Space Communications Protocol Standards -- Capabilities
Transcript of Space Communications Protocol Standards -- Capabilities
Space CommunicationsProtocol Standards --
Capabilities and SoftwareRobert C. Durst
The MITRE Corporation
22 February 2001
Congestion control appropriate formixed-loss environments(congestion, corruption, outage);Selective negative acknowledgment;Robust header compression;RFC 1323 window scaling;Partial Reliability service (BETS);
Delimitation of record boundaries;RFC 1323 timestamps for high ratesequencing, delay measurement.
Record read & record update;File & record Integrity;Automatic restart;User suspend/resume;Suppress ASCII reply codes.
SCPS FILE TRANSFER PROTOCOL(SCPS-FP)
SCPS TRANSPORT PROTOCOL(SCPS-TP)
SCPS SECURITY PROTOCOL(SCPS-SP)
INTERNET SECURITY
PROTOCOL (IPSec)
SCPS NETWORKPROTOCOL(SCPS-NP)
7
4
3.5
3
Underlying Link Protocol2
(Optional)
+/-FTP
Authentication: guarantee of the identity of a source;Access Control: prevention of unauthorized access;Integrity: protection against modification;Confidentiality: protection from disclosure.
Provide both connectionless and managed- connection routing;Support precedence (priority) based handling;Offer multiple routing options;Signal errors to the layer above;Support packet lifetime control;Scalable - tailor capability to need, e.g., highcommunications efficiency in constrainedbandwidth conditions.
+/-TCP/UDP
SCPS Capabilities
SCPS sits on top of existing linkcapabilities, and augments them
(Optional)
INTERNETPROTOCOL
(IP)
3
SCPS Protocols -- Layering Options
SCPS-NPSCPS-NP IPIP
LinkLink
SCPS-SPSCPS-SP
Socket Interface
Other AppsOther Apps
IPSecIPSec
UDPUDP
SCPS Extensionsto the SocketInterface
TCPTCPS
CP
S-F
PS
CP
S-F
P
CommonNetwork-LayerInterface
TCPOptions
TCPTCPOptionsOptions
FTPFTPFTPFeatures
FTPFTPFeaturesFeatures
SCPS-TP Optionsin yellow
4
SCPS Reference Implementation
l The SCPS protocols have been implemented as anapplication that runs on most Unix platforms
- Software is freely available to all interests (no longerexport controlled)
- Copies distributed to commercial, academic, andgovernment organizations
l Commercialization activities- Avtec Systems - commercial SCPS satellite ground
systems and SCPS transport layer gateway- Major Spacecraft Bus Contractor “1” - building VxWorks-
based version of SCPS protocols for spacecraft on-boardOS
- Major Aerospace Contractor “2” - Building VxWorks-based stack for military use
- Major Aerospace Contractor “3” - testing SCPS Gatewayfor commercial UHF SATCOM
5
Reference Implementation - Capabilities
l End-system configuration- Application-space implementation: primarily an
evaluation tool- Implementations of the FP, TP, SP, NP (and interface to IP)- Simple test applications- Configuration scripts to set various host and
configuration defaults- Portable across most UNIX systems
l Protocol-translating transport-layer gateway configuration- TCP-to-TP conversion- UDP pass through (with rate control)- Optional use of SP- Either IP or IP-to-NP conversion- FreeBSD or Linux (with Divert sockets)- Java Graphical User Interface to configure gateway rules
6IP or UDP/IP EncapsulationIP or UDP/IP Encapsulation
SCPS Reference Implementation Options:End System Configuration
SCPS-NPSCPS-NP IP InterfaceIP Interface
SCPS-SPSCPS-SP
SCPS Sockets
Other AppsOther Apps
UDPUDP
User Application
TCPTCPS
CP
S-F
PS
CP
S-F
P
TCPOptions
TCPTCPOptionsOptions
FTPFTPFTPFeatures
FTPFTPFeaturesFeatures
Kernel Sockets
7IPIP
SCPS Reference Implementation Options:Transport Layer Gateway Configuration
SCPS-NPSCPS-NP IP InterfaceIP Interface
SCPS-SPSCPS-SP
Gateway FunctionGateway Function
User Application
TCPTCPTCPOptions
TCPTCPOptionsOptions
Kernel Sockets
LinkLink
RoutesRoutesJava GUIJava GUI
8
SCPS Reference ImplementationDistribution
l Unrestricted distribution as of July 2000- 13 non-US requesters to date
l 79 total copies of the SCPS Reference Implementationdistributed (does not include updates) as of 8 Jan 2001
- Industry: 46- Academia: 10- Government: 23
Contact Information:Robert C. Durst
The MITRE [email protected]
+1 703 883-7535 voice+1 703 883-7142 fax
Backup Information:SCPS Overview
Robert C. DurstThe MITRE Corporation
[email protected]+1 703 883-7535 voice+1 703 883-7142 fax
11
Agenda
l SCPS Capabilities and Layers- Layering options and key protocol relationships- Capabilities by layer
l SCPS Software- Reference Implementation- Independent implementations- Testing
12
CCSDS International
Standardization Complete
A Journeyman’s Perspective
Munich IETF:TCP Performance
Issues
Autobuffer tuning
Mobicom ‘96: TCP Extensions for
Space Comm.
NASA/DOD meetings,NASA participation
in GPALS TIM
SCPS Development Timeline
AIAA-brokeredintroductions between
USSPACECOM and NASA
Internet congestion
collapse, TCPFast Retransmit,
RFC 1072
TCP Fast Recovery
RFC 1323
1991 1992 1993 1994 1995 1996 1997 1998 1999 2000199019891988
SACK TCP (RFC 2018)
SCPS Phase 2 - Specification,
Development, & Test
SCPS Phase 1 - Exploration
and Definition
Beginning of SCPS Phase 3 -
Deployment
The Dark Ages of GOSIP
TCPSAT WG
RED ECN
14
SCPS Protocols -- Layering Options
SCPS-NPSCPS-NP IPIP
LinkLink
SCPS-SPSCPS-SP
Socket Interface
Other AppsOther Apps
IPSecIPSec
UDPUDP
SCPS Extensionsto the SocketInterface
TCPTCPS
CP
S-F
PS
CP
S-F
P
CommonNetwork-LayerInterface
TCPOptions
TCPTCPOptionsOptions
FTPFTPFTPFeatures
FTPFTPFeaturesFeatures
SCPS-TP Optionsin yellow
Congestion control appropriate formixed-loss environments(congestion, corruption, outage);Selective negative acknowledgment;Robust header compression;RFC 1323 window scaling;Partial Reliability service (BETS);
Delimitation of record boundaries;RFC 1323 timestamps for high ratesequencing, delay measurement.
Record read & record update;File & record Integrity;Automatic restart;User suspend/resume;Suppress ASCII reply codes.
SCPS FILE TRANSFER PROTOCOL(SCPS-FP)
SCPS TRANSPORT PROTOCOL(SCPS-TP)
SCPS SECURITY PROTOCOL(SCPS-SP)
INTERNET SECURITY
PROTOCOL (IPSec)
SCPS NETWORKPROTOCOL(SCPS-NP)
7
4
3.5
3
Underlying Link Protocol2
(Optional)
+/-FTP
Authentication: guarantee of the identity of a source;Access Control: prevention of unauthorized access;Integrity: protection against modification;Confidentiality: protection from disclosure.
Provide both connectionless and managed- connection routing;Support precedence (priority) based handling;Offer multiple routing options;Signal errors to the layer above;Support packet lifetime control;Scalable - tailor capability to need, e.g., highcommunications efficiency in constrainedbandwidth conditions.
+/-TCP/UDP
SCPS Capabilities
SCPS sits on top of existing linkcapabilities, and augments them
(Optional)
INTERNETPROTOCOL
(IP)
16
SCPS Network Protocol:Key Features
l 4-octet minimum header size, increases only to supportrequired options (on per-packet basis)
l Addressing - Transport interface is via IP Addresses
- Available translations for bandwidth efficiency:
l“Flow ID” style (1 byte)
lShort source and destination (1 byte each)
- If translation not defined, regular addresses shipped
l Precedence - 16 levels (independent of IP TOS field)
l Routing - different routing treatments selectable per packet(e.g., standard, flood)
l IP TOS Field supported
l Enhanced network control functions
17
Important DifferencesBetween SCPS-NP and IP
l SCPS-NP has 8191-byte packet size limit and no fragmentation
l SCPS-NP has max of 16 upper-layer protocols identifiable
l SCPS-NP has 16 levels of precedence, independent of TOS field
l SCPS-NP’s version of ICMP (SCMP) supports explicit signalingof congestion, corruption, and link outage (requires informationfrom link layer)
18
SCPS Security Protocol
l Resides above SCPS-NP or IP
l Developed under NSA sponsorship by SPARTA- Originally conceived for Brilliant Eyes/Brilliant Pebbles- Major design driver was reduction in header overhead -
ruled out use of existing Internet protocols such asIPSec
Security Protocol Capabilities Comparison
Capability SCPS IP Remarks SP SEC
• Confidentiality l l
• Integrity l l
• Authentication l l
• Access Control l l
• Replay Protection l SP uses transport sequence numbers
• Multiple security l Omitted for bit-efficiency
associations per
address pair
20
SCPS Transport Protocol
l SCPS-TP is TCP, with extensions, and UDP- TCP extensions developed to improve performance in
tetherless environments- Additional services defined to support enhanced
operations modes- Fully interoperable with existing TCPs - enhanced
capabilities signaled by TCP options on connectionestablishment
l SCPS extensions developed for spacecraft communication- Equally applicable to SATCOM, low bandwidth, and/or
error-prone environments- Rate control capability applicable in bandwidth-
reserved environments (e.g. integrated services)
21
SCPS-TP Enhancements to TCP
l Congestion control alternatives:- “Standard” TCP (RFC 2001)- Adaptations of TCP-“Vegas” congestion avoidance- Rate control (with or without other congestion control)
l Selective Negative ACKl Explicit corruption and link outage responsesl Loss-tolerant header compressionl Partial reliability servicel Record boundary marking
22
Major SCPS-TP Enhancements to TCP
l Congestion control alternatives:- Standard TCP (RFC 2001)- TCP-Vegas
lAvoids congestion loss by measuring queuing- Rate control
lAvailable in combination with RFC 2001 or VegaslCan be used solo -- ideal for layering over Dynamic
QOS RSVP enhancements (ongoing research) orbetween SCPS gateways over dedicated capacitylink
23
Major SCPS-TP Enhancements to TCP(Continued)
l Error recovery modifications- Selective NACK defined
lMore bandwidth-efficient than SACKlDoesn’t require 3 duplicate ACKs to invoke
retransmission- Explicit corruption and link outage responses defined
lCorruption response doesn’t reduce transmissionrate
lLink outage response invokes zero-window probe(persist)
lCoupled to network-layer signals- Can configure TCP-Vegas congestion control to not
assume loss is a signal of congestionlUses queueing and explicit congestion notification
as indications of congestion
24
Major SCPS-TP Enhancements to TCP(Continued)
l Additional enhancements- Loss-tolerant header compression
lOperates end-to-end - integrated with TCP statemachine - multi-hop does not requiredecompression/recompression
lDoes not lose synchronization when packets are lost- Record boundary marking
lAdds an option to delimit the end of a record,preserved appropriately across segmentation andreassembly
- Partial Reliability Servicel In-sequence, correct, possibly incompletelSender controls retransmission attempts, just “moves
on” if retransmission count exceeded
25
SCPS-File Protocol
l Standard FTP with enhancements
- Record Read
- Record Update
- Autorestart
- Manual Interrupt
- Suppression of Reply Text
27
SCPS Reference Implementation
l The SCPS protocols have been implemented as anapplication that runs on most Unix platforms
- Software is freely available to all interests (no longerexport controlled)
- Copies distributed to commercial, academic, andgovernment organizations
l Commercialization activities- Avtec Systems - commercial SCPS satellite ground
systems and SCPS transport layer gateway- Major Spacecraft Bus Contractor “1” - building VxWorks-
based version of SCPS protocols for spacecraft on-boardOS
- Major Aerospace Contractor “2” - Building VxWorks-based stack for military use
- Major Aerospace Contractor “3” - testing SCPS Gatewayfor commercial UHF SATCOM
28
Reference Implementation - Capabilities
l End-system configuration- Application-space implementation: primarily an
evaluation tool- Implementations of the FP, TP, SP, NP (and interface to IP)- Simple test applications- Configuration scripts to set various host and
configuration defaults- Portable across most UNIX systems
l Protocol-translating transport-layer gateway configuration- TCP-to-TP conversion- UDP pass through (with rate control)- Optional use of SP- Either IP or IP-to-NP conversion- FreeBSD or Linux (with Divert sockets)- Java Graphical User Interface to configure gateway rules
29IP or UDP/IP EncapsulationIP or UDP/IP Encapsulation
SCPS Reference Implementation Options:End System Configuration
SCPS-NPSCPS-NP IP InterfaceIP Interface
SCPS-SPSCPS-SP
SCPS Sockets
Other AppsOther Apps
UDPUDP
User Application
TCPTCPS
CP
S-F
PS
CP
S-F
P
TCPOptions
TCPTCPOptionsOptions
FTPFTPFTPFeatures
FTPFTPFeaturesFeatures
Kernel Sockets
30IPIP
SCPS Reference Implementation Options:Transport Layer Gateway Configuration
SCPS-NPSCPS-NP IP InterfaceIP Interface
SCPS-SPSCPS-SP
Gateway FunctionGateway Function
User Application
TCPTCPTCPOptions
TCPTCPOptionsOptions
Kernel Sockets
LinkLink
RoutesRoutesJava GUIJava GUI
31
SCPS Reference ImplementationDistribution
l Unrestricted distribution as of July 2000- 13 non-US requesters to date
l 79 total copies of the SCPS Reference Implementationdistributed (does not include updates) as of 8 Jan 2001
- Industry: 46- Academia: 10- Government: 23
32
An Internet
An Internet
ES
ES
ES
ES
ES
ESES
ES
ES
ESES
ES
ES
GW
Distinguishing features:• Single gateway configuration - provides
IP<->NP conversion, possibly peer gatewayin spacecraft or space-based hosts use NP
• Terrestrial hosts are IP based and use IP infrastructure
SCPS
Deployment Alternative:End-to-End SCPS Transport Modifications
33
Non-SCPS
An Internet
An Internet
ES
ES
ES
ES
ES
ESES
ES
ES
ESES
ES
ES
GW
Distinguishing features:• Single gateway configuration• ES connections on satellite/
wireless side traverse the satellitehop - ES’s must be SCPS-aware
• Wireless ES-to-ES communication using SCPS possible without GW’s
SCPS
Deployment Alternative:Single Transport-Layer Gateway
34
An Internet
A LAN/Internet
An Internet
ES
ES
ES
ES
ES
ESES
ES
ES
ES
ES
ES
ESES
ESES
GWGWSCPS
Distinguishing features:• Dual-gateway configuration• ES transport connections do not
cross the satellite/wireless link so ES’s do not have to be satellite/wireless aware (I.e., can be non-SCPS)
• Application layer connections run end-to-end
Non-SCPS
Non-SCPS
Deployment Alternative:Dual Transport-Layer Gateways
35
Transport Layer Gateways - Discussion
l Applications run end-to-end- Consistent with “End-to-End Argument” - the application
process is the true endpoint, not the box- Even with TCP, applications still responsible for
assurance of delivery - socket close/shutdown semanticsl Gateway advantages
- “Impedance matching” - transport and network protocolfeatures and assumptions suited to the environment
- Control loop isolation, appropriate default assumptions
- Doesn’t require host modifications - “stock” TCP/IP in hosts canstill derive benefits of enhanced TCP
l Issues- IPSec interaction: transparent gateways vs. security
associations
- End-to-end security at application layer
36
Test and Implementation Experience:Developer Testing
l Three major test reports available via SCPS web page(http://www.scps.org)
- “Bent-pipe”- STRV 1B- ACTS
l Innumerable lab tests to examine specific issuesl Upcoming: STRV 1D Test
- 4Q2000 - 1Q2001- NP and IP over CCSDS Link- SCPS Gateway in control center- VPN via IPSEC from control center to Internet-based users- Follow-on testing using commercial ground system
provider and commercial ground equipment (includingSCPS Gateway)
- Testing at least delayed due to spacecraft problems
ACTS Satellite Test Configuration
User Site 1 User Site 2
SOURCE DESTINATION
Ethernet LAN Ethernet LAN
TP/IPor
TCP/IP
TP/IPor
TCP/IP
IP IP
Single GEO satellite
Router Router
WS1 WS2WS3
Congestion TrafficGenerator
Ground Station 1 Ground Station 2
38
Selected Results: 2Mbps Corruption Test -Throughput
Throughput - Corruption Environment - Normalized to 2 Mbps
4 Mbyte file, 1400 byte packets
0
10
20
30
40
50
60
70
80
90
100
1.00E-08 1.00E-07 1.00E-06 1.00E-05 1.00E-04 1.00E-03
Link Bit Error Rate
TP, Rate Ctl.
TP, Vegas
TCP
39
Selected Results: 2Mbps Congestion Test -Throughput
T h r o u g h p u t - C o n g e s t i o n E n v i r o n m e n t a t 2 M b p s
4 M b y t e f i l e , 1 4 0 0 b y t e p a c k e t s
0
200
400
600
800
1000
1200
1400
1600
100 110 120 130 140 150 160 170 180 190 200
Congestion (random variable: max % of link capacity)
TP
TCP
40
Test and Implementation Experience:Independent Testing
l Avtec Systems - Commercial CCSDS equipment supplier- Port of SCPS Reference Implementation over ACTS
satellite -- Test results in AIAA paper:http://www.avtec.com/sgs/pubs/pdf/AIAA_Paper.pdf
l New Mexico State University- Built hardware link simulator- Tested SCPS enhancements versus TCP over simulator
lResults taken with important SCPS features disabled --didn’t see differences from TCP
lThey are currently rerunning their test suite with SCPSfeatures enabled -- initial results consistent with ourlab testing
l Joint Expeditionary Force Experiment 2000 (JEFX 2000)- Joint US services test- SCPS Gateways with SATCOM and military tactical radios
from C130 to ground
41
Independent Implementations
l Avtec Systems- Implemented Windows-NT based in-kernel port- End system and gateway products in development- Avtec SCPS Gateway to be used in STRV-1D follow-on
l Xiphos Technologies- Canadian company- Developed hardware implementation of SCPS-NP for
spacecraft onboard use- Currently developing independent implementation of
SCPS-TPl Global Sciences and Technology
- Currently developing Linux kernel implementation- Lead on VxWorks “kernel” implementation for STRV-1D
Contact Information:Robert C. Durst
The MITRE [email protected]
+1 703 883-7535 voice+1 703 883-7142 fax