1 6 7 8 9 10 Previous Next

Market Applications

305 posts

New machine-to-machine (M2M)-based cloud applications for home monitoring can help patients manage their health conditions at home, while giving healthcare providers access to up-to-date patient information. But these professional monitoring devices have consumer-like demands. They need to be easy to set up, connect, and use. They need to protect patients’ sensitive personal health information. And developers of these systems need to be able to quickly respond to market changes with new products, using standards-based platforms and network protocols. Our roundtable discussion explores how the Intel® Intelligent Systems Framework supports remote monitoring systems that deliver the management, connectivity, and security features required for effective patient care. Our roundtable participants are:




Intel Roving Reporter: The market for remote medical monitoring devices is heating up, putting additional pressure on developers to get to market faster with competitive products. How can you help them get there?

Satish Ram, Kontron: Kontron provides a suite of application-ready platforms that are Intel Intelligent Systems Framework (ISF) ready, by offering various connectivity, scalability and security options as well as meeting healthcare-specific compliance requirements (PCI, HIPAA, EN50134, etc.). Our human-machine interface (HMI) and M2M products are examples of such products targeted at the healthcare vertical. These platforms come with a development platform that is already pre-integrated to connect up to other ISF-ready systems.

Kontron M2M platform.png


The Kontron M2M Developer Kit is a compact platform that integrates its COM Express® mini Pin-out Type 10 compatible COMe-mTT family of Computer on Modules (COMs) based on the Intel® Atom™ processor E640 1 GHz. The external USB port simplifies use of M2M SDKs, and offers sufficient storage for M2M smart service applications, middleware and OS on the 4 gigabyte (GB) internal MicroSD card. The kit also supports a full range of wireless interfaces, protocols and network topologies.


Mike Ueland, Telit Wireless Solutions: Telit offers an extensive portfolio of quality cellular, short-range, and GNSS modules, available in over 80 countries. By supplying business-scalable products that are interchangeable across families, technologies, and generations, Telit is able to keep development costs low and uniquely protect customers' design investments. Telit provides customer support, design-in expertise through its sales and support offices, and offers a global distributor network of wireless experts in over 30 Telit-designated competence centers that work with customers to develop concepts and ideas to realize their solutions.


Telit offers a form factor family concept, allowing developers to develop one application for different markets. M2M modules belonging to a family have the same form factor and functionalities—the same size and shape, same pin-outs, and same AT command set. Design once, deploy globally. The advantage for remote medical monitoring device developers and electronic manufactures is that all modules in a family are interchangeable. When the time comes, developers can easily replace family modules with successor products such as would happen in a switch from 2G to 3G. The unified form factor feature reduces development effort, time, and costs, protecting investment in core designs.

Telit xE910 Family.jpg


Steve Popovich, Digi International: Digi provides several easy-to-integrate connectivity products and services used for connecting medical devices and sensors in thousands of hospitals and home healthcare applications. We have commercial medical device customers that create prototype remote monitoring systems in just a few days.

Digi hmhealthmonitor.jpg

RR: What do designers need to know about connectivity standards—from wireless to cellular—as they develop these devices that may be sold for use anywhere?

Satish Ram, Kontron: Solutions designers need to become familiar with WPAN, WLAN, and WWAN connectivity options and the current adoption trends towards Bluetooth Low Energy for medical devices. In addition, for use of cellular WWAN solutions, designers need to ensure compliance with regulatory certifications such as FCC, CE, PTCRB, GCF or others depending on the country and deployment regions. Also, wireless data services can vary significantly from one country to another as do wireless frequency bands for cellular networks. Kontron can help customers navigate this complex ecosystem and make it easier for deploying solutions quickly.


Mike Ueland, Telit Wireless Solutions: There are a number of requirements to consider, including speed, coverage, deployment plans, costs , data plans and hardware, carrier relations, and the expected product lifecycle. In the majority of cases, the cellular module is the most important component in the process of integrating M2M into electronic devices like those used for remote medical monitoring.


Cellular data transmission speeds go up from 2G where GPRS speeds are rated in a few tens of Kbps to the current release of LTE (4G) of 100 Mbps. There are a number of trade-offs. The higher the connection speed you require, the higher the price of the module and associated connectivity data plans. Today, 3G enjoys nearly as much geographical and population coverage as 2G. 3G will soon have a larger footprint than GSM when U.S. carriers start sun-setting their 2G service. Therefore, 3G will continue to be the long term “everywhere” cellular coverage for many more years.


Steve Popovich, Digi International: One of cool benefits of our iDigi connectivity architecture is we can support ALL of the domestic and international wireless standards and little or no wireless experience is required by the developer! Developers using our iDigi architecture only need to create the business application and not be concerned with the details of what wireless technology is needed for deployment. For example we have healthcare customers that create a single business application that can incorporate several different wireless connectivity technologies to economically support multiple unique end customer use cases.


RR: Since these remote devices are being used by consumers, not healthcare or technical professionals, what are some strategies you advise developers to use to make sure these are easy to set up, connect, maintain, and use?

Satish Ram, Kontron: Focusing on ease of use and ‘ready out of the box’ solutions is key for consumer adoption. Leveraging frameworks such as ISF will help developers ensure seamless integration to various subsystems and automate much of the functionality to improve user experience. As an example, home healthcare devices should automatically detect new devices and ‘pair’ with them without any user intervention. So, the consumer can purchase a BLE weight scale that auto-connects and displays the data on his/her smartphone with a simple downloaded app.


Mike Ueland, Telit Wireless Solutions: There are development tools that can aid or make it easier for developers to design applications. Many firms have been successful using the Agile software development process. The Agile process promotes adaptive planning, evolutionary development and design with an interactive approach that encourages faster responses that are flexible to change. The Agile manifesto establishes that developers, in their approach to application development, limit the amount of work in progress to reduce the impact of sudden business changes.


Customer collaboration and the user experience with the application are critical in the development process. Therefore, continuous customer and stakeholder involvement is required. In order to deliver on this key aspect, Agile establishes smaller, faster development cycles that deliver functioning software sooner, which in turn limits the total body of work in progress. This has the effect of testing hypotheses about required functionality much earlier than other methods allowing developers and business sponsors to quickly prove or disprove them. The bottom line is that developers need be strategic about developing applications for the consumer.


Steve Popovich, Digi International: Our iDigi Manager Pro services provide an almost infinitely scalable connectivity platform for our customers. Our iDigi Manager pro services enable our customers to automate the remote configuration, commissioning, and ongoing management of millions of devices. Via our iDigi APIs developers can also elegantly integrate our features into custom applications.


RR: Security is always an issue when discussing the management of personal health information. How are you helping developers address this in their products?

Satish Ram, Kontron: Security is of paramount importance in many applications, and especially so in healthcare applications. Kontron’s products leverage the ISF security framework components, including Trusted Platform Module (TPM) and WindRiver Secure Remote Management (SRM) software, to ensure data privacy and security.


Mike Ueland, Telit Wireless Solutions: Cellular data communication is inherently very secure—substantially more so than traditional data communication. In addition to the security already built into cellular data, we provide the remote medical monitoring device integrator with a comprehensive set of IP protocols designed to enhance this security. A key element of this toolkit is the embedded SSL protocol available in all our modules. The use of SSL over cellular IP data, augmented by best practices in two-way challenges and other identification, authentication and security measures ensures that personal health information is communicated in the most secure manner possible.


Steve Popovich, Digi International: Digi provides several security options for both wired and wireless products and services. For example even our most basic wireless modules integrated inside of medical devices support complex encryption methods that prevent data from being read by network analyzers. For security purposes medical device and patient identification information is only combined beyond connectivity services platform.




Learn More


Solutions in this blog:

•            Intel Intelligent Systems Framework

•            Kontron M2M Smart Services Developer Kit

•            Telit Wireless Solutions HE910 Family

•            Telit Wireless Solutions GE910 Family

•            Digi International x2E Gateway

•            Digi International iDigi Manager Pro



Related topics:

•            Medical - Top Picks (blogs, white papers, and more)

•            Connectivity - Top Picks (blogs, white papers, and more)



Kontron is a Premier member of the Intel® Intelligent Systems Alliance.

    Contact Kontron>>

Digi International is an Associate members of the Alliance.

    Contact Digi>>

Telit Wireless Solutions is an Associate members of the Alliance.

    Contact Telit>>


Cheryl Coupé

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Freelance technology writer & editor (scribo.net)

Cloud-based telecom services are creating new opportunities for service providers to manage costs and deliver enhanced services. Off-the-shelf, carrier grade servers, supporting virtualization and high speed network interfaces offer a cost-effective alternative to conventional telecom systems. Cloud-based services can be rapidly deployed to meet customer demands and software defined networking (SDN) will add further flexibility and extend the value of this approach.


