ONF Announces Aether 5G Connected Edge Cloud Platform

Many industry pundits and observers seem to not understand all the ramifications and potentials for 5G. I’ve listened to podcasts from John Gruber at Daring Fireball and the guys at Accidental Tech Podcast talk about how 5G isn’t providing the anticipated boost for data speeds for their new iPhone 12s. But 5G provides for so much more than that.

I’ve had an opportunity to talk with people from the new Open Networking Foundation and check out this open-source community springing up. Here is a recent press release. Open source is burgeoning right now. Cynics say it’s just a way for big companies to cut development costs. I think it goes much deeper than that given licensing protocols and the spread of technology. This one is interesting and poised to take (among other things) Industrial Internet of Things to a deeper level.

The Open Networking Foundation (ONF) announced that ONF’s Aether 5G Connected Edge Cloud platform is being used as the software platform for the $30M DARPA Pronto project, pursuing research to secure future 5G network infrastructure.

DARPA is funding ONF to build, deploy and operate the network to support research by Cornell, Princeton and Stanford universities in the areas of network verification and closed-loop control. ONF will enhance and deploy its open source Aether software platform as the foundation for the Pronto research work, and in turn the research results will be open sourced back into Aether to help advance Aether as a platform for future secure 5G network infrastructure.

Aether – 5G Connected Edge Cloud Platform

Aether is the first open source 5G Connected Edge Cloud platform. Aether provides mobile connectivity and edge cloud services for distributed enterprise networks as a cloud managed offering. Aether is an open source platform optimized for multi-cloud deployments, and it simultaneously supports wireless connectivity over licensed, unlicensed and lightly-licensed (CBRS) spectrum.

Aether is a platform for enabling enterprise digital transformation projects. Coupling robust cellular connectivity with connected edge cloud processing creates a platform for supporting Industrial Internet-of-Things (IIoT) and Operational Technology (OT) services like robotics control, onsite inference processing of video feeds, drone control and the like.

Given Aether’s end-to-end programmable architecture coupled with its 5G and edge cloud capabilities, Aether is well suited for supporting the Pronto research agenda.

Aether Beta Deployment

ONF has operationalized and is running a beta production deployment of Aether.  This deployment is a single unified cloud managed network interconnecting the project’s commercial partners AT&T, Ciena, Intel, Google, NTT, ONF and Telefonica. This initial deployment supports CBRS and/or 4G/LTE radio access at all sites, and is cloud managed from a shared core running in the Google public cloud.

The University campuses are being added to this Aether deployment in support of Pronto. Campus sites will be used by Pronto researchers to advance the Pronto research, serving as both a development platform and a testbed for use case experimentation. The Aether footprint is expected to grow on the university campuses as Aether’s 5G Connected Edge Cloud capabilities are leveraged both for research on additional use cases as well as for select campus operations.

Aether Ecosystem
A growing ecosystem is backing Aether, collectively supporting the development of a common open source platform that can serve as an enabler for digital transformation projects, while also serving as a common platform for advanced research poised to help unlock the potential of the programmable network for more secure future 5G infrastructure.

At Google Cloud, we are working closely with the telecom ecosystem to help enable 5G transformation, accelerated by the power of cloud computing. We are pleased to support the Open Networking Foundation’s work to extend the availability of 5G and edge capabilities via an open source platform.” 

Shailesh Shukla, VP and GM, Networking, Google Cloud

Cornell is deploying Aether on campus to bring private 5G/LTE connectivity services with edge cloud capabilities into our research facilities.  We expect private 5G/LTE with connected edge cloud to become an important and integral part of our research infrastructure for many research and operational groups on the campus.  We also see the value of interconnecting a nation-wide leading infrastructure with Stanford, Princeton and ONF for collaborative research among university researchers across the country.”

David Lifka, Vice President for Information Technologies and CIO, Cornell University

Princeton University is deploying Aether on campus in the Computer Science Department in order to support the Pronto research agenda and offer it as an experimental infrastructure for other research groups. This deployment will enable private 5G/LTE connectivity and edge cloud services and will complement Princeton’s existing P4 enabled infrastructure on campus. We plan to also explore how some of our mission critical production use cases can be supported on a private 5G Connected Edge Cloud.”

Jay Dominick, Vice President & CIO, Princeton University

Ciena is pleased to be an early collaborator on the ONF’s Aether project.  We have an Aether site running in our 5G lab in Montreal, and we are excited by the prospect of helping enterprises leverage the 5G and edge cloud capabilities of Aether to help build transformative solutions.”

