You name it, we analyze it

•Download as PPTX, PDF•

0 likes•539 views

With the ever increasing number of networking protocols, it can be difficult for vendors, integrators, and end-users to determine how well different products and systems perform in real-world networking situations. Each protocol has their own method of defining traffic streams and message structures. Packet analyzers, like Wireshark, have been developed to interpret individual network packets and can perform rudimentary analysis of traffic streams for well-known packet types. Analyzing industrial protocols usually requires much more massaging of the data and in many cases requires a user to do much of the work by hand. This session will present a method to break-down industrial traffic streams into the core components necessary to analyze their performance. By identifying a few key fields in each protocol, a user can define their own method to identify individual traffic streams and analyze their performance.

Technology

You Name It,
We Analyze It!
Jim Gilsinn
Kenexis Consulting Corporation

You Name It, We Analyze It!

1

Industrial Network Types & Metrics:
Publish/Subscribe

• Publish/subscribe or peer-to-peer communications
• Main performance metric: Cyclic frequency variability/jitter
• Real-time EtherNet/IP™ uses publish/subscribe
• Requested/Accepted Packet Interval (RPI/API)
• Measured Packet Interval (MPI)
You Name It, We Analyze It!

2

Industrial Network Types & Metrics:
Publish/Subscribe
Subscriber

TSub_Com_Init

Publisher

TPub_Com_Init
TPub_1
TPub_2

TSub_M

.
.
.

• Difference between
TPub_Com_Init & TSub_Com_Init
is network roundtrip delay
• TPub_Com_Init, TSub_Com_Init
not important
• Variability in TPub much
more important
• Theoretically, TPub doesn’t
need to match Tsub

TPub_N-1
TPub_N
You Name It, We Analyze It!

• In production systems,
they are the same

3

Performance Testing Methodology:
Performance Metrics

• Command/response or master/slave communications
• Main performance metric: Latency
• Large numbers of protocols use this
• Most (All?) PC-based server/client protocols – HTTP(S), (S)FTP, etc.
• Most industrial protocols – Modbus/TCP, Profinet, Ethercat, etc.
You Name It, We Analyze It!

4

Industrial Network Types & Metrics:
Command/Response
Commander

TCom_Delay_1

Responder

TRes_1

• Difference between
TCom_Delay & TRes is
network roundtrip delay
• Latency in TCom & TRes
important

TCom_1
TCom_Delay_2

TRes_2

TCom_2

You Name It, We Analyze It!

5

Isolating Traffic Streams
• Isolating traffic streams can be tricky
• 10’s – 100’s of traffic streams in production environment
• Your Wireshark Fu must be strong!
• Usually requires additional post-processing
• Multiple streams can exist between same devices

You Name It, We Analyze It!

6

Isolating Traffic Streams
• Traffic pairs
•
•
•
•

Source IP/MAC address
Destination IP/MAC address
Source TCP/UDP port
Destination TCP/UDP port

• Publish/Subscribe
• Communication stream ID
• Sequence number (optional)

• Command/Response
• Command message/field
• Response message/field
• Message ID (optional)
You Name It, We Analyze It!

7

Test Time vs. Packet Interval
Measured Packet Interval (ms)

~62 sec test
Mean MPI = 2ms
Min ~ 1.2
Max ~ 2.9

Test Time (s)

You Name It, We Analyze It!

8

Time Plot for Command/Response

Regular Pattern to Delayed Packets
Regular Pattern of Minimal Delayed Packets

You Name It, We Analyze It!

9

Command/Response Timing Plots
• Quick succession of command/response packets
• Minimal delay in command/response sequence
• Apparently large delay in a single packet
• Example: Rockwell tag reads

Delay Until Next Time Sequence
Quick Succession Read Commands
You Name It, We Analyze It!

10

Next Steps
• Streamline traffic stream processing
• Develop better command/response code
• Build more mathematical statistical models
• Add graphical modeling of time & frequency domain
• Add more industrial protocols and obtain example files
•
•
•
•
•

Modbus
Profinet
DNP3
61850
And others…
You Name It, We Analyze It!

11

Questions
• Contact Me
•
•
•
•
•
•

Jim Gilsinn
301-706-9985 or 614-323-2254
jim.gilsinn@kenexis.com
Twitter – @JimGilsinn
LinkedIn – http://www.linkedin.com/in/jimgilsinn/
SlideShare – http://www.slideshare.net/gilsinnj

You Name It, We Analyze It!

12

What's hot

The intellectual property stored in your SCM system comprises your company’s most valuable assets. How do you keep those assets safe from threats inside and outside your organization? This session by Charlie McLouth, Director of Technical Sales at Perforce, and Mark Bennett, Vice President at Interset, will give you a deep dive into how Perforce Helix keeps your assets safe, including real-world scenarios of Interset's Threat Detection. You’ll hear how Interset Threat Detection applies advanced behavioral analytics to user activities to proactively surface threats to the IP stored in the Helix Versioning Engine. You’ll also hear how Helix’s fine-grained permissions model provides unified security policies that govern access-control based on LDAP authentication and contextual information such as IP address of the client or file paths.

Protecting Your IP with Perforce Helix and Interset

Perforce

Free training on NCM - Discovery & Disaster recovery

ManageEngine, Zoho Corporation

Validating Next Generation CPUs

DVClub

Understanding Hacker Tools and Techniques: A live Demonstration

EnergySec

Chapter08

Muhammad Ahad

Daniel Cross, Electronics Engineer

Daniel Cross

HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise

AdaCore

Network and server performance monitoring training

ManageEngine, Zoho Corporation

Hwee Ming Ng, Red Hat, Abhilash Vijayakumary, Red Hat Telco over Cloud is rapidly changing the telecommunications industry landscape by introducing cloud computing, virtualization paradigms and software approaches already in use and mature in traditional IT environments. While designing the cloud solutions for telco infrastructure understanding its information security risks and mitigation strategies are critical. Legacy approaches are inadequate, this session intends to help the operators to build and approach a telco cloud solution with the right cloud security knowledge. In this session we intend to explain the principle technologies of telco cloud based systems and strategies for safeguarding/classifying data, ensuring privacy and ensuring compliance with regulatory agencies for telco operators. We will also describe the role of encryption in protecting data and specific strategies for key management as well as how to select an appropriate solution to specific business requirements which are in well alignment with cloud based business continuity / disaster recovery strategies. We will also compare baseline and industry standard best practices by doing risk assessments of existing and proposed cloud-based environments. Additionally, presentation will focus on specific technologies like virtual firewalls, security zones, virtual tenant networks and their mapping to various use cases/challenges which an operator faces while designing the telco cloud.

Securing your telco cloud

OPNFV

22 лютого відбувся Embedded Webinar #17 “Low-level Network Testing in Embedded Devices Development” від спікера Сергія Корнієнка. Під час вебінару ми говорили на такі теми: - Підхід до низькорівневого тестування мережевих протоколів; - Інструменти, які можна використати в реальних проєктах; - Знайдені баги та способи знаходження корневих причин на прикладі реального R&D проєкту. Відео та деталі заходу: https://bit.ly/embedded_webinar_17 Приєднатись до спільноти: https://www.facebook.com/groups/EmbeddedCommunity Відкриті Embedded-позиції у GlobalLogic: https://bit.ly/Embedded_Positions

Embedded Webinar #17 "Low-level Network Testing in Embedded Devices Development"

GlobalLogic Ukraine

IEEE Buenaventura cs Chapter March 9 2016 v4

Sailaja Tennati

sree profile

srihari p

Presented by: Chris Sistrunk, Entergy Abstract: IT folks have been doing it for years – building labs to test new products before rolling them out – but the concept is still rather revolutionary to most practitioners of SCADA security. Yet the benefits of a lab are many, including training staff and solving real-world problems by replicating and attacking them in the relatively low-risk lab environment. But how do you pitch this (not inexpensive) idea in a way that gets organizational buy-in? And if your organization is just too small, what are the factors to considering when using a third-party lab? Hear ideas and ask questions of someone who evolved his organization’s capabilities from one small lab to five complete labs.

Come See What’s Cooking in My Lab

EnergySec

The Cortex-A15 Verification Story

DVClub

Vp ns

Ayano Midakso

Network security and reliability are the most challenging tasks in any cloud. With NFV and SDN in place, Network Functions are virtualzied and network traffic is managed in separated control and data planes. Thus reducing the operational and capital expenditure. Virtualized Network Functions are tied with Software Defined Networks to boost the power of virtualization. This itself is challenging when Network services and security is a concern. While OpenStack is the best opted solution for IaaS, many service provides are moving towards best solutions to deal with service delivery and security challenges in SDN and NFV integrated OpenStack Cloud. The Presentation outlines the challenges and proposes probable solutions for NFV and SDN integrated OpenStack Cloud.

Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions

Trinath Somanchi

Enterprise Network Monitoring Software by ServicePilot

ServicePilot

Virtual Private Network

Greater Noida Institute Of Technology

DHS ICS Security Presentation

guest85a34f

Software Defined Network - SDN

Venkata Naga Ravi

What's hot (20)

Protecting Your IP with Perforce Helix and Interset

Free training on NCM - Discovery & Disaster recovery

Validating Next Generation CPUs

Understanding Hacker Tools and Techniques: A live Demonstration

Chapter08

Daniel Cross, Electronics Engineer

HIS 2015: Prof. Mark Little - Open Source Challenges in the Enterprise

Network and server performance monitoring training

Securing your telco cloud

Embedded Webinar #17 "Low-level Network Testing in Embedded Devices Development"

IEEE Buenaventura cs Chapter March 9 2016 v4

sree profile

Come See What’s Cooking in My Lab

The Cortex-A15 Verification Story

Vp ns

Securing NFV and SDN Integrated OpenStack Cloud: Challenges and Solutions

Enterprise Network Monitoring Software by ServicePilot

Virtual Private Network

DHS ICS Security Presentation

Software Defined Network - SDN

Viewers also liked

A Child Like Approach to Grid Cybersecurity

Robert M. Lee

Wireshark Network Protocol Analyzer

Jim Gilsinn

The 4horsemen of ics secapocalypse

Christiaan Beek

SANS ICS Security Survey Report 2016

Derek Harp

Presented @ Emerson Exchange October 7, 2014 Industrial control systems (ICS) are large information technology (IT) systems. Office IT systems, failure of ICS can cause plant outages and even physical damage. Management of ICS needs to be different and smarter. IT vendors frequently recommend patches and configuration changes. Most have no impact to the ICS, which cannot implement changes in real time. ICS typically get one chance every few years to make changes - the turnaround. This paper describes optimization of ISC turnaround work, using cyber-vulnerability assessment to focus turnaround work to only what is necessary.

Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...

Jim Gilsinn

Presented @ 2016 ISA Process Control & Safety Symposium, November 10, 2016 The exchange of key information between business operations, suppliers, customers, production, and ultimately the production equipment itself can provide significant financial and productivity advantages. This presentation will discuss some practical approaches to utilizing the cyber security principles from ISA/IEC 62443 in order to integrate the business and production environments. It will also present some of the different solutions for meeting a variety of scenarios, such as data historians, patching/updating, and remote maintenance.

Practical Approaches to Securely Integrating Business and Production

Jim Gilsinn

Network performance testing for devices and systems can be a daunting task for vendors and end-users given the cost of test equipment and the investment that the companies have to spend in developing relevant tests and understanding the results. During the last couple years, a group of low cost computing systems have been introduced that are very capable from a functional point of view, but how well do they actually perform? Can they be used in a low-cost performance testing lab system to validate ICS devices before they go into production? Can end-users use them to capture live traffic in their network and get reliable performance results? This talk will discuss how and when different types of equipment can be used to develop a low-cost network performance testing lab. It will also show results from a series of performance tests conducted on some of the equipment and with different testing architectures.

Low-Cost ICS Network Performance Testing

Jim Gilsinn

Presented @ 2014 ICS Cyber Security Conference October 21, 2014 It’s been over a year since the NIST Cybersecurity Framework and ISA-62443-3-3 were published, ISA-62443-2-1 has been out for almost 5 years, and ISO/IEC 27001 & 27002 have been out for nearly a decade. NIST has already started their process for revisions, ISA is actively working to overhaul 62443-2-1, and ISO/IEC just published a major revision to their standard. In addition to these cross-domain standards, there are a multitude of local and sector-specific standards as well. As a consultant, we are often asked to use one of these as a baseline to help our customers generate an ICS cyber security program. This presentation will discuss some of the strengths and weaknesses of these different standards and the effort to integrate them into a realistic set of ICS cyber security program requirements.

Integrating the Alphabet Soup of Standards

Jim Gilsinn

Presented: BSidesDC 2015, Washington, DC, October 18, 2015 YouTube Video @ https://youtu.be/v3LBywLthjY Determining the overall health and security of an industrial control system (ICS) network is currently done by looking at the negative case. If the network infrastructure devices indicate that all the devices are connected and communicating, then the network must be operating correctly. If the controllers indicate that they are able to communicate with the other devices in the system, then the system must be operating correctly. If the network security monitoring (NSM) or security information and event management (SIEM) system are not indicating any security events, then the system must be operating correctly. In each of these cases, the assumption is that the system is operating correctly if there are no errors or events being indicated by any of the devices. In reality, the actual health and security of the system can only be determined by positive conditions. The communication streams need to be measured to determine that they are operating within certain limits based upon a desires set of conditions, like rate and maximum latency. Many controllers keep track of these factors for real-time communications, however they are often only recorded as averages and not high-fidelity measurements. This paper presents an approach to analyzing the real-time network traffic performance of an ICS by measuring the jitter and latency associated with individual network traffic streams in the system. By using statistical and mathematical analysis of the high-fidelity jitter and latency data, a network reliability factor can be determined and used to indicate the health of those traffic streams. The author will present a method to combine the individual network reliability factors into a network reliability monitoring system. Lastly, the author will discuss how network reliability monitoring can be used to indicate potential security problems by observing the network traffic patterns.

Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM

Jim Gilsinn

This webinar will help you get more informed on PenTesting in SCADA and also best practices and methods used on risk assessment. Learning about the criticality in industry, makes you more flexible to boost the skills. Main points covered: • The SCADA ICS function in critical infrastructure industry • Risk exposure of IT vs. SCADA ICS from Cyber Security Perspective • Do's and don’ts of Vulnerability Assessment and Penetration Testing in SCADA ICS Environment Presenter: This webinar was presented by Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS, and PECB Certified Trainer. Link of the recorded session published on YouTube: https://youtu.be/icq-RTwusZ8

Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...

PECB

Presented @ BSidesDE, November 14, 2014 Cook like a hacker, and I don’t mean Ramen noodles, take-out pizza, and a bowl of cereal. A lot of hacking involves using a basic set of equipment, learning a powerful set of tools, following a basic set of procedures, a lot of improvising and experimenting, and learning from your mistakes. Cooking is the same. You can cook amazing meals, but it means that you have to be willing to apply a hacker-type mindset to an area that doesn’t involve computers.

Cook Like a Hacker!

Jim Gilsinn

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...

Ahmed Al Enizi

With the recent publication of ANSI/ISA-62443-3-3-2013, it is possible for end-users, system integrators, and vendors to qualify the capabilities of their systems from an ICS cyber security perspective. This process is not as simple as it may seem, though. In many cases, the capabilities of individual components of a system can be determined from specifications and manuals. The capabilities of the system also needs to be evaluated as a whole to determine how those individual components work together. Component-level and System-level certifications are common practice in the safety environment, and will eventually become common in the ICS cyber security environment as well. Certification bodies, like the ISA Security Compliance Institute (ISCI), have begun the process to develop certification efforts around ISA-62443-3-3. Until many more groups of components and systems have been officially certified, third-party assessments and evaluations will be common. This presentation will discuss an example of how Kenexis Consulting has evaluated a particular vendor’s components and systems to determine compliance with ISA-62443-3-3. The presentation will go through the evaluation methodology used and describe how Kenexis used the evaluation to develop a series of real-world use-cases of the components and system in the ICS environment.

Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3

Jim Gilsinn

Presented at the OPC Foundation's "The Information Revolution 2014" in Redmond, WA August 5-6, 2014 This presentation discusses the modes and methodologies an attacker may use against an industrial control system in order to create a complex process attack. The presentation then discusses some specific examples, both real and hypothetical. The presentation finishes with a description of some common ways in which an organization could defend itself against these types of attacks.

Cyber & Process Attack Scenarios for ICS

Jim Gilsinn

Presented @ 55th International Instrumentation Symposium League City, Texas, 1–5 June 2009 Ethernet is being used by a wider variety of industrial devices and applications. Industrial applications and systems require deterministic operations that traditional Ethernet and Transport Control Protocol / Internet Protocol (TCP/IP) suites were not originally designed to support. A standardized way to describe and test industrial devices is needed in order to aid users to characterize the performance of their software and hardware applications. The Manufacturing Engineering Laboratory (MEL) of the National Institute of Standards & Technology (NIST) has been working to develop a set of standardized network performance metrics, tests, and tools since 2002. NIST has cooperated with standards organizations and other groups during that time. NIST is presently working on developing an open-source test tool, called Industrial Ethernet Network Performance (IENetP), to aid vendors in characterizing the performance of their devices. The IENetP test tool will be capable of conducting a full series of performance tests and reporting the results to the user. The current version of the software is capable of analyzing network traffic and producing statistics and graphs showing the network performance of a device.

Test Tool for Industrial Ethernet Network Performance (June 2009)

Jim Gilsinn

Presented @ ISA Safety & Security Symposium 2012 Aneheim, CA, April 2012 Wireshark is the de facto network packet analysis tool used in the industry today. It is an easily extensible open–source tool that provides a large number of capabilities for users. It’s not just for IT–based protocols either. Many industrial protocols have created packet decoders for Wireshark. This tutorial will provide the user with: * An introduction to protocol layering * A basic overview of packet capture and analysis * A demonstration of how Wireshark can be used for packet capture and analysis * Examples of some industrial protocol in Wireshark * An explanation of some more advanced features available in Wireshark

Network Packet Analysis with Wireshark

Jim Gilsinn

Viewers also liked (16)

A Child Like Approach to Grid Cybersecurity

Wireshark Network Protocol Analyzer

The 4horsemen of ics secapocalypse

SANS ICS Security Survey Report 2016

Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...

Practical Approaches to Securely Integrating Business and Production

Low-Cost ICS Network Performance Testing

Integrating the Alphabet Soup of Standards

Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM

Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...

Cook Like a Hacker!

Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...

Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3

Cyber & Process Attack Scenarios for ICS

Test Tool for Industrial Ethernet Network Performance (June 2009)

Network Packet Analysis with Wireshark

Similar to You name it, we analyze it

S4x14 Session: You Name It; We Analyze It

Digital Bond

This paper has presented an evaluation of the two widely accepted and emerging messaging protocols for IoT systems: MQTT, and CoAP. MQTT and CoAP are rapidly emerging as leading lightweight messaging protocols for the booming IoT market. Each protocol offers unique benefits, and each poses challenges and tradeoffs. Both protocols are being implemented for mesh-networking applications, in which lightweight end nodes are a necessary aspect of almost every network, and for gateway bridging logic to allow inter-standard communication.

Comparison of mqtt and coap protocol

YUSUF HUMAYUN

This presentation shows that code coverage guided fuzzing is possible in the context of network daemon fuzzing. Some fuzzers are blackbox while others are protocol aware. Even ones which are made protocol aware, fuzzer writers typically model the protocol specification and implement packet awareness logic in the fuzzer. Unfortunately, just because the fuzzer is protocol aware, it does not guarantee that sufficient code paths have been reached. The presentation deals with specific scenarios where the target protocol is completely unknown (proprietary) and no source code or protocol specs are accessible. The tool developed builds a feedback loop between the client and the server components using the concept of "gate functions". A gate function triggers monitoring. The pintool component tracks the binary code coverage for all the functions untill it reaches an exit gate. By instrumenting such gated functions, the tool is able to measure code coverage during packet processing.

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

Alexandre Moneger

IP Signal Distribution

rAVe [PUBS]

Protecting Your API with Redis by Jane Paek - Redis Day Seattle 2020

Redis Labs

Extent3 turquoise equity_trading_2012

extentconf Tsoy

techniques.ppt

veeruyadav9

The art of system and solution testing

gaoliang641

Internet Protocol.pdf

BIT DURG

Complete Simulation of IEC 101 Server as per Protocol Standard including File transfer. Support Balanced and unbalanced modes. Add up to 50 server node in the simulator. Every server node will work independently. User can update the monitoring Point information and quality bits. Send all type of commands, parameter activation, file transfer. Features Multiple Server Simulation In a Single Server(link) simulate Multiple Stations (Common Address) Mapping of Control Point to monitor Information point, consider C_SC point can map to M_SP point Balanced & Unbalanced Mode Supports "select-before-operate" or "direct-execute" command execution modes supports File Transfer, Directory commands On-demand transmission (single indications, analog ) Spontaneous transmission (single indications with time tag) Clock synchronization * License - Perpetual * One-time payment, royalty-free * Neither license manager nor dongle required. Support all type of Typeid ASDU, APCI, APDU, Command activation, termination. support all Cause of transmission (COT), Parameter in control direction

IEC 60870-5 101 Protocol Server Simulator User manual

FreyrSCADA Embedded Solution

Network protocols

Abiud Orina

Resource Management in (Embedded) Real-Time Systems

jeronimored

What’s eating python performance

Piotr Przymus

The 1990s Called. They Want Their Code Back.

Jonathan Oliver

Dependable Systems - Hardware Dependability with Redundancy (14/16)

Peter Tröger

Today’s networks are waging a ceaseless battle against an army of ingenious and fast-evolving advanced threats. Companies must be well-provisioned to deploy a quick, decisive and network-wide response to attacks. Protecting the network demands robust monitoring that is actually built into the network architecture. Learn how to build scalable network protection and improve overall security and performance of network. Blind spots are commonly caused by these common issues: lack of SPAN ports, dropped and duplicated packets, oversubscribed security and performance tools, unseen inter-VM traffic and more. Ixia developed a highly scalable Visibility Architecture that helps eliminate those blind spots while providing resilience and control without complexity. Ixia's new Visibility Architecture, is founded on a comprehensive product portfolio which includes: - Network TAPs (aggregation, regeneration, 1/10/40/100G) - Bypass Switches (for inline security deployments, 1/10/40G) - Network Packet Brokers (intelligent filtering, load-balancing, de-duplication, matrix switching) - Virtual TAPs (for full Virtual Network visibility) Join NPC and Ixia to learn how Visibility Architecture helps speed application delivery and enables effective troubleshooting and monitoring for network security, application performance, and service level agreement (SLA) fulfilment — and allows IT to meet compliance mandates.

A new perspective on Network Visibility - RISK 2015

Network Performance Channel GmbH

Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2qoUklo. Mark Price talks about techniques for making performance testing a first-class citizen in a Continuous Delivery pipeline. He covers a number of war stories experienced by the team building one of the world's most advanced trading exchanges. Filmed at qconlondon.com. Mark Price is a Senior Performance Engineer at Improbable.io, working on optimizing and scaling reality-scale simulations. Previously, he worked as Lead Performance Engineer at LMAX Exchange, where he helped to optimize the platform to become one of the world's fastest FX exchanges.

Continuous Performance Testing

C4Media

Move Message Passing Interface Applications to the Next Level

Intel® Software

Latency SLOs Done Right

Fred Moyer

Fdp embedded systems

Kavya G

Similar to You name it, we analyze it (20)

S4x14 Session: You Name It; We Analyze It

Comparison of mqtt and coap protocol

BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...

IP Signal Distribution

Protecting Your API with Redis by Jane Paek - Redis Day Seattle 2020

Extent3 turquoise equity_trading_2012

techniques.ppt

The art of system and solution testing

Internet Protocol.pdf

IEC 60870-5 101 Protocol Server Simulator User manual

Network protocols

Resource Management in (Embedded) Real-Time Systems

What’s eating python performance

The 1990s Called. They Want Their Code Back.

Dependable Systems - Hardware Dependability with Redundancy (14/16)

A new perspective on Network Visibility - RISK 2015

Continuous Performance Testing

Move Message Passing Interface Applications to the Next Level

Latency SLOs Done Right

Fdp embedded systems

Recently uploaded

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

Ever caught yourself nodding along when someone mentions "delivering value" in Agile, but secretly wondering what the heck they actually mean? You're not alone! Join us for an eye-opening session where we'll strip away the buzzwords and dive into the heart of Agile—value delivery. But what is "value"? Is it a mythical unicorn in the world of software development, or is there more to this overused term? This isn't going to be a sit-and-get lecture. We're talking about a face-to-face, interactive meetup where YOU play a crucial role. Come along to: Define It: What does "value" really mean? We’ll build a definition that’s not just words, but a compass for your Agile journey. Contextualise It: Discover what value means specifically to you, your team, your company, and your industry. Because one size does not fit all. Deliver It: Share strategies and gather new ones for uncovering and delivering true value—no more shooting in the dark!

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

David Michel

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

How to differentiate Sales Cloud and CPQ on first glance might be tricky if you do not know where to look and what to look at. You will know :-) Managing the sales process within Salesforce is a common use case that can be managed with standart Sales Cloud. If you want to do entire quoting process you will find out Salesforce CPQ solution exists. What is then the difference if both can handle selling products? You will see comparison of 10 different features, which Sales Cloud and Salesforce CPQ handle differently. Simple question you will always remember if you should consider using Salesforce CPQ will be a cherry on top.

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

CzechDreamin

ScyllaDB has the potential to deliver impressive performance and scalability. The better you understand how it works, the more you can squeeze out of it. But before you squeeze, make sure you know what to monitor! Watch our experienced Postgres developer work through monitoring and performance strategies that help him understand what mistakes he’s made moving to NoSQL. And learn with him as our database performance expert offers friendly guidance on how to use monitoring and performance tuning to get his sample Rust application on the right track. This webinar focuses on using monitoring and performance tuning to discover and correct mistakes that commonly occur when developers move from SQL to NoSQL. For example: - Common issues getting up and running with the monitoring stack - Using the CQL optimizations dashboard - Common issues causing high latency in a node - Common issues causing replica imbalance - What a healthy system looks like in terms of memory - Key metrics to keep an eye on This isn’t “Death-by-Powerpoint.” We’ll walk through problems encountered while migrating a real application from Postgres to ScyllaDB – and try to fix them live as well.

Optimizing NoSQL Performance Through Observability

ScyllaDB

You’ve heard good data matters in Machine Learning, but does it matter for Generative AI applications? Corporate data often differs significantly from the general Internet data used to train most foundation models. Join me for a demo on building an open source RAG (Retrieval Augmented Generation) stack using Milvus vector database for Retrieval, LangChain, Llama 3 with Ollama, Ragas RAG Eval, and optional Zilliz cloud, OpenAI.

Introduction to Open Source RAG and RAG Evaluation

Zilliz

Already know how to write a basic SOQL query? Great! But what about an *aggregate* SOQL query? You know, the kind that uses aggregate functions like COUNT & MAX along with GROUP BY and HAVING clauses? No? Well, get ready to learn how to slice & dice your org’s data right inside your own dev console. From finding duplicate records to prototyping summary & matrix reports, learn the ins and outs of aggregate queries during this fast-paced but admin-friendly session on advanced SOQL concepts.

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

CzechDreamin

Discover the essentials of performance testing in the IT sector with our concise guide. Learn about various testing types such as load, stress, endurance, spike, scalability, and volume testing. Understand key performance metrics like response time, throughput, CPU and memory utilization, and error rate. Explore top tools like Apache JMeter, LoadRunner, Gatling, Neoload, and BlazeMeter. Gain insights into best practices for defining objectives, creating realistic scenarios, automating tests, and optimizing performance to ensure user satisfaction, reliability, scalability, and cost efficiency. Ideal for developers, QA engineers, and IT professionals. Visit Expeed Software for more information. https://expeed.com/

In-Depth Performance Testing Guide for IT Professionals

Expeed Software

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Abida Shariff

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.

Search and Society: Reimagining Information Access for Radical Futures

Bhaskar Mitra

New customer? New industry? New cloud? New team? A lot to handle! How to ensure the success of the project? Start it well! I've created the 3 areas of focus at the beginning of the project that helped me in multiple roles (BA, PO, and Consultant). Learn from real-world experiences and discover how these insights can empower you to deliver unparalleled value to your customers right from the project's start.

Powerful Start- the Key to Project Success, Barbara Laskowska

CzechDreamin

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

This talk focuses on the practical aspects of integrating various telephony systems with Salesforce, drawing on examples from implementations in the Czech scene. It aims to inform attendees about the spectrum of telephony solutions available, from small to large scale, and their compatibility with Salesforce. The presentation will highlight key considerations for selecting a telephony provider that integrates smoothly with Salesforce, including important questions to support the decision-making process. It will also discuss methods for integrating existing telephony systems with Salesforce, aimed at companies contemplating or in the process of adopting this CRM platform. The discussion is designed to provide a straightforward overview of the steps and considerations involved in telephony and Salesforce integration, with an emphasis on functionality, compatibility, and the practical experiences of Czech companies.

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...

CzechDreamin

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

IESVE for Early Stage Design and Planning

IES VE

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Recently uploaded (20)

Assuring Contact Center Experiences for Your Customers With ThousandEyes

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

Optimizing NoSQL Performance Through Observability

Introduction to Open Source RAG and RAG Evaluation

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

In-Depth Performance Testing Guide for IT Professionals

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Search and Society: Reimagining Information Access for Radical Futures

Powerful Start- the Key to Project Success, Barbara Laskowska

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

IESVE for Early Stage Design and Planning

Mission to Decommission: Importance of Decommissioning Products to Increase E...

JMeter webinar - integration with InfluxDB and Grafana

You name it, we analyze it

1. You Name It, We Analyze It! Jim Gilsinn Kenexis Consulting Corporation You Name It, We Analyze It! 1

2. Industrial Network Types & Metrics: Publish/Subscribe • Publish/subscribe or peer-to-peer communications • Main performance metric: Cyclic frequency variability/jitter • Real-time EtherNet/IP™ uses publish/subscribe • Requested/Accepted Packet Interval (RPI/API) • Measured Packet Interval (MPI) You Name It, We Analyze It! 2

3. Industrial Network Types & Metrics: Publish/Subscribe Subscriber TSub_Com_Init Publisher TPub_Com_Init TPub_1 TPub_2 TSub_M . . . • Difference between TPub_Com_Init & TSub_Com_Init is network roundtrip delay • TPub_Com_Init, TSub_Com_Init not important • Variability in TPub much more important • Theoretically, TPub doesn’t need to match Tsub TPub_N-1 TPub_N You Name It, We Analyze It! • In production systems, they are the same 3

4. Performance Testing Methodology: Performance Metrics • Command/response or master/slave communications • Main performance metric: Latency • Large numbers of protocols use this • Most (All?) PC-based server/client protocols – HTTP(S), (S)FTP, etc. • Most industrial protocols – Modbus/TCP, Profinet, Ethercat, etc. You Name It, We Analyze It! 4

5. Industrial Network Types & Metrics: Command/Response Commander TCom_Delay_1 Responder TRes_1 • Difference between TCom_Delay & TRes is network roundtrip delay • Latency in TCom & TRes important TCom_1 TCom_Delay_2 TRes_2 TCom_2 You Name It, We Analyze It! 5

6. Isolating Traffic Streams • Isolating traffic streams can be tricky • 10’s – 100’s of traffic streams in production environment • Your Wireshark Fu must be strong! • Usually requires additional post-processing • Multiple streams can exist between same devices You Name It, We Analyze It! 6

7. Isolating Traffic Streams • Traffic pairs • • • • Source IP/MAC address Destination IP/MAC address Source TCP/UDP port Destination TCP/UDP port • Publish/Subscribe • Communication stream ID • Sequence number (optional) • Command/Response • Command message/field • Response message/field • Message ID (optional) You Name It, We Analyze It! 7

8. Test Time vs. Packet Interval Measured Packet Interval (ms) ~62 sec test Mean MPI = 2ms Min ~ 1.2 Max ~ 2.9 Test Time (s) You Name It, We Analyze It! 8

9. Time Plot for Command/Response Regular Pattern to Delayed Packets Regular Pattern of Minimal Delayed Packets You Name It, We Analyze It! 9

10. Command/Response Timing Plots • Quick succession of command/response packets • Minimal delay in command/response sequence • Apparently large delay in a single packet • Example: Rockwell tag reads Delay Until Next Time Sequence Quick Succession Read Commands You Name It, We Analyze It! 10

11. Next Steps • Streamline traffic stream processing • Develop better command/response code • Build more mathematical statistical models • Add graphical modeling of time & frequency domain • Add more industrial protocols and obtain example files • • • • • Modbus Profinet DNP3 61850 And others… You Name It, We Analyze It! 11

12. Questions • Contact Me • • • • • • Jim Gilsinn 301-706-9985 or 614-323-2254 jim.gilsinn@kenexis.com Twitter – @JimGilsinn LinkedIn – http://www.linkedin.com/in/jimgilsinn/ SlideShare – http://www.slideshare.net/gilsinnj You Name It, We Analyze It! 12

You name it, we analyze it

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (16)

Similar to You name it, we analyze it

Similar to You name it, we analyze it (20)

Recently uploaded

Recently uploaded (20)

You name it, we analyze it