In this blog I am going to explore the benefits of using servers based on Intel® Xeon® Processors E5-2600 Series for cloud-based telecom services. For this blog I am using implementation examples from Dell, an Associate member of the Intel® Intelligent Systems Alliance. The 250-plus members of the Alliance collaborate closely with Intel® to create hardware, software, tools, and services to help speed Intelligent systems  to market.


Telecom Cloud

The telecommunications infrastructure is developing quickly to meet the demands of business and personal customers. Video-on-demand, social networking and cloud storage are key applications driving demand for enhanced services and high speed connectivity. The combination of server virtualization and cloud architectures has revolutionized the provision of these applications to businesses and consumers.  By using virtual servers and cloud technologies in the telecom infrastructure carriers can quickly build flexible and scalable networks.


Carrier grade servers are already used in some elements of the network infrastructure used to deploy 4G, LTE wireless networking and high speed broadband. The latest Intel processors deliver significantly enhanced packet processing performance dramatically increasing the number of network elements that can be implemented using standard server systems. SDN has been developed to enhance cloud architectures. SDN uses real-time Intelligence, application information and virtualization to optimize server and networking resources to meet user demand. Carriers now have the opportunity to significantly increase return on investment (ROI) by shifting to cloud architectures and standard server systems to deliver telecom services.


Key Technologies
The Intel® Xeon® Processors E5-2600 Series support several technologies that are critical for high performance cloud based telecom services. The Intel® Xeon® Processors E5-2600 Series integrate up to 16 cores in a dual-socket configuration with large Layer 2 and Layer 3 caches and high-performance DDR3 memory controllers delivering fast memory access. The processors provide up to 40 PCI Express® Gen 3 interfaces supporting a total I/O bandwidth significantly in excess of 100Gbit/s.

The Intel® Xeon® Processors E5-2600 Series support Intel® Virtualization Technology that boosts virtualization performance by allowing the operating system more direct access to the processor hardware. The Intel® Xeon® Processors E5-2600 Series deliver a significant step forward over previous generations in terms of performance, reduced power consumption and support for packet processing functions.

Carrier Grade Servers

Carrier grade servers provide NEBS and ETSI certified platforms for telecom systems that use standard components and benefit from the high volume data center market. Dell is shipping both rack mount and blade server solutions for telecom applications. The systems are scalable from a single rack mount server with 8 cores up to a 42u rack with over 1,000 cores in four blade server enclosures. 


Dell R720t Cropped.png

Figure 1. Dell™ PowerEdge™ R720 t.


Figure 1 shows the Dell™ PowerEdge™ R720 t NEBS Level 3 and ETSI certified 2u rack mount server. The system integrates dual 4, 6 or 8 core Intel® Xeon® E5-2600 series processors and Intel® C600 Series Chipset. The system is available with up to 384GB memory and 1/10 Gigabit Ethernet (GE) or 4/8 Gigabit Fibre Channel (GFC) interfaces. The PowerEdge™ R720 t has 16 2.5“ drive bays and will support up to 14.4TB of storage.

Dell M620t and M1000et.png

Figure 2. Dell™ PowerEdge™ M620 t & M1000e t.


Figure 2 shows the Dell PowerEdge™ M620 t half height blade. The blade integrates dual 2, 4, 6 or 8 core Intel® Xeon® E5-2600 series processors and Intel® C600 Series Chipset. The Dell PowerEdge™ M620 t supports two 2.5” SAS HDD or SAS/SATA SSD drives. The Dell™ PowerEdge™ M1000e t enclosure has sixteen half height slots and shared power supplies and cooling fans. The solution supports 10 GE or 8 GFC network interfaces.


The Dell PowerEdge™ M620 t supports Microsoft Windows Server® and SUSE® or Rad Hat® Linux server operating systems. Virtualization options include Citrix® XenServer™ and VMware® vSphere™. Two internal SD cards are dedicated for embedded hypervisor support.


Delivering Cloud Based Telecom Services
The combination of standard components and carrier grade systems provides a cost-effective solution for cloud-based telecom services. The systems covered in this blog scale from a few cores to over 1000 cores using the same building blocks. Virtual servers and cloud architectures are set to provide a key parts of the telecom infrastructure, reducing carrier cost of ownership and the accelerating time to market.




Solutions in this blog:


Related topics:


Dell is an Associate member of the Intel® Intelligent Systems Alliance.


Simon Stanley

Roving Reporter (Intel® Contractor), Intel® Intelligent Systems Alliance

Principal Consultant, Earlswood Marketing

Follow me on Twitter: @simon_stanley

While editing articles for the upcoming April issue of Embedded Innovator magazine, I noticed that there is a major effort underway to make it easier to implement and scale digital signage systems. Where once there was just the Open Pluggable Specification (OPS), now there’s also the Intel® Intelligent Systems Framework.


This is the dynamic duo in industry specifications for digital signage systems. OPS provides a modular standard for displays and media players, enabling the design of media players that fit neatly into a slot in the back of a display to facilitate installation, maintenance and upgrades. The Intel Intelligent Systems Framework provides a common set of interoperable guidelines to address the fundamental capabilities required for connecting, managing, and securing intelligent devices in a consistent and scalable manner.


Plugging into the Open Pluggable Specification

OPS is a great convenience for matching the level of performance you want from a media player with a display that can take advantage of that performance. If you’re just showing static images, you can choose a low-end OPS-compliant media player designed for that. If you want high definition (HD) images and video, you can choose a high-end OPS-compliant media player.


OPS also provides excellent flexibility. If down the line you decide you want a bigger display, you can   buy a newer, bigger OPS-compliant display and just reuse the media player from the old display. OPS also provides some insurance on being able to utilize new technology. For example, if you want to take advantage of the improved integrated graphics, performance, manageability and security of a new generation of Intel® processors, an OPS display/player combo allows you to just pull out the old media player and insert a new OPS-compatible media player with the latest processor.


The Challenges in Scaling Out Digital Signage Systems

As great a step as OPS is in modularization, the digital signage industry still faces challenges in assembling large networked systems that connect hundreds of signs to the back-end or cloud, as well as other retail systems. Large signage systems require remote manageability and security to be cost effective and protected from malware. What’s more, large signage systems require some form of data collection and analysis to provide the audience metrics, proof of play, and delivery of targeted content that advertisers want.


This has been a tall order. Developers and system integrators have made laudable efforts to cobble together relatively secure and manageable digital signage systems. Unfortunately, it’s been a pretty labor-intensive process involving finding and spec’ing interoperable components, selecting and getting all the software and licenses together, and then testing and hoping the whole thing doesn’t become obsolete or hard to expand in several years. The customized nature of these systems can make them expensive to implement. Dependence on proprietary hardware or software that may not be offered or maintained in the future can be frightening when investing hundreds of thousands of dollars or more.


A Sign for the Times: The Intel Intelligent Systems Framework

For digital signage systems, the Intel Intelligent Systems Framework is a wish come true. Designed for use across the full spectrum of connected devices, the framework gives developers access to a range of validated components from the Intel® Intelligent Systems Alliance, a global ecosystem of 250+ member companies that collaborate closely with Intel and each other to innovate with the latest technologies. These framework-ready components can be mixed and matched to deliver comprehensive solutions spanning from media players to the cloud.


Framework-ready hardware includes boards, modules, and market-ready systems. Complementing these hardware solutions are software components from McAfee, Microsoft, and Wind River. These components include:


  • Operating system and middleware, such as Microsoft Windows, Wind River Linux, and Wind River VxWorks
  • Security solutions, including McAfee Embedded Control and McAfee Deep Defender™ designed to protect the edge and the network
  • Remote manageability capabilities supporting third-party management consoles
  • Virtualization solutions enabling consolidation of multiple functions on a single platform—such as point of sale (POS) and digital signage
  • Integrated software development tools, such as Intel® System Studio, that help software developers quickly and efficiently code for systems based on Intel® processors
  • Firmware solutions, such as Intel® Firmware Support Package, that provide low-level Intel processor, Intel® chipset, and memory firmware initialization capabilities using a standardized interface


Using these framework-ready components developers can confidently and efficiently connect and secure devices and data from different platforms and applications (see Figure 1). In addition, the framework uses Intel® Active Management Technology (Intel® AMT)—part of Intel® vPro™ technology available through select 2nd and 3rd generation Intel® Core™ processors—to deliver value-add capabilities like hardware-based virtualization and remote management. The latter is particularly valuable for replacing expensive in-person service calls with out-of-band control, update and repair capabilities. For sign system owners, this lowers total cost of ownership (TCO) and enables faster ROI by maximizing system uptime and lowering maintenance costs.


ISF Retail Diagram.JPG

Figure 1. Through the Intel® Intelligent Systems Framework, the retail industry will more easily be able to connect, manage and secure a wide range of devices, laying the groundwork for new consumer experiences, enhanced productivity, better inventory management, and brand optimization.


An OPS-Compliant, Framework-Ready Solution

When it comes to media players, the best of both worlds are OPS-compliant devices that are Intel Intelligent Systems Framework-ready. A good example is the Advantech ARK-DS262. This tiny (200 x 119 x 30 mm) unit small slides easily inside OPS-compliant displays, but packs all the processing and advanced graphics you’d expect from its 3rd generation Intel® Core™ i7 processor (see Figure 2). There’s integrated support for HDMI output for full HD content display and 3D animation applications with no need for a third-party graphics card.



Figure 2. The Advantech ARK-DS262 fits into a slot in an OPS-compliant monitor to make an all-in-one digital signage solution that can be reconfigured easily if necessary in the future.


The ARK-DS262 also is ideal for remote management through Intel AMT and a third-party console. In fact, as a framework-ready component, it comes pre-loaded with an embedded OS, along with SUSIAccess remote device management software, and system security software by McAfee. In addition, security is easily implemented on both a device and network basis through framework-ready McAfee products that take advantage of Intel® processor-based security technologies. With such a turnkey signage solution, developers and system Integrators can save important development time and focus on their own applications.


Giving Advertisers the Control and Metrics They Want

The use of framework-ready media players and boards ensures the ability to deliver viewership metrics and targeted content. Such players and board boards can run Intel Audience Impression Metrics Suite (Intel® AIM Suite), an anonymous viewer analytics (AVA) software product. Easily deployed in digital signage systems, Intel AIM Suite installs on nearly any device based on Intel® processors and utilizes off-the-shelf consumer web camera sensors and cloud-based reporting. By providing the ability to recognize viewer gender and approximate age bracket, Intel AIM Suite enables delivery of viewer-targeted content and can collect viewership data such as dwell time and user interactions to report back on advertising effectiveness.


A New Era for Digital Signage

Strategically combining key framework ingredients, developers and OEMs can now more quickly design digital signage solutions that connect over a network through a variety of wired and wireless technologies. This integration and the performance of Intel processor-based systems will enable signage solutions that system-wide can collect and analyze data in near real time to deliver customized messages to specific audiences at each sign and record their reaction.


This is a new, exciting era for digital signage. The ability to monitor and increase advertising effectiveness alone should increase the number of organizations willing to invest in extensive signage systems and to inspire new revenue models in their relationship with advertisers. The Intel Intelligent Systems Framework also opens the door to new usage models as the number of framework-ready products grow. It’s easy to imagine that developers quickly become adept and creative at using these ingredients to launch their own solutions for success. One might well ask: what will you do with the framework today?





Solutions in this blog:


Related topics:



Advantech is a Premier member of the Intel® Intelligent Systems Alliance. McAfee, Microsoft and Wind River are Associate members of the Alliance.


Mark Scantlebury

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Associate Editor, Embedded Innovator magazine

Network appliances based on mobile processors enable low power and cost effective solutions for network security and other functions, including firewall, gateway, anti-virus/spam and load balancing. The 3rd Generation Intel® Core™ i7 Processors have several enhancements that make them particularly attractive for network appliances and other communications applications.


In this blog I am going to explore the benefits of using commercial off-the-shelf (COTS) Mini-ITX motherboards based on Intel® Core™ i7-3xxx Mobile Processor Series to build network appliances. For this blog I am using implementation examples from Super Micro Computer Inc. , an Affiliate member of the Intel® Intelligent Systems Alliance. The 200-plus members of the Alliance collaborate closely with Intel® to create hardware, software, tools, and services to help speed intelligent systems  to market.


Network appliances

Network appliances are stand-alone systems that implement one or more networking support functions. These include network security functions, such as firewall and anti-virus/spam filtering, media gateways and load balancing systems. Network appliances are often 1U or 2U rack mounted systems with plug-in modules for storage and networking interfaces.


Most network appliances have been built using custom motherboards and dedicated processors selected for the particular networking functions supported by the appliance. The introduction of high performance multicore processors with four or more cores with support for low level packet processing functions has opened up new opportunities for developers to build network appliances using standard motherboards and common processors.


Packet processing, security and virtualization

3rd Generation Intel® Core™ processors have changed the dynamics of this market. These processors benefit from higher frequencies, larger L2 caches and integrated GPU. These processors also integrate several features that support network appliance functions including virtualization (VT - VT-x, VT-d and VT-C), advanced encryption standards (IPSec), advanced vector processing (AVX), Turbo Boost, AMT (Remote Management) and Trusted Execution (TXT).


Companies developing network appliances based on 3rd Generation Intel® Core™ i7 processors can take advantage of the Intel® Data Plane Development Kit (Intel® DPDK). This is a set of libraries designed to implement high speed data packet networking functions with outstanding small packet (64 byte) performance. The Intel® DPDK offers a simple software programming model that is easily integrated with standard Linux implementations.


Mini-ITX motherboard for embedded applications

The Supermicro Mini-ITX X9SPV M4 motherboard, shown in Figure 1, provides an off-the-shelf solution for network appliances and other embedded applications. The X9SPV M is available with two or four core Intel® Core™ i7-3xxx Mobile Series processors and up to 16GB ECC DDR3 1600/1333MHz memory. The Mobile Intel® QM77 Express Chipsets PCH supports dual display, PCI Express Expansion, USB 2.0 and 3.0 and SATA 3.0 G/bs and 6.0 G/bs expansion options. The motherboard integrates four Gigabit Ethernet (GbE) LAN ports and expansion for additional GbE or 10GbE ports via an x16 PCIe 3.0 slot. Storage support includes up to four 2.5” SATA2 HDD or SSD drives.


Mini-ITX X9SPV M.png

Figure 1. Supermicro Mini-ITX M Block Diagram.


The Mini-ITX X9SPV M4 motherboard is enterprise-grade and supports Intel embedded processors and chipset SKUs for long life availability (Typical 5 to 7 years availability). This solution is energy efficient with low TDP Mobile CPU. This reduces power consumption, enables quiet operation and supports harsher temperature environments. The Mini-ITX X9SPV M motherboard is shown in Figure 2.


Figure 2. Supermicro Mini-ITX X9SPV-M4 Motherboard.


Network appliance solution

System OEMs can either develop their own network appliance platform or use a standard server platform. Supermicro will supply motherboards or complete server solutions. Figure 3 shows a Supermicro 1U server.


1U Server.jpg

Figure 3. Supermicro 1U Server (Model 5017P-TLN4F with X9SPV-LN4F-3QE).

Off-the-shelf motherboards and server platforms provide a very cost-effective approach to developing network appliances. System developers add secure operating system, firewall or other applications and centralized management, taking advantage of the AMT remote management already integrated.


Best of both worlds

This alternative approach to developing network appliances takes advantage of readily available hardware that is affordable and powerful enough to address customer needs for packet inspection, traffic management, data encryption and security. The standard Mini-ITX motherboard has integrated networking interfaces that are expandable up to 10GbE LAN and uses 3rd Generation Intel® Core™ processors that are supported by the Intel DPDK, and other readily available software, enabling system OEMs to quickly bring new network appliances into the market.




Solutions in this blog:


Related topics:


Super Micro Computer Inc. is an Affiliate member of the Intel® Intelligent Systems Alliance.


Simon Stanley

Roving Reporter (Intel® Contractor), Intel® Intelligent Systems Alliance

Principal Consultant, Earlswood Marketing

Follow me on Twitter: @simon_stanley

6WIND recently made a number of announcements involving key industry partners, including:


The transformation of telecom and networking enabled by SDN (Software-Defined Networking) and NFV (Network Function Virtualization) is often compared to the server virtualization and cloud revolution that happened a few years ago.


There is however a major difference. Standard applications “only” need processing capabilities, memory and storage to run efficiently in a virtualized environment. Designing cloud-based network architecture and virtualized networking functions also require high speed and secured I/Os.


I believe the combination of high performance generic hardware platforms based on the latest generation of multi-core processors, leading open source software platforms, 40Gbe Ethernet solutions and the 6WINDGate data plane software is a great foundation for addressing the transformation of telecom and networking.


