1 6 7 8 9 10 Previous Next

Market Applications

337 posts

smart grid.jpgComputers become far more useful once they’re networked—at which point they also become vulnerable. Despite firewalls and anti-virus software there’s hardly a PC that hasn’t been the recipient of a virus that tracks online browsing activities or sends spam to a contact list. PC viruses rarely bring down the computer, since the sender is more interested in quietly stealing the information on it or joining it to a botnet that sends out further spam and/or viruses.

The Smart Grid is essentially a large, high-voltage communications network, and as such it’s subject to hacking, just like any other network. Unlike PC viruses any attack on the grid would be disruptive and potentially catastrophic. This concern has been one of the driving forces behind the move to a decentralized, robust, secure Smart Grid.

The Smart Grid is still a work in progress, with much of the North American electrical grid still consisting of a wide range of proprietary components and protocols. They’re networked, but they were designed before cyber security became a major issue.

Get Smart

The Smart Grid is essentially a complex industrial control system (ICS), where some assets have long been part of the grid (SCADA, remote terminal units (RTUs), etc.) and others are new “smarter” assets (Advanced Metering Infrastructures (AMI), intelligent electrical devices (IEDs), smart meters, etc.). All of these are high value targets that can serve as entry points into the grid with the goal of taking over SCADA systems.

The cyber security issues are known as the “CIA triad”—Confidentiality, Integrity, and Availability:

  • Confidentiality—Access to information is largely a privacy issue; it’s important to consumers but less so for network security.
  • Integrity—Protecting the integrity of control commands is imperative in order to maintain control of the grid. This equally true in a corporate environment.
  • Availability—Continuous availability of real-time data is critical to the operation of SCADA systems, though it’s less of an issue for corporate IT systems.

The security issues for the Smart Grid are the same as those in corporate IT systems but the priorities are different:

ICT security in smart grids.jpg

Figure 2: Security issues for the Smart Grid vs. corporate IT systems

Maintaining the availability of real-time data is the top priority for Smart Grid systems, followed closely by the ability to ensure and maintain data integrity.

The power grid—with all its diverse, interconnected devices—represents an extremely large attack surface. Hardening it must start with putting all its Internet-connected elements behind secure servers with layered hardware and software security features.

Better security starts with the servers. Dell's 12th Generation PowerEdge R720t a is Tier 1 class, Network Equipment Building System (NEBS) Level-3/ETSI certified, carrier-grade server running four 95W Intel® Xeon® E5-2600-series processors. The Dell server takes advantage of the Intel® Intelligent Systems Framework, which provides a consistent way to address the foundation capabilities of connectivity, manageability and security. Rich connectivity options provide the flexibility to merge into existing deployments or legacy environments. The platform provides security, manageability and data ingestion options in addition to lightweight application functionality at a basic level.

Hardware based security features can create a trusted execution environment that prevents malicious software from running. Intel® Trusted Execution Technology (Intel® TXT) integrates security features directly into the processor, chipset, and other platform components to enable running mission-critical applications in a safe partition in hardware-secured memory regions. By storing VPN security keys and other critical data in secured memory, Intel® TXT secures the communications links along the Smart Grid.

TXT table.jpg

Figure 3: Intel® Trusted Execution Technology (Intel® TXT)

The Smart Grid relies on distributed intelligence, so the smaller computers reporting back to central SCADA servers must also be secure.

Congatec’s conga-TS87 COM Express Type 6 module is a compact, secure computing solution that can be distributed at various points along the grid. Based on the 4th Generation Intel® Core™ i7 processor the conga-TS87 includes a wide range of connectivity options including seven PCI Express Rev. 2.0 lanes, four 6 Gbps Serial ATA, 8x USB 2.0, and 4x USB 3.0. The boards can be equipped with a discrete Trusted Platform Module (TPM) that is capable of calculating efficient hash and RSA algorithms with key lengths up to 2,048 bits; the TPM also includes a real random number generator.

A Holistic Approach

Implementing cyber security on the Smart Grid is a multi-faceted problem that requires firewalls, intrusion prevention systems, event management, application whitelisting, network security design, system hardening, and security features embedded at the processor level. All of the security challenges are magnified when connecting legacy systems to new ones, which is the nature of today’s Smart Grid. Those issues can be alleviated by standardizing on a distributed computing architecture based on scalable Intel technologies that can enable the grid to be both smart and secure at the same time.


Learn More

Solutions in this blog:


Related topics:


Dell is a Premier member of the Intel® Intelligent Systems Alliance. Congatec AG is an Associate Member of the Alliance.


John Donovan

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Editor/Publisher, Low-Power Design
Follow me on twitter: @jdonovan43

Announced in June, the Intel® Retail Client Manager (Intel® RCM) will be the perfect employee—willing to work 24/7 365 days a year for little pay. And this manager will take on an increasing daunting task for organizations running digital signage systems: managing their content and devices across an entire signage network to deliver the right messages to the right audience at the right time.


Intel RCM is a new software-based content management system that is fulfilling an increasing critical position in the digital signage world. According to a recent Intel press release, although content management systems will reach 35 million units at a cumulative annual growth rate of 40 percent by 2017, creating, deploying and managing an effective digital marketing campaign is currently a time-consuming and resource-intensive proposition for marketers and businesses. This is particularly true when the screens screaming for content management include nearly every retail device consumers touch—from ATMs and point-of-sale terminals to interactive kiosks and vending machines. The best most signage owners can manage is limited and localized marketing campaigns that fail to deliver reach and impact on a large scale.


Already available from Seneca Data Distributors and Avnet Embedded, both Associate members of the Intel® Intelligent Systems Alliance, Intel RCM brings sanity to all this chaos. Let’s look at how.


Simpler, More Versatile Interface

With digital signage becoming a preferred channel for marketing professionals looking to reach customers with relevant content near the point-of-sale, the ability to create new campaigns and promotions in minutes and launch them on selected screens is more important than ever. Intel RCM provides the powerful, but also easy-to-use interface to do that. It enables non-technical employees to quickly learn how to customize content and control screens in groups or individually across a network. Intel RCM also enables marketers to create multiple zones within each digital sign to handle a variety of formats, including HD video, Adobe Flash*, static images and web content. For a demo, see this video.


Right Message to the Right Audience at the Right Time

Some real magic happens when Intel RCM is paired with Intel® Audience Impression Metrics Suite (Intel® AIM Suite). A lot has been written about this anonymous viewer analytics technology in this community, most recently a blog by my Roving Reporter colleague, Tom Starnes. What Intel RCM adds is a smartly integrated interface for tapping Intel AIM Suite’s power to provide more meaningful and relevant advertising to the person standing in front of a particular sign. Intel RCM makes it easy to create targeted content and then configure digital signs employing Intel AIM Suite to identify age and gender and serve up that targeted content when a person fitting the profile comes within range (see Figure 1).


AIM Suite Photo.JPG

Figure 1. Intel® Retail Content Manager’s user interface can be used to create age- and gender-targeted content and direct a sign to display it when Intel Audience Impression Metrics Suite recognizes that a person of the right age and gender is in front of the sign. 


The other magic that comes from the synergy between Intel RCM and Intel AIM Suite in collecting metrics. Intel RCM can on its own provide audit trails, providing “proof of play” reports for retail management and advertisers. Add Intel AIM Suite to the mix and you can add viewer demographics, dwell time, and average view time to those reports to determine just how effective certain advertising is to each demographic. That’s powerful stuff for use in improving the effectiveness of content and ad spends. These advertising metrics can also play an important role in providing valuable edge analysis for a retailer moving into big data business analytics for up-to-the-moment business insight.


Reduced Support Costs

Another great synergy comes from when Intel RCM is used with Intel® Active Management Technology (Intel® AMT). Providing out-of-band manageability capabilities when activated in digital  signage players powered by Intel® Core™ or Intel® Xeon® processors, Intel AMT enables remote management and maintenance capabilities that allow IT professionals to query, fix and protect networked media players even when they’re powered off, not responding, or have software issues. What’s more, this technology helps perform remote asset tracking and checks the presence of management agents virtually anytime.


Reducing Management and Power Costs with Out-of Band Manageability

Out-of-band manageability features also make the 3rd generation Intel core processors particularly appealing for signage applications. When their Intel® vPro™ technology features are activated, Intel Active Management Technology (Intel® AMT) enables remote management and maintenance capabilities that allow IT professionals to query, fix and protect networked media players even when they’re powered off, not responding, or have software issues. What’s more, this technology helps perform remote asset tracking and checks the presence of management agents virtually anytime. Add Intel RCM to your digital signage network and it can provide the interface for technicians to power-cycle machines and repair software issues, along with other device management tasks. A keyboard-video-mouse (KVM) feature enables technicians to control the system as if they were sitting right in front of it.


A Manager Willing to Work for Peanuts

Intel’s suggested pricing for Intel RCM is $16.95 per month per media player, which typically covers two digital signs. If a retailer buys media players equipped with 3rd and 4th generation Intel® Core™ processors having the graphics capabilities to power three displays, they make their investment go even further.


Intel RCM Certified Media Players

A media player doesn’t have to be certified to run Intel RCM. All it takes is a system running Microsoft Windows* 7, Windows Embedded 7, Windows 8, or Windows Embedded 8. But to help developers, system integrators and retail identify systems that can come with Intel RCM installed, Alliance members are providing certified systems.


A good example comes from Seneca. Their HD2.8 High Performance Media Player is a great example  of a small form factor design with expansion capabilities that can even be configured for powering four screens (see Figure 2). Available with a 3rd generation Intel® Core™ processor, it provides media play at 720p/1080p at 60 fps. It can be configured with up to 1TB storage and offers both wired and wireless connectivity options.


seneca front view.JPG Seneca media player.JPG

Figure 2. Seneca HD2.8 Media Player. Dimensions (w x h x d) 8 x 2.8 x 8 in./203.2 x 71.12 x 203.2 mm.



From where I sit, it looks like Intel RCM should be standard equipment in nearly every digital signage system installation. I’d be interested in hearing what others think of this new software and how it will simplify the complexity of managing content in large installations.



Learn More

Solutions in this blog:

·        Seneca HD2.8 High Performance Media Player

Related topics:

·        Manageability - Top Picks (blogs, white papers, and more)

·        Digital Signage - Top Picks (blogs, white papers, and more)


Seneca Data Distributors and Avnet Embedded are Associate members of the Intel® Intelligent Systems Alliance.


Mark Scantlebury

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Associate Editor, Embedded Innovator magazi

Pity the poor automotive in-vehicle infotainment (IVI) designer stuck with having to create a balance between these two all but mutually exclusive requirements:1) satisfying the consumer’s expectation and appetite for the newest IVI features and functionality, including the ability to deploy, manage and update Apps; while 2) respecting the long development cycles and safety requirements required by law of automotive OEMs.


What is an engineer to do? Fortunately, technology can render assistance. One possible answer now emerging is to partition IVI software into two segments, with the individual ecosystems de-coupled and running on separate market-driven (1) and OEM-driven (2) schedules.  In other words the car’s core, native IVI functions–like vehicle indicators or warnings and car security functions–would continue to be developed on the typical two to five -year automobile OEM cycle and remain subject to safety-critical coding practices. While at the same time automobile head unit integration with handheld devices like smartphones continues at breakneck speed, giving consumers the IVI feature they want most:  a choice of what Apps to add whenever they so choose.

