Skip navigation

The Problem


According to a Defense Science Board analysis of 32 major automated information system acquisitions, the average time to deliver an initial DoD program capability is 91 months once funding is approved. This is two to three times the average industry IT refresh cycle time, making it difficult to keep pace with user needs and technology evolution. (Department of Defense Cloud Computing Strategy)

The U.S. Department of Defense (DoD) recognizes that they have a problem keeping up with technology and as a result is embracing a strategy for cloud computing. The DoD Cloud Computing Strategy is the official published document that lays out the groundwork, consistent with the broader Federal Cloud Computing Strategy, for accelerating cloud adoption in the Department. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

DoD Cloud Computing Goal

Implement cloud computing as the means to deliver the most innovative, efficient, and secure information and IT services in support of the Department’s mission, anywhere, anytime, on any authorized device.

DoD Strategy


The DoD strategy can be summarized as follows:

  • The DoD Cloud Computing Strategy introduces an approach to move the Department from the current state of a duplicative, cumbersome, and costly set of application silos to an end state which is an agile, secure, and cost effective service environment that can rapidly respond to changing mission needs.
  • The DoD Enterprise Cloud Environment includes separate implementations and data exchanges on Non-secure Internet Protocol Router Network (NIPRNet), Secure Internet Protocol Router Network (SIPRNet), and Top Secret Sensitive Compartmentalized Information (TS SCI) security domains.
  • All cloud services must comply with Department Information Assurance (IA), cybersecurity, continuity, and other policies. The Department will leverage commercially offered cloud services that offer the same or a greater level of protection necessary for DoD mission and information assets. [Department of Defense Cloud Computing Strategy]

One can sense how the DoD wants to leverage current commercial enterprise and consumer cloud computing technology to their advantage. The DoD recognizes the value of a cloud computing strategy but also is clearly aware of the pitfalls that may interfere with mission imperatives. The Department is reducing the number of data centers from about 1,500 to “a number far below that,” Robert J. Carey, Deputy Assistant Secretary of Defense (Information Management, Integration and Technology) / Department of Defense Deputy Chief Information Officer, said, and is implementing a coherent and consistent architecture across thousands of computing environments.


The DoD has identified specific cloud computing challenges that require careful adoption considerations, especially in areas of cybersecurity, continuity of operations, information assurance (IA), cybersecurity, and resilience. Additional challenges include service acquisition and funding sustainment, data migration and management, and overcoming network dependence at the tactical edge (where users are often Disconnected, Intermittent and Low-bandwidth (DIL) users).

DoD Cloud Computing Strategy Figure 1.png

DoD Enterprise Cloud Environment


The move to consolidated data centers is guided by the National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, and the NIST Cloud Computing Standards Roadmap. Leveraging the NIST guidance, the DoD Cloud Reference Architecture includes a modular infrastructure that scales up for deployment within large, Continental United States (CONUS) data centers and scales down to offer containerized and small footprint computing resources in regional facilities and deployed tactical edge environments.


DoD Cloud Computing Strategy Figure 2.png

Consolidated Core Data Centers will Form the Basis of the Enterprise Cloud Infrastructure


The DoD wants the same costs savings already realized by commercial enterprises. In data center operations, this should be a relatively easy goal to achieve. Where it gets a bit more challenging is with deployed tactical edge environments where the deployed platforms are more heterogeneous. Multi-service defense systems have widely varying missions with many unique needs. The DoD has always faced a challenge getting the various armed services to work together to develop common platform strategies. I just don’t see this going away anytime soon, leaving the door open for a wealth of divergent platforms.


Key elements from the DoD Cloud Computing Strategy that most impact Intel Intelligent Systems Alliance members center around efforts to optimize data center consolidation. The Department wants to reduce hardware footprints in data centers by implementing server virtualization and infrastructure-as-a-service. Data centers throughout the DoD will be consolidated into smaller, core data centers that will reduce the number of different hardware platforms, resulting in savings in equipment, facility, and operational costs. Information security is another key element that will require support from both hardware and software suppliers before their products can be implemented as part of this strategy.




I looked at Intel® Intelligent Systems Alliance members with enterprise solutions and cloud computing initiatives to determine how they are addressing my questions. Here are some of my observations.


Dell believes that cloud computing is not a technology but rather a strategy. Federal agencies have the same IT needs and opportunities as their private sector counterparts, but they demand a different approach. Dell is committed to developing solutions that match business vision and drive them forward with maximum flexibility and minimum risk. They work with customers and organizations to build on technologies and processes already in place. Dell Federal Government Solution’s case-by-case approach is used to determine the right technology and services for an agency, including cloud computing, data center modernization, employee mobility initiatives and cybersecurity.


Hewlett-Packard appears to be more aggressive with a cloud computing strategy focused on federal government needs. They already manage and secure two of the largest intranets in the world for the U.S. Department of Navy and UK Ministry of Defense. HP Cloud Services for Government clients can select from of an array of HP’s commercially available cloud offerings as well as those designed to meet specific Public Sector needs. HP cloud sourcing options include Private Cloud, Virtual Private Cloud (enterprise-class, managed, highly secure multi-tenant cloud), Public Cloud services, or a combination.


Microsoft approaches cloud computing as a way to help customers take a key step toward better business agility, economics, and user experiences. The cloud presents an opportunity to redefine the role IT plays in implementing a business’s strategy. Microsoft Cloud Computing for Government provides scalable, on-demand cloud computing services to help government organizations focus on mission-critical objectives, while helping to reduce IT costs.


Oracle provides aerospace and defense organizations with a complete, open, and integrated suite of business applications, server, and storage solutions engineered to work together to optimize every aspect of their business. Oracle Cloud Computing Services provides enterprise-grade cloud solutions, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS).


Intel launched their Cloud 2015 Vision to help businesses implement cloud computing solutions that are federated, automated, and client-aware. This vision offers the promise of swiftly responding to the demands of users. With federated clouds, IT can rapidly scale computing resources, while client-aware clouds enable the delivery of optimized applications to end-user devices. Intel Cloud Builders is a cross-industry initiative aimed at making it easier to build, enhance, and operate cloud infrastructure. Here you will find an extensive library of cloud computing tools and solutions in the Cloud Builders Reference Architecture Library.


Intel delivers leading foundational technology that improves your ability to optimize, scale, and better secure your server, network, and storage infrastructure. Intel provides practical implementation guidance and tools, including proven reference architectures from more than 50 leading systems and solutions providers.




From what I can discern, there does not appear to be any significant change in strategy for Intel Intelligent Systems Alliance members that are supplying commercial enterprise products that is driven by the DoD Cloud Computing Strategy. Since the DoD is placing a heavy emphasis on using commercial grade equipment, they are not necessarily looking for the suppliers to do anything beyond what they do to support commercial initiatives or current needs for specific operational conditions. Security is a top priority for nearly all user types of cloud computing and is clearly reflect in the DoD plan. The DoD does have some unique mission critical needs that they address through mission networks that are special purpose with their own cloud computing services, especially in edge environments.


All of the companies reviewed have federal government or defense and aerospace business units in place that are already key contributors to the DoD strategy. They all have solid commercial enterprise solutions and a focus on cloud computing. Most have government cloud computing called out as part of their overall strategy.


