The Advantage of Covid-19

Covid-19 has been wreaking havoc across the globe. But this was also expected given the fact that we have not been the best of tenants for Mother Earth.

All the doom and gloom aside, Covid-19 and the mass lockdowns are teaching us a very important lesson about the future of automation and technology.

In a single line:

A secure future requires smart people working on smart devices using smart infrastructure!

Figure 1: Relation between Smart People, Things and Infrastructure.

Figure 1 shows the interactions between Smart People, Things and Infrastructure.

The Covid-19 crisis, which has brought life to a standstill, has exposed the weakness of our automation maturity. Services from haircutting to garbage collection have been trimmed back, mostly as a proactive step. Whatever automation we do have, has helped tremendously (e.g. online grocery shopping) even as people’s behaviour changed overnight as panic set in.

So what is the panic about? What are the basics that we need? The panic is about running out of resources like food due to a collapse of supply chains which have been optimised to reduce warehousing costs.

Supply chains (Logistics) are heavily dependent on people. From farmers growing crops, workers building stuff to drivers transporting the product to the shops (or directly to your home).

This is not the only critical system to break down if large number of people fall ill at the same time.

Healthcare is another area that has been impacted because of the lockdown. Care has to maintained to protect vulnerable people which means minimising contact. This increases the vulnerability due to isolation.

Education has also been impacted with schools closed and exams postponed or cancelled. This might not seem like a big problem but consider the impact in future results.

Another area of concern are the utility networks. Can we truly survive with disruptions to our electricity or water networks?

If the automation is improved in the above areas then we would become more resilient (but not immune) to such events in the future which is as difficult to achieve as it sounds!

Bottom-up Automation

Before a drone can be piloted remotely for hundreds of miles or a truck driven under human supervision from a port to a local warehouse we need robust telecom infrastructure to provide reliable, medium-high bandwidth, low-latency, temporary data connections.

This magic network has three basic ingredients:

  1. Programmable network – devices that can be treated like ‘software’ and provide the same agility > significant progress has already been made in this area.
  2. Network slicing – to efficiently provide the right resource to the requesting service > lot of work ongoing in context of 5G networks
  3. Closed-loop, light touch orchestration – to help people look after a complex network and help make changes quickly and safely when required (e.g. providing a reliable mobile data link to a drone carrying a shipment of food from a wholesaler to a shop, for remote piloting use-case) > significant progress has been made and lot of ongoing work

Using such a network we can build other parts of the puzzle such as smart roads, smart rails and then smart cities. All of these help improve automation and support increasingly light touch automation use-cases.

Smart Things

Once we have the Smart Infrastructure we need Smart Things to use them.

For Logistics and maintaining a robust supply chain during a pandemic we need a fleet of autonomous/remotely supervised/remotely piloted vehicles such as heavy-lift drones, self-driving trains/cars/ships/trucks. We also need similar assistance inside warehouses and factories with robots carrying out the operations with human supervision (so called Industry 4.0 / Lights-out factory use-case).

Healthcare – requires logistics as well as the development of autonomous personal health monitoring kits that augment the doctor by allowing them to virtually examine a patient. These kits need to become as common as a thermometer and should fulfil multiple functions.

For scenario related to caring for vulnerable people, semi-autonomous robots are required that can do lot of the work (e.g. serve dinner).

In case of a lockdown, a teacher should be able to create virtual classrooms with similar level of interactivity (e.g. via AR/VR) as in a real classroom.

To maintain water, electricity and other utilities we need sensors that provide a snapshot of the network as well as actuators, remote inspection and repair platforms etc.

For all of this to be done remotely (e.g. in a lockdown scenario) we need a robust telecoms network. Clearly, without a data connection people would no longer be able to deal with the economic, mental, physical and emotional shock caused by a lockdown.

Smart People

So who will be these people who can pilot/supervise a drone, carrying a crate of toilet rolls from a warehouse in Bristol to a shop in Bath from a remote location? Well trained people of course!

This requires two important things:

  1. Second Job: Everyone should be encouraged to take up a second discipline (of their interest) in a semi-professional capacity. This helps increase redundancy in a system. For example, if you are a taxi driver and have an interest in radio – maybe your second job can be of a maintenance technician.
  2. Thinking beyond data-science and AI: Tech is everywhere and AI is not the final word in hi-tech. People should receive everyday technology training and if possible advanced technology training in at least one topic. E.g. everyone should be taught how to operate a computer but they should also be allowed to choose a topic for deeper study, like security, software development, IT administration etc.

