May 2, 2017
Not accepting conventional thinking about getting data where it’s needed most is a start.
When most people think about information warfare, they probably think of offensive and defensive cyber-security capabilities. But this separates a great deal of information away from those who are on the physical front lines and are most in harm’s way: those deployed in the field. It makes sense that you would have access to more data on an aircraft carrier, or in a fighter jet, or even a mobile command than a forward-deployed platoon. But a company out of Virginia called CSCI was seeing problems in how commanders could get the right information to the right place at the right time, especially at the forward deployed positions. After all, it wouldn’t do to provide everyone a really long CAT 5 cable.
Figure 1: CSCI Engineer manages an early version of the DASCAN node at MCAS Yuma, Weapons and Tactics Instruction Course (WTI).
CSCI’s work in military communications and command and control systems led the company to think about the problem differently. Its engineers designed a system that would address a critical gap in the growing need for information in war: pushing data to the warfighter at the tip of the spear and managing the data flows efficiently on very small throughputs. The concept CSCI initiated, Dynamically Adaptive Secure Computing Area Network (DASCAN), is for a ‘data center in a box’ designed specifically for expeditionary units (Figure 1).
Joe Link, CSCI’s President, insisted DASCAN “solve SWaP problems,” so it had to be small and efficient. Also smart, because bandwidth availability in the field is extremely limited. Any solution had to be affordable for the government, of course. It had to be secure, in order to meet government policy requirements. And it had to be accurate, “because lives could be at stake.”
“Moving away from traditional proprietary solutions to an Advanced Telecom Computing Architecture (ATCA) standards-based blade system helped us address the SWaP issues without sacrificing performance,” said Peter Anderson, CSCI’s CTO. “The team was then able to use the ATCA platform to develop a system that provides a hosting platform for virtual machines, software containers, and software systems protected by an accredited security enclave that meets current Department of Defense cybersecurity requirements.”
The ATCA standard, which was originally developed by the PCI Industrial Computer Manufacturers Group (PICMG) over 13 years ago, has been used in many telecom applications to solve some of the most difficult problems. Typical ATCA Systems are based on a pair of redundant 10G/40G switches and some number of high-performance processor boards interconnected through a high-speed, fabric based, backplane. Power and cooling is centralized and under control from a pair of redundant IPMI based shelf managers. The ATCA standard has been evolving over time and has enhanced the integrated fabric to 100G to support the highest performance Intel Xeon processors.
Though a robust and dynamic standard supported by a variety of companies, ATCA has been making headway into military programs for some additional reasons. Size, weight, and power are critical characteristics for all forward deployed troops. ATCA helps reduce SWaP while delivering maximum performance. Unlike a rack of servers, all ATCA components operate on DC power. Power conversion from AC to DC only occurs once for the entire rack instead of by each component, improving overall power utilization. ATCA concentrates the fans as individual line-replaceable units (LRUs) in the rack instead of the fans being replicated for each component, improving not only reliability and serviceability, but also the total size of the system. The wasted space inherent in a rack of servers due to power supplies, fans, and other infrastructure pieces is utilized by ATCA for processing.
For this program, the AXP640 6-slot chassis from Artesyn (Figure 2) is 7U high and 20 inches deep. It supports six different board slots. Though the chassis supports dual 40G fabric switches such as Artesyn’s ATCA-F140, this program required a larger number of 1G terminations, so a SANBlaze ATS 1936 switch was used along with four Artesyn ATCA-7370 dual eight-core Intel Xeon processors (though this is an older processor board and newer boards have a higher core count), and a SANBlaze ATCA-2000 RAID SSD blade. The use of a variety of products from two different companies demonstrates the openness of ATCA. There is no cabling between the switch and payload blades, because the backplane routes all 10G traffic. The only external connections from the system are from the external ports of the integrated switch to the remaining equipment.
To demonstrate the improved SWAP characteristics of an ATCA based system, CSCI and Artesyn compared the weight and power requirements of a stack of thin servers and switch to a comparable configuration of ATCA products. Though the ATCA chassis and blades require additional rack height, 7U versus 6U for the stack of servers, the power required for the ATCA-based system is 1240W versus 1700W for the stack of servers and external switch. That is an almost 30 percent improvement in power efficiency. This efficiency directly impacts the amount of fuel required to carry to the front line, which in turn reduces the logistical cost of supplying that fuel. Assuming a cost of fuel for continuous operation is 15¢/KWH, the ATCA-based system would cost $1630 a year to operate while the rack of servers would cost $2230 annually to operate.
The ATCA system weighs 49Kg, while a comparable server stack weighs 85Kg. That is over a 40 percent improvement in weight. The ATCA system is well within the two-man lift limit. The server stack is beyond the limit and would cost 60 percent more than the ATCA system to transport.
ATCA also reduces the complexity and struggles of technology refresh cycles. Chassis and switch products do not have to change while upgrading to newer processor technologies. Existing infrastructure that has already been environmentally qualified can be kept while replacing only the payload boards due to obsolescence issues or a desire to move to higher performance processors. Even if a refresh cycle involves migrating the fabric interface from 10G to 40G, the chassis, shelf management, and system management software does not change even if updated switches and payload boards are used in the system. Racks of servers require true fork lift upgrades to do this type of upgrade.
From the start, virtualization was the only way to effectively use very large computational resources and dynamically spread those resources across a diverse set of guest operating systems. CSCI’s ATCA-based DASCAN system was recently updated to run the VMWare ESXi 6.5 as its core for virtualization. To meet DoD Requirements, CSCI has introduced Security Technical Implementation Guide (STIG) versions of Windows 2012, Windows 10, CentOS, and RedHat Linux. In the past, the DASCAN system has incorporated Windows 7, Windows 2008R2, and even Sun Solaris. Virtualization is key because it allows CSCI to move resources (VMs) from the unclassified development systems to DoD systems with relative ease. The templating of secure host baselines allows CSCI to rapidly deploy and configure new systems, take snapshots, and load and unload VMs to optimize resource utilization. CSCI regularly hosts software systems that require test and evaluation in classified environments. Virtualization is essential to incorporate partner software into a secure enclave network for testing in real-world tactical exercises and events.
ATCA allows CSCI to build systems with lower costs, smaller footprints, environmentally friendly characteristics, enhanced virtualization, and more robust security. Leveraging these outcomes is smart business and addresses many of the headaches of today’s military communications system developers, no matter how large or small
Drew Blitz, is Team Lead, Computer Systems Center Incorporated (CSCI) www.csci-va.com
Rob Persons is Senior Sales Architect, Artesyn Embedded Technologies, Inc. www.artesyn.com/computing