Based on HTML5, the newest version of the HyperText Markup Language--a way to enhance a text file with bits of code (markup) that describes the structure of the document--Tizen is well-suited to ongoing efforts to decouple in-car HMI-based functions. An open platform designed to work with a broad spectrum of devices ranging from smartphones and tablets to in-car systems and even TVs, Tizen also promises to lower the cost of deployment as developers are able to create applications that run on multiple systems (different car brands and various car models within a brand) without lengthy code re-writes. In this way Tizen supports the possibility of a single application store for a variety of automakers.


HTML was first developed in the late 80's in order to describe documents that linked to each other. Much has happened in the years that followed, as is evidenced by the fact that we’ve now reached version 5.  HTML5 is built around WebApps, which are small focused applications that can run on a browser or as a mobile application. It has features like offline storage and the ability to handle data even when the app is no longer connected to the Internet. It also has the ability to detect and work with the location of the user and it provides rich media support including easy to implement audio and video elements.


With the help of HTML5 it is possible to embed not only video and audio but high quality drawings, charts, animation and many other rich content types without using any plugins or third party programs, as the functionality is built into the browser. This is important since most video and audio files are played through a plug-in like Flash, but not all browsers have the same plug-ins. With HTML5 developers can forget about a Flash Player and/or other third party media players, making video and audio truly accessible. HTML5 also will allow the end user to access cloud-based services through the web browser engine.


At the 2013 Tizen Developer Conference (TDC) in San Francisco in May, Matt Jones, Jaguar Land Rover (JLR) Senior Technical Specialist - Infotainment discussed an IVI proof of concept project using the Automotive Grade Linux (AGL, part of the Linux Foundation) Demonstrator, a runable IVI system available as both a VMWare image and installable on x86 hardware. Built on top of Tizen 1.0 and integrating GENIVI components (the GENIVI Alliance is a non-profit consortium with the goal of “bringing open source software into the car, starting with the most complicated car software system, the IVI unit”) it sports a custom HTML5 GUI (See Fig. 1).


Figure 1:  HVAC display of the Jaguar Land Rover Tizen IVI demonstrator


The JLR IVI and remote vehicle interaction demo, which included participation by AGL, Feuer Labs, Symbio and Symphony Teleca, is based on a Tizen platform provided by Intel and Jaguar Land Rover. According to JLR’s Jones the HVAC system and Media Player proof of concept was developed over the course of just 2 ½ weeks during which time the team:


• Integrated the system into a vehicle, including CAN control

• Built out the Media Player and HVAC controls

• Built a backend server in the cloud

• Created a remote control website for the HVAC


Jones further said Jaguar Land Rover and Intel worked together to create a base platform that others can build on, including


• Tizen 1.0;

• An HTML5 based application environment;

•A server backend to push / pull apps; and

• Complete documentation


The target hardware was a Nexcom NDiS 166 (Fig.2), a Linux box employing an Intel® Core™ i5/i7 processor (codenamed Sandy Bridge) with Intel® Integrated Graphics and an Intel® QM67 Platform Controller Hub (PCH). Memory includes 2 x 240-pin DIMM sockets supporting up to 16GB (single socket max. is 8GB) of DDR3 1333/1066MHz non-ECC, un-buffered memory. The totally fanless NDiS 166 can easily support dual full-HD video. Other features include GigE, USB 2.0, SATA (1 x 2.5" SATA HDD Bay), Audio, WI-FI, VGA, GPS, HDMI and provision for a TV tuner and LAN modules.


Figure 2 The NexCom NDiS 166


The NDiS 166 platform has been tested using the Tizen 3.0-M1 codebase (on July 2nd the IVI team released Tizen 3.0-M1 for In-Vehicle Infotainment). . This is the first milestone image that builds upon the Tizen 3.0 codebase and is paving the way towards the 3.0-M2 (later in 2013) and the final Tizen 3.0 IVI release in the second half of 2014.


Tizen 3.0-M1 also has been tested on the NexCom VTC 7120-C4, which adopts the Intel® Celeron® Processor 847E (at 1.1GHz).  In addition it offers dual LAN ports for redundancy and high speed interfaces for storage (2.5" SATA and a CFast slot). Storage is easily accessible from the front side for maintenance concerns. Furthermore, it offers support for two SIM card slots and support for the CAN bus as well as 4 digital inputs, 4 digital outputs and 4-channel PoE with IEEE802.3af.


As automotive companies adopt new Vehicle Relationship Management (VRM) tools and systems for software configuration and management, quality control and security integrity of the software have become of particular concern. That’s where companies such as Symphony Teleca Corp., headquartered in Mountain View, Calif., come in. The company, which participated in the Tizen IVI demonstrator as mentioned previously, offers remote software management, telematics and analytics capabilities to help its clients manage the convergence of software, the cloud and connected devices with the added goals of minimizing the cost of vehicle software maintenance, gaining insight into vehicle usage and enriching the possibilities for car owners through feature and application upgrades.


Symphony Teleca’s InSight Connect™ VRM is an end-to-end management solution that provides automotive grade, reliable, cost effective application and software provisioning and maintenance, integrated with the OEM's existing systems throughout the connected car lifecycle. InSight Connect’s flexible and modular structure also enables OEMs to extend and fully customize IVI functionality over time.


Despite its newness, the AGL Demonstrator has been declared a success, and JLR’s Jones indicated that the plan is to keep it going. The first order of business, he said, is to update it to the more recent Tizen 2.1 release. Following that, the plan is to work on several existing open source components that need to be integrated, including a navigation system, Bluetooth for hands-free telephony, Near-Field Communications (NFC) support, and media playback with Digital Living Network Alliance (DLNA) support.


Learn More


Solutions in this blog:

Nexcom NDiS 166

Nexcom VTC 7120-C4

Symphony Teleca InSight Connect


Related topics:

Interoperability - Top Picks (blogs, white papers, and more)


NexCom is an Associate member of the Intel® Intelligent Systems Alliance

Symphony Teleca is a General member of the Alliance


Murray Slovick

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

It’s all about the money

Operators of telecom infrastructure, enterprise networks and data centers are increasingly exploring the deployment of network security functions as virtual appliances instead of physical appliances.

There are two obvious business drivers for this trend. The first is reduced CAPEX, resulting from the use of high-volume, standard hardware platforms rather than low-volume proprietary hardware. The second is reduced OPEX, thanks to the improved resource utilization achieved through virtualization. The major focus on Network Functions Virtualization (NFV) throughout the telecom industry is a strong indicator of the major cost savings that operators believe to be possible through this strategy of network virtualization.

Additions not replacements

Image 1 for IPsec post.jpgAt 6WIND, most of our customers are network equipment manufacturers and many are working on virtual security appliances, implementing functions like UTMs, IPSs, firewalls etc. But they typically view the virtual appliances as extensions to their current portfolio of physical appliances, rather than immediate replacements.


This makes perfect sense given that physical appliances are not going to disappear at any time in the near future. Realistically, we can expect to see the gradual introduction of virtual appliances in scenarios with compelling Return-on-Investment (like NFV), accompanied by exhaustive evaluations to ensure that the cost-performance and especially reliability meet the standards set by physical appliances.

Given our customers’ strategy of introducing virtual security appliances while maintaining their current portfolios of physical appliances, we place great importance on providing a comprehensive set of network protocols that can be deployed in both solutions, with consistent APIs, features and performance.

IPsec everywhere

IPsec is a good example of a protocol that is critical for network security, and 6WIND provides an IPsec solution for both physical and virtual appliances. IPsec is widely used for VPNs in telecom infrastructure (LTE femto gateways, security gateways, GGSNs etc.) as well as in enterprise networking (UTMs, IPSs, firewalls etc.). There are also emerging use cases in multi-tenant data centers, where secure tunnels are increasingly adopted for VM-to-VM communication.

IPsec provides authentication (session management) and data confidentiality (encryption/decryption) at Layer 3. IPsec is actually a suite of protocols, including IKE (Internet Key Exchange), AH (Authentication Header) and ESP (Encapsulating Security Payload) amongst others, with the IPsec standard defining how these protocols communicate.

Offloads maximize CPU utilization

Within IPsec, 3DES, AES, SHA1 and MD5 are all resource-hungry algorithms used for authentication and encryption that are increasingly offloaded to specialized hardware-based engines. This offloading maximizes the availability of CPU resources for running applications, rather than security. Given the large variety of available processor platforms, supporting the appropriate crypto engine is not a simple task and requires a processor-agnostic approach for optimum efficiency. The 6WINDGate™ networking software integrates support for several widely-used crypto accelerators, including:

  • Intel® Communications Chipset 89xx series “Cave Creek” (hardware acceleration)
  • Intel® Multi Buffer Crypto for IPsec Library (software acceleration).

Advanced features, open configuration

6WINDGate provides a high performance IKE daemon, thereby increasing the tunnel establishment rate. The Security Association (SA) look-up mechanism is based on a 16-bit hash table. The Security Policy (SP) mechanism supports either a linear lookup, or a hash table lookup based on SP selector address prefixes, or a trie-based lookup, which can be selected and combined based on configurable thresholds.

6WINDGate also supports open, standard Linux-based APIs, enabling the SA and SP databases (SAD and SPD) to be configured by third-party IKE control plane modules. In order to minimize the latency of the system, both SPD and SAD are located in shared memory. Through its support of IKEv1, IKEv2 and Anti Replay features for security re-enforcement, as well as NAT traversal for enabling IPsec in complex networks, the 6WIND IPsec module addresses a wide range of common usage scenarios.

Industry-leading IPsec performance for physical appliances

Thanks to its optimized architecture and advanced features, 6WINDGate delivers industry-leading IPsec performance for physical appliances.

Image 2 for IPsec post.png

For example, on a 2.7GHz dual-socket Intel “Sandy Bridge” platform (two 8-core processors) with 16GB RAM, 6WINDGate achieves IPsec performance of 5.4 Gbps per core (1,420-byte packets), for a total platform performance of 73 Gbps using 14 cores.

(Why 14 cores? Because the reference platform has seven NICs and a configuration with seven cores represents the best way to balance the traffic.)

Besides the raw performance, the graph illustrates that the IPsec performance scales linearly with the number of cores configured to run the 6WINDGate fast path. This scalability is a key benefit of the 6WINDGate architecture, explained in more detail here.

What about IPsec for virtual appliances?

Stay tuned for the next post in this series, where we’ll explain how 6WINDGate addresses the networking performance constraints imposed by standard hypervisors and discuss the IPsec performance that 6WINDGate delivers for virtual security appliances.

Australia may be the smallest continent, but it is still a large country. The challenging climate and population distribution provide unique transportation hurdles. Most residents live within 50 km of the coast in two "crescent" shaped areas, one in the southeast and a smaller one on the southwest coast. The country's rail system, mostly single track lines, is the main link for freight within these regions and passes through the arid bush country to link them.


The Australian Rail Track Corporation (ARTC) was faced with having to replace long-serving, far-flung track infrastructure, such as trackside train safety signals. The ARTC decided that rather than simply replacing existing equipment, it would endeavor to modernize the system with communications and networking technologies that would improve safety, increase efficiency, and save operating costs. This past May the Australian government funded the first stage of implementing the Advanced Train Management System (ATMS), one of the most sophisticated types in the world, developed by Lockheed Martin along with partners such as MEN Mikro Elektronik. ARTC noted that the cost of putting ATMS in place is roughly equal to the expense of replacing existing technology without adding any modern benefits.




"ATMS is a smart train management system that can locate and control trains on the network allowing them to travel at closer intervals safely and has collision avoidance systems and remote braking override to help prevent accidents," notes John Fullerton ARTC CEO. "It will transform the rail industry in Australia by substantially increasing capacity and avoid the need to build additional tracks and sidings."