Stephen Alexander, Senior Vice President and Chief Technology Officer, Ciena

 “Intel is an active participant of the ONF’s innovative Aether project to advance the development of 5G and edge cloud solutions on high volume servers. ONF has been leading the industry with advanced open source implementations in the areas of disaggregated Mobile Core, e.g. the Open Mobile Evolved Core (OMEC), and we look forward to continuing to innovate by applying proven principles of disaggregation, open source and AI/ML with Aether, the Enterprise 5G/LTE Edge-Cloud-as-a-Service platform. As open source, Aether will help accelerate the availability of innovative edge applications. Aether will be optimized to leverage powerful performance, AI/ML, and security enhancements, which are essential for 5G and available in Intel® Xeon® Scalable Processors, network adapters and switching technologies, including Data-Plane Development Kit (DPDK), Intel® Software Guard Extensions (Intel SGX), and Intel® Tofino™ Programmable Ethernet Switch.”

Pranav Mehta, Vice President of Systems and Software Research, Intel Labs

Learn More

The Aether ecosystem is open to researchers and other potential partners who wish to build upon Aether, and we welcome inquiries regarding collaboration.  You can learn more at the Aether website.

About the Open Networking Foundation:

The Open Networking Foundation (ONF) is an operator led consortium spearheading disruptive network transformation. Now the recognized leader for open source solutions for operators, the ONF first launched in 2011 as the standard bearer for Software Defined Networking (SDN). Led by its operator partners AT&T, China Unicom, Deutsche Telekom, Google, NTT Group and Türk Telekom, the ONF is driving vast transformation across the operator space. For further information visit http://www.opennetworking.org

Mentor Becomes Siemens EDA

I received this email after I’d shut the computer down for the evening yesterday.

Following the acquisition of Mentor Graphics by Siemens in 2017, Mentor will now officially become Siemens EDA, a part of Siemens Digital Industries Software, effective January 2021.

Our combined and integrated technologies now establish Siemens as the global leader in industrial software, positioning us to not only offer a comprehensive portfolio of EDA tools but also pioneer new technologies that we believe will redefine EDA to help you deliver IC and systems innovations to market faster.

Look for upcoming announcements with a new look and feel over the next few months as we transition our website and content from Mentor to Siemens EDA.

Thank you for your support and continued interest in our broad portfolio of EDA tools, now strengthened by Siemens’ world-class products and services.

Best regards,
Siemens EDA

CIP Security Updated to Support User Level Authentication

This release has been sitting in my Dropbox for a month or so. It’s still worth noting especially since security became news a couple of times in the past few weeks.

ODVA announces that user level authentication has been added to CIP Security, the cybersecurity network extension for EtherNet/IP. Previous publications of the specifications for CIP Security included key security properties including a broad trust domain across a group of devices, data confidentiality, device authentication, device identity, and device integrity. CIP Security now adds a narrow trust domain by user and role, an improved device identity including the user, and user authentication. 

As IT and OT converge in industrial automation, the ability for controls engineers, IT administrators, and maintenance operators to securely access and modify device parameters grows even more critical. Device level security is a building block requirement of IIoT to protect critical assets and people from potential physical and increasingly likely financial harm. To meet this requirement, the robust CIP Security User Authentication Profile will provide user level authentication with a fixed user access policy based on well-defined roles and basic authorization via both local and central user authentication. CIP Security’s ability to authenticate via the device or through a central server allows for simplicity in smaller, simple systems and efficiency in large, complicated installations.

CIP Security already included robust, proven, and open security technologies including TLS (Transport Layer Security) and DTLS (Datagram Transport Layer Security); cryptographic protocols used to provide secure transport of EtherNet/IP traffic, hashes or HMAC (keyed-Hash Message Authentication Code) as a cryptographic method of providing data integrity and message authentication to EtherNet/IP traffic; and encryption as a means of encoding messages or information in such a way as to prevent reading or viewing of EtherNet/IP data by unauthorized parties. The new CIPTM User Authentication Profile provides user-level authentication for CIP communication at the application layer. In the future, CIP Security may make use of a CIP authorization profile that will enhance CIP to provide additional security properties such as general, flexible authorization where access policy can be based on any attribute of the user and/or system and potentially extending CIP Security to support other non-EtherNet/IP networks.

The new User Authentication Profile makes use of several open, common, ubiquitous technologies, including OAuth 2.0 and OpenID Connect for cryptographically protected token-based user authentication, JSON Web Tokens (JWT) as proof of authentication, usernames and passwords, and already existing X.509 certificates to provide cryptographically secure identities to users and devices. It uses a cryptographically secure user authentication session ID, generated by the target on presentation of a valid JWT by the user, to map between an authentication event and the messages sent by a user for CIP communications. The user authentication session ID is transmitted over EtherNet/IP using (D)TLS and a confidentiality-enabled cipher suite per CIP Security’s EtherNet/IP confidentiality profile.

“User authentication is another critical step in the development of CIP Security, a key network extension that is a part of the complete EtherNet/IP industrial communication ecosystem. CIP Security, as a part of a defense in depth approach, is designed as an effective deterrence to malicious cyber attackers who are looking for targets to disrupt plant operations,” stated Jack Visoky, EtherNet/IP System Architecture Special Interest Group (SIG) vice-chair. “With connected infrastructure and automation systems, CIP Security is more critical than ever before to protect valuable investments and production of essential products around the world from malicious cybersecurity attacks” said Dr. Al Beydoun, President and Executive Director of ODVA. “ODVA will continue to invest in the future development of CIP Security and EtherNet/IP to ensure that end users are protected from physical and financial harm perpetrated by bad actors.”

Through this update, CIP Security now offers even stronger device level security with a narrow trust domain by user and role, an improved device identity including the user, and fixed user authentication. ODVA continues to work to make sure that CIP Security stays on the cutting edge of device defense to best protect critical industrial automation assets to make sure that the promise of IIoT and Industry 4.0 can be fully achieved. Visit odva.org to obtain the latest version of The EtherNet/IP Specification including CIP Security.

OPC Foundation In The News

OPC Foundation has released a lot of news at the end of 2020. Its working groups have been busy.

  • Cloud Library with CESMII
  • Field Level Communications
  • ECLASS Standard for M2M Communication
  • Update to PLCOpen 61131-3 specification

Cloud Library

The OPC Foundation, in collaboration with CESMII, is pleased to announce the launch of the “OPC UA Cloud Library” Joint Working Group (JWG). The goal of the JWG is to specify how OPC UA information models of machines, SCADA and Manufacturing Execution Systems will be stored in and accessed from a cloud-based database.  Such a database will enable manufacturers to draw from a wide range of OPC UA information models and profiles for use in their pre-built shopfloor and business digitalization applications.

Collaboration between the OPC Foundation and the Smart Manufacturing Institute is a natural fit given their complementary efforts. On one hand, the US government-backed Smart Manufacturing Institute sets out to help accelerate the adoption of Smart Manufacturing by businesses of all sizes by enabling frictionless movement of information (data and context) between real-time operations and the people and systems that create value in their organizations. On the other hand, the OPC Foundation created a globally adopted open data interoperability standard via its OPC UA specification. The specification’s information modeling capabilities and secure, scalable communications made it a cornerstone of Industrie 4.0 and virtually every other national Industrial IoT initiative. By working together, CESMII and the OPC Foundation aim to enable the broadest range of US manufacturers and beyond to innovate and go-to-market in their digital transformation using the right data modeling foundation.

Field Level Communications

OPC Foundation announces today that its Field Level Communications Initiative has accomplished a significant milestone in the ongoing project by completing their initial release candidate with the focus on the Controller-to-Controller (C2C) use case. In addition, a technical paper has been published that explains the technical approach and the basic concepts to extend OPC UA to the field level for all use cases and requirements in Factory and Process Automation.

Peter Lutz, Director Field Level Communications of the OPC Foundation says: “We are happy about the progress that our working groups have made over the last months, despite COVID-19 and the associated restrictions. The initial release candidate is a major achievement because it is used to build prototypes and to create test specifications that will be converted to corresponding test cases for the OPC UA certification tool (CTT). Furthermore, it lays the foundation for specification enhancements to also cover the Controller-to-Device (C2D) and Device-to-Device (D2D) use cases in the next step.”

Since the start of the Field Level Communications Initiative in November 2018 more than 300 experts from over 60 OPC Foundation member companies have signed up for the various technical working groups to create the technical concepts and elaborate the specification contents for extending the OPC UA framework for field level communications, including Determinism, Motion, Instruments and Functional Safety.

Cooperation with ECLASS

An important step for interoperability in the field of M2M communication: the OPC Foundation and ECLASS e.V. signed a cooperation agreement.

The goal of this cooperation is to combine the power of the OPC UA and ECLASS standards to better enable M2M interoperability via seamless communication of data and semantics using a standardized set of interfaces. To serve as the basis for semantic interoperability across full product life cycles in an international application environment, a manufacturer and industry independent standard for product description is needed. Once created, such a standard can serve as a semantic reference for the Internet of Things. The ECLASS standard, developed by ECLASS e.V. meets these requirements in a unique way.

The OPC UA standard enables secure transmission of data and facilitates the definition and dynamic exchange of its underlying structure via robust OPC UA information modeling functionality. Standardized information models implemented using OPC UA are called OPC UA Companion Specifications, which taken together can serve as common libraries of Information Models. Products utilizing OPC UA Companion Specifications enable seamless 3rd party data interoperability in the operating phase in the product lifecycle. Today, ECLASS identifiers are already being used in various Companion Specifications. 

Update to PLCOpen OPC UA for IEC61131-3

The OPC Foundation, in collaboration with PLCopen, announced the release of v1.02 of the “OPC UA for IEC61131-3” specification. Building on the first version of the specification, the joint working group added: 

  • support for all datatypes defined in the 3rd edition of IEC61131-3
  • an optimized, machine-readable version of the information model (i.e. nodesetfile) 
  • compliance with enhanced specification templates to support the tool chain used to generate validated information models
  • inclusion in the global online searchable specification reference 
  • OPC Foundation Compliance Test Tool (CTT)  test cases for validation of vendor implementations of “OPC UA for IEC61131-3”

Founded in 2008, this joint working group has the goal of expressing IEC 61131-3 information models using OPC UA.  By doing so, an IEC6-61131-3 PLC project that is loaded onto different control platforms can be displayed in a standardized form and made available for communication via the controllers’ OPC UA servers.

“This first step harmonizes the access of the project running in the controller” says Eelco van der Wal, Managing Director of the PLCopen organization. “With this an unprecedented transparency is created in the communication in industrial automation, enabling the configuration of the communication much faster and independent of the network and suppliers. For this reason, many suppliers have implemented this, providing their users with the ease of use in communication.”

In addition to the server specification “UA for IEC61131-3” the group also worked very successfully on the “client specification” which was originally released in 2014. The implementation of this functionality on a controller makes it possible to initiate a communication session to any other available OPC UA Server. The controller can exchange complex data structures horizontally with other controllers independent of the fieldbus system used, or vertically with other devices using an OPC UA server service oriented architecture, like an MES/ERP system in order to collect data or write new production orders to the cloud.

Manufacturing Industry Asked to Participate in Survey of Reshoring Opportunities

Sometimes when I’m considering manufacturing trends and requirements, I feel like Odysseus caught between Scylla and Charybdis. Regarding trade and manufacturing—one the one hand I’ve seen the evidence that international trade can be beneficial for everyone, while on the other, it is important that each country maintains a strong manufacturing base in order to assure survival.

Often these policies are decided by MBA-Finance types who only look at (usually incomplete) spreadsheets trying to find ways to save a dollar. Or politicians intent only on stirring up their supporters in payment for a vote.

Financial people have finally awakened to the drawbacks of having all manufacturing done at remote factories searching for the lowest possible wage. You don’t get a motivated and skilled workforce that becomes the source for much manufacturing innovation. You also don’t always win additional customers for your products in that other country. Your spreadsheets lead you to that dangerous path between Scylla and Charybdis.

Several organizations in the US have taken on the challenge to “rebuild” manufacturing in the US. These include CESMII, The Reshoring Institute, and the source for this report, AMT—The Association for Manufacturing Technology. Actually, my research so far seems to show that the US has been losing in the OEM and machine building market while it has maintained some final manufacturing, albeit with wages no higher than $15/hour. Not a good situation.

Help with the effort. Participate in this survey.

What products and components offer the biggest opportunities for reshoring? What advanced manufacturing technology is needed to enable the reshoring?  To what degree did the pandemic disrupt supply chains, and how did it affect sourcing? To answer these questions and better understand the needs of the manufacturing technology community, AMT – The  Association For Manufacturing Technology is asking industry, including OEMs, job shops, technology suppliers and distributors, to participate in an online survey to help in “Rebuilding the Supply Chain.” The survey is open through February 28, 2021.

The survey takes about five minutes to complete. Results will be published in March on the AMT website and on IMTS.com/supply-chain, a one-stop repository for supply chain information, content and guidance resources. One of the key survey questions is whether or not OEMs and job shops would value an AMT service to connect OEMs with manufacturing technology solutions for reshoring opportunities.

“Participating in this survey will provide valuable insight on sourcing issues and which processes, products and components face the most pressure from imports and which offer the biggest opportunities to reshore,” says Peter R. Eelman, Vice President & CXO at AMT, which owns and produces IMTS – The International Manufacturing Technology Show. “The input we receive helps AMT and IMTS develop resources to help companies make more detailed sourcing assessments and better-informed sourcing decisions.”

The survey is one of many activities related to AMT’s Rebuilding the Supply Chain initiative, which has gained greater visibility due to COVID-19 disruptions and shifting the emphasis of IMTS to further support the industrial base. Rebuilding the Supply Chain activities also include collaboration with the Reshoring Initiative, a not-for-profit organization dedicated to bringing manufacturing back to the United States.