6WIND is committed to being a key player in the ecosystem that brings compelling solutions for the industry to accelerate network virtualization. We will lead other major industry initiatives and announce breakthrough products soon.


Stay tuned…


Until recently, the United States has taken a decidedly old-fashion approach to running its rail systems. Most of the country’s signaling, switching, and train operation has been handled manually, leading to inefficiencies and unnecessary hazards. The Metrolink commuter train accident in 2008 highlighted just how dangerous manual controls could be, prompting Congress to pass the U.S. Rail Safety Improvement Act of 2008. This act mandated that approximately 73,000 miles of rail and transit infrastructure would have PTC systems in place by 2015.

PTC is a computerized system for monitoring and controlling the movement of trains. The top priority is collision avoidance, but PTC systems can also automatically regulate the speed of trains in response to rail conditions, on-board equipment malfunctions, temporary speed restrictions, and other safety considerations. While the Federal Railroad Administration envisions a National Differential Global Positioning System (NDGPS) to enable seamless train tracking and control, to date the infrastructure is still a patchwork of legacy systems and disparate approaches.


SDR vs. the Tower of Babel

One company trying to address that shortcoming is Santa Clara based Lilee Systems. Lilee’s unique software defined radio (SDR) technology and Intel®-based hardware provides complete end-to-end wireless mobility management, enabling trains moving cross country, for example, to interact intelligently with a wide range of legacy safety systems along the way.


According to Jon Adams, Lilee’s VP of Strategic Development, “There are many components to Positive Train Control. We do the onboard radios, the onboard networking processors, the wayside radios and messaging processors, and the back office mobile IP abstraction. It’s all standards-based and high security. Every train, every piece of equipment in the field—whether it’s fixed or moving—has a fixed IP address, so it becomes straightforward to manage your assets.”


Why resort to something as complex as SDR to handle what would seem to be a relatively straightforward problem? “The answer has less to do with technology than with FCC regulatory domains,” Adams explained. “If you look at the 217-222 MHz band (Figure 1), which is where much of the industry has decided it’s going to put their PTC systems, it’s under four different parts of the FCC [regulations]: it’s under Part 80, which is Maritime Mobile; it’s under Part 90, which is Business/Industrial; it’s under Part 95, which is Citizens Band; and it’s under Part 97, which is the Amateur Radio Service. You can’t operate under the Amateur Radio Service, but you can operate under the other three parts.”


Figure 1: The U.S. radio spectrum from 217-222 MHz is multi-layered.


“The challenge,” continued Adams, “is even if you build a radio that’s flexible in frequency, it still needs to meet the special requirements of whichever part in which it’s operating. But in those parts they don’t specify modulation type, data rates, coding, or other things. So having a fixed radio means you can only service one segment of a pretty small market. But a software defined radio enables you to throw a virtual switch and suddenly you’re completely compliant with Part 80 and are at 16 kbps; or you’re completely compliant with Part 90 and you’re at 9600 baud. That’s why we took the SDR approach.”


Intel Inside (and Outside) the Train

How do Lilee’s solutions leverage Intel technology? “If you look inside our Lilee Mobility Controllers—that go in the back office—or our Wayside Messaging Servers you’ll find an x86 Intel processor that’s running the whole application space. It’s a very robust architecture, and we chose it because it’s so well supported by operating systems and by the customer base. You need to look at the cost of maintaining a platform, and we felt that the Intel architecture really does help to mitigate the unknowns.”


Figure 2: Lilee's LMC-5500 Mobility Controllers provide the backbone for an integrated PTC system.


Lilee’s LMC-5500 Series Mobility Controllers (Figure 2) provide radio device management with roaming control and enable a conduit between the remote network and the back office servers. LMC-series controllers are built around the Intel® Core™2 Quad Processor Q9400 (6M Cache, 2.66 GHz, 1333 MHz FSB) and the Intel® 3210 Chipset with 82801I9B I/O Controller Hub (ICH9). SDR radios within the network establish tunnels with the LMC-5000 to allow mobile radios to move across different segments of the network without having to be aware of the underlying network topology changes.


Lilee’s Intel® AtomTM-based WMS-2000 Connectivity and Application Controllers enable back office visibility of wayside status and alarm messages, providing an interoperable gateway for PTC and legacy train control systems.


One rail system that has completely committed to Lilee’s approach to PTC is Southern California’s Metrolink. “Metrolink is the commuter heavy rail link in Southern California with 219 miles of right of way with over 200 wayside locations for signals and switches where they need to talk to a train,” concluded Adams. “Lilee’s WMS-2000 messaging server is in every one of those. These units manage all the communications from the back office network to the train. In the back office Lilee LMC-5000 mobility controllers extract the IP address so the back office can always send a message to any particular device throughout their entire system.”


While engineers will continue to drive Metrolink’s trains, PTC backup systems are in place to insure against temporary distractions ever again leading to disastrous consequences.



Solutions in this blog:


Related topics:


Lilee Systems is a general member of the Intel® Intelligent Systems Alliance. Lilee Systems is dedicated to delivering the highest quality, most reliable products and solutions for mobile connectivity across multiple market areas including railway.

John Donovan
Roving Reporter (Intel® contractor), Intel® Intelligent Systems Alliance
Low-Power Design
Follow me on twitter: @jdonovan43

By Franz Walkembach, Senior Product Manager, Wind River


The GENIVI Alliance had recently released its latest compliance specification GENIVI 3.0, and Wind River Platform for Infotainment was among the first to achieve it. Why should this matter? It’s all about trust, scalability and quality.


GENIVI®, Autosar, Car Connectivity Consortium…these are all groups created in order to set up standards across the auto industry. A long-time expert in this domain, Wind River is a founding member of the GENIVI® Alliance, keeping pace with the latest IVI developments and even helping to drive some of the changes coming from the Alliance. Wind River participates on the GENIVI board, marketing council and several expert groups. Wind River’s engineers have been in charge of leading initiatives such as including Android inside a GENIVI design. They are also currently leading the BIT (base integration team).


As the BIT lead, Wind River plans and manages the ongoing team releases (every 6 weeks!), organizes and coordinates the BIT projects (e.g. Baseline automated testing). In addition, as Meta-IVI maintainer, Wind River releases and maintains a GENIVI baseline built on the Yocto project (also every 6 weeks). This baseline has to align with other GENIVI goals, like the IP policy and various contributors such as silicon vendors and users of the baselines.


GENIVI has been working towards a compliance program that further helps align the industry and simplify things such as automotive requirements. In October, the Alliance updated their compliance program, introducing the latest specifications for GENIVI Compliance 3.0. In the automotive world, where everybody knows everybody, and quality is of critical importance, compliance is increasingly becoming an effective way to show that a vendor is:

A) Well connected within the ecosystem,

B) Trusted with a solid reputation,

C) Up-to-date and drives innovative changes,

D) Offering software that meets the highest quality and latest requirements and is scalable across different platforms.


There are 19 parties registered in the compliance program so far. While most have received compliance with earlier GENIVI specifications (versions 1.0 or 2.0), just a few have achieved level 3.0 compliance. With every new compliance specifications release, a variety of new requirements are introduced for different stacks inside an IVI platform, like CE Connectivity, HMI-Application Framework, System Infrastructure, Networking and so on.


Currently, Wind River Platform for Infotainment has achieved GENIVI 3.0 compliance. However, compliance is just one part of it. Our platform also comes with a wealth of other features such as:Riv

  • A semi Linux kernel (based on Yocto Meta-IVI)
  • Optional solution accelerator such as an IPod software solution
  • Downstream support
  • ADK (Application developer kit) for user space development helps to develop applications and product demos in a couple of weeks
  • PDK (Platform developer kit) for kernel space development to configure software platforms
  • Patches to increase the quality of open source


Additionally, other silicon vendor BSP Compliance statements will follow soon.

Wind River Platform for Infotainment is a Linux-based, GENIVI-compliant run-time platform specifically tuned for the IVI market. It can be used as a fast track for demo development or a solid core for platform development. The platform is designed, packaged and tested to support an all set of automotive features.


The GENIVI compliance program was launched in August 2011, and it’s been gaining quite serious momentum since then.  And of course, Wind River will be sure to continue to track closely with the compliance program at every step!


For additional information from Wind River, visit us on Facebook.

As we all know, the Internet isn’t just for people anymore. But that doesn’t mean that bringing intelligent systems onto the Internet of Things and getting them to work together well is an easy task. Fortunately, a new article in Boards & Solutions magazine shows us it doesn’t have to be rocket science. You just have to look for solutions based on the new Intel® Intelligent Systems Framework


The article’s author is Jim Robinson, General Manager, Marketing and Business Operations, Intel® Intelligent Systems Group. In the article, he explains how this new framework provides a blueprint for hardware, operating systems, and tools that simplifies the delivery of interoperable solutions. He talks about the players behind this new specification and what they’re doing to support it. He shows how the specification enables scalability and cutting-edge connectivity, manageability and security across applications. And he explains the framework’s role in helping support solutions designed to turn big data into business intelligence.