Features and benefits

ATMS is targeted at improving rail capacity, operational flexibility, service availability, and safety and reliability, while cutting transit time. The system:

  • Replaces trackside signaling with in-locomotive displays for drivers
  • Furnishes GPS-based exact train location, front and rear
  • Utilizes digital network control centers, each of which could control all network traffic to serve as a back up if one center should fail
  • Enforces track authorizations on each locomotive
  • Provides switch settings, automatic route clearances, and voice and data communications to locomotives via Telstra 3G National Network


The anticipated benefits include:

  • Increasing rail capacity via closer train operation
  • Improving reliability with better on-time performance
  • Greater network flexibility and efficiency
  • Safety improvements through speed limit enforcement and track authorizations
  • Cost savings from reduced trackside infrastructure maintenance, lower fuel consumption, and less wear on rolling equipment


Computer requirements

The safety-critical computing system for control centers developed by MEN Mikro Elektronik for the ATMS partitions applications on a single platform—built with standard COTS components. The architecture is based on a CompactPCI® - CompactPCI Serial hybrid configuration and is certifiable up to SIL 4.


Management of network control center train authorizations, communications, and network controller requests runs on a Wind River VxWorks® certified safe operating system on either one or two computers with deterministic operation and extensive built-in test features—with three RISC processors running in lockstep mode with two-out-of-three voting . Ethernet is integrated using a P511 PCI mezzanine card, with an M66 M-Module providing binary I/O.#_msocom_2


Twin F19P Intel® Core™ processor-based CompactPCI PlusIO single board computers connected to an Ethernet switch and four hard disk drives running Linux handle the wireless interface between the control center management and trainborne or trackside systems, provide the graphical user interface to the network controllers, and "propose" controller requests to the authorization system.


Key enabler

When asked to highlight the key technology in the ATMS computing system, MEN Mikro's Robert Kueffner, member of the product management team, notes the redundant architecture for important components. Most common is a triple-redundant system where three CPUs or systems are "polled" for two-out-of-three voting—a problem with one will see it isolated and the remaining two continuing operations.


But Kueffner cautions that to lower failure probability, diversity is important. "Through [employing] different CPUs (types or generations such as Core 2 Duo and i5 CPU), operating systems, or software, you can make sure that not all of the redundant systems will fail because of the same, common cause," he says.


While the easiest solution with modular systems would be simply to triple the number of cards, Kueffner notes such an approach requires triple space, power, and potential software complexity for voting. Instead, by taking redundancy down to the board level, power, space, and development costs are saved and software is simplified. The example above shows a design where the hardware was developed according to specific safety standards, making it safe from the beginning. The processors are completely synchronized in lockstep mode and the software "sees" one unit. This integration also shortens the certification process for the complete system.


A different hardware approach combines two redundant Intel® Atom™ processors on one 3U CompactPCI board for safety, along with independent RAM and flash (for greater safety), and a third processor controlling the I/O interfaces. Two clustered cards provide higher system availability. Being a COTS product certifiable to SIL 4, MEN’s solution (F75P) also simplifies implementation of functional safety in embedded systems, while saving space and cost (see below).




Development challenges

Kueffner says the highest hurdles in developing safe railway systems are that operators require these to have long term availability, at a minimum of 15 years. Development and certification can add another five years to the timeline for having the same chip available and working.


"The MEN CompactPCI family solves this problem in its own way. As all boards are 100% pin-compatible with the same front I/O, you can easily change an older CPU-card, e.g. F14 with an Intel® Pentium® M processor on it, with a successor board like the F21P, which uses the current Intel i7 processor," he highlights (see below). "The system is still working, but needs re-certification, which adds costs. From a customer’s point of view, long-term availability of the processor components would be a preferable solution."




Finally, Kueffner notes, "Especially in the railway market, Intel processors are very popular. Because of their large [production] volume, they are considered tried, tested, and well suited for safety-critical applications. But typical features like overclocking, power safe modes, interrupts, and DMA structures have to be disabled, because for safety-critical applications deterministic behavior is a must.”


Learn More

Solutions in this blog:

Related topics:


MEN-Mikro Elektronik is an Affiliate member of the Intel® Intelligent Systems Alliance.

     Contact MEN_Mikro>>


Wind River Systems is an Associate member of the Alliance.

     Contact Wind River>>



Rick DeMeis

Roving Reporter (Intel Contractor), Intel Intelligent Systems Alliance

Follow me on Twitter: @rickdemeis

Software Defined Networking (SDN) and Network Functions Virtualization (NFV) promise carriers significant savings in operational expense (Opex) and capital expense (Capex). The key challenge for the industry is delivering these promised savings without slowing network performance or reducing network resiliency. Carrier grade systems with high availability features provide an ideal platform for telecom equipment providers and carriers moving towards carrier grade SDN and NFV.


In this blog I am going to explore the benefits of using carrier grade ATCA-based systems with Intel® Xeon® processors to support the shift to SDN and NFV in carrier networks. For this blog I am using implementation examples from Radisys, an Associate member of the Intel® Intelligent Systems Alliance. The 250-plus members of the Alliance collaborate closely with Intel® to create hardware, software, tools, and services to help speed intelligent systems  to market.


Software Defined Networking and Network Functions Virtualization


Software Defined Networking (SDN) is designed to separate the data plane and control functions. This has the dual benefit of flattening the data plane and reducing latency, and increasing the flexibility of the control plane. A key feature of SDN is the use of open interfaces between the controllers and the networking elements including switches, servers, network appliances, media gateways and other network systems.

Intel- SDN Diagram.jpg

Figure 1. Software Defined Networking (Source: Intel)


Figure 1 shows the SDN architecture. OpenFlow provides an open protocol for Controllers to program the flow table in the switches and other networking systems. The switches use the flow tables to forward packets across the network. The SDN architecture can be expanded to cover wireless networking infrastructure including the enhanced packet core (EPC) and cloud radio access network (C-RAN). For large-scale cloud deployments the network can be managed through a cloud operating system such as OpenStack that controls large pools of compute, storage, and networking.


Network Functions Virtualisation (NFV), being developed within ETSI, enables a virtualized network infrastructure that can be quickly scaled and provisioned to support new services and additional capacity as required. NFV aims to replace fixed function systems with virtualized functions running on standard server systems. Initial implementations of NFV will support control plane functions such as policy management, serving gateway (S-GW), mobility management entity (MMA) and home subscriber server (HSS).


Carrier Grade SDN and NFV

Both SDN and NFV are relatively easy to implement in proof-of-concept environments. SDN and NFV are much more difficult to implement in carrier networks where five 9’s availability and wire speed packet throughput are critical business requirements.  In these environments latency and geographic distribution are important factors in determining the practical implementation.


Carrier grade systems use a mixture of processors designed for embedded server systems, such as the Intel® Xeon® Processors E5-2600 and E5-2400 Series, and packet processing acceleration for a range of functions including encryption, compression, load balancing and I/O pre-processing. The packet processing acceleration may be implemented on a processor chipset such as the Intel® Communications Chipset 89xx Series, on Network Interfaces Cards (NICs) or on a separate blade in the system.


Using ATCA for SDN and NFV


ATCA is a very flexible carrier grade platform that supports all the building blocks necessary to implement carrier grade SDN and NFV. Figure 2 shows a typical ATCA platform. There are two central switch cards that support 40Gbit/s switching to each of the 12 node blades. The node blades can be all processing blades or a mixture of processing, storage, DSP and network interface blades with network processors or other packet processing devices.



Figure 2. 40Gbps ATCA Platform


Figure 3 shows a typical Sandy Bridge ATCA blade with dual 8-core Intel® Xeon® Processors E5-2448L and up to 96GB DDR3 memory. The blade has dual 40Gbit/s interfaces connected over the backplane to the two switch blades. Similar blades are available from several vendors giving multiple configuration options and a strong supply ecosystem.


Figure 3. Sandy Bridge ATCA Blade.


In a typical ATCA-based SDN system the Sandy Bridge ATCA blades are used to implement the SDN control plane functions. The data plane is implemented on a combination of the integrated switch blades, DSP blades and network processor-based network interface blades. The network interface blades can be used for load balancing and packet preprocessing. The control plane and data plane are kept separate within the ATCA platform by using virtual LANs (VLANs).


The ATCA platform is already being used for many systems including the IP Multimedia Subsystem (IMS) Media Resource Function (MRF). The shift from 10Gbit/s to 40Gbit/s switching and the introduction of the latest Intel® Xeon® Processors and has significantly reduced number of blades required for a typical system. By virtualizing the MRF function Radisys has been able to develop a smaller implementation that can share an ATCA platform with other functions, significantly reducing the real estate and cost of the total solution.


A Staged Approach to Carrier Grade SDN and NFV


SDN and NFV promise significant Capex and Opex savings to carriers. By using a staged approach to implementing carrier grade SDN and NFV, carriers and telecom equipment providers can take advantage of existing carrier grade solutions, such as ATCA, to quickly deliver the benefits of SDN and NFV without compromising carrier grade availability and line rate performance.


Learn More


Solutions in this blog:


Related topics:


Radisys is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Radisys>>


Simon Stanley

Roving Reporter (Intel® Contractor), Intel® Intelligent Systems Alliance

Principal Consultant, Earlswood Marketing

Follow me on Twitter: @simon_stanley

By now, it’s probably a safe assumption that regular readers of this blog are more than familiar with the many benefits that Network Functions Virtualization (NFV) promises to deliver for telecom service providers (and if you’d like an introduction, this page would be a good place to start).

Good attendance at the April ETSI NFV meeting in Santa Clara, as well on-going participation in the various working groups that are hammering out technical details, certainly seems to confirm strong interest not only from the service providers who started the initiative in late 2012, but also other ecosystem stakeholders such as network equipment manufacturers, system integrators, software companies and processor suppliers.

In terms of the business benefits of NFV, most of the discussion to date appears to be around saving money. Significant CAPEX and OPEX savings are expected through the virtualization of functions that have traditionally been implemented as stand-alone, dedicated, fixed-function equipment.

One use case that’s frequently discussed is a “virtual CPE”, with an architecture that relies on a very simple CPE (modem, switch and antenna) with all services relocated to virtual network appliances on a central server. Another example is the cloud RAN (Radio Access Network) concept, in which the eNodeB at the antenna is replaced by a low-cost Remote Radio Head, with digitized RF data backhauled over fiber to a centralized Baseband Unit pool in which the baseband processing is performed. Finally, Evolved Packet Core (EPC) functions for mobile networks can be run as Virtual Network Functions (VNFs) in Virtual Machines (VMs) on generic server platforms.

From the perspective of the service providers, though, top-line P&L growth ultimately comes from making money, and specifically from increasing their Average Revenue per User (ARPU).

Increasing ARPU means extracting more money from subscribers, both enterprises and also consumers like you and me. In fact a recent study by Infonetics “SDNs, 40G/100G, and MPLS Control Plane Strategies: Global Service Provider Strategy, July 2013” indicated that 48% of carriers want SDN/NFV in order to “create network services not possible with existing technologies/protocols”.

So I think it’s interesting to speculate on what kinds of innovative and presumably valuable new services we can expect thanks to the massive investments that service providers will presumably be making in NFV. This subscriber-side view doesn’t seem to be a big topic (yet) at NFV events, but there were some relevant discussions at the recent SDN & OpenFlow Congress in Singapore.

Potential new services mentioned at that event included:

  • Bandwidth-on-demand: Want to watch a really important sporting event on your laptop in HD for the next couple of hours? Just go to online to your service provider, select “HD quality”, specify how long you want it for and the network instantly provisions the necessary bandwidth and service chaining.
  • Services-on-demand: Need Japanese-to-English translation on your tablet? Go online and request that service as soon as you hit the ground in Tokyo and it’ll be up and running automatically before you’re off the plane.
  • Tiered security: How about if the network automatically configured its service chaining to route your traffic through security appliances appropriate to the content that you’re accessing? Maybe you need different security features in the chain for web browsing as opposed to a Skype session.


As the NFV network-level architecture details and deployment strategies firm up, so that the service providers have confidence about the new capabilities of the infrastructure, I’m sure we’ll see a lot more discussions about interesting new services that will raise our monthly bills as subscribers and boost the service providers’ top line revenue.

What are your thoughts on this? What new services do you see being introduced thanks to NFV that will bring real value to subscribers, whether enterprises or consumers?

At 6WIND we’re doing our part to boost the cost-effectiveness of the NFV network infrastructure and accelerate deployment of NFV solutions. Please join us and Red Hat for a webinar on June 25th “The first open software platform for network functions virtualization” to learn all about our initiative in this area. Click here to register.

In my last blog, New 4th Generation Intel® Processors Ring Up Big Retail Advantages, I looked at ways that the latest generation of Intel® Core™ processors (formerly codenamed “Haswell”) could enhance customer-engagement capabilities and mobile solutions for point-of-sale (POS) systems. In this blog, I want to look into the security and manageability enhancements that 4th generation Intel® Core™ processors bring to retail transactional technology, focusing on their advantages in:






  • Protecting personal and transactional data
  • Reducing IT costs
  • Improving remote device uptime






I’m also going to look at how products from McAfee, a wholly owned subsidiary of Intel, take advantage of these enhancements to help developers incorporate game-changing security in their products. It’s important for me to point out that the new and enhanced platform technologies I describe here complement specific components of Intel® vPro™ technology and thus it must be activated.




Protecting Personal and Transactional Data

The sharing of high-value retail data used to perform financial transactions between in-store systems and a retailer’s data center is spawning sophisticated data and identify thefts. Attackers are using firmware to gain access to a device’s operating system and applications, in addition to creating viruses and malware that can disable a retail system or provide thieves with access to sensitive data.


The 4th generation Intel Core processors’ security capabilities address the full range of threats in retail devices—malware, content graffiti, identify theft, system compromise or theft, and data theft—with four hardware-based security technologies:



Intel Platform Protection Technology with BIOS Guard provides authentication and protection against BIOS recovery attacks. Since a device’s BIOS is contained in a privileged space invisible to anti-virus software, this is critical protection. In addition, malware infecting a BIOS remains persistent, even after a cold boot. With BIOS Guard, BIOS updates are cryptographically verified to ensure malware stays out of the BIOS.


Intel Platform Protection Technology with Intel® Platform Trust and Boot Guard are designed to work with Microsoft Windows. Available on the forthcoming U-Series processors, Intel Platform Trust supports Windows 8 secure and measured boot and supports all the Microsoft mandatory commands for Trusted Platform Module (TPM) 2.0. Boot Guard technology works in conjunction with it to reduce the complexity of the Windows 8 boot process and protect again boot block-level malware, providing an added level of hardware-based platform security to prevent repurposing the platform to run unauthorized software—such as keylogging applications.

Intel® Data Protection Technology with Intel AES-NI enables rapid and secure data encryption and decryption. Encryption is a PCI DSS compliance requirement for protecting data in transit across public networks. Equally important, encryption of the hard drive protects data in the event of device theft . 

Intel® Identity Protection Technology (Intel® IPT) with NFC is a great addition for retailers making the move to enabling “Tap-and-Pay” sales through digital wallets via NFC-enabled smartphones or smartcards. A suite of four technologies—One Time Password, Protected Transaction Display, Embedded PKI, and NFC, Intel IPT introduces a “Tap and Interact” use case that enables secure interaction with interactive devices. An integrated chipset-based security feature, Intel IPT provides extra security by isolating the data received by NFC from the operating system. By not letting the OS “know” transaction data used in a transaction, Intel IPT prevents many forms of potential malware from gaining access to a customer’s identity information.

Working with McAfee to Secure Endpoint Devices

Intel works closely with McAfee, a wholly owned subsidiary of Intel and globally recognized for its proactive and proven security solutions, to develop hardware-enhanced software security (see Figure 1). By deploying solutions like McAfee solutions with 4th generation Intel Core processors, retailers can achieve a greater degree of security than by depending on one or the other. For example, a new processor feature called Beacon Pass when used with McAfee® Deep Defender—a product designed to protect systems against “below the operating system” malware attacks, a much more difficult threat to detect and recover from. Beacon Pass provides a new instruction for streamlining the efficiency of memory read/write scanning activity so overall system performance is not degraded by this protection.


Haswell Security.JPG

Figure 1. When coupled with McAfee security solutions, the 4th generation Intel® Core™ processor family helps protect against a wide variety of retail threats. 

Another McAfee solution for securing endpoint devices is McAfee® Embedded Control. This software automatically creates a dynamic whitelist of the authorized code on the device. Once the whitelist is created and enabled, the system is locked down to the known good baseline. No program or code outside the authorized set can run, and no unauthorized changes can be made. When untrusted software attempts to execute, an alert is sent to McAfee® ePolicy Orchestrator (ePO), an enterprise security management software product, to prompt potential corrective action.


McAfee Whitelisting diagram.JPG

Figure 2. How McAfee® Embedded Control uses application whitelisting to protect devices.



Intel vPro technology-enabled solutions provide hardware-based mechanisms that work with McAfee solutions to help protect against software-based attacks, and protect the confidentiality and integrity of data. They do this by enabling an environment where applications can run within their own space, protected from all other software on the system. These capabilities, enhanced by hardware-assisted Intel® Virtualization Technology (Intel® VT), provide the protection to mechanisms, rooted in hardware, that are necessary to provide trust in the application’s execution environment. In turn, this can help to protect vital data and processes from being compromised by malicious software running on the platform.

Reducing IT Costs and Improving Remote Device Uptime

Using integrated platform capabilities and popular third-party management and security applications, Intel® Active Management Technology (Intel® AMT) is a much written about technology in the community that allows IT or managed service providers to better discover, repair, and protect their networked computing assets. For embedded developers, this means that devices can be diagnosed and repaired remotely, ultimately lowering IT support costs. Intel AMT is a feature of Intel® Core™ processors with Intel® vPro™ technology and workstation platforms based on select Intel® Xeon® processors.

The 4th generation Intel Core processors include the latest Intel® Active Management Technology (Intel® AMT) features. Of particular interest is Embedded Host-Based Configuration. This new capability enables more simplified retail device provisioning. Using Embedded Host Based Configuration, a retailer’s IT staff can easily remotely provision unattended retail devices. This eliminates the need and cost for an IT person or employee to be present at the device location.


Graceful shutdown.JPG

Figure 3. New graceful shutdown enhancements in Intel® Active Management Technology help simplify remote repair.

Also new are graceful shutdown enhancements (see Figure 3). If an incident occurs where IT staff using Intel AMT’s remote administration functions encounters a hung operating system, they can analyze the problem, and then initiate a graceful shutdown, rebooting the device and restoring it to normal operation. This helps keep POS systems and other devices up and running more of the time.


Move into a New Era of POS Security and Manageability

Through the Intel® Intelligent Systems Alliance Solutions Directory, it’s easy to find a wide range of different types of boards and solutions for retail applications using 4th generation Intel Core processors. To learn more about how 4th generation Intel Core processors can help secure POS devices, I highly recommend the white paper Intel® Hardware-based Security Technologies for Intelligent Retail Devices.


Learn More

Contact Featured Alliance member:

Solutions in this blog:

·        McAfee Deep Defender

Related topics:

·        Security - Top Picks (blogs, white papers, and more)

·        Manageability - Top Picks (blogs, white papers, and more)

·        Intel Intelligent Systems Framework - Top Picks (blogs, white papers, and more)

·        Retail - Top Picks (blogs, white papers, and more)

McAfee is an Associate member of the Intel® Intelligent Systems Alliance.

Mark Scantlebury

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Associate Editor,Embedded Innovator magazine

Many of the performance enhancements in the new 4th generation Intel® Core™ processors (code name Haswell) will give a new kick to Digital Signage.  Boosts to accelerate graphics processing capabilities on-chip, as well as general performance improvements to the Haswell microarchitecture and resulting chips, will further enhance the dynamics possible in digital signage.  Quicker response, richer graphics in both 2-D and 3-D, and more lively video will attract more viewers to the displays and hold their attention longer.  Smoother transitions, faster movement, and a higher frame rate are all possible.


There are two other angles that will offer benefits to 4th generation Intel Core processor-based digital signage users.  The software people and content creators will appreciate the new support for additional codecs that will ease the use of more formats of images.  Hardware designers will like the lower power consumption of the chips, permitting smaller cabinets, higher integration, and easier physical design since less heat is generated.  Nexcom has already announced a digital signage player that will make use of the 4th generation Core processor.


Graphics, Performance, and Power – Improved

Intel just revealed the 4th generation Core processor which improves on prior generations in some key areas.  These are not surprising in some sense because Intel is very good at providing higher performance with each new product family.  While Moore's Law refers to the number of transistors that can be put on a chip over time, applying those transistors to the most useful purposes is a science that Intel has perfected.  This time those transistors are going to performance areas that are very advantageous for Digital Signage.


Key Features for Digital Signage


  • New instructions, better performance               Up to 60% faster graphics
  • MultiMedia Codec improvements                      Easier MJPEG and SVC decoding
  • Enhanced 4Kx2K screen resolution support     The best displays
  • Three-screen collage operation                         Even larger displays


Among other improvements, new MJPEG and SVC acceleration makes for more efficient decoding.  3D and 2D graphics will run up to 60% faster, enabling subtleties like fog, smoke, haze, shadowing, and even lens flair add a realism to still and moving images that are sure to stop traffic.  And it can all be done without a separate graphics processor unit (GPU), the heat that would generate, and the cost, power, and board space it would consume.


Additional benefits to using 4th generation Intel Core processors include complete support for DirectX 11.1, OpenGL 4.0, and OpenCL 1.2.  Embedded DRAM (in the package) is used as a nearby cache in some chip configurations to minimize memory access delays now that the included processors are faster and hungrier.


gfx engine for kw-Roving Reporter - Digital Signage AI.png


One of the big advantages of accelerators and more dedicated hardware for functions appropriate for Digital Signage is that the underlying general-purpose processor is freed up for mainstream processing, higher-level operations, operating system functions, and administrative chores, enhancing overall performance and capabilities - or to just lay idle for longer periods of time to save power.


Screaming Screens

The final link for Digital Signage is the display and it is an all-important component.  The 4th generation Intel Core processors support the latest in eye-catching displays.  Support for Display Port 1.2 offers double the bandwidth of other interfaces and accommodates high-resolution 4Kx2K screens.  These UltraHD displays are now starting down the cost curve to be a viable option for more modest Digital Signage systems, especially with additional support from the processor.  Graphics performance allows up to three displays to be daisy-chained to replicate images across all.  For dramatic, larger, multi-panel screens, a collage mode will split images across three screens to really draw the crowds.  Size matters.


More advanced power management on Haswell micro-architecture results in greater power efficiency – turning off circuits that are not needed during particular operations – with finer-grain control than prior chips.  Even with the higher performance and the integration of graphics accelerators and other features, U-Series 4th generation Intel Core processors can operate on just 15-watts.  Idle power – when the chip is mostly quiet – has been reduced as well, so during off-hours when the signage isn't needed, the electric grid can take a rest, too which helps keep operating costs of Digital Signage low.


The low power consumption, a smaller chip package, and no requirement for an independent graphics processor allows more compact fanless Digital Signage systems to be designed where natural air flow can keep things cool.  The smaller the box, the easier it is to place the box in a convenient location.



One member company of the Intel® Intelligent Systems Alliance that announced a Digital Signage player when Haswell micro-architecture was announced is Nexcom.  Nexcom's NDiS B533 takes advantage of the 4th generation Intel Core processors to drive full HD video programs to three screens and up to 4K resolution.  The system can take advantage of the Anonymous Viewer Analytics in Intel's AIM Suite to better target messages to the audience of the moment and can protect content and remote management with the support of Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI).  The fanless design is the size of a pad of paper; maybe a ream of paper because it's 2" thick.


Another Alliance member, Axiomtek, is releasing the OPS880 Digital Signage Player that uses Haswell and is Open Pluggable Specification (OPS) compatible.


Bottom Line – Attractive Digital Signage

The purpose of Digital Signage is to attract attention, inform viewers, and (in many cases) lead a passer-by to a sale or at least to better brand awareness.  Rich content, dynamic imagery, responsive interactivity, and a compelling visual experience are vital to the effectiveness of Digital Signage.  A high-performance system able to produce realistic 2D and 3D graphics, action-packed video, smooth Flash playback, and well-planned informative, engaging, and maybe even fun content on a state-of-the-art display will make Digital Signage stand out.  4th generation Intel Core processors will kick up the capabilities of Digital Signage with improved performance and more lively displays.  With the integrated Iris graphics, there is no need to resort to a graphics card or discrete graphics chip just to be able to drive amazing graphics to three 4K UltraHD screens.


Note that performance and power indications used herein were provided by the manufacturer and will change based on specific chip and system configurations, compiler choices and options, OS and application programs, and immediate operational conditions.  "Your mileage may vary."


Learn More


Solutions in this blog:

    4th generation Intel® Core™ processor

    Nexcom NDiS B533 Fanless Digital Signage Player

    Axiomtek OPS880 OPS Digital Signage Player


Related Topics:
    Digital Signage - Top Picks


Nexcom is an Associate member of the Intel® Intelligent Systems Alliance.  

    Contact Nexcom>>
Axiomtek is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Axiomtek>>

Transport buses worldwide typically may use an ARM-based platform to provide limited infotainment applications to riders, such as arrival stops and schedule, or some ads. To give riders more entertainment and information,  China's Bus Online provides television networking in transit buses to broadcast commercials, TV programs, and short movies for a less boring passenger experience.


To enable such connectivity in a demanding transportation environment, Norco, a maker of embedded computing boards, developed its CBP-3000 in-vehicle computing system as an intelligent network control for functional flexibility. The system is an X86 platform based on the Intel® Cedar Trail AtomTM processor N2800/D2700/D2500 low-power embedded CPU for high computing power, multiple I/O, and low-noise operation. Besides entertainment, the CBP-3000 can serve the practical uses of bus surveillance, vehicle systems monitoring and displays, navigation, and WiFi and Internet connectivity. And other transportation applications include taxis, emergency response vehicles, fleet vehicles, trucks, and trains.


Design challenges and enablers

Design engineers had to provide ruggedness, including vibration resistance, in the system and a wide temperature operating range to handle the transit bus environment. Transportation vibrations are characterized by large amplitudes in any direction. Thus features such as "air-tight" pin connections, guide pins, and all-around damping material are incorporated into the modular design. Spring isolators are introduced if a given system will use a hard disk drive. Thus the CBP-3000 design meets ISO-16750-3-2003 for vibration. In addition, double-layer seals and multiple coatings guard against moister intrusion—including the effects from washing the vehicle.


In any transportation application, vehicle electrical power quality affects the stability of all electrical devices onboard. The power and other modules in the CBP-3000 system must handle a variety of transients and interference possible during bus operations. Thus electrical power provisions for the in-vehicle computing system incorporate under-voltage, overload, over-current, over-temperature, load-dump (vehicle battery disconnect), and short circuit protection.


Examples of such electrical transient upset occurrences include:

  • A pulse caused by disconnection of a DC supply through an inductive load, such as a windshield wiper motor
  • When the ignition is switched off, DC motors may act as pulse generators.
  • When automotive electrical switches and relays are cycled on or off, voltaic arcing can cause transients.
  • Activating an internal combustion engine starter motor or turning on the air conditioning system compressor can cause a system voltage drop.
  • The previously mentioned electrical system "load dump" transient (voltage pulse) can occur when a discharging battery is disconnected while the alternator is generating a charging current with other loads still on the circuit. A battery cable can be disconnected because of an inadequately tightened connection, corrosion in a cable or fitting forming an open circuit, or deliberate disconnection or inadvertent fusing of the battery while the vehicle is undergoing maintenance.

To accommodate such challenges as noted above, the CBP-3000 design meets ISO-7637-2-204 for electrical power systems quality and ruggedness.


Keeping cool

The Atom processor has another design benefit for the CBP-3000. Vehicle applications can have a wide temperature range, including the influence of direct solar radiation, producing temperatures up to 70°C. The processor's high conversion efficiency and inherent low power cuts heat generation so much so that only convection cooling is needed. The temperature range of the CBP-3000 goes as low as -30°C.


Key features

The in-vehicle computing system is a modular design that utilizes an "industrial grade" chassis for surviving the rugged bus transportation environment. For system flexibility with the potential for change and expansion, all modules load into the front of the chassis (and have front-facing connection provisions) and are interchangeable in each slot. This kind of accessibility and connectivity also eases trouble shooting and maintenance.




Modules include:

  • Power module: Voltage input ranges from 8 to 36V with total power provision up to 150W, and includes transient protection as well as reverse-polarity protection; under-voltage threshold = 7V and over-voltage threshold = 80V; optional UPS provision; provides software compiler interface
  • Vehicle amplifier: Supports up to four stereo inputs in priority order with power up to 40W, normally off and automatically on with power activation
  • Vehicle server: Intel Atom processor with Intel NM10 chipset with up to 4G DDR3 RAM plus RJ45 debug port and 1 Gbit Ethernet port connected to switch module via backplane
  • Switch module: Integrated WiFi support for up to 50 users online (with one minute delay when powering down), eight adaptive Ethernet ports
  • Vehicle media player: Intel Atom processor with Intel NM10 chipset with up to 4G DDR3 RAM, twin mini-PCIE for 3G and WiFi support

The CBP-3000's low-power Intel Atom CPUs, compact modular design for installation flexibility, access and maintenance ease, and UPS power availability also contribute to shorter time-to-market and lower overall costs for space-limited vehicle applications.



Learn More


Solutions in this blog:


Related Topics:


Norco-Habey is an Associate member of the Intel Intelligent Systems Alliance.

     Contact Norco>>


Rick DeMeis

Roving Reporter (Intel® Contractor), Intel® Intelligent Systems Alliance

Follow me on Twitter: @rickdemeis

Horrific though it was, footage from both public and private security cameras in Boston proved to be an invaluable tool for authorities during the Boston Marathon bombing investigation, contributing significantly to the effort to identify suspects in the case. As a result, market research firms are predicting that the attack will likely drive increased government spending on video surveillance.


As the demand for high resolution and intelligent video analytics within Digital Security and Surveillance (DSS) systems grow, the attention of providers focuses on improving video and graphics performance, which operators want to achieve without an equivalent increase in power consumption.


As a result, new DSS systems will be more complex than their predecessors because their tasks are more complex, including multi-channel streaming, real-time software-based analytics, event-triggered alerting, and much more.  Cameras equipped with built-in video analytics, for example, can assist the system in identifying abnormal events, offloading workload from the backend system to ensure more timely alarm notification and faster video retrieval.  Modern IP cameras for DSS application need to support high resolution and high frame rates with visual enhancement technologies including image stabilization and Wide Dynamic Range (WDR) in order to deliver clear and smooth images to assist the process of video analysis. To reduce camera shake, these cameras also require intelligent analysis that uses image stabilizing algorithms to detect and reduce horizontal and vertical movements.


Taken together, the workloads handled by the CPU and GPU of these DSS systems are massive. They must manage video encoding, video decoding, video scaling and display, storing video onto a hard disk, and video packetization for streaming, as well as running video management software for monitoring and data storage across multiple locations.


In a recent White Paper Steve Yang, General Manager of Nexcom’s Intelligent Digital Security Business Unit, pointed out that image clarity is the primary criterion for video capture so as to provide security personnel a clear, real-time view of the monitored area and detailed information about a vehicle, allowing them to gain a better control of the situation.


The 4th generation Intel® Core™ processor family (code name Haswell) helps enable a new standard in security and surveillance tools, from digital video recorders to video analytics servers, by delivering the superior media and graphics, improved security and manageability, and breakthrough performance necessary to support DSS applications.


With its new microarchitecture and enhanced media capabilities in video en-, trans- and de-coding, the 4th generation Intel Core processor improves overall system performance and reduces power consumption when compared to previous generation processors. An overall performance increase of 15% can be expected (using standard benchmarks); allowing for increased top-end performance or reduced power consumption of the system.


DSS target applications for Haswell include Digital Video Recorders (DVRs), Network Video Recorders (NVRs), video transcoders, Video Management Systems (VMSs), and video analytics server workloads (such as video packet processing and video streaming, video content analysis, storage redundant array of independent disks (RAID) acceleration, and multiple video channel playback and display) all on a single computing device.


The 4th generation Intel Core processor family offers a 30 percent improvement in video playback and display capability than the 3rd generation Intel® Core™ processor to deliver smoother full HD 1080p images. Other advances include Intel® Quick Synch Technology and Intel® Media SDK 2013 to enable simultaneous real-time video encoding and decoding of multiple full HD 1080p video at 30 frames per second.


Also of benefit in DSS applications are new Haswell features such as the Intel® Advanced Vector Extensions 2 (Intel® AVX2 ) instructions, providing a huge performance improvement in signal processing capabilities to accelerate video analytics algorithms. Intel AVX2 is an expansion of the AVX instruction set introduced with Sandy Bridge.


Haswell’s integrated graphics processor, HD Graphics 4600, enables multiple full HD 1080p video playback and display in real time, enhancing the surveillance manager’s experience. Other upgrades to Haswell's graphical abilities enable it to drive triple-display desktops, with support for DirectX 11.1, and full 4K resolutions over DisplayPort 1.2.


Figure 1: High resolution video will facilitate DSS analytics

Haswell micro-architecture adds decode support for Scalable Video Coding (SVC) on top of the VC1 and MPEG2 support provided in 3rd generation Intel Core processors.  SVC is the commonly used name for the Annex G extension of the H.264/MPEG-4 AVC video compression standard. The SVC codec translates bits from a network data stream into a picture and conversely translates camera video into a bit stream. The 4th generation Intel Core processors also come with end to end decode and encode 4K x 2K support for up to 3840 x 2160 resolution @ 60 Hz on DisplayPort 1.2, and up to 4096 x 2304 @24 Hz on HDMI.


Featuring the higher computing and graphics capabilities of the 4th generation Intel Core processor family to speed up image acquisition and analysis Nexcom’s new COM Express Type 6 Basic module ICES 670 features a full design package aimed to stimulate innovation of intelligent systems by facilitating system integration via an integrated embedded controller (EC) and an Embedded Application Programming Interface (EAPI). To simplify system management, the ICES 670 supports Xcare 3.0, a utility that can keep track of hardware status. The API of Xcare 3.0 is compliant with the PICMG EAPI standard and can provide users with information on processor, RAM, BIOS, fan speed, operating temperature and more.


The ICES 670 supports the latest interfaces including SATA 3.0, PCIe 3.0, USB 3.0, and DisplayPort to provide high bandwidth and throughput.  In addition, a verification code embedded in the controller helps block unauthorized applications and devices to strengthen security of the intelligent system. Data cryptography is also supported by means of Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) technology.


“The 4th generation Intel Core processor-based platform allows ADLINK Technology to deliver up to double the graphics performance over the previous generation,” said Dirk Finstel, EVP of ADLINK’s Global Module Computer Product Segment, in introducing ADLINK’s new lineup, including Express-HL and Express-HL2 (COM Express®), NuPRO-E42 (PICMG 1.3), cPCI-3510 (CompactPCI®), and Matrix MXE-5400. “In addition, these new integrated graphics capabilities enable more compact imaging solutions, leading to new form factors and devices with an as-yet-unseen level of visual capabilities.”  These improvements, combined with the advanced high-resolution display capabilities for either 4K (4xHD = 3840x2160) or three 32x20 displays, have helped ADLINK to provide its advanced solutions for imaging and interface applications across key industries, he said.



ADLINK's Express-HL and Express-HL2 COM Express modules with 4th generation Intel® Core™ i7/i5 processors and mobile Intel® QM87 Express chipset offer up to 16GB dual channel DDR3L SDRAM at 1600MHz. The Express-HL is a COM Express Type 6 module offering three independent displays via DDI interface, as well as seven PCIe x1, one PCIe x16 (Gen3) for graphics (or general purpose x8/4/1), four SATA III (6 Gb/s), Gigabit Ethernet, four USB 2.0, and four USB 3.0 interfaces. The Express-HL2 features the COM Express Type 2 pinout and offers 18/24-bit single/dual channel LVDS, Analog CRT, and a legacy 32 bit PCI bus, as well as a PATA IDE interface.


Learn More


Solutions in this blog:

ADLINK Express

Nexcom ICES 670


Related topics:

•  Digital Surveillance and Security Top Picks (blogs, white papers, and more)

Sensing and Analytics - Top Picks (blogs, white papers, and more)


Nexcom is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Nexcom>>

ADLINK is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact ADLINK>>

Murray Slovick

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance



The cloud is revolutionizing healthcare, helping patients manage chronic conditions such as diabetes or heart disease by remotely monitoring their condition and automatically and securely uploading data to their care provider. Now the same technology is being used to update fitness centers, to the benefit of both owners and exercisers.


Fitness centers and health clubs are filled with equipment with the potential to provide valuable data: check-in systems, vending machines, people counters, exercise equipment, surveillance systems, etc. But for many clubs, these systems aren’t network-enabled—and even if they were, the club may not have the IT resources to set up and manage a complex system. The result is that equipment maintenance and stocking may be handled manually, without information that could help club owners monitor usage, anticipate maintenance, and schedule downtimes conveniently. At the same time, exercisers armed with smartphones and health apps want to access equipment information so they can upload, track, and share data about their workouts.


All of these goals can be accomplished by taking the fitness center to the cloud.


Eurotech’s smart services gateways are flexible, high-performance devices that support the data acquisition and machine-to-machine (M2M) communications needs of fitness centers. These devices can be easily integrated into the existing IT infrastructure of a fitness center or health club—or can be installed as a standalone device that requires minimal IT support once installed. These gateways leverage industry-standard Intel building blocks, including the Intel® Atom™ processor and the Wind River Linux operating system. On top of that foundation sits the Eurotech Everywhere™ Software Framework (ESF)—integrated middleware that is based on an OSGI framework to simplify application development. The Eurotech ESF includes software bundles that can be used across applications and across industries, including a seamless connection to the Eurotech Everywhere Device Cloud (EDC) platform.


Cloud Connected Fitness.jpg

“The Intel architecture has allowed us to focus on our Everywhere Software Framework and we can move it across Intel platforms very easily,” says Bill Johnson, cloud solutions business development manager-for Eurotech North America. “Having a standard, very well-documented architecture such as Intel has enabled us to bring multiple platforms with different price-performance features to market.”


Eurotech also chose Wind River Linux for its gateways.  “We wanted a best-in-breed, reliable Linux distribution,” Johnson adds.  “We have world-class customers developing applications on these gateways, and Wind River’s tool sets and the backing of Intel made this a very easy decision for us.”


The Eurotech wireless-enabled gateways can aggregate sensor data from almost any kind of equipment in the health club, including RFID readers, people counters, surveillance systems, vending machines, and exercise equipment. With the gateway installed and connected to the devices in the fitness center through the Eurotech Device Cloud, club owners have access to data they can use to better manage assets. For example, they can access usage records to see which equipment has higher (or lower) usage and use that information to adjust traffic patterns or rearrange floor layouts. They can also receive service alerts for equipment, so that machines can be taken offline and maintained before they go down during a period of high demand. Data from vending machines or point-of-sale terminals can be used to manage inventory, and RFID tags on high-end assets allow them to be tracked and monitored. Exercisers can also be provided access to cloud-based data from the equipment to track and share their workouts and even receive relevant ads.


fitness club application.jpg


Key to fitness center applications is ease-of-use, Johnson explains. “One of product definitions was that it needs to be similar to a set-top box. They just need to put it in place and it does what it needs to do with no technical interaction.”


Eurotech provides several gateway options depending on the club’s needs, the number of devices that need to be aggregated, and the number of Ethernet ports or communications protocols needed. Health clubs can choose their platform depending on their I/O requirements, but the Eurotech platforms all host the same software stack and all communicate with the Eurotech M2M platform as well as Eurotech’s application partners’ platforms. Once installed, the systems can essentially be forgotten, with no ongoing technical support required. Security is also built into the software stack, so the bi-directional device communications are secure sessions as appropriate for each market.


The Eurotech Helios™ is a smart services gateway with flexibility in programmability, hardware, software, and connectivity, including a range of pre-certified wireless modules for cellular, Bluetooth, and other protocols. The ReliaGATE family is an industrial-grade platform with multiple options, including globally certified radio technology from Telit.


Eurotech’s Everywhere Software Framework sits on the gateway and hosts the appropriate applications and protocols, including the cloud client protocol; as long as the gateway has a path to the Internet and is collecting data from a device, it can send the data to Eurotech’s Everywhere Cloud platform. Standard dashboards, management operations, and industry-standard APIs support easy integration both to legacy equipment (updated with Eurotech or partner-provided wired or wireless connectivity devices) or to new equipment with embedded connectivity.


Eurotech has plenty of experience providing gateways for applications such as in-home patient monitoring: aggregating data from scales, blood pressure cuffs, and blood glucose meters to help improve patient quality of life. Moving to the health club was a logical evolution. As Johnson says, “It was just natural for us to take that platform and use it as the basis for this new initiative.”


Learn More


Solutions in this blog:

•             Eurotech Everywhere™ Software Framework

•             Eurotech Everywhere Device Cloud (EDC) platform

•             Helios™ smart services gateway

•             ReliaGATE industrial-grade gateway family



Related topics:

•             Medical - Top Picks (blogs, white papers, and more)

•             Connectivity - Top Picks (blogs, white papers, and more)



Eurotech is an Associate member of the Intel® Intelligent Systems Alliance.

     Contact Eurotech>>

Cheryl Coupé

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Freelance technology writer and editor (scribo.net)

Embedded computing is moving into the world of “Big Data” and that means lots of scalable, high performance computing. RADAR, SIG-INT and EW are data intensive applications thatneed embedded computers that are able to process the vast amounts of data and do it quickly. Many applications in defense and aerospace must process their way through this “Big Data.”

Fortunately, the capability of high performance computing continues to evolve as technology advances. Processors get faster, memories larger, and interconnect pipes get bigger. All of this adds up to greater performance in smaller packages, packages that make it easier to embed these platforms in more applications. What once took racks of computers can now be reduced to a single rack or system the size of a shoe box or smaller.


High performance embedded computing (HPEC) takes much of its lead from the high performance computing (HPC) technology found in data centers, taking concepts and extending them to the more environmentally demanding conditions in embedded computing applications. Processor off-loading, cluster computing, distributed architectures, and open source software are but a few of the traits of high performance computing that are being passed on to HPEC.


For the military and aerospace embedded markets, additional requirements must be met. Size, weight, and power (SWaP) must be optimized for embedding in smaller systems. Long product life cycles and long term product support must match the life cycle of the deployed systems. Reliable and deterministic operation is mandatory and the platforms must be able to be deployed in everything from benign to harsh environments. As a result, boards and systems are made smaller, modified to run in extended thermal ranges and rugged environments.


High Performance Computing Requirements







  • Throughput oriented
  • Many threads per core
  • Large memory capacity
  • X86, Intel Xeon
  • Connect anyone, anywhere, anytime and on any device
  • Ethernet
  • Network Attached, SAN
  • Application specific
  • Transaction based
  • Windows, Linux

High Performance Computing

  • Compute Intensive
  • MultiCore, many-core
  • PowerPC
  • X86, Intel  Xeon
  • GPGPUs
  • Scalable high bandwidth
  • Common protocol for inter/intra systems
  • InfiniBand
  • High capacity storage devices
  • Open source
  • MPI, OpenMPI
  • OFED
  • Linux


  • Processors targeted at embedded
  • FPGA’s
  • AdvancedTCA, microTCA, VPX, emerging small form factors
  • Low latency
  • Ethernet
  • PCI Express
  • Serial RapidIO
  • Limited
  • Data recorders
  • Solid State Drives (SSDs)
  • Real-time
  • Vendor specific
  • Math libraries
  • VxWorks, Linux

Source: CSPI, Embedded Tech Trends 2013



Platform Architectures

Two organizations in particular have driven the efforts to evolve high performance embedded computing platforms. Both started their efforts on industrial computing, but have moved down separate paths to define alternate platforms commonly used for HPEC.


VITA was the first to organize, with members focused on the development of VMEbus in the early 1980’s. VMEbus started out as a solution for industrial platforms, providing a parallel bus architecture that could be scaled to 20 boards in the backplane. As VMEbus became a prime choice for many defense applications that demanded a more rugged solution, the members extended the original VMEbus specification to include options for alternate cooling strategies such as conduction cooling.


PICMG rolled out CompactPCI* in the mid-1990’s, implementing the parallel PCI bus in a 6U form factor. Again, the initial focus was on industrial applications but the communications industry quickly picked up on the architecture and started to drive it towards specific needs of their industry, primarily moving large blocks of data to multiple destinations. AdvancedTCA* was soon defined using a scalable switch fabric approach instead of a parallel bus. The form factor was enlarged to better address the needs of the communication industry.


Members of VITA responded with the VPX* initiative, bringing the scalable switch fabric architecture to the smaller 6U form factor. The primary influence for VPX came from the defense industry.


Both AdvancedTCA and VPX have greatly extended the ability to develop impressive HPEC platforms. The use of serial switch fabrics enables the design of systems ranging from three modules to complex mesh systems with point-to-point connections in many configurations suitable to specific application processing needs. While data center blade systems are occasionally used in embedded applications, it is AdvancedTCA and VPX that are specifically targeting markets and applications that require HPEC platforms. VPX offers a smaller packaging option over AdvancedTCA and is specifically designed for military and aerospace applications, including those with a need for conduction or liquid cooling options.


To give us a better feel for what is possible today, let’s look at what some of the Intel® Intelligent Systems Alliance members are offering.


MEN CompactPCI Serial.jpg

At Embedded Tech Trends 2013, MEN Mikro Elektronik GmbH presented a multi-cluster HPEC solution using CompactPCI Serial. This specification adds greater support for serial point to point fabrics like PCI Express, SATA, Ethernet and USB in the classic CompactPCI form factor. In the MEN configuration, Ethernet is added to the CompactPCI specification so that traditional star, ring, or mesh configurations (up to eight-slots in a standard CompactPCI chassis) can be built. Additional clusters can be added to build very large scalable systems using low-cost modules. MEN builds systems with a single Intel quad-core CPU system slot module and up to 7 GPGPU modules directly controlled via PCIe x8 or PCIe x1.

At the same forum, Mercury Systems discussed the need for advanced fabric innovations to maximize the performance of HPEC systems. Their concern being that existing choices such as PCI Express and 10G Ethernet, are running out of steam and that we should be preparing to implement 40G Ethernet and InfiniBand. Mercury Systems has been building HPEC platforms for many years, their extensive experience in the interconnect implementations of these platforms makes them especially knowledgeable on what it takes to build HPEC platforms. They are not as concerned about computing as they are on how to handle huge amounts of I/O data that is collected by HPEC platforms.


Mercury Systems has been researching what it will take to get to the next generation of infrastructure for HPEC platforms. They feel that advances in connector and backplane technology will be needed to get beyond 8 Gbaud transfer rates, in other words “The connector is key to unlocking speed.”


Mercury Systems uses Serial RapidIO and 10G Ethernet for most data plane transactions today but they are quickly developing InfiniBand and 40GigE solutions for tomorrow. One of the technologies that most intrigues them is InfiniBand which is used extensively in HPC platforms. Advances in connector, backplane and cooling technologies will kick VPX into the next gear allowing them to develop massive many-core HPEC engines that are optimized for SWaP.


GE Intelligent Platforms puts such an emphasis on HPEC that they formed a HPEC Center of Excellence. Through this center, GE Intelligent Platforms can engage early with customers to help with architecture definition, develop application-ready systems, and then provide post sales application support and services all with the emphasis on the needs of HPEC applications.


GE Intelligent Platforms discussed the impact of new architectures on SWaP through an example of a radar processing system that they recently developed. The original system, based on VMEbus, was 4 cubic feet in size, weighed 105 pounds, and consumed 2000W of power. The newest system, based on 3U VPX, is 0.8 cubic feet in size, weighs 10 pounds, and consumes 120W of power. The original system delivered 576 GFLOPS peak while the new system delivers 770 GFLOPS peak with a combination of 3rd generation Intel® Core® i7 and GPGPUs.


I recently discussed the Kontron HPEC strategy in Roving Reporter: Kontron HPEC Proof-of-Concept delivers breakthrough I/O data bandwidth. The Kontron HPEC platform delivers 40 Gigabit Ethernet (GbE) equivalent data transfer rates via PCI Express 3.0. What sets the Kontron platform apart is the use of PCIe 3.0 to deliver 40GbE equivalent data transfer rates using common TCP/IP protocols. The combination of PCIe 3.0 and TCP/IP is achieved through Kontron’s VXFabric* middleware, which implements the TCP/IP protocol over the PCIe infrastructure to boost transmission bandwidth to nearly 40 GbE speeds. The PoC platform is based on VPX, which is known for its high performance, harsh environment capability, and small size.


Concurrent Technologies advocates a similar approach. The Concurrent Technologies Fabric Interconnect Networking Software (FIN-S) provides a rich software ecosystem allowing applications on multiple processor boards to communicate efficiently with each other over supported bus interconnect fabrics, enabling development of high performance embedded computing (HPEC) systems. FIN-S provides a variety of communication mechanisms to address the needs of various embedded applications. Support for the widely accepted IP socket interface is provided, enabling portability and ease of use at application level. A high performance, low latency message based direct communication library is included, enabling direct zero copy application level communication between boards. This provides the additional benefits of having the same application programming interfaces across multiple operating systems and multiple supported fabrics. High performance computing applications can easily be implemented in the embedded domain. FIN-S supports various system architectures including VPX, VXS and AMC along with their associated interconnect fabrics such as PCI Express, Serial RapidIO, and 10 Gigabit Ethernet. FIN-S is available on a range of Concurrent Technologies boards utilizing Intel processors in commercial, industrial, ruggedized air cooled, and ruggedized conduction-cooled operating environments.


Curtiss-Wright Controls Defense Solutions has published a must read technology white paper, “Understanding HPEC Computing: The Ten Axioms.” An HPEC system must meet the criteria outlined in the Ten Axioms of HPEC to be able to satisfy the requirements of today’s most demanding defense and aerospace rugged embedded applications. To help system designers to better understand what to look for in an HPEC system, and what to avoid in less capable system alternatives, the paper discusses the Ten Axioms, organized by the industry (HPC, Embedded Systems and Sensor) from which each is derived. The details of how each of these essential elements relates to and meets the unique requirements of these high performance-processing solutions are explained.


HPEC Positioning.png

HPEC vs non-HPEC, Courtesy of Curtiss-Wright Controls Defense Solutions


Themis Computer is a long time provider of high performance computing to the embedded community and in particular, the defense and aerospace markets. They have a strong background in server technology that is designed to withstand the extreme operating environments of many defense applications. Themis Computer has been defining and prototyping a new form factor called the NanoPAK Small Form Factor Computer based on VITA 74. While targeted at smaller embedded systems, this small package has some big capabilities. Leveraging work done with serial switched fabrics, meshed computers such as those using VPX can be built on a smaller scale. With the right processor payload, these NanoPAKs occupy the low-end of the HPEC processing range.



HPEC computing is a rapidly growing market opportunity with no end in sight for the amount of performance needed for embedded computing in this class. When searching for HPEC computing platforms, there is no shortage of options. All of these alliance member focus on supporting the HPEC needs of defense and aerospace applications. You can be sure that all of them will have new products to announce with the roll-out of the 4th generation Intel® Core® processors. This will add a much appreciated performance boost to process the “Big Data” encounter in embedded computing.

Learn More


Solutions in this blog:


Related topics:


Kontron is a Premier member of the Intel® Intelligent Systems Alliance.

GE Intelligent Platforms is an Associate member of the Intel® Intelligent Systems Alliance.

Concurrent Technologies and MEN Mikro Elektronik GmbH are Affiliate members of the Intel® Intelligent Systems Alliance.

Curtiss-Wright Controls Defense Solutions, Mercury Systems and Themis Computer are General members of the Intel® Intelligent Systems Alliance.


Jerry Gipper

OpenSystems Media®, by special arrangement with the Intel® Intelligent Systems Alliance

Editorial Director,OpenSystems Media,VITA Technologies

I’ve followed the ever-continuing advances in Intel® processors for many years now, but it’s still amazing to me how much difference a processor generation can make. With the recently announced 4th generation Intel® Core™ processor family (formerly codenamed “Haswell”), there are a surprising number of new features for retail transactional technology, particularly point-of-sale (POS) systems (see Figure 1).


Haswell in Retail.JPG

Figure 1. The 4th generation Intel® Core™ processor family provides a wide range of benefits for retail transactional devices.

These new processors can help improve transaction experiences for both businesses and customers, enabling POS systems that:

  • Deliver engaging personalized service and incentives
  • Enable mobile checkout options
  • Protect personal and transactional data
  • Reduce IT costs
  • Improve remote device uptime


Delivering all of these benefits may sound like a tall order, but it’s one that the members of the Intel® Intelligent Systems Alliance are already addressing using this new generation of processors. In this blog we’ll look at customer engagement and mobile solutions. In a subsequent blog, we'll look at how this new processor family helps ramp up security and manageability to protect data, reduce IT costs, and improve uptime.


Delivering Engaging Personalized Service and Incentives

The first step in engaging customers is delivering compelling visuals. The 4th generation Intel Core processor family offers superb integrated graphics, with up to 60% faster graphics improvement over the previous generation. It does this through wider data paths, sampler improvements, double clocked geometry, more execution units, and support of the latest 3D APIs (DX11.1 and OGL4.3). And with the ability to power three independent displays, these processors are well-suited for multi-display POS systems that show items as they’re rung up and run promotional offers and advertisements to earn extra revenue for the store.

You’ll see some of this improved graphics performance in:

  • Intel® Clear Video HD Technology which uses hardware acceleration to dynamically improve video quality through frame-rate conversion, image stabilization, and more
  • Intel® HD Graphics which mixes crystal clear video with immersive 3D and responsive 2D graphics to bring products and offers to life on-screen
  • Intel® Quick Sync Video which enables the super-fast transfer of promotional content to customer devices and phones

The other big improvement for delivering personalized service and incentives is performance. The 4th generation Intel Core processor family delivers between10 to 15 percent improved processing performance over the previous generation. This enables smooth, responsive interactive experiences and faster analytics at the edge.


This last point is important because of the increasing need for edge devices like POS systems to analyze customer profiles in real time and encourage add-on sales at the checkout. For example, a customer buying seeds at a garden supply store could be presented a special today-only price on soil amendments. This is more than an offer. It’s a helpful reminder of what else you should be buying—something customers will appreciate. The same might be true if you’re buying shoes at a department store and a POS display offers a great price on socks. Instead of having to train store personnel to make these suggestions, you can buy software that does it. And the software never forgets to do it and never has a bad day.

Enabling More Checkout Options

Today’s retailer wants sales associates to engage customers more and not just sit behind the register. On-the-floor sales assistance and checkout line busting require mobile POS solutions. The 4th generation Intel Core processors with up to 25 percent lower thermal design power compared to the previous generation are optimized for thin and light form factors with long battery life that are detachable, dockable, and can swivel and be convertible.

For developers looking to take mobile POS interactivity to the next level, the Intel® Perceptual Computing SDK enables rapid development and deployment of multi-touch, gesture, speech, and facial recognition. Imagine a POS checkout screen that reacts to people’s attention and engages them with responses to their touch, hand gestures, and even a smile. Available as a free download with no licensing necessary, the SDK supports close range hand and finger tracking, speech recognition (English, with more languages to come), face analysis, and augmented reality via 2D/3D object tracking. High-level APIs provide developers with fast, easy programming access to perceptual computing functionality, while low-level APIs provide experienced developers the control needed for application innovation.

Examples of New Boards

Accompanying the launch of the 4th generation Intel Core processors is a long list of boards and systems for a wide variety of retail applications, from digital signage to digital security surveillance. I’m going to point out some solutions that are particularly well suited for POS devices.


The Congatec conga-TS87 (Figure 2) is a Type 6 COM Express module with the mobile Intel® QM87 Express chipset and powerful quad core Intel® Core™ i7-4700EQ processor with 6MB L2 cache. It can be powered at 2.4 GHz with a TDP of 47W. In Turbo Boost mode, the clock rate is increased to 3.4 GHz. The processor handles up to 16 GB, 1600 MT/s fast LV 1.35V dual channel DDR3 memory. The integrated graphics support Intel® Flexible Display Interface (FDI), DirectX 11.1, OpenGL 4, OpenCL 1.2 and high-performance, flexible hardware decoding of multiple high-resolution full HD videos—imagine the video advertisements a self-checkout kiosk could run equipped with that. Static graphics will also stand out with 4K pixel resolution of up to 3840 x 2160 with DisplayPort and 4096 x 2304 with natively supported HDMI.


Figure 2. Congatec conga-TS87


The Kontron KTQ87/mITX Mini-ITX board (Figure 3) integrates new features such as the new Intel® Advanced Vector Extensions 2 instructions (Intel® AVX2), which dramatically accelerate floating-point-intensive computations, and the improved Intel® Advanced Encryption Standard New Instructions AES-NI), which accelerates data encryption and decryption. Graphics-intensive POS applications will profit from the improved graphics performance of the 4th generation Intel Core processors, while the thermal footprint has remained nearly the same. Kontron has integrated an excellent range of interfaces, including PCIe 3.0 and USB 3.0. With long-term availability and support for up to three independent displays, the KTQ87/mITX provides everything to build a broad array of future-oriented, rich media embedded applications on a single compact Mini-ITX form factor that’s an ideal fit for retail kiosks and POS.



Figure 3. Kontron KTQ87/mITX



The Axiomtek SHB130 (Figure 4) is a high-performance PICMG 1.3 full-size CPU card designed around 4th generation Intel Core processors with the Intel® Q87 Express chipset. The card comes with two DDR3/L 1333/1600 MHz unbuffered ECC DIMM slots up to 16 GB of system memory and provides 14 USB ports (four USB 3.0 and 10 USB 2.0 ports), two Gigabit LAN ports, DVI-D/VGA or DisplayPort (optional), HD audio, one RS-232/422/485 port, four RS-232 ports, DIO (4-IN & 4-OUT) and two PS/2 keyboard and mouse ports. This high performance PICMG 1.3 slot CPU card is fully compatible with Axiomtek's PICMG 1.3 full-size passive backplanes. Axiomtek offers various industrial housing enclosures and has the capability to assist with any customer's integration requirements.



Figure 4. Axiomtek SHB130




The ready-to-go Venture Compact eIPC380 also comes with a rich set of IOs, such as USB 3.0 ports, and the user can select to output to HDMI, VGA and Display Port (see Figure 5). Further flexibility and configurability are provided by internal mini-PCIe slots. In addition, the ruggedized and low-profile enclosure protects the system in tough operational environments. Developed with reference to the Intel® Intelligent Systems Framework guideline, the eIPC380 is an excellent solution that brings excellent connectivity and performance for delivering engaging experiences to retail POS. The eIPC380 supports Windows 8, 7 and Windows Embedded Standard. It’s also available with cellular mobile connectivity.





Figure 5. Venture Compact elPC380


Enable a New Generation of POS Systems

The rapid implementation of the 4th generation Intel Core processor family in these and other Alliance products is designed to enable developers to speed to market a new generation of stationary and mobile intelligent POS systems with high-power graphics. In my next post, I’ll cover the manageability and security benefits of these new processors that will appeal to retailers.






Learn More

Contact Featured Alliance Members:

Solutions in this blog:

Related topics:

·        Performance - Top Picks (blogs, white papers, and more)

·        Retail - Top Picks (blogs, white papers, and more)


Kontron is a Premier member of the Intel® Intelligent Systems Alliance. Axiomtek, Congatec, and Venture Corporation are Associate members of the Intel® Intelligent SystemsAlliance. 


Mark Scantlebuiry

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Associate Editor, Embedded Innovator magazine




The Problem


According to a Defense Science Board analysis of 32 major automated information system acquisitions, the average time to deliver an initial DoD program capability is 91 months once funding is approved. This is two to three times the average industry IT refresh cycle time, making it difficult to keep pace with user needs and technology evolution. (Department of Defense Cloud Computing Strategy)

The U.S. Department of Defense (DoD) recognizes that they have a problem keeping up with technology and as a result is embracing a strategy for cloud computing. The DoD Cloud Computing Strategy is the official published document that lays out the groundwork, consistent with the broader Federal Cloud Computing Strategy, for accelerating cloud adoption in the Department. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

DoD Cloud Computing Goal

Implement cloud computing as the means to deliver the most innovative, efficient, and secure information and IT services in support of the Department’s mission, anywhere, anytime, on any authorized device.

DoD Strategy


The DoD strategy can be summarized as follows:

  • The DoD Cloud Computing Strategy introduces an approach to move the Department from the current state of a duplicative, cumbersome, and costly set of application silos to an end state which is an agile, secure, and cost effective service environment that can rapidly respond to changing mission needs.
  • The DoD Enterprise Cloud Environment includes separate implementations and data exchanges on Non-secure Internet Protocol Router Network (NIPRNet), Secure Internet Protocol Router Network (SIPRNet), and Top Secret Sensitive Compartmentalized Information (TS SCI) security domains.
  • All cloud services must comply with Department Information Assurance (IA), cybersecurity, continuity, and other policies. The Department will leverage commercially offered cloud services that offer the same or a greater level of protection necessary for DoD mission and information assets. [Department of Defense Cloud Computing Strategy]

One can sense how the DoD wants to leverage current commercial enterprise and consumer cloud computing technology to their advantage. The DoD recognizes the value of a cloud computing strategy but also is clearly aware of the pitfalls that may interfere with mission imperatives. The Department is reducing the number of data centers from about 1,500 to “a number far below that,” Robert J. Carey, Deputy Assistant Secretary of Defense (Information Management, Integration and Technology) / Department of Defense Deputy Chief Information Officer, said, and is implementing a coherent and consistent architecture across thousands of computing environments.


The DoD has identified specific cloud computing challenges that require careful adoption considerations, especially in areas of cybersecurity, continuity of operations, information assurance (IA), cybersecurity, and resilience. Additional challenges include service acquisition and funding sustainment, data migration and management, and overcoming network dependence at the tactical edge (where users are often Disconnected, Intermittent and Low-bandwidth (DIL) users).

DoD Cloud Computing Strategy Figure 1.png

DoD Enterprise Cloud Environment


The move to consolidated data centers is guided by the National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, and the NIST Cloud Computing Standards Roadmap. Leveraging the NIST guidance, the DoD Cloud Reference Architecture includes a modular infrastructure that scales up for deployment within large, Continental United States (CONUS) data centers and scales down to offer containerized and small footprint computing resources in regional facilities and deployed tactical edge environments.


DoD Cloud Computing Strategy Figure 2.png

Consolidated Core Data Centers will Form the Basis of the Enterprise Cloud Infrastructure


The DoD wants the same costs savings already realized by commercial enterprises. In data center operations, this should be a relatively easy goal to achieve. Where it gets a bit more challenging is with deployed tactical edge environments where the deployed platforms are more heterogeneous. Multi-service defense systems have widely varying missions with many unique needs. The DoD has always faced a challenge getting the various armed services to work together to develop common platform strategies. I just don’t see this going away anytime soon, leaving the door open for a wealth of divergent platforms.


Key elements from the DoD Cloud Computing Strategy that most impact Intel Intelligent Systems Alliance members center around efforts to optimize data center consolidation. The Department wants to reduce hardware footprints in data centers by implementing server virtualization and infrastructure-as-a-service. Data centers throughout the DoD will be consolidated into smaller, core data centers that will reduce the number of different hardware platforms, resulting in savings in equipment, facility, and operational costs. Information security is another key element that will require support from both hardware and software suppliers before their products can be implemented as part of this strategy.




I looked at Intel® Intelligent Systems Alliance members with enterprise solutions and cloud computing initiatives to determine how they are addressing my questions. Here are some of my observations.


Dell believes that cloud computing is not a technology but rather a strategy. Federal agencies have the same IT needs and opportunities as their private sector counterparts, but they demand a different approach. Dell is committed to developing solutions that match business vision and drive them forward with maximum flexibility and minimum risk. They work with customers and organizations to build on technologies and processes already in place. Dell Federal Government Solution’s case-by-case approach is used to determine the right technology and services for an agency, including cloud computing, data center modernization, employee mobility initiatives and cybersecurity.


Hewlett-Packard appears to be more aggressive with a cloud computing strategy focused on federal government needs. They already manage and secure two of the largest intranets in the world for the U.S. Department of Navy and UK Ministry of Defense. HP Cloud Services for Government clients can select from of an array of HP’s commercially available cloud offerings as well as those designed to meet specific Public Sector needs. HP cloud sourcing options include Private Cloud, Virtual Private Cloud (enterprise-class, managed, highly secure multi-tenant cloud), Public Cloud services, or a combination.


Microsoft approaches cloud computing as a way to help customers take a key step toward better business agility, economics, and user experiences. The cloud presents an opportunity to redefine the role IT plays in implementing a business’s strategy. Microsoft Cloud Computing for Government provides scalable, on-demand cloud computing services to help government organizations focus on mission-critical objectives, while helping to reduce IT costs.


Oracle provides aerospace and defense organizations with a complete, open, and integrated suite of business applications, server, and storage solutions engineered to work together to optimize every aspect of their business. Oracle Cloud Computing Services provides enterprise-grade cloud solutions, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS).


Intel launched their Cloud 2015 Vision to help businesses implement cloud computing solutions that are federated, automated, and client-aware. This vision offers the promise of swiftly responding to the demands of users. With federated clouds, IT can rapidly scale computing resources, while client-aware clouds enable the delivery of optimized applications to end-user devices. Intel Cloud Builders is a cross-industry initiative aimed at making it easier to build, enhance, and operate cloud infrastructure. Here you will find an extensive library of cloud computing tools and solutions in the Cloud Builders Reference Architecture Library.


Intel delivers leading foundational technology that improves your ability to optimize, scale, and better secure your server, network, and storage infrastructure. Intel provides practical implementation guidance and tools, including proven reference architectures from more than 50 leading systems and solutions providers.




From what I can discern, there does not appear to be any significant change in strategy for Intel Intelligent Systems Alliance members that are supplying commercial enterprise products that is driven by the DoD Cloud Computing Strategy. Since the DoD is placing a heavy emphasis on using commercial grade equipment, they are not necessarily looking for the suppliers to do anything beyond what they do to support commercial initiatives or current needs for specific operational conditions. Security is a top priority for nearly all user types of cloud computing and is clearly reflect in the DoD plan. The DoD does have some unique mission critical needs that they address through mission networks that are special purpose with their own cloud computing services, especially in edge environments.


All of the companies reviewed have federal government or defense and aerospace business units in place that are already key contributors to the DoD strategy. They all have solid commercial enterprise solutions and a focus on cloud computing. Most have government cloud computing called out as part of their overall strategy.


Fortunately, for most Intel Intelligent Systems Alliance members, cloud computing neutralizes many hardware and software dependencies. With security, interoperability, and portability cited as major barriers to broader adoption, the opportunities for alliance members to contribute to the cloud computing strategy remain high. Most of the members focus on products that are used in edge devices so having fast wide-area network access is the single most important aspect for participation in any cloud computing strategy. These members should be aware of what is going on in the big picture, especially as it relates to the barriers to be sure that they can take full advantage of future opportunities.


The DoD Cloud Computing Strategy was published in July of 2012. It is evolving and should be studied if you are serving this market.


Learn More


Related topics:


Dell is a Premier member of the Intel® Intelligent Systems Alliance.

    Contact Dell>>

Hewlett-Packard is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Hewlett-Packard>>

Microsoft is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Microsoft>>

Oracle is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Oracle>>



Jerry Gipper

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Editorial Director, OpenSystems Media, VITA Technologies

Filter Blog

By date:
By tag: