Advanced systems engineering for cybersecurity

Author: Kostas Kavoussanakis
Posted: 24 Jul 2020 | 16:26

 

EPCC has collaborated with Intel® and Illuminate Technologies to investigate innovative performance-enhancing, packet-processing approaches within the type of Cloud environment expected to be seen in 5G deployments. 

Illuminate Technologies focuses on telecommunications networks, providing innovative capabilities for cyber-threat detection, legal compliance for critical communications infrastructure, and public safety.  

The company collaborated with EPCC, and Intel® to investigate the suitability of new computer networking technologies for a new cybersecurity solution. 

The challenge 

Telecoms networks are undergoing a revolution in which network elements are fully virtualised and hosted in a data centre environment. The highest profile example of this is the 5G Service Based Architecture (SBA) that will require Network Function Virtualisation (NFV) to deliver advanced services such as Internet of Things (IOT) connectivity. This NFV architecture means that the traditional approach of monitoring links on network elements is no longer valid as the network elements and links are virtualised and the mapping to physical elements may change dynamically. 

Our collaboration’s first aim was to create an extremely reliable Cloud environment using standard components. Next, we wanted to establish a benchmark for data-traffic processing against which further code optimisations could be measured. Finally, EPCC would design and develop performance optimisations utilising emerging programmable networking approaches, optimised for a Cloud environment. 

It quickly became apparent that the project was best suited to answering questions about the suitability, reliability and ease of use of the novel technologies involved, notably OpenStack, P4C-XDP, eBPF, and DPDK for our use-cases. This area is important for Illuminate Technologies as it allows network-processing code to be targeted at multiple platforms from a common specification. The work was also expected to yield cybersecurity findings of interest to Intel®. 

Results 

EPCC developed and tested a new P4 code that aggregates Illuminate Technologies’ algorithms handling network traffic. EPCC optimised the code, accelerating it by over 8% in some cases. This acceleration is already significant in the context of cybersecurity and lays a foundation for further improvements to the Illuminate Technologies P4 code. 

EPCC also developed and documented a hardware and software toolkit that demonstrates the capabilities of eBPF in the Illuminate Technologies use-case. This includes a cutting-edge unit-test framework that allows the functionality of Illuminate Technologies’ code to be validated, and also benchmarked under certain conditions. 

Benefits 

Society’s migration to Cloud technology means the need to identify and mitigate threats to provide a safe operating environment for economies, critical infrastructure and individuals is vital. The collaboration has highlighted many aspects around the maturity of intelligent packet processing in Open Source Cloud technology, highlighting areas of focus for future development.  

Telecoms networks infrastructure is undergoing a rapid migration from central-office technologies, based on proprietary hardware, to data centre technologies with commodity, high volume hardware.  With these new technologies it is no longer possible to handle higher traffic volumes through hardware optimisation. Instead extensive system engineering is required to optimise all the software components in the packet flow.   

This project has demonstrated that software-based packet processing, using data centre software, can be applied to the essential network visibility workload and can scale to the traffic volumes expected in next-generation networks such as 5G. 

Collaborative work is central to the activities of Illuminate Technologies, EPCC and Intel®. The technologies used in the project were innovative and at the outset neither Illuminate Technologies nor EPCC had a mature toolkit to support this development work. We have now consolidated the knowledge and tools that will underpin important future developments in networking and code optimisation for cyber security functions. 

This knowledge can support Illuminate Technologies’ decisions when selecting target platforms and technologies. 

By bringing together the expertise of the three partners, we were able to explore new innovations in packet processing. While it will take time for this technology to mature, the expertise gained by the partners places them in a strong position to bring the next iteration of this technology to market.  

This project further enhances Scotland’s growing reputation at the forefront of Cloud technology innovation, with growing companies like Illuminate Technologies in Edinburgh becoming a leading R&D centre of excellence in Scotland. 

“Working with industry leading partners in a cutting-edge testbed environment allows us to fast-track new concepts into prototype. The excellent facilities and technical expertise provided by this project were perfectly suited for this.” Roy Macnaughton, VP Engineering, Illuminate Technologies

 

“The Illuminate Technologies CodeOptScotland project clearly demonstrates how Scotland couples local industrial and academic excellence with its international links to exploit cutting-edge technology.” David Smith, Director National Opportunities, Scottish Enterprise 

 

“The adoption of technologies such as DPDK, XDP/eBPF and P4 helps evolve the capabilities of network infrastructure in cloud environments. Companies like Illuminate Technologies can use these capabilities to advance their development efforts in cloud networking.” Dr Nash Palaniswamy, General Manager AI & HPC Solutions, Intel® 

 

“EPCC is delighted to help Illuminate Technologies navigate the capabilities of networking technologies so new that the project would have been largely infeasible six months ago." Professor Mark Parsons, EPCC Director

CodeOpt Scotland 

This project was part-funded by the CodeOpt Scotland programme, which was designed to increase com-pany competitiveness by optimising the performance of business-critical software. CodeOpt Scotland is a partnership of EPCC, Scottish Enterprise and Intel®.

Author

Kostas Kavoussanakis, EPCC.

Image: Joshua Sortino on Unsplash.

 

 

Blog Archive