both the train and infrastructure side. This in turn, requires the development of appropriate, future-proof connectivity and IT platforms.
The Reference Control Command and Signalling Architecture (RCA) and Open Control Command and Signalling Onboard Reference Architecture (OCORA) have developed a functional architecture for future trackside and onboard functions. The RCA OCORA open Control Command Signalling (CCS) on-board reference architecture introduces a standardized separation of safety-relevant and non-safety-relevant railway applications and the underlying IT platforms. This allows rail operators to decouple the very distinct life cycles of the domains and aggregate multiple railway applications on common IT platforms.
Based on a Safe Computing Platform (SCP), the architecture accommodates a Platform Independent Application Programming Interface (PI API) between safety-relevant railway applications and IT platforms. This approach supports the portability of railway applications among IT platform realisations from different vendors.
Two of its authors will discuss the RCA OCORA architecture with emphasis on its safe computing framework. The talk will review the required operating system standards and the discuss the newly-released DDS Reference Implementation for Safe Computing Platform Messaging. While designed for rail, this architecture will have elements of interest for other industries.
Threat Modeling for the Internet of ThingsEric Vétillard
A presentation made in several public events in 2015 about the threats related to the Internet of Things, and how modeling can be used as a way to manage mitigation methods.
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
Dave Asprey, VP-Cloud Security of Trend Micro presented to members of the SDforum in Jan. 2011. This is an adapted version of is presentation which covers key considerations addressing data privacy concerns in the Cloud.
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that are being deployed to protect the safety and reliability of industrial control systems. Learn why the technology is truly unidirectional based on physics and different ways it can be used in SCADA and DCS.
Many practitioners find parts of the spectrum to be counter-intuitive. Further, some parts of the spectrum are straightforward to deploy, and others require that practitioners take some care to ensure that the results really are as strong as they should be. Technologies and techniques covered include unidirectional gateways, secure bypass, temporary/programmed gateway reversals, opposing gateways, secure remote access, and parallel operations and IT WANs.
Large-Scale System Integration with DDS for SCADA, C2, and FinanceRick Warren
Presentation to the OMG Real-Time Workshop in May 2010 on system integration patterns, especially (but not exclusively) with respect to OMG Data Distribution Service (DDS) technology.
View this webcast to learn how you can accelerate your security transformation from traditional SIEM to a unified platform for incident detection, investigation and advanced security analysis. Understand why organizations are moving to a true big data security platform where compliance is a byproduct of security, not the other way around. More via
http://bcove.me/d2e9wpd2
What's the Right Messaging Standard for the IoT?Angelo Corsaro
Different messaging and data sharing standards, such as AMQP, CoAP, DDS, MQTT, and REST have been proposed as candidate for addressing the data sharing challenges of the Internet of Things (IoT) and the Industrial Internet (I2).
In technical forums and social media there is no lack of passionate discussions that praise the merits of one standard over the other. Yet, to date, there are little or perhaps no analysis that look at the details of the different standards and perform an in depth, qualitative, analytic and empirical evaluation.
This presentation, will (1) introduce the key standards that are being proposed for the Internet of Things and the Industrial Internet, such as AMQP, CoAP, DDS, MQTT and REST, (2) present a qualitative comparison that highlights the different features provided by the various standards, (3) present an analytic comparison looking at the efficiency and scalability of the various protocols and (3) report the results of an empirical evaluation comparing the actual performances of the various standards.
Similar to OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submission) (20)
DDS Security Version 1.2 was adopted in 2024. This revision strengthens support for long runnings systems adding new cryptographic algorithms, certificate revocation, and hardness against DoS attacks.
From its first use case that enabled distributed communications for US Navy ships to the autonomous systems of today, the DDS family of standards has enabled new generations of applications to run reliably, rapidly and securely, regardless of distance or scale.
To commemorate the 20th year milestone, the DDS Foundation is creating presentations that highlight the 14 specifications in the DDS standard, along with selected real-world use cases.
This presentation introduces some of the original use-cases and experiments, along with a brief history of the Standards.
A recorded video of the presentation is available at this URL
https://www.brighttalk.com/webcast/12231/602966
Introduction to DDS: Context, Information Model, Security, and Applications.Gerardo Pardo-Castellote
Introduction to the Data-Distribution Service (DDS): Context and Applications.