Fortunately, for most Intel Intelligent Systems Alliance members, cloud computing neutralizes many hardware and software dependencies. With security, interoperability, and portability cited as major barriers to broader adoption, the opportunities for alliance members to contribute to the cloud computing strategy remain high. Most of the members focus on products that are used in edge devices so having fast wide-area network access is the single most important aspect for participation in any cloud computing strategy. These members should be aware of what is going on in the big picture, especially as it relates to the barriers to be sure that they can take full advantage of future opportunities.


The DoD Cloud Computing Strategy was published in July of 2012. It is evolving and should be studied if you are serving this market.


Learn More


Related topics:


Dell is a Premier member of the Intel® Intelligent Systems Alliance.

    Contact Dell>>

Hewlett-Packard is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Hewlett-Packard>>

Microsoft is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Microsoft>>

Oracle is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Oracle>>



Jerry Gipper

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Editorial Director, OpenSystems Media, VITA Technologies

by Tom Starnes

Digital signage can be so much more than a PC behind a large monitor mindlessly looping through a PowerPoint presentation.  Adding a few buttons along the side may give the viewer a chance to re-direct the program to another series of slides, but this interaction is fairly limited and dependent upon the viewer for explicit inputs.  More exotic software is being developed that distinguishes digital signage as a truly new, exciting product category.  This "more aware" digital signage senses enough about a passer-by to better attract and engage the person to stop and pay attention to the signage without their having to do anything.  The system can keep better track of how engaged viewers of the signage are, allowing the operators to fine-tune the messaging to specific categories of people.


Such software enhances the experience for the passer-by, who is a potential customer.  Sensing and analytics can better match products and messages to viewers, greatly improving the effectiveness of messaging.  Remote management lets real-time updates be made conveniently to a widely distributed network of signs.  The Intel® Audience Impression Metrics Suite (Intel® AIM Suite) establishes a base platform blending viewer sensing with analytics, which can increase effectiveness for the display and make a very positive impact on profitability for a store.


Know Your Audience

The AIM Suite adds intelligence to digital signage by detecting characteristics of the viewers of the signage on a moment-by-moment basis so the content being shown can be adjusted to better fit the viewer's likely interests.  Just the presence of people looking at the sign can trigger software to jump into action.  With AIM, that action can be a carefully planned sequence based on characteristics gathered about the viewer to better target their potential interests.  Showing women's clothing to male viewers is not likely to generate a sale.  Younger people often look for different things in the same products than older folks do.


Some fairly basic information about people in front of the digital signage can be quite useful.  Is the person male or female?  Are there children, teenagers, adults, or seniors?  Are they passing by or pausing to look, and for how long?



Part of the AIM Suite software runs on the local digital signage hardware, classifying people viewing the sign by using Anonymous Viewer Analytics (AVA).  Optical sensors on the display feed images to the processor which are analyzed to find faces in the image that are turned toward the display.  Size, shape, and relationship of key features of faces and bodies in the frame are evaluated to determine how many people are there, how far away the subjects are, and whether they are facing the display.  This is similar to what is done to determine focus and exposure in some digital cameras.  The height and proportions of people help classify their age group.  Bright and dark spots are evaluated to assess gender and age.  Patterns that look like facial hair or a bald head are an easy indicator of men.  Tracking the movement of subjects in the frame over time gives important information about whether people are paying attention to the signage or just passing by.


stop watch.JPGPeople lingering at the signage, facing the display, are probably interested in the subject matter (or at least curious enough to see what will come up next).  If a person moves away after a few seconds, the follow-on image may have soured the person to the subject. A pattern of such abandonment may indicate that more work needs to be put into the follow-on image or the flow of the messaging.  Was it too much information or just repetitive?  Maybe this was the point where available colors or styles should have been shown.  It might be time to start spelling out key features.


Intel is quick to highlight two important points about how the AIM software evaluates images.  One is that it does not store any personally-identifiable information, and the other is that it uses algorithms developed to broadly classify people, not techniques that are designed to identify individuals as one might do looking at drivers licenses.  Words like face detection, facial representations, audience characteristics, audience detection, demographics, and indications are used rather than facial recognition, matching, or identification.  Privacy should not be a concern here.


These systems are not trying to pick out return shoppers, but are hoping to avoid wasting time showing peek-toe pumps (these are shoes) to men or socket wrenches to senior women.  Guys can get the creeps walking through the ladies underwear department, which we're inevitably forced to do.  Broad generalizations may imply certain biases that can be wrong, but their use is common in general merchandising.  TV advertisers don't need to know that John Smith at 123 State Street watched the latest reality show, but they do want to know how many 18- to 49-year old females tuned in.


Knowledge of the makeup of the audience is key to effective advertising.  The subject matter as well as the presentation are important for getting through to the audience.  Action and music may grab the attention of younger viewers, but a more businesslike attitude may work better on some men.  Fun and fashion may rule over facts and figures.  Some groups are captivated by a lot of quick pictures, while others prefer slower-moving traditional imagery.  It seems that pink versus blue is over-the-top for gender affinity, but such matters are beyond the author's forte.


The data gathered may not be perfect, but it will still provide insights by its volume.  Hats, glasses, and bulky clothing may give false classifications.  Three girls facing the sign may be talking to a fourth whose back is to the sign.  They may be paying no attention to the sign at all and soon wander off.  But if the products, music, and style of the images on the sign changes to something closely targeting teenage girls, the signage may soon catch their attention – exactly the intention of the digital signage – and a sale or three may be imminent.

Rebuilding Brick-and-Mortar

Computer-based kiosks and digital signage can bring shoppers back to brick-and-mortar stores to browse, learn about products, and make their purchases right then and there. In recent years shoppers may have tried to do it all sitting at home on the Internet, stuck with only whatever information they could dig up there.  Then after a few day wait for delivery of their order, they might find it wasn't what they had expected or it didn't fit.  Interactive digital signage can bring the best of both worlds together at the local retail store.


While you can't go to the store in your pajamas, networked digital signage and kiosks can bring the wealth of information available on-line to a point in the brick-and-mortar store, near the merchandise and where a real person can help when the prepared information falls short.  Shopping for clothing on-line, a person can see all the styles, colors, and sizes that are available.  The in-store digital signage has the same capabilities when connected to a real-time database.  Enhanced with the intelligence gained from the AIM Suite, the display and messaging should be more effective at offering suggestions than a user-driven browser.  The added benefit in-store is that the shopper can immediately go see the actual clothing, feel the cloth, make sure the color is just right, check the workmanship, try it on to see how it looks, and narrow down the best size.  olbnm.PNG


Shopping instead for new consumer electronics, after checking out detailed feature lists and comparisons and perhaps seeing a demo of a function or two from digital signage in a store, a patron can walk over to an actual system and try it out.  How do those buttons feel?  Is that screen bright enough?  Can you feel that bass in your bones?


The key is that the resources of the digital signage can give the depth of information available on the Web that isn't on the package label or the placard on the shelf and might be difficult for a clerk to keep in mind for each product.  Computer-driven signage can present information accurately, hitting the best selling points, fine tuned for the shopper according to characteristics determined by the AIM Suite.


The physical store gains two big advantages over pure Internet shopping.  One is that a real person is available to answer questions, address negatives, demonstrate personal favorite features, and redirect to a better choice.  A nurturing salesperson may still be needed to "bring home the sale," including assuaging concerns about the price, but on-line retailers don't get that human touch – the last ditch "are you sure?" banner when a person clicks off on their Web browser is pretty desperate.  Even if the sale is lost, a live salesperson should at least come away knowing why.


The second advantage is that of instant gratification.  Five minutes later, the store customer can be driving home with the new dress, sunglasses, or audio gear and can be showing it off later in the day.  If the party is tonight or the water heater breaks, it can be a long two days waiting for the delivery truck to arrive.  Again, a good salesperson will work this advantage.

For Your Information

Situations suggested here have mostly been set in a retail environment, but the concepts also work in many other applications.  Increased sales may not be the direct goal of all applications, but digital signage taking advantage of the AIM Suite will improve effectiveness in more informational applications.  Engaging the viewer is the key, and the better the system can classify the viewer, the better it can present the information in an easily digestible way.


Digital signage in museums, guidance, tourist information, and training all should be as useful as possible.  More text. Lists. More audio. More pictures. More animals. More action. Music. Fred Astaire, John Travolta, or Psy?  More interactivity.  Simpler verbiage. More diagrams. Senior discounts, wheelchair accessible. Highlight neighborhoods, colleges, museums, restaurants, or bars?  Matching content and presentation to the viewers can improve how readily information is absorbed in most applications.  Effectiveness on some applications might be measured by how quickly viewers leave the signage rather than how long they linger there.  After all, nobody wants to miss the train because they were still trying to figure out which train to be on.


Tools of the Trade

The Intel AIM Suite 2.2 is the current version of the software.  Hardware based on 3rd Generation Intel® Core processors will provide the highest performance, quickest response, and most dynamic graphics for the content.  With a 60% improvement in graphics performance over Sandy Bridge, many systems were able to eliminate independent graphics processors from the works.  As always, buzz of even greater CPU capabilities is on the horizon.



For content creation, Flypaper offers the Intel OPS KIT which lets users develop and then manage Flash, video, and other media-rich content for digital signage.  The Intel AIM Suite is integrated into this software with an AVA Component which lets the producer define their own rules within the content.

Take Aim at Customers with Digital Signage to Improve Brick-and-Mortar Sales

Digital signage takes a step forward using optical sensors with Anonymous Viewer Analytics in the Intel® Audience Impression Metrics Suite to characterize potential customers to better target them with appropriate messaging.  The AIM Suite is a starting point, but hardware and additional software needs to be assembled for a fully managed system, and significant creative content will need to be developed for individual applications.


Learn More

Solutions in this blog:

Related Topics:


Kontron is a Premier member of the Intel® Intelligent Systems Alliance.

    Contact Kontron>>

Lanner is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Lanner>>

Venture is an Associate member of the Intel® Intelligent Systems Alliance.

    Contact Venture>>

Flypaper is a General member of the Intel® Intelligent Systems Alliance.

    Contact Flypaper>>

Both law and logic dictate that networked transportation systems must be as secure as possible. In a previous post we explored Positive Train Control (PTC), a computerized system for monitoring and controlling the movement of trains. These are typically proprietary mission-critical wireless systems that utilize the 217-222 MHz band. They’re not open to the public, and—needless to say—not easily hacked.


There are other transportation systems—for trains, buses, heavy industrial equipment and other rolling stock—that aren’t part of a closed control loop and that utilize widely available commercial interfaces, including Wi-Fi, 3G/4G cellular, USB, Ethernet, RS232 and RS485. These are non-mission critical systems that may include passenger counting, asset management, and GPS location.


“One example is a project we’re doing for DC Metro,” explained Kurt Hochanadel, Corporate Product Marketing Manager at Eurotech. “They have a wear leveling project where we’re reporting the wear level on the wheels of the trains. We’re actually on the wheels, measuring wear and reporting to their back-end asset managers through a Wi-Fi access point technology. There are access points at depots and stations; we supply a secure, encrypted channel to the Wi-Fi and also a secure connection to the server, so it’s double encrypted [using] IPsec and VPNs. We’re using standard tools that provide the best security in the marketplace and not trying to build something from scratch.”


The heart of Eurotech’s DC Metro system is the DynaVIS 10-00 (see Figure 1), a compact, rugged mobile display computer. The DynaVIS 10-00 features a 5.7” VGA touchscreen and connectivity through Wi-Fi, 3G cellular, and Gigabit Ethernet. It’s powered by a 1.10 GHz Intel® Atom Z510PT processor with 512K cache and 400 MHz FSB and an Intel® System Controller Hub US15WPT Chipset (Intel(R) SCH US15WPT). . The device is housed in an IP65-rated enclosure and features high-end rugged connectors that provide long-term reliability in harsh environments.


Figure 1: The Eurotech DynaVIS 10-00 is an Intel® Atom processor-powered
rugged computer designed for use in the transportation industry.


The DynaVIS 10-00 is EN50155 certified—the European standard for "Railway Applications—Electronic Equipment Used On Rolling Stock”, which covers the extended operating temperature range (-25/+70 degrees Centigrade), plus resistance to the humidity, shock, vibration, and radiation encountered in vehicle or airborne installations. When asked about automotive applications, Hochanadel replied that rail requirements “are substantially more robust than for automotive. There are a lot of different applications in transportation—basically all your typical logistics. The DynaVIS 10-00 is an onboard computer that talks to all your interfaces and all your equipment.”


Secure by Design

On the software side the DynaVIS 10-00 runs Wind River Linux 3.0, from which it derives many of its security features. According to Hochanadel, “Typically most applications start from a Linux environment and meet the security requirements from that standpoint. Most of the security is done using standard IP tools utilizing SSL and SSH encryption.” Wind River Linux provides a secure and robust environment for the rest of the applications.


Security starts at the operating system level. Wind River Linux includes SELinux as a Linux Security Module (LSM), a piece of the kernel that arbitrates access to all systems resources based on security policies as well as a collection of tools for developing, debugging, and enforcing those policies. Wind River Linux also includes advanced preemptive security technologies such as run-time stack and buffer overflow protection as well as a complete intrusion detection and prevention system.


At the protocol level older Internet security systems, including the Secure Socket Layer (SSL), Transport Layer Security (TLS), and Secure Shell (SSH)—all of the DynaVIS 10-00 also supports—are implemented at the application layer of the Internet protocol suite. In contrast Internet Protocol Security (IPsec) is implemented at the Internet layer, where it can provide seamless end-to-end security between hosts and networks.

Implemented in both IPv4 and IPv6, IPsec can operate in both Transport mode—where only the payload of the IP packet is encrypted and the routing is left intact—or Tunnel mode, where the entire IP packet is encrypted and inserted into another packet with a new IP header. Tunnel mode is used to create virtual private networks (VPNs). In either case IPsec implements one of three cryptographic algorithms: HMA-SHA1, TripleDES-CBC, and AES-CBC. The probability of hacking any of these encryption algorithms when implemented with a sufficiently long key is vanishingly small.


Architected for Success

Having been designed from the beginning with Intel hardware and software, the DynaVIS 10-00 supports the Intel® Intelligent Systems Framework (ISF). Designed before ISF was introduced, Eurotech built the system said Hochanadel “with the same kind of componentry as a Java Virtual Machine (JVM) and an OSI framework to provide functionality that’s portable across different platforms.” Eurotech called this its Everywhere Software Framework (ESF). Built around Intel hardware and software and with the same design goals, it’s not surprising that the system is not just “ISF ready” but in fact ISF validated.


Asked why Eurotech chose the Intel architecture Hochanadel replied, “The hardware, software, and tools were more advanced than anything else. Also the price/performance gap favors Intel, as does its ease of wireless connectivity, especially in a Linux environment. Plus most devices have x86 drivers. There are a lot of issues that you don’t have to deal with in an x86 environment.” That’s especially true when everything is designed to work together.

Learn More

Solutions in this blog:

Related topics:

Eurotech is an Affiliate Member of the Intel® Embedded Alliance.

     Contact Eurotech>>

John Donovan
Roving Reporter (Intel® contractor), Intel® Intelligent Systems Alliance
Low-Power Design
Follow me on twitter: @jdonovan43

Recent storms and record high temperatures have put a lot of stress on the power grid. Load shifting, smart meters, and integrating alternative energy sources are all part of the solution. But how do you measure and control what’s happening at all points on a widely distributed power grid, and then how do you coordinate all these technologies in the most effective way? In short, just how smart is the Smart Grid?


Let’s start with measurement. Phasors mean one thing to Star Trek fans and quite another to utility companies.  A phasor is a complex number that represents the magnitude and phase angle of the sine waves found in electricity. By placing phasor measurement units (PMUs) at critical points around the grid utility companies can measure power quality and assess local system conditions, enabling them to respond to local disturbances (see Figure 1) as well as balance power flow over different lines and from different power sources.


Figure 1: PMU data reveal dynamic behavior as the system responds to a voltage disturbance.


For all this to work over a large grid all phasor data is synchronized to a GPS radio clock; phasor measurements that occur at the same time are called syncrophasors. PMUs take voltage and current measurements and then digitize the results using A/D converters. This data is time stamped and sent over the network to a phasor data concentrator (PDC), where it is collected and sent to a computer to be analyzed by the  a Supervisory Control And Data Acquisition (SCADA) system at a central facility.

Synchrophasors enable a flexible, efficient smart grid by utilizing distributed measurements to maximize transmission efficiency and minimize outages. However, a major obstacle to deploying synchrophasors is the lack of standards for the PMUs that communicate line conditions back to a SCADA system.


Intel, Dell, National Instruments, and OSIsoft are helping overcome this obstacle through a synchrophasor data management solution based on the Intel® Intelligent Systems Framework. This solution combines high-performance PMUs from National Instruments with a Dell 19-inch server rack. The servers run phasor PDC software from OSIsoft that collects and analyzes data from multiple PMUs (see Figure 2). This solution enables advanced visualization, analytics, and early warning systems to help utilities detect evolving disturbances and avoid widespread blackouts.


Figure 2. The synchrophasor data management solution built on Intel® Intelligent Systems framework-based platforms employs high-volume, standard computing systems used across many industries in order to reduce deployment cost and complexity.


The National Instruments PMUs can interface with sensor hardware from a wide variety of vendors and can be updated while deployed on the grid to allow for new communications protocols or more advanced analysis. They’re powered by high-performance multicore Intel® Core i7 processors.


The PMU data from the synchrophasors is delivered to centralized Dell PowerEdge servers, which provide a complete computing, networking, and storage platform with three tiers of scalable storage. The Intel® Xeon® processor-powered servers deliver data in near real time to grid operators.


Grid operators can then manage and analyze the resulting mass of data using OSIsoft’s PI System, enabling them to quickly understand and react to problems. Data security is not an issue as the PI System meets strict North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements.


Key to the success of the NI, Dell, OSIsoft synchrophasor data management solution is the use of standardized, optimized, and scalable hardware and software systems—the heart of the Intel® Intelligent Systems Framework value proposition. The North American power grid is an enormously complex network based on countless proprietary legacy systems. As the network starts to add distributed intelligence, it’s critical that these systems be able to seamlessly communicate and interoperate, not just at the substation level but on a regional  and even national basis.


The Intel® Intelligent Systems Framework provides a roadmap for readily scalable connectivity, manageability, and security based on the use of standardized, well supported hardware and software architectures. With the explosive growth of data that the Smart Grid is starting to generate—and which it requires to operate—a consistent framework for building and connecting devices that interoperate over the Smart Grid is critical to its success.


The use of Intel processors all the way from the National Instruments PMUs doing data acquisition to the Dell servers, storage hardware, networking gear, and client workstations simplifies the integration, connectivity, security, and manageability of an end-to-end solution.


Validated and tested to reduce a utility’s engineering and development costs and risk, the synchrophasor data management solution uses framework-ready hardware to provide the open architecture utilities needed to precisely sync and manage transmission and distribution systems. In addition to helping utilities improve efficiency, the framework-ready components increase compatibility and speed integration. This lets utilities focus on improving energy management instead of struggling to connect, manage, and secure the hardware.


In answer to our initial question, the Smart Grid is quite smart and getting smarter all the time.


Learn More

Solutions in this blog:


Related topics:


Dell is a Premier Member of the Intel® Embedded Alliance.

     Contact Dell>>

National Instruments is an Affiliate Member of the Intel® Embedded Alliance.

     Contact National Instruments>>

John Donovan
Roving Reporter (Intel® contractor), Intel® Intelligent Systems Alliance
Low-Power Design
Follow me on twitter: @jdonovan43

As factory infrastructures transition to cloud compatibility and the number of interconnected intelligent devices grows, a host of company benefits and new business opportunities are possible. For example, the large volumes of data generated from a fully connected enterprise can be used to predict failures, simplify management, reduce support costs, and even generate new revenue streams from smart services. In addition, with cloud-based communications, device manufacturers can offer a variety of after sale services including remote product updates, failure detection, and on-site repairs to reduce customer support costs and personnel.  However, in order to reach the goal of a fully unified manufacturing facility, design teams must overcome a variety of equipment fragmentation problems caused by incompatible connectivity, management, and security technologies employed in an assortment of embedded devices.


To address the fragmentation and product interoperability issues in the intelligent systems market Intel recently announced the Intel® Intelligent Systems Framework. The framework is a set of standard practices for hardware and software development to simplify connecting, managing, and securing embedded devices and data in a standardized, reliable, and scalable manner. With this new framework in place, designers can eliminate the detailed analysis and verification of connections and functionality as new devices are added to a network.  The basic capabilities are provided by software and middleware from Intel, Wind River, and McAfee plus the hardware features of supported processors including Intel® Xeon® Processors, 2nd and 3rd generation Intel® Core™ Processors with Intel® vPro™ Technology, and Intel® Atom™ processors. To verify adherence to the standard practices outlined in the framework, Intel validates hardware and software components from members of the Intel® Intelligent Systems Alliance to build an inventory of Intelligent Systems Framework-Ready Products.


Alliance member Eurotech offers a number of industrial-grade products targeting factory applications that have been tested for readiness with the Intel® Intelligent Systems Framework. For example the Eurotech Helios Programmable Edge Controller provides a flexible hardware platform with enhanced wired or wireless connectivity that enables simplified data acquisition and integration (See figure 1). The controller can be used to collect data from multiple distributed devices, summarize or condense the readings, and then transmit the information to a central processing center. The Helios platform is powered by the Intel® Atom™ Z5xx processor at 1.1 to 1.6 GHz and is programmable to run customer specific application software using Wind River Linux 3.0 or Windows Embedded Standard or Windows CE 6.0 operating systems. Connectivity choices allow users to select wired Gigabit Ethernet or pre-certified wireless modules for cellular, Bluetooth and others dependent upon technology or carrier preferences. Other I/O options include a multimedia card for display and audio, USB 2.0/serial ports, and a GPS system plus antenna.




Eurotech has also developed proprietary technologies that are compatible with the Intel® Intelligent Systems Framework and further simplify intelligent device development. From the communications perspective, the Everyware Cloud is a software platform that provides a simplified method to connect cloud-ready devices to enterprise systems and/or applications (See figure 2). The platform provides a low bandwidth, cloud-based communications, storage, and analysis capability allowing designers to lower network costs with an open and optimized protocol for device data transport. All the platform features are accessible through a standard application program interface (API) interface so that remote machine to machine (M2M) data can be easily integrated with information technology applications. The Everyware Cloud technology enables customers to make on the spot business decisions based on real-time data coming from the intelligence at the edge of the network.


The Everyware Software Framework (ESF) is another Eurotech technology that provides an integrated hardware and software infrastructure to enable application-ready platforms (See figure 3). ESF is an inclusive software framework that puts a layer between the operating system and the customer application, with industry standard interfaces that shorten custom development time, simplify coding, and deliver software that can be easily ported from one Eurotech hardware platform to another.  Device drivers are approached as services, implemented using simple APIs instead of complex code and removing the need to modify low level operating system code or configuration files. Because ESF is based on standardized open software backed by large industry companies, developers can easily port existing applications from third parties to their own devices.


The Eurotech Helios Programmable Edge Controller and software technologies discussed here are excellent examples of industrial products already available from alliance members that are compatible with the Intel® Intelligent Systems Framework. These products allow intelligent systems developers to immediately start extracting value from M2M data and bypass the lengthy verification of interconnectivity, system security, and remote management. You can keep up with the latest products and articles on the Intel® Intelligent Systems Framework at the Top Picks webpage.  If you are ready to start an intelligent industrial automation project requiring remote management and security, please share your questions and comments with fellow followers of the Intel® Embedded Community.


Learn More

Solutions in this blog:

Related topics:

Eurotech is an Associate member of the Intel® Intelligent Systems Alliance.

     Contact Eurotech>>


Warren Webb
OpenSystems Media®, by special arrangement with the Intel® Intelligent Systems Alliance

Between two and three hundred people attended the ETSI Network Functions Virtualization (NFV) meeting in Santa Clara last month. As expected, there was a strong turnout from the telecom service providers who started the NFV initiative in late 2012, while many other companies were also represented such as network equipment manufacturers, system integrators, software companies and processor suppliers.

The overall impression was that key service providers are strongly committed to NFV, with the potential of interesting new business opportunities for a range of other players in an ecosystem that will have to include providers of hardware, software and services.

In terms of the business benefits of NFV, most of the discussion to date appears to be around the CAPEX and OPEX savings that can be achieved through the virtualization of functions that have traditionally been implemented as stand-alone, dedicated, fixed-function equipment.

One use case that’s frequently discussed is a “virtual CPE”, with an architecture that relies on a very simple CPE (modem, switch and antenna) with all services relocated to virtual network appliances on a central server. Another example is the cloud RAN (Radio Access Network) concept, in which the eNodeB at the antenna is replaced by a low-cost Remote Radio Head, with digitized RF data backhauled over fiber to a centralized Baseband Unit pool in which the baseband processing is performed. Finally, Evolved Packet Core (EPC) functions for mobile networks can be run in Virtual Machines (VMs) on generic server platforms.

Each of these scenarios promises to reduce both CAPEX and OPEX for service providers, though there’s still healthy debate as to whether a simple substitution of virtualized functions for dedicated equipment really reduces costs enough, once new operational expenses are factored in.

I was surprised not to hear more at the ESTI meeting about how NFV can enable new services, especially cloud-based applications, which would deliver real value to subscribers. These would seem to be the key to increasing Average Revenue per User (ARPU) and driving top-line growth in the P&L, rather than just reducing expenses through virtualization. On reflection, though, carriers probably view new services and applications as their proprietary secret sauce and not the kind of topic that they want to talk about in a room full of their competitors.

At this point in the evolution of NFV, the working groups and “expert groups” are mainly focused on topics relating to network management and orchestration topics. This makes perfect sense given the extreme complexity of legacy telecom networks and challenges of migrating these control-related systems to a completely new software-based architecture. And, of course, the concept of “Carrier Grade reliability” reflects expectations that we all have, as subscribers with the freedom to switch providers as soon as our contracts are up.

Before too long, though, we’ll need to talk about a fundamental data plane issue that must be addressed in order for any NFV implementation to be cost-effective.

Packet processing is a key function that dominates the processing workload for many telecom network subsystems. These include the CRAN and CPE solutions mentioned above, as well as several key EPC functions such as the Mobility Management Entity (MME), Packet Gateway, Security Gateway and Serving Gateway. In the case of traditional non-virtualized equipment, standard Operating System networking stacks provide poor performance for packet processing because of overheads and latencies within the kernel, so many equipment suppliers have adopted solutions such as 6WIND’s software, which solves that problem through a fast path architecture.

Virtualized implementations present additional challenges for packet processing. Virtualizing hundreds of CRAN, CPE or complex EPC functions on a single server requires high performance network bandwidth to be distributed to the virtualized functions. Standard virtualized architectures that work well for computing applications are unable to deliver the required performance for these demanding network applications. Bottlenecks in the hypervisor, the virtual switch and the VMs themselves can degrade overall networking performance by an order of magnitude for virtualized functions when compared to physical implementations. This is a potential showstopper in terms of the cost-effectiveness of NFV architectures, for which cost-per-subscriber will be a critical metric.

Fortunately, this problem can be solved. Through the use of techniques such as IO Virtualization (IOV), virtual NIC (vNIC) drivers and direct VM-to-VM (VM2VM) communication, as well as a fast path data plane implementation, it’s possible to bypass the bottlenecks. Advanced software solutions can deliver the high networking performance that’s required in order to achieve the cost reductions that are the basis of the NFV concept.

As an example of this, at Open Networking Summit during the week before the recent NFV meeting, 6WIND demonstrated a solution that delivers a 10x improvement in the performance of the standard Open Virtual Switch (OVS), which performs the critical switching function required to deliver high-bandwidth network traffic to VMs.

So while most of the NFV attention and conversations are currently centered on management and orchestration issues, let’s not forget that sooner or later we’ll need to make sure the data plane performance challenges are addressed too. This will be a critical factor in ensuring that the NFV architectures do indeed deliver the CAPEX and OPEX reductions that are promised. And then we’ll have low-cost, high-performance platforms for the delivery of innovative new services for subscribers, which can be the basic of increased service provider revenues.


As industrial designers incorporate remote, fully interconnected factory equipment to reduce costs and simplify maintenance, the exposure to data disruptions or system cyber attacks becomes apparent.  According to the 2013 Internet Security Threat Report published by Symantec Corporation, manufacturing was the most-targeted sector in 2012 with 24 percent of all attacks, compared with 15 percent in 2011. In addition, the research detected a 42% increase overall in cyber attacks in 2012 compared to 2011. Similarly, Verizon recently released the 2013 Data Breach Investigations Report (DBIR) which found that manufacturing is the highest targeted industry (33%) by those motivated by industrial espionage. In these attacks, cyber thieves were trying to access intellectual property, product designs, and trade secrets. The DBIR analyzes data from 19 organizations — covering more than 47,000 reported security incidents and 621 confirmed data breaches from the past year. The manufacturing sector also is one of 18 critical infrastructure sectors established under the United States Department of Homeland Security National Infrastructure Protection Plan to enable assessment of national, cross-sector critical infrastructure protection and resilience programs.


To deal with these potential disruptions, designers are devising techniques to protect or harden important and vulnerable elements of the industrial infrastructure. In fact, security precautions have changed the basic design goals for many industrial embedded devices. Designers are no longer just motivated to produce the simplest, lowest cost device for each project but must now strengthen systems with faster, more capable processors, secure data storage, and tamper-proof communications to simultaneously protect the software structure and data while executing the manufacturing function. To assist in this new industrial design approach, Intel has devised an overall framework combined with state of-the-art architecture to provide multiple security strategies that designers can employ to defend individual devices and the overall plant infrastructure.

One of the most recent security enhancement announcements is the Intel® Intelligent Systems Framework  used to simplify connecting, managing, and securing embedded devices (See figure 1). The framework eliminates the man-hours spent analyzing and verifying interconnections and secure operation as new devices are added to an existing network. The framework combines processor architecture, operating systems, and other software to create ready-to-run, secure, and interoperable platforms for intelligent systems.  Addressing security, the framework provides flexible recipes using scalable, off-the-shelf elements for platform, software, and data protection. For example, the firmware BIOS must be based on the Unified Extensible Firmware Interface (UEFI) specification version 2.1 or greater to enable Extensible Firmware Interface (EFI) Development Kit support for measured boot and secure boot. The framework also includes software and operational middleware from Wind River, McAfee, and Intel® for secure communications and manageability without sacrificing performance.

ISF C.png


The framework leverages system processors with Intel® vPro™ Technology (Intel® vPro) providing built-in hardware support for remote management, virtualization, and platform security functions. This technology allows designers to activate, reconfigure, and if necessary, deactivate a remote embedded system. Intel® vPro™ technology capabilities are embedded in hardware so they can be accessed and administered independently from the operating system and software applications. Intel® vPro™ includes several features that provide hardware support for platform security. Intel® Active Management Technology (Intel® AMT) delivers certificate-based security allowing remote access to the embedded system for management and security tasks to minimize attack opportunities along with complete isolation for rapid repair of compromised systems. Intel® Virtualization Technology (Intel® VT) increases system performance and reliability with hardware support for virtualization software to safely separate and isolate security-critical applications running on the same system. In addition, Intel® Trusted Execution Technology (Intel® TXT) protects embedded devices against rootkit and other system level attacks with an industry-standard Trusted Platform Module device to store key encryption components and protected data.


A low risk way to take advantage of the security features of Intel® Intelligent Systems Framework and Intel® vPro™ technologies is to integrate products that have been certified or tested for readiness. For example, Avalue subsidiary BCM Advanced Research has announced a series of industrial computers that are designed to support the framework, Intel® AMT and Intel® TXT technologies.  Based on Mini-ITX form factor motherboards, the BI255-67QMD series is equipped with the Intel® QM67 Express Chipset and supports Intel® 2nd generation Mobile Core™ i7, Core™ i5, Core™ i3 or Celeron® processors (See figure 2).



Intel Intelligent Systems Alliance members also provide variety of off-the-shelf boards and systems that include the Intel® Intelligent Systems Framework and Intel® vPro™ technologies. For example, the Advantech AIMB-273 Mini-ITX motherboard and the Portwell PCOM-B219VG COM Express module are framework-ready products supporting industrial embedded applications. These products allow industrial designers to start new projects with pre-tested hardware and software components to ensure that devices and systems include security provisions for built-in threat management. If you are ready to start an industrial project requiring a protected infrastructure, please share your questions and comments with fellow followers of the Intel® Embedded Community.


Learn More

Solutions in this blog:


Related topics:


Advantech is a Premier member of the Intel® Intelligent Systems Alliance. Contact Advantech>>

Portwell is a Premier member of the Intel® Intelligent Systems Alliance. Contact Portwell>>

Avalue-BCM is an Associate member of the Intel® Intelligent Systems AllianceContact Avalue>>

Wind River is an Associate member of the Intel® Intelligent Systems AllianceContact Wind River>>

McAfee is an Associate member of the Intel® Intelligent Systems AllianceContact McAfee>>


Warren Webb
OpenSystems Media®, by special arrangement with the Intel® Intelligent Systems Alliance

This week at a customer event co-located with Interop, Dell and Intel announced that Dell OEM Solutions is now a Premier member of the Intel® Intelligent Systems Alliance. Troy Smith, Director of Intel® Intelligent Systems, welcomed the company to its new role, saying “As a member of the Alliance, Dell OEM has been a valuable partner in supporting Intel’s efforts to enable smart, connected systems. We are excited to promote Dell OEM to our highest level of membership and look forward to growing our collaboration with them.”


As a Premier member, Dell now has privileged opportunities to work with Intel through executive, architectural, joint marketing, and sales relationships. In addition, Dell OEM gains the highest level of access to Intel design and development expertise, helping align its technical roadmaps and programs with Intel’s. By optimizing the entire development lifecycle of Intel® architecture-based products, Dell OEM offers reduced risk and lower development costs, improved access to leading-edge solutions, and faster time to market.


Intel and Alliance members like Dell OEM are focused on three key areas:


  • Systems: Billions of devices are connecting to the Internet, each other and the cloud, transforming the industry from fixed function and isolated embedded systems to a new category of intelligent systems. These systems are secure, connected, managed and demand greater performance.
  • Experiences: Intel and the Alliance view 2013 as the year of accelerated transition to intelligent systems. As connectivity becomes even more pervasive, intelligent systems will continue to demand more performance to bring richer experiences and become more fundamental to our daily lives.
  • Data: Intel and Alliance members are helping to simplify the deployment of the Internet of Things (IoT) to enable customers to shift investment from interoperability to extracting greater value from their data.


This three-pronged approach will lead to lower development costs, easier integration, and greater ability to enable innovative services. The end goal is an easier, faster path to making IoT and Big Data a reality.


Dell OEM is a division of Dell that specializes in helping global customers accelerate their time to profit with customizable tier-1 OEM technologies developed by their dedicated team of experts. Dell supports OEMs who build a wide array of their own hardware-based products and need high-quality, stable and well-engineered technology to run their solutions. Dell OEM markets to a wide range of industries, including aerospace and defense, telecommunications, healthcare, industrial, retail, and consumer interaction. Customers trust Dell OEM to deliver world-class hardware and services to serve as the backbone of their solution.


Dell OEM was most recently an Associate member of the Alliance. The Alliance is made up of four tiers, with the highest being “Premier,” reflecting the closest alignment with Intel. From modular components to market-ready systems, Intel and the 250+ Member companies of the Alliance provide the performance, connectivity, manageability and security developers need to create smart, connected systems. There are four Premiers today, including Dell OEM.


This is an exciting and pivotal time for the industry. Watch this space, as well as Alliance publications, particularly the Embedded Innovator magazine and newsletter series, for all the great things to unfold from this latest addition to the Premier tier of the Alliance.

Kenton Williston

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Editor-In-Chief Embedded Innovator magazine

Follow me on Twitter: @kentonwilliston

I love this disclaimer that is often included in many data sheets for computers, “No computer system can provide absolute security under all conditions.” How true this statement is, but yet many military and aerospace computing platforms are frequently embedded in very mission critical applications that must be secure. Invasion from interlopers can bring a mission down. Increasing mobility of electronic platforms makes the challenge even more daunting. What are the major security issues designers need to be concerned with when developing embedded platforms? How can you reduce the risk of security intrusions when developing embedded platforms?


Computers are used in military and aerospace applications from IT to UAVs. The IT applications use server technology that has well established security protection built into the architecture but the UAV application has many embedded computing platforms that are not able to use much of the IT technology. In past years, protecting real-time, embedded platforms was a lower priority as each system was very isolated, but now, security is of paramount importance in embedded computing platforms, as more and more data is being transmitted and stored electronically. As platforms become more intelligent and connected, connected via wireless networks that are especially vulnerable, the concern for security has gained even more prominence.


Security Issues

Security is such a huge topic that it is hard to decide where to begin. I won’t be able to completely do the topic justice but at least I would like to be sure that your eyes are open to the basics. Risk is everywhere, hence the disclaimer at the introduction. Just when you think you might have a secure system, someone finds a vulnerability and brings down your platform. Short of a totally isolated system built with the highest degree of caution, a secure system is nothing but a dream. But understanding the types of security threats can at least help set some priorities and manage the risk.

In his book, “Security for Ubiquitous Computing”, John Wiley & Sons, Inc., Frank Stajano uses a well-established taxonomy to subdivide computer security threats into three categories, according to whether they threaten confidentiality, integrity or availability. Breaking security into these elements makes the evaluation of potential solutions easier and more effective.


Stajano describes confidentiality as the property that is violated whenever information is disclosed to an unauthorized principal. That may be a person or another computing device, either is relevant. Integrity is violated whenever the information is altered in an unauthorized way. It may be altered at a host or in transit between devices. Availability is the property of a system which always honors any legitimate requests by authorized principals. It is violated when an attacker succeeds in denying service to legitimate users, typically by using up all the available resources.


Security Management.jpg

Security Risk Management.


Security is critical from the hardware through the layers of software all the way to the end application. Each is important to ensure the most secure system possible. To manage your risk, you must be sensitive to security threats through the entire system architecture. Security starts at the processor. A foundation or root-of-trust must be established to provide security services upon which to build a robust security environment. Intel vPro technology was first introduced in 2006 and has been upgraded with several new features since then. It offers a strong foundation upon which to build a secure system. Much has been published on the Intel vPro technology and I leave that to you for further research.


Technology Overview




Intel® Trusted Execution Technology (Intel® TXT)

Establishes hardware-based root of trust to defend against software attacks at launch

Intel® Virtualization Technology (Intel® VT)

Works with Intel TXT to deliver built-in protection against malware and rootkit attacks

Intel® OS Guard

Delivers automatic “blanket” protection to defend against escalation-of-privilege attacks

Intel® Identity Protection Technology (Intel IPT) with public-key infrastructure (PKI)

Protects access points by working with authentication solutions to support hardware-based storage of tokens or certificates inside the platform

Intel® Advanced Encryption Standard New Instructions (Intel AES-NI)

Encrypts data up to four times faster without slowing performance or interfering with user productivity

Intel® SecureKey

Generates high-quality random numbers to enhance encryption for online transactions

Intel® Anti-Theft Technology

Offers tamper-resistant security to detect potential theft with the capability to automatically disable PCs

Intel® Advanced Management Technology (Intel® AMT)

Provides remote support for proactive threat management and diagnosing, isolating, and repairing an infected PC, regardless of operational state

Intel® Platform Protection Technology with BIOS Guard

Provides authentication and protection against BIOS recovery attacks; BIOS updates are cryptographically verified to ensure malware stays out of the BIOS

Intel® Platform Trust Technology and Intel® Boot Guard

Designed to work with Microsoft* Windows* 8., Intel Platform Trust Technology supports secure and measured boot, and Intel Boot Guard protects again boot block-level malware



The next layer of defense is at the BIOS level. The threat of attacks on the BIOS is growing with reports of intrusions at the BIOS level becoming more common. The National Institute of Standards and Technology (NIST) has released new security guidelines for updating the BIOS, the point at which the security threat is the greatest. Through new security guidelines – NIST SP 800-147, NIST is setting standards that require authentication of BIOS upgrade mechanisms.


BIOS providers have taken the security challenge seriously and offer suites of products providing multiple levels of security. They support the latest Intel vPro technology which allows users to manage, inventory, diagnose, and repair their systems in efficient, remote, and streamlined ways all without compromising system security. The BIOS providers support the NIST SP 800-147 guidelines and they offer multiple other security options to protect FLASH and other storage devices. Users prefer to keep as much of the security responsibility at the hardware and BIOS level as possible because that is where the defense is strongest.


Phoenix Technologies’ Phoenix SecureCore has an impressive suite of security support. American Megatrends (AMI) with its Aptio V UEFI BIOS compliant products features UEFI Secure Boot for enhanced platform security.


Operating System

Operating systems play many roles in providing increased levels of security. The most recent advancement became more feasible with the introduction of multi-core processors that enable the ability to run multiple instances of operating systems on one multi-core processor. This has led to hypervisor architectures that can protect key elements of the software environment. Real-time operating system suppliers have made hypervisors a key part of their product portfolios.


Green Hills Software demonstrates an excellent example of how important security is to an operating system supplier. They have a dedicated business unit, INTEGRITY Security Services (ISS) business unit, to address the growing need for more secure software. ISS packages the INTEGRITY operating system with a toolkit to provide reliable and authenticated security software that can ensure these ubiquitous embedded devices remain secure.


ISS toolkits are based on the Green Hills proprietary Federal Information Processing Standards (FIPS) compliant Cryptographic Toolkit. The ISS Cryptographic Toolkit meets the latest government standards and also provides the underlying FIPS compliant cryptographic primitives for use with a comprehensive compliment of security protocols. The toolkits are designed to be small, scalable and certifiable by the US Government. Support is available for Windows, Linux, VxWorks, INTEGRITY and general-purpose operating systems on Intel processors.


ISS focuses on addressing:

  • Authentication - the process of ensuring that users, devices and software on a network are correctly identified.
  • Authorization - grants users and devices the right to access resources and perform specified actions.
  • Network Access Control - mechanisms that limit access to the network to authenticated and authorized devices, software and users.
  • Confidentiality - using ciphers to transform data to make it unreadable to anyone except those authorized and authenticated to view the data.
  • Integrity - checking mechanisms are designed to detect unauthorized changes to transmitted data through the lifecycle of a device, software and data.
  • Remote Management - a method to monitor, update and manage remotely manufactured and fielded devices.


Delivering end-to-end security solutions

A connected battlefield is critical to our Armed Forces' success. As multiple classifications of data are transmitted to more devices and vehicles on the battlefield; the requirement for a high assurance, portable encryption toolkit is critical.


Attacks on computers and networks continue to proliferate in spite of extensive software approaches to prevent these attacks. Establishing a strong digital identity for both the user and the computer system through hardware-based security is a significant step beyond software-only strategies.

The defense community has made cybersecurity a top priority. In the push for defense programs to use more COTS, the dependencies on Intel Intelligent System Alliance members and their products only becomes greater. Security never rests as defense systems shift to Intelligent Systems. New breaches are discovered and technology shifts to address the breaches.


I would love to hear more about your experiences as a system designer and what you have done or plan to do to manage security risks.



Learn More


Solutions in this blog:


Related topics:


American Megatrends (AMI) is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact American Megatrends>>
Green Hills Software, Inc. is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact Green Hills Software>>
Phoenix Technologies is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact Phoenix Technologies>>

Jerry Gipper

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Editorial Director, OpenSystems Media, VITA Technologies

With consumers expressing a greater desire to watch content from mobile gadgets like smartphones and tablets while cruising down the road, the automobile is fast becoming a state-of-the-art mobile device. Today you can find displays mounted in the center console, in or above the dashboard, on the backs of the front seats and/or overhead in entertainment panels.  According to Staci Palmer, general manager of the automotive solutions division at Intel®, about 40 percent of the estimated 80 million cars shipped in 2012 had some form of integrated in-vehicle infotainment (IVI) system in it to run computer applications for entertainment, information or Internet connectivity. Palmer expects that by 2020 that rate will reach 75 percent, or around 85 million IVI systems.

These IVI systems will have to handle various data streams including high definition multimedia and 3D graphics, wirelessly transmitted information connecting the car to local area or wide area (the "cloud") networks and Advanced Driver Assistance System (ADAS) data showing lane-departure warnings and other content (e.g., vehicle system checks) that impacts safety.

All of this will require the aid of advanced Intel® processors and for that reason industry analyst organizations such as IHI iSuppli predict automotive IVI systems are heading toward a PC-like architectural approach in which more functionality is dependent on a powerful main central unit.  In that sense the auto will start to resemble a display-heavy aircraft cockpit with multiple screens for the driver and passengers. iSuppli and other industry watchers see software’s role as being a differentiator among brands with some applications previously implemented via hardware reconfigured instead into simpler programs reliant on a heavily centralized unit marked by strong processing power, significant memory and an effective human-machine interface.


This last item should not be discounted. All of the computing "horsepower" that can be brought to bear will come to naught unless drivers can interact with these systems in a natural and intuitive way. And that is precisely the goal of Intel’s® Perceptual Computing campaign: providing direct, natural human-to-computer interfaces encompassing next-generation voice command and control and gesture recognition. Voice systems using technologies such as voice recognition, text-to-speech and speech-to-text will enable drivers to control entertainment and navigation systems simply by using their voices to operate infotainment and other vehicle controls without taking their eyes off the road or their hands off the wheel. Advances in voice-recognition technology will allow drivers to use spoken words to manipulate an increasing number of functions in the future, including controlling the HVAC system, and sending text messages.


The Intel® Perceptual Computing SDK 2013 Beta 2 with support for Nuance Dragon Assistant Core speech recognition is now available as a free download. Voice is firmly in Nuance’s wheelhouse:  More than 70 million cars and 50 million portable navigation systems are equipped with Nuance speech technologies.  According to an IMS Research report more than half of new automobiles in 2019 will integrate voice recognition, up from 37 percent in 2012, as car manufacturers increasingly seek safer ways for drivers to interact with navigation, music or phone calls.


Developers will now be able to add voice commands, short sentence dictation and text-to-speech synthesis to their applications (Fig. 1). Eye tracking and gesture recognition also are in the near future. Cameras mounted in the cabin can see where passengers are sitting in the car, and, more importantly, where they’re looking. If the driver takes his or her eyes off the road, the car would recognize that and could sound a warning. .



Figure 1. Speech Use Cases and Technologies for In-Vehicle Infotainment


The Intel® Perceptual Computing SDK APIs can be used with the Creative Interactive Gesture Camera Developer Kit, employing a small and light-weight USB-powered, depth sensor camera tuned for close-range interactivity (meaning it can pick up the movement of each finger). The kit includes an HD webcam, depth sensor and built-in dual-array microphones for capturing and recognizing voice, gestures and images.


On the hardware side using Intel® Atom™ processors as part of an IVI solution enables automotive developers to create a single, common hardware and software platform that:


  • Reduces development costs
  • Simplifies design complexity
  • Speeds time to market
  • Enables more choice and innovation in software
  • Simplifies product upgrades
  • Has strong interaction ability and compatibility with software.
  • Enables the use of low-power components that can fit into small footprint boards.

For example, Axiomtek’s NANO830 is equipped with the Cedar Trail platform, dual core Intel® Atom™ processor N2000/D2000 series and the Intel® NM10 Express chipset providing premium sound and delivering advanced features such as multiple audio streams.  At a mere 120 x 120 mm footprint, system developers have more opportunities for developing scalable and ultra-compact embedded applications and its low power consumption enables fanless designs.  The NANO830 provides IVI designers with a better choice for higher level graphics-intensive and system performance.  Designed to support the Intel® Atom™ processor D2550 running at 1.86 GHz it integrates Intel’s® Graphics Media Accelerator 3650 engine to support HD-rich content and provides an array of display interfaces including DisplayPort, VGA, and 24-bit dual channel LVDS with dual-view supported. Moreover, it supports a DDR3 SO-DIMM with a maximum of 4 GB of memory.


Similarly,  Eurotech's Catalyst CV (CPU-300-10) module delivers dual-core Intel® Atom™ processor N2x00 performance at CPU speeds up to 1.6GHz and extensive multimedia capability, all while maintaining a very low power profile. On this platform, Eurotech delivers up to 4GB of DDR3 DRAM memory, high-speed PCIe lanes, and USB ports.  Also employing the Intel NM10 Express chipset the Catalyst CV is a compact 67 x 100mm module for applications such as IVI where superior graphics performance is of high value. The Catalyst CV supports not only traditional graphical interfaces such as VGA and LVDS but also offers HDMI, full 1080p, DisplayPort with optional configuration and Blu-ray capabilities to support demanding graphical applications.


We mentioned earlier that iSuppli anticipates software as being a differentiator among brands in IVI systems. One example of this comes from another Intel Alliance partner, Clarinox.  Its Clarinox Blue Bluetooth solution is an embedded protocol stack software that has the ability to run multiple, simultaneous profiles with multiple smartphones. This combination of profiles enables the building of a state of the art automotive Bluetooth infotainment solution by providing access to the phone book of the driver or the passengers, streaming music to the car stereo system from any of the phones, display (or read via text-to-speech) of incoming SMS messages on the console, and to make and receive calls and announce details of the caller. It is an embedded protocol stack that also addresses the main issues confronted by engineers in Bluetooth projects: lack of flexibility, high level of complexity, and difficulty of debugging.


What’s next?  At the IDF 2013 in Beijing Intel® Sr. Technical Marketing Engineers Chris Norman and Horace Li noted that Intel® Alliance partner Red Flag was working on a Tizen 2.0 based IVI solution (Tizen is an open source standards based HTML5 platform for IVI and portable device applications).  According to Norman and Li the Red Flag Software release will include a traffic sign recognition engine, a voice recognition engine, navigation, and other proprietary components.

Finally, and without revealing too much we can safely say that devices built around the soon to be released 4th generation, 22-nm Intel® Core™ processor family (formerly codenamed "Haswell") will offer significant media and 3D performance improvement and will facilitate development of facial recognition, gesture interaction and voice assistance.  Stay tuned!


Learn More

Solutions in this blog:

Axiomtek Nano 0830

Eurotech Catalyst CV

Clarinox Blue


Related topics:

Axiomtek is an Associate Member of the Intel® Intelligent Systems Alliance

Eurotech is an Associate Member of the Intel® Intelligent Systems Alliance

Clarinox is a General Member of the Intel® Intelligent Systems Alliance

Red Flag Software is an Affiliate Member of the Intel® Intelligent Systems Alliance

Murray Slovick

Roving Reporter (Intel Contractor), Intel® Intelligent Systems Alliance

Filter Blog

By date: By tag: