Simple Sample Satellite Transport Protocol

Appox. 1 Month ago, one of my closest friend asked me for help. His CubeSAT Project runs into a HR-Shortage, lacking greatly on responsible for the design and implementation for a satellite transport protocol.

Background:

MOVEII is a CubeSAT, developed @ WARR, TU Munich which is completely under the supervision of students. It has a designed mission duration of 6 months @ orbit 600km. This is the 2. Satellite project carried out by students @TU Munich and shall carry some scientific payload for verification purpose. This Satellite is going to have a VHF/UHF 10kbps symmetric duplex link and a 1Mbps single direction downlink.

On MOVE I, TCP is used a transport protocol. Due to the fact of congestion control and flow control, in combination with the high runtime of SATCOM systems, it is very inefficient. The full headers and network layer is way too complicated and heavy to be efficient, even using UDP.

Therefore, we decided to  create a customised protocol.

Requirements:

I’ve some experience with Airbone Transport Layer protocols, which is mostly based either on some kind of bus (MILBUS/CAN) for onboard communication, or by extended/modified IP stacks. Also, I think about lwIP, which i have used for the ECU Simulation on Cars. Both solution is less feasible for the SATCOM System, since every bit is quite valuable. Therefore the header region of the whole protocol is designed to be minimum, while keeping some extensibility.

The L2 Layer of MOVEII is providing a reliable link, with automatic retransmission request feature. Therefore, we decided to remove any feature regarding to retransmission. This shall be done on L2 and no redundancy implementation is provided to limit the header size.

One of the hard-requirement is reordering of packets. This is required since the L2 does not guarantee the in-order transmission of our packets within the transmission buffer of 256 packets. Therefor we choose a 8bit-number and a termination indication bit (a total of 9 bit) for global sequence numbering.

Another key target of this system is high reliability. This is what why we decided to run our system in user space and providing a centralized Deamon for service. This deamon is design to provide up to 128 slots(ports) for 128 applications, using another 7 bits of header space. By separation process queues in ports, it is guaranteed that blocking operation on some queue does not block the whole transmission system, which is quite comfortable.

The maximum transfer unit is 1000 bytes. This is chosen to leave other layer extensibility. This consumes 10 bit of space.

2 Bit is used for control message, for example for sequence number synchronisation. 16 bit is used to store CRC16 data to keep data integrity of both header and payload.

8 bit is used to process fragmentation number for reassembly of packets.

A total of 8 bytes is therefore used for the header, supporting CRC, reordering, synchronisation, fragmentation, 128 ports and 1000 bytes packet length, while leaving 4 bits for other control message and thus good extensibility.

Implementation:

Because I only have limited time, we found a nice student to support the implementation work. This whole program is written in C++ and providing service using linux domain socket. A separate programming library is used to talk to the domain socket.

We are currently investigation whether the speed is enough to carry out a TAP-Device to tunnel IP Traffic over our protocol, which will enable downwards compatibility and compatibility of standard network utilities.

The code of S3TP can be found here:

https://github.com/twittidai/s3tp

.net WinForm Console and GUI dual use

Sometime, you want to create a WinForm App both to be used with command line arguments and GUI. By default, this option is not available since WinForm Apps have unique entry point because of .net Framework. However, we can attach a console manually so the program can be started with command lines. To do so, follow the following instructions:

First, we need to open the Programm.cs file. This file is automatic generated by Visual Studio during creating the project and the basic form. You will find a section like this:

Right there, add this line:

Here, we attach a console manually to the program, and do a simple check if the program is started with command line arguments. If not, simply create a new WinFrom; otherwise we fire the procedures of the command line thing.

 

lwIP Porting without OS

As a part of my current work, i need to create a virtual network adapter.  For the complex implementation of the TCP/IP stack and to reduce the implementation work. Since we only use the basic RAW API, therefore we implement the NO_SYS option.

According to the official wiki about porting for bare metal, we should creating files following these steps:

1. Create cc.h
cc.h contains the definition of several architecture specific parameters, specially those about memory layout and those effecting the compiler behaviour. Here, you can also specify screen display functions like printf. The following options are hereby believed to be “required”:

2. create sys_arch.h
here,  since we use the NO_SYS option, no operating system specific configuration need to be done here. We get a merely empty definition.

3. create  perf.h
again, we don’t need to implement anything.

4. create lwipopts.h
lwipopts.h is a required file contains a lot of configuration about lwip. Here, you can specify with lwip functions should and could be used. For example, to use with NO_SYS and only tcp and udp protocols enabled, you have to define the following parameters:

please note that this is only a sample.

5. create sys_arch.c
here, you only have to provide the system clock function u32_t sys_now(void)
Here is my example:

6. fill out ethernetif.c
The ethernetif.c is the actual driver of your hardware. Here, you have to fill out the low_level_init(), low_level_output() and low_level_input(). Here are my examples:

By here, the preparation of lwip should be finished, this means you can now initialize lwip and implement application layer functions for you project.

ECU (Electornic Control Unit) Virtualisation

/*
*(C) Technische Universitaet Muenchen
*(C) AUDI Electronic Venture GmbH
*/
ECU (Electornic Control Unit) Virtualisation

ECUs is the major component in automobiles nowadays. ETAS, an software company provides with a wide band of embedded automobile software provides the ISOLAR-A and ISOLAR-EVE systems to create a hardware-level simulation of such a control unit. Hereby, we will show you how to create such an VirtualDevice using the ETAS ISOLAR-EVE and it’s VirtualDevice Class.

The VirtualDevice Class of ETAS’ ISOLAR-EVE provides interfaces and functions accourding to do basic I/O Jobs from the VECU to the outside world. There are serval kinds of communication:
1. Actions. Actions are those kind of communication invoked from the outside world of the VECU. For example, if you have a throddle, or a steering wheel, and if the driver actively interacting with the Virtual Device, all these kind of computation is an action. Actings typically therefore have a input source, and are generally handled with Action Handler.
2. Events. Events are those communication, where are raisen from the inside of the Virtual ECU and should be noticed / received from the outside of the VECU. For example, we press the gas throttle and the motor power output is being increased. The results can be directly reflected on the speed of the vehicle via a speedometer. The data on the speedometer is such an event. Events usually have an output source, and additionally, they can also habe input. E.g., we can have a speedometer showing absolute speed, but the signal from the motor power control unit is only a speed difference, and we need to read from the event the current value and add it with the difference, and finally output this thing again.

Now, to create such a virtual device, we have to declare a new class, inheriting from the virtualDevices. In addition to that, since we are using the build-in types from ETAS’ ISOLAR System, we also need to include other headers to do so. According to the guides form ETAS, this should be done with:

And now, create the actual class:
class myVirtualDevice : public VirtualDevice{}

In the VirtualDevice Class itself, we have to follow the creation guide strictly. Here, we need three compnents. Theses are:

whereby the GetDeviceInfo function provides the Basic Infomation about you virtual device. This function should have following general layout:

As already descripted, the other two functions should include all suppoted actions and events fomr the VDevice. There should have the following generall layout:

with the last argument ist the type of input source. This can be %a for uint data or strings with %s. The declaration of GetDeviceEvents should be analogue.
After that, we have to write the actual code of the Actions and Events. Eg.

The Events should be analoge. And here, the UnpackData function explictly extract something from the vrtaAction and copies it into an user selected memory range. And at the end, we need to create the constructor of our class:

And hereby our work should be finished. To actively use this class, simply declare such an instance of this vDevice:

 

OpenVPN with User/Password auth

OpenVPN is an modern, simple to use open source VPN. It supports both OSI-L2 (MAC) and OSI-L3(IP) level communication link, with TUN/TAP simulation. In addition, OpenVPN invokes SSL-Based encryption, so all transmissions from the server and client are encrypted for data security.

To install the OpenVPN server on a Debian-based server, we should first install the package:

This should install openvpn itself and all dependencies. Afterwards we need to generate certificates for the ssl-encryption. The openvpn package already provides a toolkit for fast generation of this certificates. First, we copy out all files we need to create the certificate:

The path /etc/openvpn/ ist the standard  working directory for OpenVPN. Now we can build the certificates. First CA-Cert, then the Server-Cert, then the Diffie-Hellman constant.

Theses processes should be very simple and understandable, just enter the information the scripts asks . Now, we are ready to write a server.conf file. Copy out all the cert and keys.

And finally we create a server.conf file

with the following content

and then finally restart the service, and add the redirecting and forwarding in system and firewall:

And now the server side configuration ist finished. On the client side, we need a configuration file like this:

Here, you should paste the Certificate ca.crt from the server side onto this file. And now, you can login with any account from the linux machine. (Auth is using PAM.)

Create (self-signed) certificate with SSL and push it into OpenLDAP

One of the less used use case with LDAP-Server is to push the users’ X.509 Certificates into the LDAP directory. According to RFC 2251, the certificate is stored in DER(Distinguished Encoding Rules) under the attribute usercertificate;binary

Using OpenSSL, execute the following command:

 

The -subj command takes attribute connected to the certificate (Country, State, City, Organisation, Common Name) and this will allow openssl to generate the certificate quietly. Once it’s finished, myCert.pem will be the new certificate and whereby myKey.pem is the certificate’s private key.
Afterwards, we still need to convert the created certificate into the DER format, which can be done with

whereby the outcert.der is the certificate in DER encoding. Now we are ready to push this certificate into LDAP. To do that, we create a file named cert.ldif with following content:

Here, we assume that the user xxx already exists in LDAP. And we are using the file location since the information in outcert.der is stored in binary data.
And finally, we commit the information into the database.

And now we finished the job.

Logitech Wave ergonomic Keyboard review

Because of my increasing workload with keyboard and since the MacBook Air’s keyboard is less sophisticated, I decided to buy a new keyboard. Cordless or not, is not my deciding argument for the new keyboard, but it should be Mac compatible, it should be a full size keyboard and it has to be ergonomic.

Since it is impossible that our hands are directly orthogonal to the keyboard, the traditional keyboard requires that our hands stay lying in a less comfortable position while typing. People who need to work a lot on such a keyboard like me soon found out that it is really hard to keep that position without to get aching hands and arms. Ergonomic keyboard solves this problem: Unlike traditional keyboards, keys on ergonomic keyboard are in a slightly inclined position so it passes better to the natural form of hands while typing. The position of the hands therefore remains in a continuous comfortable way so that no aching hands anymore! That’s why that a ergonomic keyboard is always suggested for people with heavy workload on a computer!

As a result, I decided for the Logitech Wave ergonomic Keyboard, which has Macintosh Support up to Mountain Lion, full size with quick access keys. I chose the corded version since it does not matter for me if the keyboard is corded.

Logitech Wave Keyboard
Image Source: http://www.hitechreview.com

 

Since this Keyboard is already not a new model anymore, its price is just great for its experience. Since it’s equipped with armrest, it is extremely comfortable to type with this keyboard.

Remove Spaces with Windows CMD

As part of my current project, I had to figure out a way to parse parameters from TXT file and using them as environment parameters. Since spaces are contra productive to environment parameters, here is a way how to remove all the spaces.