Ship Design Around Software Defined Networking (SDN) Systems
BY: Philip A. McGillivary, US Coast Guard Pacific Area & Icebreaker Science Liaison, Alameda, CA
Martino Fornasa and Pierpaolo Baglietto, Computer Platforms Research Center, University of Genoa, Italy
Michele Stecca, International Computer Science Institute, Berkeley, CA
Giovanni Caprino, Cetena, Fincantieri Group, Genoa, Italy
Massimo Maresca, Scientific Office, Consulate General of Italy, San Francisco and International Computer Science Institute, Berkeley, CA
Cloud computing has taken over many areas of computing/ communication systems, in particular in companies with large distributed computer systems and databases. Cloud computing is based on both dynamic computer system virtualization and dynamic network virtualization. In this article we focus on dynamic network virtualization and more specifically on Software Defined Network technology, which basically involves a shift from increasingly “smart” routers/switches to much simpler routers/switches only providing data plane functionalities, whereas the network control plane functionalities are provided by software platforms hosted in computer systems possibly distant from the actual networks (c.f. Pretz, 2013). Specifically the data plane, which transports data packets, is separated from the control plane, which decides how to forward data packets. In SDN, the data plane is controlled by devices called network controllers, which send commands to “dumb” switching nodes (routers) throughout the network (Feamster et al., 2013).
There are several advantages to managing computer networks using SDN. One immediate benefit is that SDN computer systems are much simpler in terms of physical components. Moreover, SDN management of the system provides the ability to immediately reconfigure entire networks on the fly, enabling a more resilient and self-healing system in the event of individual component failure. This also allows for the ability to automatically distribute software upgrades across the system, including security patches. Additionally, there is an open standard for SDNs called OpenFlow (http://www.opennetworking.org), which means that SDN systems are not locked to individual proprietary software.
In terms of their use on ships, SDN systems have only been implemented in a piecemeal manner (e.g., bridge, communications, or engine room management). We discuss the benefits of designing a complete ship “from the keel up” with SDN systems so that ship computer operation and management schemes are “in the cloud.” We also discuss scenarios of ship use wherein SDN management for ships has advantages that are beneficial to ship operations in the future.
The shift to cloud computing (or cloud-centric network management) is a shift away from static computer architecture toward systems that are more dynamically reconfigurable. Usually, this is described in terms of “virtual” computer network management (Chen, 2011). This development has evolved principally to address several challenges to static computer architectures:
1) Storage virtualization – the need and ability to deal with profoundly increasing bandwidth needs often required on either a periodic or an aperiodic “burst” basis rather than continuously;
2) Computing virtualization – the need to automate network service management, including automation of provision of scalable bandwidth-on-demand;
3) Fault tolerance – the need to optimize flexible management of multi-layer computer systems with technology components from different vendors, including improvement in overall system resilience in the event of individual component failure; and
4) Elasticity – the need to reprogram networks on-thefly to update software concurrently across an entire network, especially for security software updates.
The SDN paradigm was developed to address these needs and has the convenient by-product of significantly reducing the overall complexity of computer network architecture.
This reduced computer system complexity further increases network resilience while reducing system hardware and software costs, along with reducing personnel effort and expenses for system maintenance and supervision.
Status and Needs for Shipboard Computer Networking
The U.S. Navy’s newest ship USS ZUMWALT will incorporate a number of advances in computer networking (Gallagher, 2013). These advances, however, stop short of full construction of a ship with SDN, or “operating in the cloud.” One need only look at recent reviews of U.S. Naval assessments of ship computer security systems to see that their widespread failure to pass software security inspections due to outdated software is a major problem, where “What the fleet really needs is the ability to sustain a consistent level of readiness” (Capt. David Wirth, Dir. Communications and Information Systems, Third Fleet) (Defense Systems Staff, 2014). Security alone would be one reason to move toward SDN-based shipboard computer networks to enable consistent security software distribution. Updating communication capabilities and other ship software systems using cloud-based management is also important because this can be done not only for an individual ship, but also across an entire fleet. This is clearly another reason why SDN-based systems are certain to be important in the future.
Two possible examples within the U.S. Coast Guard where ship computer systems with SDN could be used are the planned restoration of the Polar Class heavy icebreaker POLAR SEA, and the planned construction of a new heavy icebreaker to replace the POLAR SEA’s currently operational sister ship, POLAR STAR. These and other so-called “multi-mission” ships, whose mission often changes from one cruise to the next, are excellent candidates for construction with SDN-based networking systems. Other ships that are particularly appropriate for SDN computer systems would include similar multi-mission research vessels used by government agencies and universities as well as cruise ships and private luxury yachts. Such ships have data needs that change over time and would benefit from state-of-the-art computer systems as well as the increased resilience provided by SDN system management.
Cloud Technologies: Software-Defined Networking & Network Virtualization on Ships
What is involved in designing a ship with cloud computing infrastructure, and what benefits will accrue? First, a cloud computing infrastructure can include different deployment models: a private cloud, a public cloud, and a hybrid cloud. A private cloud has an infrastructure that is operated for the benefit of a single organization (such as for use by the ship itself, either managed internally and/or by a third party ashore). A public cloud has an infrastructure that is accessible to the general public, such as to enable public access to data from sensors on the ship or for educational outreach. A hybrid cloud is composed of several clouds that form a federation of computing resources (Nell and Grace, 2011), such as for combined management of several ships with different sensor systems operating collaboratively on a mission or for a single ship operating to coordinate activities of multiple unmanned systems, potentially including autonomous underwater vessels (AUVs), autonomous surface vessels (ASVs), and unmanned aircraft systems.
Example of individual ships with Software Defined Networking (SDN) with the option for collective management of multiple autonomous
systems associated with the ship (such as unmanned aircraft) as well as multiple ships coordinated via so-called Hybrid Cloud management.
As modern ship architectures rely more frequently on a unified network infrastructure, both for tactical and non-tactical functions, SDN in the maritime domain would allow greater flexibility in network reconfiguration. Using SDN would allow for rapid and automatic reconfiguration of networks depending on changing storage and communication needs or in the event of component failure.
As noted above, modern ships are often part of a larger communications ecosystem that can comprise adjacent ships, autonomous systems, and onshore command centers. Such diverse interaction schemes can take advantage of the multiple levels of resource aggregation and configuration enabled by SDN and cloud technologies to create a system that allows the implementation of more efficient distributed applications. Additionally, as ship systems increasingly produce larger volumes of data to be managed and transmitted among ship systems (including autonomous components) and shore (including status update data logs of ship subsystems), SDN systems can take advantage of existing “Big Data” management systems using so-called non-relational (e.g., NoSql) databases by Google, Amazon, Cloudera, and others.
Finally, as noted above, SDN and cloud technology use has important security implications, allowing the use of reprogrammable platforms to host virtualized security applications (dynamic firewalls, virtual packet classification, and sensitive data protection). The ability to easily update these security software control systems across a fleet represents a considerable cost savings and security benefit over current practices.
In summary, as new ship construction is contemplated by the military; academic oceanographic institutions; the U. S. Coast Guard; and industrial, cruise ship, and private yacht owners, the multiple advantages of constructing ship computer systems based on SDN (i.e., construction of ships with computers “in the Cloud”) are becoming obvious. Reducing costs and increasing networking management flexibility and security are perhaps the principal benefits of SDN. For all the reasons cited above, ships with computer systems “in the cloud” are certain to be built in the near future.
Chen, G. 2011. End-to-End Virtualization: A Holistic Approach for a Dynamic Environment. IDC White Paper, c.f.: https://www.ibm.com/midmarket/uk/en/att/pdf/End_to_end_Virtualisation.pdf
Defense Systems Staff. 2014. Navy team to boost shipboard cybersecurity. Cyber Readiness Team to address risks often caused by legacy software and inconsistent configurations. Defense Systems, May/June:14.
Feamster, N., J. Rexford and E Zegura. 2013. The Road to SDN. ACM Queue, c.f.: http://queue.acm.org/detail.cfm?id=2560327
Gallagher, S. 2013. The Navy’s newest warship is powered by Linux. Ars Technica, Oct. 18: http://arstechnica.com/information-technology/2013/10/the-navys-newest-warship-is-powered-by-linux.
Nell, P. and T. Grace. 2011. The NIST Definition of Cloud Computing. NIST Specl. Pub. 800-145. C.f: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Pretz, K. 2013. Software defined networks explained. IEEE Institute, Aug. 7, c.f.: http://theinstitute.ieee.org/benefits/ieee-groups/softwaredefined-networks-explained.