Download the article now to learn how you can use this framework to streamline the development of your designs for the Internet of Things.

NFV (Network Function Virtualization) was obviously one of the hottest topics at MWC 2013. Several use cases were demoed by tier-1 platform vendors, telecom equipment manufacturers, service providers and operators to show the benefits of the NFV concept.


These use cases can be classified into two categories. The first one is the migration of functions traditionally located in at the customer premises into the operator’s infrastructure.


One example is the concept of a “virtual CPE” that can be applied either to consumer or enterprise markets. The new architecture relies on a very simple CPE (modem, switch and antenna) and all services run on a central server in a virtual network appliance. CAPEX is considerably reduced. Software updates, service configuration, introduction of new services, maintenance are also greatly simplified, so service providers and operators can significantly reduce their OPEX as well.


The cloud RAN (Radio Access Network) concept similarly reduces both CAPEX and OPEX for mobile networks. In the conventional network architecture, each antenna connects to a co-located eNodeB from which traffic is backhauled to the Evolved Packet Core (EPC) over an IP link. With the Cloud RAN approach, however, the eNodeB at the antenna is replaced by a low-cost Remote Radio Head. The digitized RF data is then connected over a fiber link to a centralized Baseband Unit pool in which the baseband processing is performed.


A second category of use cases addresses core network functions. In contrast to the first one, the equipment is already located in the core infrastructure. For instance, virtualizing EPC functions for mobile networks in virtual machines on generic platforms instead of dedicated equipment reduces the CAPEX. Dynamic allocation and management of network resources bring more flexibility and better usage of network resources, thereby reducing OPEX and increasing ARPU.


Will NFV be the real first transformation of the network and telecom business? These different uses cases seem to be very attractive for operators, enabling them to increase their margins and deploy differentiating services faster. To make this happen, end users will also need to see real  reductions in their Internet expenses.


However, all the concepts have to come back to reality. Virtualizing hundreds of CPE or complex EPC functions on a single server requires high performance network bandwidth to be distributed to the virtualized functions. Today, standard virtualized architectures that work perfectly well for computing won’t be able to deliver the required network performance without optimized solutions like our 6WINDGate software. Please check how many software layers a network packet has to go through before reaching an application running in a virtual machine.

With fully interconnected embedded devices now the norm in many factory settings, industrial design teams are implementing predictive maintenance strategies to reduce downtime, lower personnel costs, and increase production. There are basically three different approaches to equipment maintenance in any setting:

  1. Reactive: Run equipment until it fails then repair
  2. Preventative: Periodic shutdown to test and replace worn parts
  3. Predictive: Monitor equipment continually and repair as needed

The goal of predictive maintenance is to pinpoint when a failure is going to occur so that repairs can be made at a convenient time before the breakdown actually happens. Successful predictive maintenance requires real-time monitoring and analysis of important equipment parameters via remote sensors, management tools, and diagnostics along with universal connectivity.


To simplify this remote data collection process, Intel has developed a number of technologies that can be implemented in embedded systems supporting industrial automation applications.  One of the most recent introductions is the Intel® Intelligent Systems Framework (Intel® ISF) to simplify connecting, managing, and securing embedded devices. Intel® ISF combines processor architecture, operating system software, and other tools to create secure, interoperable platforms for intelligent systems.  The framework is built around system processors with Intel® vPro™ Technology (Intel® vPro ) providing built-in hardware support for remote management, virtualization, and platform security functions that can be used to extend the uptime of industrial embedded systems.

Intel® Active Management Technology (Intel® AMT) is a key element of Intel® vPro that enables real-time data collection from production equipment sensors that can be used in predictive maintenance analysis. Intel® AMT delivers certificate-based security allowing remote access to the embedded system for management and security tasks even when the system is powered off. This technology gives device support personnel a low cost technique to monitor operation, perform diagnostics, deliver product training, and manage required software updates from a remote location. In the event of a software failure, Intel® AMT enables a remote boot from an external operating system image over the network even if the system kernel has been completely corrupted. Most of this reboot process can be done with automated scripting and little human interaction which can significantly lower system downtime.

Several members of the Intel® Intelligent Systems Alliance offer off-the-shelf Intel® AMT compatible processor platforms that designers can incorporate into industrial systems to collect the necessary data. For example, the CEQM77 COM Express module family from Intel® Intelligent Systems Alliance member Radisys combines a 3rd generation Intel Core i7 processor and the Intel QM77 Express chipset in a 95mm x 125mm form factor for high performance industrial applications (See figure 1). The CEQM77 supports DirectX 11 and OpenGL graphics, up to 16GB of error correcting code (ECC) memory plus one PCI Express 3.0 x16 PEG port and seven PCI Express 2.0 x1 ports.  The module provides Trusted Platform Module (TPM) support as well as support for Intel® AMT enabling remote access and diagnostics via the Radisys Embedded Software Platform (eSP).


The analysis portion of a predictive maintenance strategy can range from simply verifying that remote measurements are within pre-established limits to much more involved prognostic algorithms. For example, the Center for Intelligent Maintenance Systems (IMS) at the University of Cincinnati has developed a Watchdog Agent Prognostics Toolkit that includes algorithms for neural networks, logistics regression, Gaussian mixture modeling, and statistical pattern recognition that can be used to detect and predict faults in everything from critical factory machinery to human organs (See figure 2). The toolkit adds signal processing and analysis functionality to the LabVIEW system design software suite from Alliance member National Instruments. There are five basic steps in the IMS approach to prognostics: data acquisition, feature calculation, principal component analysis, fault classification and health monitoring, and health prediction.

NI IMS.png

With remote data collection enabled by Intel® AMT in operation, industrial designers can implement multiple condition-based maintenance strategies to foresee equipment failures and reduce downtime. If you are involved in a predictive maintenance project requiring remote equipment management and data analysis, please share your questions and comments with fellow followers of the Intel® Embedded Community. You can keep up with the latest technical articles and product announcements at the Embedded Computing Design archives on industrial systems maintenance.




Solutions in this blog:


Related topics (blogs, white papers, and more):


Warren Webb
OpenSystems Media®, by special arrangement with the Intel® Intelligent Systems Alliance

Radisys and National Instruments are Associate members of the Intel® Intelligent Systems Alliance.


Many communication systems have the same requirements as military data processing and digital signal processing systems. Often commercial solutions can be used to solve challenging packet processing and digital signal processing (DSP) problems in military applications. Many sensors used for signal processing collect and process the signals before packetizing the data, similar to the way signals are processed and packetized in communication applications.


In the past, these processing functions have often required special-purpose hardware such as discrete Network Processing Units (NPUs), digital signal processors (DSPs), co-processors, or field-programmable gate arrays (FPGAs). However, recent enhancements to Intel® architecture processors, together with advanced software, are providing developers a viable alternative, whereby they can use a single blade architecture for consolidation of all their application, control, signal, and packet processing workloads on Intel® architecture. Intel processors such at the Intel® Xeon® E5-2400/2600 are ideal choices for data intensive packet processing.


Improvements in multi-core architectures combined with the latest DSP capability in Intel’s Advanced Vector Extensions (Intel® AVX) and the packet processing software enhancements provided by the Intel® Data Plane Development Kit (Intel® DPDK) make Intel® architecture increasingly attractive. Additionally, by consolidating DSP and packet processing with other workloads on a Intel® multi-core processor, it is possible to reduce hardware costs, simplify the application development environment, and reduce time to market—with all the factors combining to reduce overall total cost of ownership.

Emerson Networking Power Embedded Computing, a Premier member of the Intel® Intelligent Systems Alliance, with extensive experience in the telecommunications industry and the defense industry, has seen the potential for using Intel processors combined with AVX and the DPDK in the role of a signal and data processing. At Embedded Tech Trends 2013, Emerson Networking Power Embedded Computing proposed a model using an AdvancedTCA blade-based platform as a solution for challenging DSP and data processing military applications.


They list the following benefits to using AdvancedTCA for DSP and packet processing:

  • AdvancedTCA blades efficiently supply many processing cores and adequate memory.
  • Multi-core Intel® Xeon® E5-2400/2600 processors that are well suited to process complex data.
  • 40G Ethernet direct connection between the AdvancedTCA fabric and the processors
  • Inherently rugged nature of blade-in-chassis design suitable for rugged benign environments such as shipboard, manned airborne, or transit case applications.
  • AdvancedTCA is an open standard with many suppliers.


