editor's blog
Subscribe Now

First Formal DDS Security

As noted in today’s article on some of the characteristics of the DDS data transport standard, it’s missing a rather important component: formalized security. Proprietary schemes have been layered on top of it, but the OMG has a beta standard that they’re now finalizing (a process that could take up to a year).

But that doesn’t stop early adoption. RTI has announced an implementation of the new OMG security standard for DDS – something likely made easier since, by their claim, they contributed much of the content of the standard.

There are a couple of particular challenges with respect to security on DDS. First, due to its decentralized nature, there are no brokers or single-points-of-security (which would be single points of failure). This means that each device or node has to handle its own security.

Second, DDS runs over many different transport protocols, some of which may or may not have their own security. Because of that, you can’t rely on the underlying transport security for protection. This means adding DDS-level security (which may complement security at a lower level).

We usually think of security as protecting the privacy of a message so that only the intended receiver can read it. While this is true, RTI points out that, in many cases, the content isn’t really secret – you just want to be sure that it’s authentic. They use as an example a weather data transmission: you may not care if anyone else sees it, but you want to be sure you’re getting the real thing and not some spoofed message that’s going to send your boats out into the heart of a hurricane. (I hear that competition amongst fishermen is fierce!)

So RTI’s Connext DDS Security includes authentication, access control, encryption (using encryption standards), data tagging (user-defined tags), and logging.

RTI__Security_Plug_Ins_Network_Slide_red.png

(Click to enlarge)

Image courtesy RTI

If all you’re interested in is authentication, you can improve performance by taking a hash of the message (much faster than encrypting) and then encrypting only the hash (much smaller – hence quicker – than the entire message). Full encryption (needed to obscure the entire payload) can be 100 times slower.

You can also customize your own encryption and authentication code if you wish.

They claim that this is the first “off the shelf” security package; the prior proprietary approaches ended up being written into the applications explicitly. Here it’s provided as a library for inclusion in the overall DDS infrastructure.

You can find more in their announcement.

Leave a Reply

featured blogs
Sep 21, 2020
Technology is changing the strategies we use to do things - oh so fast that 2010 seems like a distant past- within many spaces -- including the way we do our current topic of interest - Timing... [[ Click on the title to access the full blog on the Cadence Community site. ]]...
Sep 21, 2020
Semicon, the world’s largest semiconductor conference and exhibition, is September 23-25 in Taiwan. Like most shows of its size and caliber, Semicon boasts a long and illustrious list of exhibitors (500+), and countless forums, symposiums, and workshops. Of course Semic...
Sep 18, 2020
[From the last episode: We put the various pieces of a memory together to show the whole thing.] Before we finally turn our memory discussion into an AI discussion, let'€™s take on one annoying little detail that I'€™ve referred to a few times, but have kept putting off. ...
Sep 16, 2020
In addition to the Great Highland (Scottish) bagpipes, the Uilleann (Irish) bagpipes, and the Northumbrian (English) bagpipes, there are myriad other offerings spanning the globe....

Featured Video

AI SoC Chats: Memory Interface IP - DDR, LPDDR, HBM, GDDR

Sponsored by Synopsys

When building AI SoCs, how do you choose the optimal memory interface? Learn about the market trends and challenges for DDR, LPDDR, HBM, and GDDR, and how Synopsys DesignWare IP can help.

Click here for more information about DesignWare IP for Amazing AI

Featured Paper

4 audio trends transforming the automotive industry

Sponsored by Texas Instruments

The automotive industry is focused on creating a comfortable driving experience – but without compromising fuel efficiency or manufacturing costs. The adoption of these new audio technologies in cars – while requiring major architecture changes – promise to bring a richer driving and in-car communication experience. Discover techniques using microphones, amplifiers, loudspeakers and advanced digital signal processing that help enable the newest trends in automotive audio applications.

Click here to download the whitepaper

Featured Chalk Talk

Accelerate the Integration of Power Conversion with microBUCK® and microBRICK™

Sponsored by Mouser Electronics and Vishay

In the world of power conversion, multi-chip packaging, thermal performance, and power density can make all of the difference in the success of your next design. In this episode of Chalk Talk, Amelia Dalton chats with Raymond Jiang about the trends and challenges in power delivery and how you can leverage the unique combination of discrete MOSFET design, IC expertise, and packaging capability of Vishay’s microBRICK™and microBUCK® integrated voltage regulators.

Click here for more information about Vishay microBUCK® and microBRICK™ DC/DC Regulators