This 50 minute presentation summarizes the main features of DDS including the information model, the type system, and security as well as how typical applications use DDS.
It was presented at the Canadian Government Information Day in Ottawa on September 2018.
There is also a video of this presentation at https://www.youtube.com/watch?v=6iICap5G7rw.
This Object Management Group (OMG) RFP solicits submissions identifying and defining mechanisms to achieve integration between DDS infrastructures and TSN networks. The goal is to provide all artifacts needed to support the design, deployment and execution of DDS systems over TSN networks.
The DDS-TSN integration specification sought shall realize the following functionality:
● Define mechanisms that provide the information required for TSN-enabled networks to calculate any network schedules needed to deploy a DDS system.
OMG RFP
● Identify those parts of the set of the IEEE TSN standards that are relevant for a DDS-TSN integration and indicate how the DDS aspects are mapped onto, or related to, the associated TSN aspects. Examples include TSN- standardized information models for calculating system-wide schedules and configuring network equipment.
● Identify and specify necessary extensions to the [DDSI-RTPS] and [DDS- SECURITY] specifications, if any, to allow DDS infrastructures to use TSN- enabled networks as their transport while maintaining interoperability between different DDS implementations.
● Identify and specify necessary extensions to the DDS and DDS- XML specification, if any, to allow declaration of TSN-specific properties or quality of service attributes.
A NEW ARCHITECTURE PROPOSAL TO INTEGRATE OPC UA, DDS & TSN.
Suppliers and end users need a complete solution to address the complexity of future industrial automation systems. These systems require:
• Interoperability to allow devices and independent software applications from multiple suppliers to work together seamlessly
• Extensibility to incorporate future large or intelligent systems
• Performance and flexibility to handle challenging deployments and use cases
• Robustness to guarantee continuity of operation despite partial failures
• Integrity and fine-grained security to protect against cyber attacks
• Widespread support for an industry standard
This document proposes a new technical architecture to build this future. The design combines the best of the OPC Unified Architecture (OPC UA), Data Distribution Service (DDS), and Time-Sensitive Networking (TSN) standards. It will connect the factory floor to the enterprise, sensors to cloud, and real-time devices to work cells. This proposal aims to define and standardize the architecture to unify the industry.
Technical overview of the DDS for Extremely Resource-Constrained Environments (DDS-XRCE) specification.
This specification was adopted by the OMG in March 2018.
Demonstrates interoperability of 5 independent products that implement the Data-Distribution Service (DDS) Security Standard
(https://www.omg.org/spec/DDS-SECURITY/).
Tests the following implementations: RTI Connext DDS, Twin Oaks Computing CoreDX DDS, Kongsberg InterComm DDS, ADLink Vortex DDS Cafe, and Object Computing Inc OpenDDS.
This demonstration was performed at the OMG Meeting held in Reston, VA, USA in March 2018
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkGerardo Pardo-Castellote
The benefits of Model-Based Systems Engineering (MBSE) and SysML are well established. As a result, users want to apply MBSE to larger and more complex Industrial IoT applications.
Industrial IoT applications can be very challenging: They are distributed. They deploy components across nodes spanning from small Devices to Edge computers to the Cloud. They often need mathematically-complex software. Moreover, they have strict requirements in terms of performance, robustness, and security.
SysML can model requirements, system components, behavior, interactions, and more. However, SysML does not provide a robust way to connect components running across different computers, especially when the security and quality of service of individual data-flows matter. SysML also does not provide all the tools needed to model and generate the (mathematical) code for complex dynamic systems.
A new “DDS + Simulink” MagicDraw SysML plugin has been developed to addresses these needs. It brings to MagicDraw users the capabilities of Connext DDS from RTI and Simulink from Mathworks:
The OMG Data-Distribution Service (DDS) is a secure and Qos-aware connectivity “databus”. DDS is considered the core connectivity framework for Software Integration and Autonomy by the Industrial Internet Consortium. Connext DDS is the leading implementation of the DDS standard, proven in 1000s of critical deployments.
Simulink is a tool for modeling and implementing the code needed for complex dynamic systems. It is widely deployed in many application domains including Automotive, Robotics, and Control Systems.
The new MagicDraw plugin defines a “DDS profile” for SysML that can model a distributed application connected using the DDS databus. The plugin can also generate the artifacts that configure the DDS databus (Topics, Data Types, Qos, etc.) and the adapters to Simulink and native code (e.g. C++ or Java).
By integrating three best-of class technologies: SysML, DDS and Simulink it is now possible to do MBSE for a wide range of Industrial IoT applications.
One of the most important challenges that system designers and system integrators face when deploying complex Industrial Internet of Things (IoT) systems is the integration of different connectivity solutions and standards. At RTI, we are constantly working to accelerate the Industrial IoT revolution. Over the past few years, we have developed standard connectivity gateways to ensure that DDS systems can easily integrate with other core connectivity frameworks.
This year, we developed a standard OPC UA/DDS Gateway, a bridge between two of the most well-known Industrial IoT connectivity frameworks. We are excited to announce that the gateway was just adopted by the Object Management Group (OMG).
In this webinar, we will dive deeper into the importance of choosing a baseline core connectivity standard for the Industrial IoT and how to ensure all system components are fully integrated. Attendees will also learn:
How the OPC UA/DDS Gateway specification was developed and how it works
How to leverage the Gateway to enable DDS and OPC UA applications to interoperate transparently
About the first standard connectivity gateway released with RTI Web Integration Service in Connext DDS 5.3
Gateways are a critical component of system interoperability and we will keep working to help companies accelerate Industrial IoT adoption.
This is the Beta 1 version of the OPC UA / DDS Gateway specification released by the Object Management Group in March 2018.
This specification defines a standard, vendor-independent, configurable gateway that enables interoperability and information exchange between systems that use DDS and systems that use OPC UA.
Data Distribution Service (DDS) is a family of standards from the Object Management Group (OMG) that provide connectivity, interoperability, and portability for Industrial Internet, cyber-physical, and mission-critical applications.
The DDS connectivity standards cover Publish-Subscribe (DDS), Service Invocation (DDS-RPC), Interoperability (DDS-RTPS), Information Modeling (DDS-XTYPES), Security (DDS-SECURITY), as well as programing APIs for C, C++, Java and other languages.
The OPC Unified Architecture (OPC UA) is an information exchange standard for Industrial Automation and related systems created by the OPC Foundation. The OPC UA standard provides an Addressing and Information Model for Data Access, Alarms, and Service invocation layered over multiple transport-level protocols such as Binary TCP and Web-Services.
DDS and OPC UA exhibit significant deployment similarities:
• Both enable independently developed applications to interoperate even when those applications come from different vendors, use different programming languages, or run on different platforms and operating systems.
• Both have significant traction within Industrial Automation systems.
• Both define standard protocols built on top of the TCP/ UDP/IP Internet stacks.
The two technologies may coexist within the same application domains; however, while there are solutions that bridge between DDS and OPC UA, these are based on custom mappings and cannot be relied to work across vendors and products.
This is the DDS-XRCE 1.0 Beta specification adopted by the OMG March 2018.
The purpose of DDS-XRCE is to enable resource-constrained devices to participate in DDS communication, while at the same time allowing those devices to be disconnected for long periods of time but still be discoverable by other DDS applications.
DDS-XRCE defines a wire protocol, the DDS-XRCE protocol, to be used between an XRCE Client and XRCE Agent. The XRCE Agent is a DDS Participant in the DDS Global Data Space. The DDS-XRCE protocol allows the client to use the XRCE Agent as a proxy in order to produce and consume data in the DDS Global Data Space.
Demonstrates interoperability of 5 independent products that implement the Data-Distribution Service (DDS) Security Standard
(https://www.omg.org/spec/DDS-SECURITY/).
Tests the following implementations: RTI Connext DDS, Twin Oaks Computing CoreDX DDS, Kongsberg InterComm DDS, ADLink Vortex DDS Cafe, and Object Computing Inc OpenDDS.
Demonstrates interoperability of 3 independent products that implement the Data-Distribution Service (DDS) Security Standard
(https://www.omg.org/spec/DDS-SECURITY/).
Tests the following implementations: RTI Connext DDS, Twin Oaks Computing CoreDX DDS, and Kongsberg InterComm DDS.
This specification provides the following additional facilities to DDS [DDS] implementations and users:
* Type System. The specification defines a model of the data types that can be used for DDS Topics. The type system is formally defined using UML. The Type System is de- fined in section 7.2 and its subsections. The structural model of this system is defined in the Type System Model in section 7.2.2. The framework under which types can be modi- fied over time is summarized in section 7.2.3, “Type Extensibility and Mutability.” The concrete rules under which the concepts from 7.2.2 and 7.2.3 come together to define compatibility in the face of such modifications are defined in section 7.2.4, “Type Com- patibility.”
* Type Representations. The specification defines the ways in which types described by the Type System may be externalized such that they can be stored in a file or communi- cated over a network. The specification adds additional Type Representations beyond the
DDS-XTypes version 1.2 1
one (IDL [IDL41]) already implied by the DDS specification. Several Type Representa- tions are specified in the subsections of section 7.3. These include IDL (7.3.1), XML (7.3.2), XML Schema (XSD) (7.3.3), and TypeObject (7.3.4).
* Data Representation. The specification defines multiple ways in which objects of the types defined by the Type System may be externalized such that they can be stored in a file or communicated over a network. (This is also commonly referred as “data serializa- tion” or “data marshaling.”) The specification extends and generalizes the mechanisms already defined by the DDS Interoperability specification [RTPS]. The specification in- cludes Data Representations that support data type evolution, that is, allow a data type to change in certain well-defined ways without breaking communication. Two Data Repre- sentations are specified in the subsections of section 7.4. These are Extended CDR (7.4.1, 7.4.2, and 7.4.3) and XML (7.4.4).
* Language Binding. The specification defines multiple ways in which applications can access the state of objects defined by the Type System. The submission extends and gen- eralizes the mechanism currently implied by the DDS specification (“Plain Language Binding”) and adds a Dynamic Language Binding that allows application to access data without compile-time knowledge of its type. The specification also defines an API to de- fine and manipulate data types programmatically. Two Language Bindings are specified in the subsections of section 7.5. These are the Plain Language Binding and the Dynamic Language Binding.
This specification defines the Security Model and Service Plugin Interface (SPI) architecture for compliant DDS implementations. The DDS Security Model is enforced by the invocation of these SPIs by the DDS implementation. This specification also defines a set of builtin implementations of these SPIs.
* Authentication Service Plugin. Provides the means to verify the identity of the application and/or user that invokes operations on DDS. Includes facilities to perform mutual authentication between participants and establish a shared secret.
* AccessControl Service Plugin. Provides the means to enforce policy decisions on what DDS related operations an authenticated user can perform. For example, which domains it can join, which Topics it can publish or subscribe to, etc.
* Cryptographic Service Plugin. Implements (or interfaces with libraries that implement) all cryptographic operations including encryption, decryption, hashing, digital signatures, etc. This includes the means to derive keys from a shared secret.
* Logging Service Plugin. Supports auditing of all DDS security-relevant events Data Tagging Service Plugin. Provides a way to add tags to data samples.
This document specifies the OMG Interface Definition Language (IDL). IDL is a descriptive language used to define data types and interfaces in a way that is independent of the programming language or operating system/processor platform.
The IDL specifies only the syntax used to define the data types and interfaces. It is normally used in connection with other specifications that further define how these types/interfaces are utilized in specific contexts and platforms.
This the the formal version 1.0 of the DDS Security specification released September 2016. OMG document number formal/2016-08-01.
DDS-Security defines the Security Model and Service Plugin Interface (SPI) architecture for compliant DDS implementations.
The DDS Security Model is enforced by the invocation of these SPIs by the DDS implementation. This specification also defines a set of builtin implementations of these SPIs.
* The specified builtin SPI implementations enable out-of-the box security and interoperability between compliant DDS applications.
* The use of SPIs allows DDS users to customize the behavior and technologies that the DDS implementations use for Information Assurance, specifically customization of Authentication, Access Control, Encryption, Message Authentication, Digital Signing, Logging and Data Tagging.
This specification is a response to the OMG RFP "eXtremely Resource Constrained Environments DDS (DDS- XRCE)"
It defines a DDS-XRCE Service based on a client-server protocol between a resource constrained, low-powered device (client) and an Agent (the server) that enables the device to communicate with a DDS network and publish and subscribe to topics in a DDS domain. The specifications purpose and scope is to ensure that applications based on different vendor’ implementations of the DDS-XRCE Service are compatible and interoperable.
This is the Joint submission by RTI, TwinOaks, and eProsima. Updated September 2017, OMG document number mars/2017-09-18.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.