The Emerson Networking Power Embedded Computing model combines the best of AdvancedTCA with the Advanced Vector Extensions for performing DSP algorithms and the DPDK for data packet processing to construct a platform ideal for demanding signal processing.


Inbound packetized sensor data enters into the AdvancedTCA switch over 10G (40G in the near future) fabric where flow control software on the ATCA switch flows the data to the appropriate processor board that can perform the DSP algorithms before being routed over the fabric to outbound destinations.


In a typical scenario, an application running in the control plane of the processor board, along with flow control software ensures that the data is directed to the correct destination. Algorithms to process the data are assigned and dispatched to specific threads on specific cores within the processor by the control plane application. Packet processing extensions defined by the DPDK eliminate interruptions in the operation of the algorithms. With the assistance of AVX, the DSP algorithms are completed without interruption. The control plane application steps in again to direct the results to the next destination. For instance, to another thread running a different algorithm, to a different processor board, or out of the system through the fabric switch.

Emerson Image.jpg

The main goal of the Intel® DPDK is to provide a fast simple framework for fast packet processing in data plane applications. The DPDK is freely available from Intel to developers. Developers may use the code to understand some of the techniques employed, to build upon for prototyping or to add their own protocol stacks. Alternative ecosystem options that use the Intel® DPDK are available.


The Intel® DPDK is designed to operate with Intel® Xeon® class processors. It provides optimized data plane libraries and optimized drivers that operate in user space. It operates under Linux, which separates high level control functions from algorithms running as threads on specific dedicated processor cores, splitting the load to run efficiently in the multi-core environment. The DPDK has a low overhead run-to-completion model that is optimized for the fastest possible algorithm performance.

Additional libraries and drivers in the Intel® DPDK provide support for data packet processing:

  • Memory Manager (huge page tables to optimize performance)
  • Buffer Manager (optimized memory allocation tool that eliminates need to lock)
  • Queue Manager (manage incoming and outgoing data to the cores)
  • Flow Classification (IP flow management, optimized around Ethernet controller)
  • Poll Mode Drivers (user mode drivers eliminating interrupts for threads running algorithms)


While the DPDK handles data packet issues, Intel ’s Advanced Vector Extension (AVX) addresses the digital signal processing demands. AVX extends 128 bit SIMD instructions to 256 bits. This potentially doubles floating-point operation performance when using single precision floating-point numbers. Each processor core supports AVX instructions so that the DSP algorithms can be assigned as necessary.


Intel supplies optimized libraries, Integrated Performance Primitives (IPP), for AVX, while optimized Vector Signal Image Processing Libraries (VSIPLs) are available from Intel® Intelligent Systems Alliance members.


Ecosystem Options

The Wind River Systems portfolio of network acceleration solutions is optimized for Intel’s packet processing architecture. Wind River Linux* has built-in high performance optimizations for the Intel® Data Plane Development Kit (Intel® DPDK).

6WIND SA provides packet processing software to meet both the wire-speed performance and time-to-market requirements of mobile infrastructure, network security, high-frequency trading, and deep packet inspection applications. 6WINDGate* typically delivers up to ten times the performance of standard OS networking stacks while maintaining full compatibility with standard application APIs. 6WIND provides the Intel® DPDK libraries pre-integrated within the 6WINDGate software, further accelerating the development process for OEMs.


NASoftware Ltd, in collaboration with Intel, has development conversion tools to help programmers switching from PowerPC/AltiVec to Intel® Streaming SIMD Extensions (Intel® SSE) processors and Intel® Advanced Vector Extensions (Intel® AVX) processors.




Related topics:


Emerson Networking Power Embedded Computing is a Premier member of the Intel® Intelligent Systems Alliance.

Wind River Systems is an Associate member of the Intel® Intelligent Systems Alliance.

6WIND SA is an Affiliate member of the Intel® Intelligent Systems Alliance.

NASoftware Ltd is an Affiliate member of the Intel® Intelligent Systems Alliance.


Jerry Gipper

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Editorial Director, OpenSystems Media, VITA Technologies

Mobile data demand is growing more quickly than operators can deploy new network capacity and mobile operators need to use policy control applications to manage data traffic and ensure subscribers receive appropriate quality of experience (QoE). QoE is a more subjective measure than quality of service (QoS) and requires a more sophisticated approach to policy control and quality measurement and analysis.  To ensure adequate QoE for subscribers, operators need to do more than just implement basic policy enforcement and traffic management.


In this blog I am reviewing a proof of concept from Advantech and Qosmos that extends a deep packet inspection (DPI) platform, used to implement the Policy and Charging Enforcement Function (PCEF),  to also analyze the quality of video passing through the network to subscribers. Advantech is a Premier member of the Intel® Intelligent Systems Alliance. Qosmos is an Affiliate member of the Alliance.. The 200-plus members of the Alliance collaborate closely with Intel® to create hardware, software, tools, and services to help speed intelligent systems  to market.


Mobile Traffic Growth and Quality of Experience

Mobile data traffic is growing rapidly driven by new subscribers acquiring smart phones and existing smartphone users consuming more network bandwidth. Video is the key application driving much of this growth and mobile video traffic exceeded 50% of data traffic for the first time in 2012. The Cisco VNI Mobile Forecast from February 2013 shows mobile device Internet usage growing by an average of 66% per year from 2012 to 2017 to reach 11.2 Exabytes per month.


To meet the growing demand for data traffic Mobile operators are deploying a mix of 3G and LTE services. The PCEF implements operator policies in the 3G and LTE packet core. As mobile bandwidth grows, the PCEF becomes a bottleneck requiring high-performance deep packet inspection and support for 40Gbit/s or greater packet processing. The Intel® Xeon® Processors E5-2600 and E5-2400 Series and Intel® Data Plane Development Kit (Intel® DPDK) are being widely used to implement the PCEF and other elements in the3G and LTE packet core.


Video, voice, gaming and browsing require different network characteristics. By implementing policies that are application-specific mobile operators can increase quality of experience without necessarily using more network capacity. The quality of Video, for example, is dependent on frame rate, delay, jitter, size and codec. By extracting these parameters from the packet stream and analyzing video quality mobile operators can implement policy to ensure appropriate user quality of experience when playing video.

Leveraging DPI for Quality of Experience

Figure 1 shows the Qosmos ixEngine®. The DPI engine is built on top of the Intel® DPDK and extracts metadata and content from the packets flowing through the network. The Qosmos ixEngine® can be used with any Intel multicore processor supported by the Intel® DPDK including the Intel® Xeon® Processors E5-2600 and E5-2400 Series.


The Qosmos ixEngine® supports real-time layer 7 IP flow analysis and identification of protocols and applications based on flow passing and statistical analysis. The Qosmos ixEngine® will extract over 6,000 types of information for up to 1,000 protocols. For video the parameters extracted include frame rate, delay, jitter, size and codec.

Qosmos DPI Engine.png

Figure 1. Qosmos ixEngine®: DPI and Metadata Engine.


The metadata extracted by the Qosmos ixEngine® can be used in a policy control platform to implement application specific policy. Additional content extracted from the packet stream can be used to further analyze application-specific performance. Qosmos has worked with Argon Design and Advantech to develop a proof of concept that uses data extracted by the Qosmos ixEngine® to analyze video quality in the network.


DPI and Video Analysis Applied to Mobile Video Streaming

Figure 2 shows a video analysis demonstration using the Advantech FWA-6510 network appliance and Qosmos ixEngine. The Advantech FWA-6500 acts as a packet generator streaming canned Internet traffic and running a video streaming server for live viewing. Users can browse the server and stream videos through a wireless network connected to an Advantech FWA-6510. The Advantech FWA-6510 is running the Qosmos ixEngine and Argon Design qualmon to capture and analyze packets in real time. The video quality results are viewed through a web browser.

Video Analysis Demonstration using Advantech FWA-6510 and Qosmos ixEngine.png

Figure 2. Video Analysis Demonstration using Advantech FWA-6510  and Qosmos ixEngine.


The Argon Design qualmon recognizes the video streams, and extracts details of the stream and displays them. It also extracts a representative thumbnail from the video stream and analyses the data to assess visual quality and predict when the user device will be starved of data and the user will experience video freeze. This information can then be used to drive application and user specific policy enforcement.