Augmentation technologies should be made more accessible, including providing basic-training in Augmented and Virtual Reality systems so that in case of a lockdown, human presence can be projected via a mobile platform such as a drone or integrated platform within say a forklift or a truck.

Adaptation: This is perhaps the most important. This means not leaving anyone behind in the tech race. Ensuring all technologies allow broad access. This will ensure that in times of trouble technology can be accessed not only by those who are most able to deal with the issues but also those who are the most vulnerable.

All of the above require the presence of smart things!

Conclusion

Thus we have four themes of Logistics, Healthcare, Education and Utilities running across three layers: Smart People -> Smart Things -> Smart Infrastructure. That is what Covid-19 has taught us. A very important lesson indeed, so that the next time around (and there WILL be a next time), we are better prepared!

Network Traffic Monitoring using OpenFlow

These days you don’t have to shell out thousands of pounds for an OpenFlow switch. Especially if you don’t mind lesser number of ports and devices that are not blazingly fast. I purchased a Zodiac FX OpenFlow switch and have been trying out different projects with it. The switch has 4 ports at 100M each with Port 4 reserved for management.

Figure 1: Network Setup for Traffic Snooper

To make a Traffic Snooper we need to mirror ports that allow ingress into and egress from the internal network. Port mirroring means sending same traffic to the target port as well as a mirror port. We may also filter traffic that is mirrored (e.g. we may only want to mirror Layer 4: UDP traffic). 

For the Zodiac FX, I selected Port 2 to be the mirror port. Traffic exiting the internal network will arrive on Port 1 and be sent out from Port 2 and Port 3 (Apply Action List). Similarly traffic entering the internal network from the Internet will arrive on Port 3 and be sent out from Port 2 and Port 1.

Thus Port 2 will receive packets from both the directions. Port 2 is attached directly to a Raspberry Pi with Link Local addressing enabled. This means that the port on the Raspberry Pi has a link local IP address assigned to it. We don’t really care about this because we are already forcing the traffic to come this way using a static flow. 

On the Traffic Snooper Pi I run my Python based Traffic collector. This utilises raw sockets to listen for traffic. All data is converted into hex and dumped into the Analytics Store database (Mongo DB). This is a fairly simple utility perfect for a lightweight platform like the Pi. It does not do any processing of the network data. It simply stores it in a database. The source code is attached for both the Snooper and the static controller which uses Ryu.

Snooper.py: https://docs.google.com/document/d/e/2PACX-1vTVV-G17M-TrLfGd2gt0B-5aK_NshjZ1-F1tWvrQwbTHR4Z-FYoaAzfOYdMVtGxP3B1ODLoWWiQiWS3/pub

The Traffic Snooper needs the following to read from the raw socket that is getting data from port 2 of the switch (the mirrored port):

s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(3))

The line above can be interpreted as:

Open a socket that uses Address Family (AF) of Packets (you will need to run snooper with sudo to provide access) that will allow access to Layer 2 information. The socket is a raw type – therefore Layer 2 headers will not be stripped. Finally we provide the host to network byte order conversion (htons). 

This gives us a socket that pulls the packet with all the information (headers) intact and also ensures the byte ordering is correct.

The Traffic Snooper also stores the packet hash to ensure we do not store duplicate packets (this can be disabled if required).

Note: port 2 will not get any direct assignment of IP address (we don’t want any traffic to use this port for communication – only mirrored traffic should use this port) and should default to a ‘link-local’ IP address. In case of IPv4, link-local addresses are defined in the address block 169.254.0.0/16

Static_Controller.py: https://docs.google.com/document/d/e/2PACX-1vRU8ZAa5Vl03UwC5K61Rt9Me0y0tvKq_0s8lCm7aH9t7vN_Z6qnUMQgINPFdCrt9BM-kBkJh3uuJCyw/pub

The installed flows:

The OpenFlow Specification allows multiple Apply Actions. We use this to create duplicated traffic flows.
Flow 1: All traffic coming in from port 3 is forwarded to port 2 and 1. Here port 2 is the port connected to the analyser.

Flow 2: All traffic coming in from port 1 is forwarded to port 2 and 3.

Note: The controller is a static controller. In other words we use Ryu to install flows and then the controller is disconnected (thus flow timeout=0). To achieve this we use the ‘safe’ mode on the Zodiac FX which does not remove the flows that have been installed. As the Zodiac FX is a pure OpenFlow switch it does not support standalone mode.

Next Step: Next post will look at the traffic analyser that breaks down the incoming packet and pulls out various protocol related information.

Follow-up: I have used Zodiac FX for this post and not something like OpenVSwitch (which has several advanced features such as port mirroring and built in learning switch in ‘standalone’ mode) because I wanted to use a pure OpenFlow device that does nothing till you don’t provide the flows. 

OVS Implementation

It is fairly straight forward if you want to setup your Pi as a OVS switch. You will need USB-Ethernet plugs and a freshly formatted Pi. I used the lightweight no-desktop ‘Stretch’.

This is a good guide to follow: 
https://www.telematika.org/post/piovs-raspberry-pi-open-vswitch/

I only needed the ‘Install OVS’ and ‘Configure Interfaces’ step.

Below are the three interfaces I created, ‘eth2’ is the interface to the snooper and ‘eth3’ the ‘internet’ interface.

auto eth1
iface eth1 inet manual
hwaddress ether 00:0e:c6:de:54:15
auto eth2
iface eth2 inet manual
hwaddress ether 00:0e:c6:df:ae:ac
auto eth3
iface eth3 inet manual
hwaddress ether 00:0e:c6:df:ae:c2
auto ovsbr0
allow-ovs ovsbr0
iface ovsbr0 inet manual
ovs_type OVSBridge

There are few things to watch out for:

  1. The interface on the Raspberry Pi running the snooper application  should not be reachable from the network. This is because we do not want any traffic headed for that port. We only want to record traffic flowing between 1 and 3. Therefore, the Pi connected to port 2 of the switch should have two interfaces. One that has a valid local network address – to allow snooper to access the database server for example. The second which is connected to the switch interface 2 which receives the copied traffic. This second interface should have a link local IP address to ensure all the traffic received there either for port 1 or 3.
  2. Set the fail mode to ‘secure’ in OVS. If you do not set the fail mode in OVS to ‘secure’ then it will fall back to learning switch mode (standalone mode) and start faithfully switching traffic. This will mean (in short) your snooper Pi will have an IP address assigned to the port that is sniffing the mirrored traffic. Once you install the flows then the traffic will be mirrored but you can still get extra packets not part of the flow that we are monitoring.
  3. Use ‘sudo ovs-vsctl get-fail-mode <bridge_name>‘ to get the fail mode and then ‘sudo ovs-vsctl set-fail-mode <bridge_name> secure‘ to set to secure mode (replace bridge_name with the name of your OVS bridge). This will disable the learning switch and you will need to use the static-controller to setup the snooper flows.
  4. You can use ‘sudo ovs-appctl fdb/show <bridge_name>‘ to show the forwarding db (this stores the result of the mac learning) and ‘sudo ovs-appctl fdb/flush <bridge_name>‘ to clear the forwarding db.

5G Networks – Just Over the Horizon

Introduction

How many times have you heard yourself say ‘this call might fail because I am boarding a bus/train/aircraft’? How many times have you tried making a call while in a busy area and found that the call does not get through? How many times have you lost mobile signals on a highway and not been able to make a call let alone access 3G/4G data? How many times have you struggled to send an email as you go in and out of a metro (underground) station? How many times have you screamed silently when connecting to a ‘free’ wifi is harder than learning how to fly a plane!

Finally how confident are you that high data rate services such as video calls, live streaming, YouTube etc. will continue to work as you commute, attend events (such as concerts), travel or just take a walk in a mall (reinforced concrete and steel are bad for mobile signals!).

5G networks aim to address many of these problems ‘out of the box’.

There are several major projects underway all over the world to produce specifications, proof of concepts, commercial and technology test beds. The European Commission is heavily involved via the 5G-PPP (Public Private Partnership) initiative which also means there is decent amount of funding available.

So what is 5G? How is it different from 4G? What are its major use cases? I will attempt to answer some of these questions in this post.

What is 5G?

Firstly while 5G is obviously about connecting wireless smart devices, it involves a whole lot more. Unlike our familiar 4G/3G network which is mostly restricted to the wireless domain, 5G aims to be a fusion of wireless and wired. The reason I call it a fusion is because the main thrust of 5G is towards removing boundaries between different domains (mobile, wifi, wired broadband) from the end user perspective and provide seamless access.

Seamless, On-demand Services

To enable seamless access for the user, all the various network functions and resources need to be packaged as a product, made accessible through a standard interface. On top of this you need a catalogue based mechanism which effectively allows stitching together of these resources and functions to provide a service to the end user.

Think of it like preparing a new dish. Once you get the recipe, you go to your local supermarket and gather the ingredients (resources) from a clearly laid out aisle. Then you come home and gather various cooking implements (functions) to process the ingredients. Finally you follow the recipe and transform the ingredients using the cooking implements into a dish – which you serve to the end user.

This is broadly speaking what a 5G network will attempt to do – while keeping track of the Quality of Service and ensuring Service Levels do not fall below an advertised limit. This equates to maintaining food quality at a certain advertised level irrespective of whether you are cooking at a campsite or in your own kitchen or in a restaurant.

For example if you are attempting to watch a HD video stream while on the move – all the resources and functions you need (and this is not a static set – as you may move in and out of various radio access technology domains such as 3G, 4G and Wifi) should be provided at a given point in time so that there is no disruption in the video stream.

Dawn of IoT

5G networks are also being designed, from the ground up, to support so called ‘machine type communication’. Machine type communication is characterised by a very large number of simple low-power sensors that require a data-link to push data to a gateway server. The data-link is usually wireless and often has low-bandwidth requirements. Several specialised sensor-gateway protocols are being developed (e.g. LoraWAN), but at a given level all that traffic will end up using 5G network links.

There are other machine type communication requirements that behave more like humans i.e. they require always on (mission critical) connections. For example an autonomous car may use an active data-link to pull down maps, upload sensor data or initiate transactions on behalf of the driver (e.g. pay tolls).

Current networks will find it almost impossible to maintain and service such a large number of hosts with such a wide spectrum of requirements.  In fact this is not a trivial use-case.

 

 

Comparing 5G with 4G

In this section I will highlight the principle differences between 5G and 4G and what features we can look forward to in the next decade:

End to End Latency: Latency is the time taken for a packet to travel from its source to its destination, lower the better. 4G = 25 milliseconds to 5G < 5 milliseconds (5 times less)

Reliability: Percentage of packets that are successfully passed through the network. In this case higher the better. 4G = 99.99% to 5G = 99.999% which means 1 in 100,000 packets is lost.

Service Deployment Time: The time to setup a new service should be as less as possible thereby allowing a faster time to market; basically no one likes to wait! The target is to reduce it from the current 4G wait of 90 days to 90 minutes for 5G.

Energy Efficiency: Energy Efficiency needs to be improved to 10% of current consumption! This is not an easy task and requires a new generation of hardware and software systems.

Device Density: Current networks (4G) support up to 1000 devices per sq. km. but for 5G networks the target density is 1 million per sq. km. Before you start asking how you could fit a million devices per sq. km (maybe if everyone is pushed underground because of nuclear war) remember the machine-type communication use-case with hundreds of thousands of sensors in a city centre environment which contains high density business spaces.

Mobility: Everyone loves fiddling with their phones while commuting. But the second you step on a train or enter an underground system things start going bad unless there is train based ‘free wifi’ or mobile signal boosters are installed. 4G works fairly well for up to 100-150 kmph speeds  (e.g. local trains) but fails badly as you get on the super-fast trains (e.g. intercity express trains that run above 200 kmph). 5G networks are being designed to support ground transport speeds of 500 kmph.

Peak Data Rates: This is a fairly straight forward one, 4G supports 100 Mbps and 5G aims to kick this up to 10Gbps. The one thing to note is that this is an ‘up to’ measure so not all users or locations will get the max (up to) limit. In urban locations a guaranteed minimum speed of 50 Mbps has been promised.

High Data Density: To support large number of human and machine hosts concentrated in a small area the 4G data density of 10 Gb/s/sq. km needs to increase to 10 Tb/s/sq. km.

Universal Provisioning: To improve services in rural or so-called low ARPU (Average Revenue Per User/Unit) areas. This is very important not just for the people living in rural communities but also for service continuity (e.g. while driving on a highway). The challenge is to find a trade-off between financial viability and service offerings in rural locations. 5G networks aim to solve this problem.