Scalable Solution

The initial proof of concept has been developed using the Advantech FWA-6510 Network Appliance with dual Intel® Xeon® Processors E5-2600 Series and up to eight 10GbE interfaces. Larger systems can be built using an AdvancedTCA (ATCA) platform with up to 12 ATCA blades each integrating dual Intel® Xeon® Processors E5-2600 Series. The Advantech FWA-6510 Network Appliance and Advantech ATCA Blade are shown in Figure 3.

Advantech FWA-6510 and MIC-5332 ATCA Blade Cropped.png

Figure 3. Advantech FWA-6510 Network Appliance and ATCA Blade.




Solutions in this blog:


Related topics:


Advantech is a Premier member of the Intel® Intelligent Systems Alliance. Qosmos is an Affiliate member of the Alliance.


Simon Stanley

Roving Reporter (Intel® Contractor), Intel® Embedded Alliance

Principal Consultant, Earlswood Marketing

Follow me on Twitter: @simon_stanley

People who are under medical care are often at their most vulnerable. The equipment used to monitor, medicate, diagnose, and treat them can’t be.


In the past, medical device security focused on the endpoint—the device itself. But Tony Magallanez, senior systems engineer for McAfee’s embedded sales group, explains that the days of focusing solely on device-level security is over; today’s medical devices need to be at the center of a web of security with multiple layers. “We advocate that concept because it lets you understand what’s happening on the device, and also what’s going on around the device,” Magallanez says. “It’s important because as threats proliferate through the network that surrounds these systems, they become more vulnerable.”


These connected devices may include monitoring equipment within hospitals or in patients’ homes; bedside (wired) or implanted (wireless) infusion pumps that deliver medication; networked radiology and surgical equipment; nurses’ stations, charting devices, and administrative systems; and telemedicine equipment that brings medical care to remote areas of the world. Entire networks that manage vital data and instructions are associated with these devices.


McAfee looks at the vulnerability aspects of everything the network implies, including the device’s physical security, data protection, and encryption as well as the behavior of the people using it, to make sure that the device and the network that surrounds it are secure. This level of security requires a layered approach that blankets the entire network.


Security in layers

While personal health information can be accessed through sophisticated malware, low-tech risks, such as employees who accidentally or deliberately provide access, are just as dangerous. Securing personal health information to meet HIPAA and other requirements demands access control in situations where the device can be vulnerable. That’s especially important with the proliferation of easily accessed (and misplaced) mobile devices, including laptops, tablets, and smartphones. Security also relates to monitoring network traffic, including the sites that employees access on the Internet. Even legitimate sites can be compromised, which can then compromise sensitive data within the healthcare network.


Both the network and individual devices need to be monitored, maintained, and controlled; ideally using automated, 24/7 processes that don’t require the cost and inefficiency of onsite human intervention. McAfee’s Magallanez says, “We’re finding in the hospital space that margins are thinner and thinner, and administrators are trying to be as efficient as possible. Operating costs can be overwhelming.” Even “green” initiatives that are designed to reduce carbon footprint and make operations more energy-efficient can have security implications. For instance, if a threat is identified on a number of devices on the network, but other devices are powered off, historically there wasn’t a way to identify whether the threat had spread without sending technicians to power up, analyze, and patch those devices onsite.


Now administrators can use McAfee’s ePolicy Orchestrator (ePO) Deep Command. The ePO centralized console shows the network administrator where a security threat manifested and the scope of the problem, and defines resources to mitigate the threat. Deep Command uses the Intel® vPro™ Active Management Technology (AMT) to allow secure remote access, even if the device isn’t powered on, which allows the administrator to remotely patch and reboot even large numbers of infected devices.  Deep Command can remotely power systems on, apply security and other maintenance protocols, and power the system back down to ensure safe operation when workers return. This eliminates the need to police employee compliance to security patch instructions, and can work around the 24/7 schedule of healthcare environments.

deep defender.jpg


Balance security and performance in medical devices

The ongoing compromise for device developers is how to balance security and performance requirements. McAfee has successfully deployed new technologies to help developers mitigate risk while optimizing performance. McAfee Embedded Control provides application whitelisting that blocks unauthorized applications and changes on fixed-function devices with very little performance overhead. If the application is attacked or changed, the software locks down the system so the virus is intercepted and terminated before it can run. This provides a high level of security and peace of mind for both the hospital administrator and the device manufacturer. Because of stringent safety certifications (such as the FDA) that restrict changes to certified systems, a change can require the equipment to be sent back to the manufacturer to be reimaged, resulting in service costs as well as loss of revenue while the system is out of use.


Device developers can also take advantage of the Intel® AES New Instructions (Intel® AES-NI) encryption instruction set that accelerates the encryption of data in the Intel® Xeon® processor family and the 3rd-generation Intel® Core™ processor family. Encryption technology historically required the operating system to handle encryption algorithms, which can slow performance. McAfee integrates with the Intel AES-NI to offload the encryption engine to the CPU, with no reduction in performance and with full FIPS 140-2 certification.


Medical Device Innovation, Safety and Security (MDISS) Consortium

Looking ahead, Intel and McAfee, along with leading service care providers, device manufacturers, IT providers, research organizations, and others, are active in working groups of the Medical Device Innovation, Safety and Security (MDISS) Consortium. MDISS is focused on optimizing the relationship between the quality of healthcare and the process of assessing and ensuring that devices and systems are secure and functioning safely and appropriately. While MDISS is not a standards organization, its goals include the development of security best practices for safe, secure medical devices and associated networks.



Solutions in this blog:

Related topics:


McAfee is an Associate member of the Intel® Intelligent Systems Alliance.


Cheryl Coupé

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Freelance technology writer and editor

Today’s cars are so complex electronically that they’re perhaps best thought of as mobile computer networks. The cars of tomorrow—which are already starting to appear today—will be increasingly connected—to the Internet, to each other, and to roadside wireless infrastructure.

The U.S. Department of Transportation (DOT) has designated IEEE 802.11p as the basis for Dedicated Short Range Communications (DS_RC), by which a vehicle can communicate with other vehicles and roadside infrastructure. DSRC enables cooperative cruise control—cruising as part of a pack on the freeway—as well as collision avoidance, electronic road pricing and toll collection, electronic parking payment, and even braking for a red light that you may not have noticed. Beyond paying for tolls and parking DSRC could turn your car into a 4-wheeled wallet, enabling you to drive through your favorite fast-food or coffee outlet without having to dig out your credit card.


In order to provide all the functionality in your car of your smart phone—including navigation, communication, multimedia, gaming, and location-based services (“Where’s the nearest Italian restaurant?”)—the average new car may have as much as a mile of wiring inside and contain over a hundred separate electronic control units (ECUs) that communicate over a variety of networks and buses. Add to that all the cool functionality that DSRC can enable and the system gets exceedingly complex.


The very complexity of in-vehicle infotainment (IVI) systems raises serious security issues, since you’re connecting systems with consumer-grade security with mission-critical systems that control the operation of the vehicle.


Getting on the bus
One weak point is the CAN bus (Figure 1), over which the various ECUs communicate. While devices on the bus may be secure, the bus is not—which means the system as a whole is not. CAN is a message-based protocol with no built-in security features.


Figure 1: The CAN bus ties together most automotive electronic control units (ECUs).


A couple of years ago the Center for Automotive Embedded Systems Security (CAESS) demonstrated the fragility of the underlying system structure. They connected a packet sniffer to the On-Board Diagnostics II (OBD-II) port to analyze CAN bus traffic. Using a wireless link they were then able to use that information to start and stop the car, race the engine, lock individual brakes, unlock the doors, and pretty much control the entire car.


Taking their hacking to the next level the CAESS team was then able to take over control of a vehicle remotely through its telematics system. They demonstrated that it’s possible to hack a car with malware inserted into an MP3 player or transmitted over a Wi-Fi connection. Devices relying on an 802.11p wireless connection may be particularly vulnerable.


Virtual IVI
While standards bodies are working on protocol vulnerability, auto makers are moving to reduce complexity by having a single ECU handle multiple functions. In these mixed-criticality systems real-time, safety-critical components must coexist with consumer infotainment applications. Developers can meet this goal with Intel® Atom™ processor-based platforms featuring Intel® Virtualization Technology (Intel® VT) and the INTEGRITY Multivisor from Green Hills Software.

“When you’re mixing consumer-grade applications and you want security, you’re always going to have maliciousness or just software that doesn’t work the way it’s supposed to,” explains Robert Redfield, Green Hills’ Director of Business Development . “That’s why you have to start at the very lowest level of software. If you’re going to have virtualization, it has to be at the microkernel level.”


Figure 2: INTEGRITY Multivisor securely partitions off guest operating systems from mission-critical applications.


INTEGRITY Multivisor is both a secure Type-1 hypervisor and an RTOS. At the heart of INTEGRITY Multivisor is a certified microkernel that provides trusted partitioning of guest operating systems, applications, and peripheral driver software (Figure 2). Multivisor supplies only a minimal set of critical services, such as process management, exception handling, and interprocess communications. Multivisor is the only code that runs in supervisor mode, while the overlying operating systems and applications run in user mode, accessing only those resources deemed appropriate by the system engineer. For example, Multivisor will prevent a guest operating system from accessing physical memory beyond what was originally allocated to the guest’s virtual machine. This prevents a stack overflow, which malware can use to take over control of a system.


To address the security issues mentioned earlier, “You would put the drivers for the CAN bus and the Wi-Fi and the cellular radio in the mission-critical part of the operating system,” continued Redfield, “where they’re under the control of Multivisor. Multivisor is built on the most highly certified real-time operating system on the planet, that is INTEGRITY. So if you put one of those communication drivers in its own partition, if something goes wrong it’s contained.”


Complete IVI platform
Mission-critical applications need to operate in near real time, which is made possible by Intel’s AtomTM processor. Intel AtomTM N2000 and D2000 processors (codename Cedar Trail) provide hardware-accelerated virtualization. Intel® Virtualization Technology (Intel® VT) speeds up the transfer of control between the hypervisor and the guest operating systems; it assists in trapping and executing certain instructions for the guest operating system, thereby accelerating performance. Intel VT is optimized for maximum virtualization performance, and its on-chip GPU accelerates 3D graphics to one or more screens while making minimal demands on the CPU.


The combination of INTEGRITY Multivisor and an Intel Atom processor provides a secure IVI platform that can run multiple guest operating systems and protected real-time applications simultaneously, using secure partitions to ensure real-time responsiveness and fault tolerance (Figure 3).


Figure 3: The combination of INTEGRITY Multivisor and an Intel Atom processor provides a secure IVI platform.



Solutions in this blog:

Related topics:


Green Hills Software is an Affiliate Member of the Intel® Intelligent Systems Alliance and plays a critical role in developing and delivering robust operating systems with virtualization and advanced development tools and embedded solutions for embedded markets such as automotive, industrial, medical, military/government, and telecommunications.

John Donovan
Roving Reporter (Intel® contractor), Intel® Intelligent Systems Alliance
Low-Power Design
Follow me on twitter: @jdonovan43

Smartphone interfaces have changed people’s expectations for how they interact with computers and other devices, and those expectations have extended even to sophisticated medical equipment. According to Darshan Patel, director of Linux product management for Wind River, Android is starting to show up in almost any kind of medical device that includes a display, from bedside monitors to CT scanners to programming devices for pacemakers. Why? Essentially the same reasons that Android is now the dominant operating system on smartphones.

Wind River Android.jpg

Medical staff and patients are used to the look and feel of Android-based applications, and they want the same advantages in their professional devices as they have in their smartphones, tablets, and even in-vehicle infotainment systems.


Wind River’s Tim Skutt, senior staff technical marketing engineer, says: “The touch interface has become ubiquitous. If we’re going to push equipment out into the non-specialist realm, we need to put that equipment in a paradigm they’re used to.” Medical devices with Android-based user interfaces (UI) take advantage of people’s comfort with touching, swiping, and flipping through menus and options. This familiarity can ultimately make training and usability quicker, easier, and more efficient.


Even though legacy technologies still maintain full functionality, the ease-of-use factor is becoming more important to aid user adoption. For patients, an Android interface on a medical device looks familiar and current, in contrast to traditional interfaces that can feel outdated. This is especially important as medical equipment goes into patients’ homes or is used by other care providers such as physical therapists. With today’s pressures to reduce healthcare costs, patients may be referred to less-costly outpatient care, or may be sent home from the hospital earlier but with devices that allow their care provider to monitor them remotely. In these cases, the patient’s confidence and comfort level with the technology can be an important element in encouraging its regular use.


Even beyond the UI, Android offers advantages for developers, such as programming flexibility, robust computing, built-in sensor interfaces, and built-in communications support, such as Wi-Fi and Bluetooth. For developers who previously used Linux or a real-time operating system (RTOS) with a UI on top, Android offers a quick path to market with a fresh new look. Wind River’s director of engineering Rick Anderson explains that even if developers don’t need all of Android’s “bells and whistles” for their medical device today, the fact that those features are available lets manufacturers explore their options to address new market opportunities.


Android, security, and virtualization

Security and privacy are key issues for any kind of medical software. There’s a wide spectrum of medical device types, however, from those that are primarily designed to view information or handle records, to those that monitor or control medical processes, such as delivering medication or controlling a ventilator. For the first type of product, security is important for privacy reasons (and to meet new patient-protection laws such as HIPAA); for the second, with human lives at stake, security is a critical element. While Android could still provide an excellent UI for these safety-critical applications, virtualization gives an option to provide a rich, graphical UI, but isolate it from functions that control or monitor safety processes.


medical tablet.jpgThe typical approach to virtualization is to have multiple virtual machines running concurrently, using a certified embedded hypervisor to separate them, such as the Wind River Hypervisor that provides rich safety-certification evidence. Another approach, for non-safety-critical applications, is lightweight partitioning. This allows developers to isolate processes that don’t need to run simultaneously. For example, a doctor who uses a tablet for personal and diagnostic purposes could use lightweight partitioning to protect medical records from personal files and applications. Or a mobile device that moves with a caregiver from one patient to another could provide access only to the records for the patient in the current room, then remove access to those records when the device is taken to another room with a different patient.


Android on medical devices also brings requirements beyond the smartphone

For all its benefits, developing medical devices with Android—as with any operating system—also brings challenges. Quality assurance, compliance to medical standards, and long-life version support are all critical elements for a medical device, and developers may need to add unique market-specific functionality beyond the operating system (OS).

Anderson explains the number one misconception developers have about Android and medical device development: many believe that because Android is open source, they can grab it and they’re almost done. “Like any other operating system project, Android is a starting point, that’s all,” Anderson says. “The version that Google releases is ever-changing, and it’s not hardened well enough for critical industries like medical.”


Wind River offers a range of products and services to make Android more appropriate for medical devices, and more efficient for developers. The Wind River Platform for Android is a “hardened” OS release that has been rigorously tested for specific hardware platforms, and that will be maintained for the long lifetime of certified medical devices. This is a commercially supported OS that incorporates the latest Android open source project software and optimizes it for performance so that developers can immediately innovate to meet their application-specific needs.


Wind River also offers a set of market-specific “Solution Accelerators,” including the Solution Accelerator for Android, Medical that helps speed time-to-market, supports product differentiation, and solves challenges that are unique to the medical market. These add-on software components follow the Continua Health Alliance guidelines to help device manufacturers build personalized, interoperable, and fully compliant products. For example, the Continua Health Alliance specifies the use of IEEE 11073 as the standard format for information exchange between personal health devices. The Wind River Solution Accelerator for Android, Medical supports the IEEE 11073 stack for sensor devices that include pulse oximeters, heart rate and blood pressure monitors, thermometers, scales, glucose meters, and a range of activity, fitness, and medication monitors. The Continua Health Alliance also establishes the Bluetooth Health Device Profile (HDP) as the wireless transmission protocol between devices, which is integrated into the Wind River Solution Accelerator for Android, Medical to provide interoperability between Android devices and medical sensors.


Finally, the Wind River Professional Services Medical Practice provides a full range of services for customers to help them develop compliant, safe, and secure connected medical devices and systems. Anderson explains that medical customers need their technical problems solved, just like customers in any other segment. But because medical software has to meet stringent quality and security requirements, Wind River can add value with its established processes and tools, and long years of experience working with certification bodies such as the FDA.


Android offers opportunities for innovation

These products and services address the second misconception that developers have: that Android doesn’t have a place in medical devices. Even a year ago, that might have had some validity, but not anymore. Anderson says, “The reality is, if you do the right things with Android: raise the quality level, take out what’s not needed, and add security and isolation, you have a very robust platform for medical devices.” Anderson adds one final thought about Android misconceptions in medical: the belief that if a developer puts Android on a medical device that it has to look like phone or tablet. The reality is that Android is already present in many devices, such as automotive dashboards and wristwatches, that don’t look like a tablet or smartphone. With Android’s customization capabilities, medical device developers can take their creativity and innovation to a whole new level.


LEARN MORE>>            

Solutions in this blog:

Related topics:


Wind River is an Associate member of the Intel® Intelligent Systems Alliance.


Cheryl Coupé

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Freelance technology writer and editor

Filter Blog

By date:
By tag: