Page 1


Your search is over! CompactPCI • COM Express • VME • PrPMC/XMC • VPX • Custom X-ES delivers the latest 3rd generation Intel Core i7 processor solutions on the widest range of standard and custom form factors in the industry. With our proven record of meeting aggressive schedules, you can count on X-ES to deliver Intel Core i7 processor solutions on time, and with unparalleled customer support. Call us today to learn more.

You need it, we have it! That’s Extreme.

Extreme Engineering Solutions 608.833.1155


42 Super-Small GigE Vision/CameraLink SWIR Camera with Low Noise

44 CompactPCI Serial SBC Features Quad-Core i7 and Up to 16 Gbyte ECC Memory


47 OpenVPX Interoperability in SFF Signal Processing Platform Expands VPX Ecosystem





Monitoring Networks for Security and Performance

Digital Signage

Trends in Mobility and Their 6Editorial 34 For a Celebration of the Ordinary Implications for Digital Signage – Busting the DPI Myth: Deep Packet Revisited 16 Inspection Provides Benefits to Industry Insider End Users and Operators Alike 8Latest Developments in the Embedded Technology Advancements Enable Marketplace 38 Accelerated Development of Detecting and Mitigating Network Digital Signage Deployments 22 Small Form Factor Forum Security Threats 10Small Form Factor Costs of Ownership Steve Gurley, Pyrim Technologies

Karl Wale, Radisys

Michael Patterson, Plixer International

& Technology Newest Embedded Technology Used by 42Products Industry Leaders

EDITOR’S REPORT The Future of the Shrinking PC

PC Opens Opportunities in Embedded and 12Smartphone-Sized Networking

Satish Ram, Kontron

TECHNOLOGY IN SYSTEMS BYOD: Smartphones and Tablets as UIs

26 BYOD – Bring Your Own Display for Industrial Control and 30 BYOD Automation Bill Weinberg, Olliance Consulting

David Kleidermacher, Green Hills Software

Tom Williams

Digital Subscriptions Available at RTC MAGAZINE JANUARY 2013


Solid or Spin... we go both ways

JANUARY 2013 Publisher PRESIDENT John Reardon,


Ruggedized VPX Drive Drii v e Storage St Module Whatever your drive mount criteria criteria, everyone knows the reputation reputation, value and endurance of Phoenix products. The new VP1-250X, compatible with both solid state or rotating drives, has direct point-to-point connectivity or uses the PCI Express interface with the on-board SATA controller. It is available in conduction cooled (shown), conduction with REDI covers (VITA 48) and air cooled configurations.

We Put the State of Art to Work


Art/Production ART DIRECTOR Kirsten Wyatt, GRAPHIC DESIGNER Michael Farina, LEAD WEB DEVELOPER Justin Herter,

Advertising/Web Advertising XXXQIFOYJOUDPNt714-283-4800 PHOENIX INTERNATIONAL IS AS 9100 REV C / ISO 9001: 2008 CERTIFIED

Untitled-6 1

8/6/12 11:56 AM






Billing Cindy Muir, (949) 226-2021




Come see. Come learn.

Review of Human Factors Requirements for Medical Devices Examination of ISO 60601-1 and 62304 Requirements Streamlining the FDA Clearance Process

March 11, 2013 – Irvine, CA: Brandman University

To Contact RTC magazine: HOME OFFICE The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Phone: (949) 226-2000 Fax: (949) 226-2050, Editorial Office Tom Williams, Editor-in-Chief 1669 Nelson Road, No. 2, Scotts Valley, CA 95066 Phone: (831) 335-1509 use the code MEDSJAN when registering to get 50% off



Published by The RTC Group Copyright 2013, The RTC Group. Printed in the United States. All rights reserved. All related graphics are trademarks of The RTC Group. All other brand and product names are the property of their holders.

WinSystems’ DesignSolutions

PC/104 Analog In/Out Module Does Not Require Calibration WinSystems’ PCM-MIO-G is a versatile, PC/104-based analog input, analog output, and digital I/O board designed for high-accuracy and high-channel count analog and digital I/O. It includes a 16 channel, 16-bit analog-to-digital (A/D) converter, 8 channel, 12-bit digital-toanalog (D/A) converter, and 48 lines of digital I/O. Its design is unique since it requires no trimpots for calibration of the analog circuitry to UHPDLQZLWKLQLWVVSHFL¿FDWLRQV

The input ranges are 0-5V, Âą5V, 0-10V and Âą10 volts. The board will support up to 16 single-ended or 8 differential channels or various combinations of both. Eight independent, 12-bit D/A converters are also on the board. The output voltage ranges

are 0-5V, 0-10V, ¹5V, and ¹10V. The PCM-MIO-G has 48 lines of digital I/O programmable for input, output, or output with read-back. The lines are TTL-compatible and can sink 12 mA. The board will operate from -40° to +85°C. WinSystems, Inc. (817) 274-7553

PC/104 Wide Input DC/DC Power Supply with -40° to +85°C range


Call 817-274-7553 or Visit Ask about our eval program


WinSystems PC/104 DC/DC power supplies have an input voltage range from 10 to 50V DC. This allows them to work with 12, 24, or 48 volt battery operated or distributed DC power systems. The single output voltage for the PCM-DC-AT500 is +5V @ 20A. The PCM-DC-AT512 has triple output voltages of +5V@20A, +12V @ 3A, and -12V @ 0.5A.

The power supplies have no minimum load requirement to bring the units into regulation. All the outputs have overvoltage and short circuit protection plus overcurrent protection as well. LED indicators display a visual status of each regulated output. Both versions will operate from -40° to +85°C with no fans or heat sinks and are well suited for applications including pipelines, transportation, communications, solar power, and military. WinSystems also offers the PPM-DC-ATX which is a PC/104-Plus DC/DC supply that generates 5 regulated voltages plus supports the software controlled shutdown and power monitoring for SBCs with advance CPU chipsets employing sleep modes and active power management. WinSystems, Inc. (817) 274-7553


Tom Williams Editor-in-Chief

For a Celebration of the Ordinary


s technical journalists, we editors are conditioned to be ever on the lookout for stories that are the latest, most innovative, snazziest, whippiest and most conducive to producing large volumes of engaging editorial content we can produce. On the one hand, this is exactly what we are supposed to be doing. Our readers need to be aware of the latest developments, trends and directions in a world of ever-changing technology and market directions. On the other hand, it can sometimes lead to what I have come to call the “Jeane Dixon syndrome.” The late Ms. Dixon was a well-known astrologer who appeared for many years in the tabloid press. Her predictions regularly made headlines and were mostly wrong, but people tended to remember only those that somehow came true. So she became a famous astrologer. I cannot (and will not) tell you the number of times that I have been presented with a technical innovation that at the time appeared not only to represent a technology breakthrough, but also to hold great promise for the future. Many of these have ultimately gone nowhere, often due to circumstances other than their intrinsic technological merit. Market conditions might not have been favorable at that particular time, or they might have been too complex or too costly to actually manufacture. All kinds of things can come into play. Of course, there have been some evaluations and predictions that did come true. For instance, the long-ago remark that Windows NT would seriously push Sun out of a good piece of the workstation market. Fortunately being a prophet is not a big piece of the job description. Which moves me to suggest that we consider for a moment



the value of the more mundane world where steady sales and integration of technology continue to chug along, being built into all manner of everyday products and constantly, if gradually, moving into ever more applications. This may be far less exciting than the constant attention to the “cutting edge,” but it is an area where companies continue to thrive and people continue to have jobs by continually adding value to the things we use in our daily lives. There may be little excitement involved with designing a microcontroller into a fridge or a toaster, or embedding a PC/104based control system into a gas pump, but there is great value. One of these is increased energy efficiency. Even without specifically designing for energy savings, microprocessor controlled systems inherently use less power than mechanical control systems—and they have potentially and practically more functionality. Everybody gains from this. Another effect of the daily, relentless spread of embedded control is the advent of almost universal connectivity. Since almost everything today is routinely designed with built-in network connections, this is a huge resource that is only now being explored and put to use. But with a culture growing up with a smartphone glued to its head, this routing integration of a capability will be considered ordinary even when its potential is expanding in ways we cannot now imagine. And from one perspective it’s no big deal. Isn’t that pretty ordinary? By the way, while fact checking for this editorial (yes, we do that) I discovered that the phrase, “the Jeane Dixon effect” was first coined by Temple University mathematics professor John Allen Paulos. Credit where credit is due.

® Featuring gB Battery y Backup Power (BBP™) module BBP™ Key Benefits:

184#3 8



184,#3 8








Supermicro BBPâ„¢ Module



(with dual BBPâ„¢ modules)



INSIDER JANUARY 2013 Congatec and Adeneo Embedded Partner to offer BSPs for ARM Modules Congatec has entered into partnership with Adeneo Embedded to deliver ready-to-use board support packages for its Freescale ARM Cortex A9 i.MX 6 Series-based modules. Thanks to this new software partnership, congatec’s worldwide customer base can now benefit from a costeffective end-to-end solution enabling them to speed up the development of Windows Embedded and Embedded Linux devices. Adeneo Embedded, a specialist in embedded operating system integration with facilities in Europe and the U.S., provides thoroughly tested high-quality BSPs to a wide range of vertical markets worldwide. Adeneo is a member of the Freescale “Design Alliance” program and the official partner of Freescale for Windows Embedded Compact, Android and Embedded Linux developments on i.MX architectures. Leveraging Adeneo’s extensive software and system integration expertise for ARM Freescale processors, congatec initially offers BSPs for the conga-QMX6 Qseven modules based on the ARM Cortex-A9 Freescale i.MX6x series. Sporting a sophisticated high-end, 3D-ready HD graphics core, the conga-QMX6 Computer-on-Modules (COMs) are designed for advanced multimedia applications. Target markets include manufacturers of mobile and ultra-mobile industrial devices as well as medical, automotive and industrial automation. The standard conga-QMX6 BSP includes support for the universal boot loader (uBoot), Linux and Windows Embedded Compact 7. WEC 7 Binary BSP files and Linux source code are available free of charge; a one-time license fee applies for WEC7 source code.

QLogic and Dell Team for End-to-End 16 Gbit Fibre Channel Storage Area Networks

QLogic has announced that its 2600 Series Fibre Channel adapters will be used as part of Dell solutions to deliver end-toend 16 Gbit Fibre Channel storage area networks (SANs). QLogic adapters will provide 16 Gbit Fibre Channel connectivity for Dell 12th Generation PowerEdge rack, tower and blade servers, as well as native 16 Gbit Fibre Channel connectivity for Dell Compellent Storage. “With the world’s largest installed base of Fibre Channel adapters, QLogic delivers unmatched versatility and industry-leading performance with



our 2600 Series 16 Gbit Fibre Channel portfolio,” said Amit Vashi, vice president of marketing, Host Solutions Group, QLogic. “Our long history of collaboration with Dell and our expertise in Fibre Channel networking, from server to storage, have earned us this 16 Gbit Fibre Channel business for Dell Compellent storage and PowerEdge blade servers. Through dramatically increased I/O and bandwidth, QLogic end-to-end 16 Gbit Fibre Channel connectivity allows Dell to provide customers with faster deployments and greatly improved application performance.” “QLogic 2600 Series adapters allow Dell to deliver first-to-market, end-to-end 16

Gbit Fibre Channel storage network solutions,” said Dan McConnell, director of marketing and product management, Dell Compellent. “From host to storage, with no bottlenecks in between, Dell’s end-to-end 16 Gbit Fibre Channel solution drives unprecedented application performance and provides the perfect I/O companion for state-of-the-art Intel and AMDbased servers, virtualized data centers and cloud computing environments.”

IEEE Standards Association and ETSI Renew Memorandum of Understanding

The IEEE Standards Association (IEEE-SA) and the European Telecommunications Standards Institute (ETSI) have announced they have renewed their memorandum of understanding (MOU). This agreement continues the long-standing cooperation between IEEE-SA and ETSI, fosters collaboration between the two organizations, and further promotes mutual interests through global standards coordination. To formally acknowledge the alliance, Luis Jorge Romero, director-general of ETSI, and Konstantinos Karachalios, managing director for IEEE-SA, gathered with members of the Institute for a signing ceremony during the 60th ETSI General Assembly in Mandelieu, France on 13 November 2012. During the ceremony, the two organizations acknowledged the need for IEEESA and ETSI to work closely together on coordinated standards to avoid duplicated work and align under a mutually beneficial framework. “ETSI is the ideal partner for IEEE-SA’s continued progress on

expanding cooperation between technical committees with a global reach,” said Karachalios. “Sharing information is the key factor here. Collaboration between governing bodies is top of mind. It’s all part of our vision for widespread adoption of globally relevant standards and our commitment to work cohesively with standards organizations around the world.” “The framework for coordination between technical groups will greatly benefit our industry as it increasingly relies on standards for interoperability,“ said Romero. “This agreement will allow ETSI representatives to become more knowledgeable about IEEE activities and vice versa, of course.”

“Live-to-Work” Ethos Driving Faster BYOD Adoption in High-Growth Markets than Mature Markets

Employees in high-growth markets are more willing to embrace the bring-your-owndevice (BYOD) phenomenon and the personal productivity benefits of enterprise mobility compared to those in mature markets, according to a study by Ovum. Driving this trend is the predisposition of professionals in high-growth markets to “live to work” and the lower rate of corporate provision of mobile handsets and tablets. As part of the largest study ever conducted into employee BYOD behavior and attitudes, a new paper from Ovum reveals that across 17 markets, 57.1 percent of full-time employees engage in some form of BYOD. Yet, when broken down by market, there is a clear trend: 75 percent of respondents in the emerging, “high-growth” markets (includ-

ing Brazil, Russia, India, UAE and Malaysia) demonstrate a much higher propensity to use their own devices at work, compared to 44 percent in more mature markets. “Employees in high-growth, emerging economies are demonstrating a more flexible attitude to working hours, and are happy to use their own devices for work. However, in mature markets, employees have settled into comfortable patterns of working behavior and are more precious about the separation of their work and personal domains,” explains Richard Absalom, consumer impact IT analyst at Ovum. “This bifurcation in behavior will shape not just future patterns of enterprise mobility in high-growth markets compared to mature markets, but also dictate which markets, structurally, are going to benefit most from this revolution in how and where we work.” For businesses, while it’s promising to see IT departments coming to grips with, and encouraging, such behavior in the regions where BYOD behavior is most prevalent, Ovum warns that too much BYOD activity is going unmanaged. Of those respondents who bring their own devices to work, 17.7 percent claim that their employer’s IT department does not know, while a further 28.4 percent of respondents’ IT departments actively ignore it is happening. “Unmanaged BYOD creates a great data security risk, and the implications of losing sensitive data via a personally owned device can be dire from financial, reputational and legal perspectives. Every business must understand the behavior of its own employees, which, as we have seen, is likely to be influenced by its location, and manage it according to its risk profile,” concludes Absalom.

Microsoft Reveals Windows Embedded 8 Roadmap

In Beijing, Microsoft unveiled its product and technology roadmap for Windows Embedded to include Windows Embedded 8 and Windows Embedded Compact 2013 products. Windows Embedded is Microsoft’s solution to build the foundation for intelligent systems, which IDC believes will represent a $1.4 trillion market opportunity by 2016. Specifically, Microsoft has just delivered the release preview of Windows Embedded 8 Standard, which extends the value of Windows 8 to specialized devices within intelligent systems. It will be generally available in March 2013. They also disclosed availability timing for Windows Embedded Compact 2013, Windows Embedded 8 Pro and Windows Embedded 8 Industry, and the company’s continued commitment to Windows Embedded Handheld and Windows Embedded Automotive product lines. Microsoft is committed to helping harness the potential of the Internet of Things by connecting devices to software and services in the back end or in the cloud, transforming that data into actionable operational intelligence. In describing the opportunity, Windows Embedded General Manager Kevin Dallas calls out Microsoft’s “big transition” from being a software company to a devices and services company. “Faced with the explosion of business data, enterprises are looking for better alternatives to help them unlock the information inside,” Dallas says. “Microsoft’s broad set of technologies and products make it uniquely qualified to help address this problem. We’re working with our partners to create

solutions that extend across the full breadth of Microsoft technologies and provide customers with the clarity they need to harness big data.”

China’s Urbanization Offers New opportunities for AsiaPacific PLC Market

Over the past three decades, China has delivered a veritable economic miracle, double-digit growth year after year. The twin engines of this economic machine have been exports and investment. China drew from these seemingly never-ending wells and happily watched its economy soar. However, due to the current Eurozone sovereign debt crisis, a sputtering U.S. economy and the global recession, China’s mighty economic machine has stalled. So, with export markets stagnant and the government’s stimulus package (despite producing positive short-term effects) exacerbating inflation and overcapacity, expanding domestic consumption remains the only card the Chinese government has left to play. IMS Research predicts the industries in the Asia-Pacific PLC market that are related to domestic consumption will grow faster than the average from 2011 to 2016. Of the machinebuilder sectors, food, beverage and tobacco machinery was estimated to account for the second most PLC revenues in 2011, $139.4 million; packaging machinery accounted for the third most, $127.7 million. This was largely due to the demand for processed and packaged food, with rising disposable incomes and increasing urbanization. IMS Research believes that the growth will be sustainable, and has forecast a sector compound annual growth rate (CAGR) of more than 10 percent, higher

than the machine-builder average, from 2011 to 2016. IMS Research’s report, The World Market for PLCs – 2012, was published in September and contains forecasts and analysis for this fast-growing segment of the PLC market.

Mercury Systems Names Dr. Paul Monticciolo Chief Technology Officer

Mercury Systems has announced the appointment of Dr. Paul Monticciolo as Chief Technology Officer. Most recently he served as President and General Manager of the company’s former Mercury Federal Systems division. “I’m very excited to take on this leadership position at such a critical time in our company’s history,” said Monticciolo. “For over 30 years, Mercury Systems has applied best-of-breed engineering and technology to solve tough customer problems. That’s our company’s hallmark—and it will continue to be so under my stewardship. Whether we leverage our deep technical skills in Big Data or across the entire sensor processing chain, we’re dedicated to bringing technology to market quickly.” Dr. Monticciolo earned a B.E.E. degree from The Cooper Union, an M.S.E.E. from Georgia Institute of Technology and a Ph.D. in Electrical Engineering from Northeastern University.




FORUM Colin McCracken

Small Form Factor Costs of Ownership


eeling the warmth of the freshly printed 2013 budget or R&D project plan, you set off to surf the web for that small form factor (SFF) board with just the right blend of features. Like a kid in a candy shop or a post-holiday bargain shopper, your heart is pounding for that elusive $70 dual LAN ARM board. Before making that impulsive purchase, a voice inside your head calls out “TCO”…“Total Cost of Ownership”…all the while from high atop the search results beckons the barebones bargain basement board. There are many suppliers of SFF boards on the web. It’s not hard to design a system around one of these off-the-shelf boards. With the latest 32-bit and 64-bit processors, the breadth and depth of supply is overwhelming. But wait…what about bring-up support? And who will be around years later if revision changes or quality issues arise? It’s easy to just think of a board price as simply a bill of materials (BOM) cost plus mark-up. The vendor deserves to make some modest profit from selling a large quantity of boards, after paying for design costs and indirect costs of selling and supporting the products. But maybe the mark-up shouldn’t be too high; after all, we can design these boards ourselves, right? Maybe if we actually had more time and resources and less risk aversion. The “opportunity cost” of designing your own board is the value of the best alternative usage of your time. Everyone talks about focusing on “core competencies” and “value-add.” Rather than simply beating up your supplier to reduce prices because you know how much the components cost, consider their profit margin as the amount you save by not having to design it yourself. Harder to estimate is the inherent value of their effort in wringing out the design, tweaking the firmware, loading operating systems and testing device drivers. All things you’d face yourself in the very likely event your board doesn’t work 100% on the first pass. Don’t forget the considerable free investment of time your supplier makes during the 1-2 years of your development before they get a production PO from you. Finally, there is the time value of money and time-to-market advantage of a working board on day one. Value: Priceless. Or if the board doesn’t work, there are



dozens of suppliers whose boards work fine. Double-check that it’s not “operator error.” TCO includes all of the costs you pay for the product over time, from up-front design until the last field service spare/repair. For a thorough analysis, consider vendor warranties (30 days, 1 year, 2 years) and whether they optionally sell additional years for a few extra percent. After the warranty ends, you cannot RMA the boards for repair/credit. What is the cost of field failures of your system? What does your end user’s down time cost, and how does that impact your company’s reputation and future business as well as your job security? For remote installations, truck rolls are expensive. Mean time between failures (MTBF) calculations predict reliability using Telcordia or other methods. Be sure to consider parameters used such as temperature and ground. Your system design and thermal solution / air flow have a huge impact on actual reliability. This is your issue, not just the board vendors. Finally, what are the costs of revision changes, the resulting re-qualifications / re-certifications and obsolescence? Does the board use embedded roadmap and long-lifecycle components? Does your vendor offer a last time buy opportunity? How much inventory will you have to stock for the remainder of the program after your vendor’s EOL, including service spares? What is your accounting team’s cost-of-money for inventory sitting in the warehouse? What is your supplier risk, could they go out of business? Is that $70 Internet seller reputable, or just fly-by-night? Is the board built to an industry standard where an alternate source could be found? A better approach is to qualify a second source up front to mitigate some risk. All these considerations are not to be taken lightly. Go ahead and resume searching the web or contacting your rep or distributor. Gather information, but don’t be too quick to pull out the credit card or write the purchase requisition. In these economic times, nobody wants to spend more than absolutely necessary for a board. While hobbyists and researchers can focus on price and get by, system OEMs are wise to monetize the entire SFF TCO lifecycle costs.




;WUHPH 3&,









The Embedded Products Source ZZZZGOV\VWHPVFRP



editor’s report The Future of the Shrinking PC

Smartphone-Sized PC Opens Opportunities in Embedded and Networking A fully functional PC able to run Windows or Linux with WiFi and high-definition graphics has been implemented by Intel for use in myriad applications from embedded control to network gateways and more. by Tom Williams, Editor-in-Chief


ntel may be up to something new. Although at first glance it might seem unremarkable, the strategy behind a device code-named “Barton Island” could have some far reaching implications. The device is the first of what looks to be a series of Atom-based single-board computers. It includes a single-core E600 series Atom, formerly code-named “Tunnel Creek” along with 1 Gbyte of 400 MHz DDR2 memory, along with an mSATA solid state driver, a choice of HDMI or VGA video interface, HD audio and a USB 2.0 port. Wi-Fi connectivity is also supported, but interestingly, the I/O hub chip that was designed to go with Tunnel Creek has been left off and the four PCIe lanes that come out of the processor have been left as 4 x1 lanes—one going to the USB, another for the SATA drive, another for a mini-card interface and the fourth left for future expansion. It also has a mini-card slot connected to a PCIe lane that is most commonly used for a W-Fi module (Figure 1). The size of 120 x 70 mm (or enclosed in a chassis of 130 x 80 x 15 mm) makes it roughly the size of a smartphone (Figure 2). One might be tempted to compare



it with a credit card-sized COM express module were it not for the rather limited I/O capability. Of course, even the smallest COM express module requires a carrier card, and a somewhat larger sized PC/104 configuration needs at least one I/O module. So what is going on here? At 600 MHz or 1 GHz, the singlecore processor performance is good but unremarkable; the operating power consumption hits around 15W, so we’re not talking a lot of battery operated or mobile applications. Graphics is supplied by the on-chip GPU. However, the single external USB port can be used for multiple peripheral devices if their performance demands are not excessive. What we appear to have here is a very compact, moderately powerful, low-cost Windows or Linux-based PC that can be readily used in a vast number of scenarios. And that appears to be exactly the idea. When we think of embedded systems, what mostly comes to mind are dedicated applications buried in some device with perhaps a specialized user interface of some kind dedicated to the specific application. Now, of course, we have long had what are known as “embedded PCs,” but they have

largely been used in this sort of scenario as well. Here we seem to have a PC that can, of course, be dedicated to a specific application or set of applications, but that is also quite capable of running almost any Windows or Linux application as well.

Use as a Network Gateway

One recent application that stretches the traditional concept of an embedded system yet shrinks the traditional concept of a PC, is the Nevales SG security gateway from Nevales Networks. The gateway, based on the Barton Island device, is targeted at helping small and medium businesses take advantage of cloud computing with security-as-a-service (SaaS) on a subscription basis. The Barton Island-based device is able to integrate security features including a firewall, VPN, intrusion detection, antivirus, anti-spam, surf detection, spyware guarding, access and bandwidth management, traffic management and reporting using a subscription model. In fact, such a usage model is opening what the company refers to as “the commercialization of IT.” This is precisely the promise that cloud computing offers to small enterprises, which when starting up cannot foresee their exact needs in terms of computing and storage and may not have the budgets to invest in the equipment themselves. In addition to meeting such needs economically, there is of course the issue of security for which they may not have the immediate specialized (and expensive) in-house talent.

A Larger Picture?

Small, compact, integrated devices like Barton Island—which by the way is given other brand names by the ecosystem partners who OEM it—are making the PC universe more granular. This is probably something that Intel has to do to extend the life of the PC in the face of the more ARM-based onslaught of smartphones and tablets. At the same time, such small, full-function PCs will be extending the reach of universal connectivity because they have the potential to act as “micro gateways” almost anywhere.

Microsoft to Introduce Intelligent System Strategy With Windows Embedded 8 YOU ARE INVITED: 34 CITIES ONE POWERFUL TECHNOLOGY UPCOMING EVENTS AMERICAS

Atlanta, GA - Jan. 29 Melbourne, FL - Jan. 31 Montreal, QC - Feb. 5 Toronto, ON - Feb. 7


Mumbai, India - March 2013 Bangalore, India - March 2013

EMEA Reading, United Kingdom - Jan. 17 Stockholm, Sweden - Feb. 5 Moscow, Russia - Feb. 7 Cologne, Germany - Mar. 5 Munich, Germany - Mar. 26 Tel Aviv, Israel - Apr. 11

*Dates and locations are subject to change

Windows Embedded Summit What Is It? A half-day technical brieďƒžng highlighting the Microsoft intelligent system strategy and how engineers and technology leaders can leverage existing WES7 and upcoming WES8 technology to increase embedded OEM business more effectively. Who Is Invited? Business leaders and technology decisionmakers will be invited to join Microsoft and key partners at over 30 global locations. Questions Answered: What game-changing technology does Windows Embedded 8 bring to embedded design? How to best select an embedded software platform for next generation intelligent systems? How to get started today and prepare your business for the future?

editor’s report


Untitled-8 1

Want VPX? Try CompactPCI

Discrete VR


Serial !

HDMI port



SDVO Tunnel Creek Intel

HD Audio Codec

Audio Out Mic port

Clock Generator


Mini USB port

Board 1 external mini USB port

PCIe x1 PCIe to USB


as inexpensive industrial PC, redundant system or complex computer cluster Q

CompactPCI® PlusIO: 100% compatible to CompactPCI® 2.0


CompactPCI® Serial: PCI Express®, Ethernet, SATA, USB on the backplane


Our products: Intel® and PowerPC® CPUs, I/Os such as WiFi, USB 3.0, Fiber Optics, etc., XMC/PMC carriers, HDD shuttles, PSUs, racks

ITP Debug

PCIe x1

PCIe x1

Individual 19“ System Solutions


Mic In Conv USB Port on board (Type-A)

SPI Flash

Slot for mini card


PCIe x1 For future expansion

Figure 1 Based on the Atom E600 series processor, the Barton Island device represents a fully functional PC.

Embedded ded Solutions olu – Rugged Computer ute Boards uter oar and Systems for Harsh, Mobile h, M ile and Mission-Critical Environments iron ron nts

MEN Micro, Inc. 24 North Main Street Ambler, PA 19002 Tel: 215.542.9575 E-mail:


8/3/12 4:47 PM

Figure 2 Enclosed in a chassis just 130 x 80 x 15 mm, the Atom-based PC can be mounted almost anywhere, handling temperatures up to 40°C, or can be used as a “bare board” built into fully integrated systems.

editor’s report

And here, one of their advantages is that they are not inherently mobile. Yes, they could of course be built into some battery-powered systems, but that is not their optimal scenario. Instead they can be placed and mounted in unobtrusive places where they could serve as aggregation points for such things as wireless sensor networks or Wi-Fi hubs—with security and management capabilities—for public or privately dedicated wireless devices. Such possibilities seem compatible with Intel’s vision of Intelligent Systems where all manner of universally connected devices produce “big data” that can be mined and utilized in all sorts of current and yet to be invented ways. Intel is not stopping at Barton Island with the first iteration of this concept. There are plans to expand the line with later, multicore versions of the Atom processor. Currently customers can order devices from a couple of choices. They can select a VGA or an HDMI display option and can choose Windows XP or Linux Fedora Core 14. The Windows version is delivered with a BIOS that can be set up by the customer and drivers are available for download. It is also possible to order the board without the chassis so that it can be directly built into equipment such as digital signage, fitness equipment, kiosks and more. In addition, a certain amount of customization is available for quantities over 5K pieces per year. Intel is planning further releases based on its dual-core N2000 and D2000 Atom series (code named “Cedar Trail”) and even later models in the future. So are we talking about embedded IT or cloud-based control systems? When terms like the commercialization of IT pop up with extremely miniature fullfunction PCs that can act as network gateways as well as dedicated device controllers, something is shifting. And that is because, thanks to ever-increasing universal connectivity, there is a dwindling distinction between embedded and enterprise, consumer and industrial, private and . . . well, anything else. It is nothing new to realize that every computing device really has a great deal of data associated with it. What is new is the ability to capture, transmit, store, interpret and (important) correlate that data

with other data, even data which at first appears to be unrelated. The discovery of relationships between different sets of data from seemingly unrelated sources and of different types gives rise to more and more creative applications to make use of it. As the various nodes within networked systems become more gradual in their transition from small to large—that is more nodes of gradually varying size, the bigger will be

Untitled-7 1

that entity that is starting to be called “Big Data” in sheer size and in importance. Intel Santa Clara, CA. (408) 765-8080. []. Nevales Networks Mumbai, India. +91 22 4236 4444. [].


1/7/13 3:58 PM RTC MAGAZINE JANUARY 2013

ploration your goal k directly age, the source. ology, d products


connected Monitoring Networks for Security and Performance

Busting the DPI Myth: Deep Packet Inspection Provides Benefits to End Users and Operators Alike Long suspected as a means of invading privacy by shadowy governmental and non-governmental forces, deep packet inspection has become a vital tool in network security and efficiently allocating the ever growing demand for bandwidth. by Karl Wale, Radisys


n recent years, exploding data usage, particularly mobile video traffic, has Web/Internet led to a substantial increase in the demand for bandwidth. Video data usage, including over-the-top (OTT) service, will continue to increase exponentially 3X during the next few years, with video projected to be the leading bandwidth Video Stream drain by a factor of two or more over 7X its nearest bandwidth rival (Figure 1). Web/Internet Combined nies providing solutions with now the prevalence of smartVideo Stream phones, almost everyoneWhether could Audio Stream 2X ion into products, technologies and companies. yourpotengoal is to research the latest Audio Stream tially beto considered a “disproportionate” Voice Etc. P2P, Voice Etc. ation Engineer, or jump a company's technical page, the goal of Get Connected is to P2P, put you you require for whatever type ofoperators technology, to turn to deep user, leading 2012 2016 and productspacket you are searching for. inspection (DPI) as a technique Figure 1 for enhancing network efficiency, priThe increase in mobile traffic will grow exponentially between 2012 and 2016, oritizing traffic and helping differentiate with video flooding the radio and transport network. levels of service. DPI, defined broadly as the ability In its early days, myths perpetuated tion, DPI evolved to a much less controverto collect and utilize network informaabout DPI as a mode for operators to vio- sial state. Now, DPI use is very widespread, tion, provides a sophisticated tool for maximizing broadband service provid- late users’ privacy, as well as to penalize being used to identify, segment, re-direct ers’ return on investment (ROI), while individual applications (and their respec- and police traffic for the greater good. also ensuring higher-quality service tive companies or services), leading to a Rather than being an invasion of privacy, for users. wider debate about privacy and net neutral- this must-have network technology benefits ity. Changes in the implementation of DPI end users by enhancing their Quality of Get Connected ensued. From shifting target advertising Service (QoS) and Quality of Experience with companies mentioned in this article. from “opt out” to “opt in,” to a change in (QoE). This also helps operators mitigate approach toward anonymous data collec- churn due to poor QoS or QoE.

End of Article


JANUARY 2013 RTC MAGAZINE Get Connected with companies mentioned in this article.

technology connected

Subscription Profile Repository (SPR)



Online Charging System (OCS)


Policy and Charging Rules Function (PCRF) Gxx




Gy Offline Charging System (OFCS)


Gateway Figure 2

The Policy and Charging Control (PCC) architecture includes the PCRF and the PCEF.

Radio Access Network (RAN) User Equipment

Packet Core

PCRF RF & Transport ...bandwidth mgmt

Control Plane Femto

User Equipment RAN


Transport around core network ...local content access


PCEF RF & Transport ...transcoding ...local content re-direct ...tailored packages

Offloading Figure 3 An illustration of DPI throughout the Mobile Network – PCEF, Video Optimization and Offloading

DPI Applications and User Scenarios

The current outlook for DPI is promising as a solution for the growing number of applications and users competing for bandwidth. Operators can leverage DPI for a variety of applications, including: • Network offloading • Video gateways • Policy enforcement • Network security



• Network and subscriber analytics • Lawful Intercept • Content optimization and security • Billing and metering • Local content caching • Application distribution and load balancing DPI can address the common threads among these applications that are competing for bandwidth. DPI’s

role is to sort through all of this traffic and apply the appropriate policies. The stand-alone market for policy solutions, Policy and Charging Rule Function (PCRF) and Policy and Charging Enforcement Function (PCEF), is projected to grow to about $1.5B by 2015/2016 according to multiple research reports. PCRF determines policy and charging rules for controlling service data flows and IP bearer resources, as well as generates Policy and Charging Control (PCC) rules. PCEF enforces PCRF policies and charging decisions by performing functions such as traffic shaping, DPI, flow marking and Quality of Service (QoS) control (Figure 2). Policy enforcement is changing from its roots in network protection to focusing on delivering QoS and QoE. This evolution includes PCEF/PCRF solutions becoming more aware of the specific needs of the mobile network such as location awareness for better policy application and more aware of tiered services that reflect the needs of individual subscribers. However, operators need to ensure that any revenue generating services are viewed as being fairly applied and that specific packages don’t favor one application over another to stay within net neutrality rules—which are well understood, but mustn’t be forgotten in the future. With regard to user data experience—a key factor in network churn— DPI is facilitating numerous modes of network optimization by aiding the improvement of quality of experience and delivering dependable and reliable service. Without DPI, service levels would suffer and perhaps even reach halting levels of bandwidth saturation. For example, though the 3G network was never designed for the bandwidth demands of a smartphone, most smartphones still frequently connect to this network (Figure 3). This creates a need for DPI to optimize 3G networks and reallocate bandwidth during the rollout of LTE. While LTE is still in the works, it will not provide the coverage requirements soon enough to ensure continuity of service. Once again, DPI is coming to the rescue and is a significant part

technology connected

Charging Control Diameter

Control Plane

· I/O Aggregation: Multiple 10G, 40G external links · Protocol Awareness Understand PGW control and data plane stacks · QoS offloading: Node/network level QoS offload


QoS GTPu Mapping DPI

PCEF Blade - n


Global/User Policy


Flows 11-50

PCEF Blade - 2

GTPu Mapping

Flows 1-10

Global/User Policy

QoS GTPu Mapping DPI

PCEF Blade - 1

Global/User Policy

Fault Tolerance Global QoS

Load Balancer - 2

Control/Data Mapping

Global QoS

Load Balancer - 1

Fault Tolerance

ATCA Platform

Control/Data Mapping

of the solution. This need for DPI and policy solutions remains relevant in the LTE era, although there is a wider debate regarding stand-alone DPI vs. integrated solutions with Security and Packet Gateways. In addition to wireless network policy, growing video data delivery requirements also call for the use of DPI’s unique technology to optimize bandwidth use. In fact, during the next few years, video data is projected to become the primary consumer of bandwidth use on smartphones. DPI helps streamline the delivery of video content by analyzing specific HTTP and URL requests to determine their origin, along with the user’s handset capability. By understanding these elements, traffic can, if necessary, be redirected to a video optimization gateway, where it is then compressed before being sent to the handset. Using DPI to identify sessions and then optimize video streams can significantly reduce bandwidth use. Being able to identify and compress certain high-bandwidth applications is crucial to running an efficient network, as well as to ensuring a quality user experience, whether it is streaming video through YouTube or making a video call on Skype or FaceTime. Outside of the video content realm, DPI, via the PCEF, helps core networks manage the amount of data entering from the Internet on the Gi interface. Further down in the mobile core on the Internet User Profile Survey (IUPS) interface, DPI also facilitates the offloading process and helps ensure that nonessential data traffic enters or exits the network further downstream, allowing it to bypass certain core network and backhaul restrictions that may be present. With alternative network data entry points, network operators can set up connections to enter closer to the Radio Access Network (RAN), overcoming some of the backhaul limitations. In this case, DPI acts as part of the solution that allows operators to look at network access requests and determine whether to carry traffic via the core network to the user, or to route the traffic through an offload gateway.

Flows 51-55 Control Plane

Figure 4 A high-density ATCA DPI platform provides centralized stateful load balancing and scalable, redundant payloads for PCEF or PGW network applications.

We also need to consider the role of network probes. In the core network, network probes are used extensively to monitor data bandwidth, latency and signaling plane performance. Due to the massive increase in applications used by smartphones, today’s network probes must become application aware. This means that they must understand which applications are consuming bandwidth, how they behave within the network, and how this behavior affects other running applications. This level of awareness is critical to running an efficient network. DPI adds this application awareness and allows network probes to identify and mitigate issues. Finally, DPI is a critical component in enabling network security. Whether it is DDOS, anti-X, firewall or access control, DPI provides the tools necessary to keep subscribers and the networks safe.

DPI Devices

Considering that network operators have both an obligation and a vested interest in providing increasingly robust DPI solutions, devices that work alongside low- to high-density platforms and support a wide array of

bandwidth optimization and security services are very useful for fulfilling DPI. What is important is that operators can scale their DPI solutions to fit their network needs as network capacity grows. For DPI in particular, the challenge is how to scale at a rate beyond Moore’s Law, growing from 100 Gbit/s in a system to 1 Terabit and above within the next few years. DPI can be deployed across many devices from network appliances to rackmount servers to high-capacity bladed platforms such as AdvancedTCA (ATCA), allowing operators to scale as appropriate to their networks. Today, ATCA provides a highly scalable solution with promise to deliver 1 Tbit or greater in the near future. Being a bladed environment with a hub-spoke (switch to payload) architecture, ATCA is suitable for centralized I/O that connects to the network. This centralized approach makes it a good fit for implementing centralized load balancing across the system (Figure 4). Load balancing and DPI often go hand in hand, whether it be L4 IP based, L7 application aware, and stateful or stateless. Different applications have different needs, but Radisys’ ATCA platforms have been RTC MAGAZINE JANUARY 2013


technology connected

able to address almost all of the needs seen to date across all of the applications highlighted above. This is in part due to having the application knowledge and intimate understanding of the CPUs and switching silicon. Alternatively, some applications may only need to scale to 10-20-40 Gbit/s in some locations. However, these applications still need the same

serviceability and carrier-grade capabilities associated with larger ATCA systems. In these scenarios, devices such as the RMS-220, Radisys’ 20-inch deep, carrier-grade network appliance platform, are well suited. The RMS220 and similar products from other vendors aim to combine the benefits of an Intel-based rackmount server, with the I/O capacity of a custom network

Bridge the gap between ARM and x86 with Qseven Computer-on-Modules One carrierboard can be equipped with Freescale ® ARM, Intel® Atom™ or AMD® G-Series processor-based Qseven Computer-On-Modules. conga-QMX6



ARM Quad Core

Intel® Atom™

AMD® G-Series

Small Form Factor

Low Power


Industry Standard

L o w C o st

S ca l a b l e congatec, Inc. 6262 Ferris Square | San Diego | CA 92121 USA | Phone 1-858-457-2600 |

Meet us at:


Untitled-2 1


Nuremberg, Germany February 26 - 28, 2013 Hall 1, Booth 350 1/8/13 11:14 AM

appliance, and the field replaceable unit (FRU) serviceability of ATCA. This allows craft technicians to repair without removal from the equipment frame, leading to significantly reduced mean time to repair (MTTR)—a critical influence on system availability and uptime calculations. Amid the increasing relevance of network monetization, bandwidth optimization and security, DPI-based solutions such as network monitoring, policy enforcement, lawful intercept and security remain in high demand. A proven tool with a growing range of applications, DPI provides our network operators with the tools to keep us and our networks safe and ensures bandwidth is allocated fairly to promote the optimal experience for all users. From a technical standpoint, many opportunities exist for DPI to play a role in future applications. This is good news for innovation within the industry—as well as for the start-up culture of many regions—as it promotes companies, jobs and economic growth. Companies like Radisys are well-equipped to meet the growing need for accommodating much larger data, as well as translating the value and power of DPI technology to the non-expert. Radisys Hillsboro, OR. (503) 615-1100. [].




See digital display technologies that will inspire you to have ideas – ideas that can benefit your business and your bottom line. Inspiration is waiting. Come find it at DSE. PRESENTING SPONSORS


EXHIBITION 02.27-02.28










connected Monitoring Networks for Security and Performance

Detecting and Mitigating Network Security Threats In the never-ending struggle to secure networks against multiple threats, many tools are being employed. One of the more effective tools now coming into the fray is flow analysis. by Michael Patterson, Plixer International


ost companies today are taking a layered approach to network security. These different security efforts come in many forms. There is, of course, the use of antivirus software on endpoint systems along with password management and two-factor authentication. Another widely used technique is setting up VPN access for remote users. Additional strategies include data loss prevention (DLP), intrusion prevention systems (IPS), firewalls and intrusion detection systems (IDS) signature searching, and the use of access control lists (ACLs) on routers and switches. Despite all these technologies and the billions spent by enterprises around the world to secure the network, breeches still occur. Information security experts are turning to flow analysis as a mechanism for forensics, incident response, policy management and early threat detection. If you’re implementing a NetFlow or Internet protocol flow information export (IPFIX) mechanism into your product, be sure to consider the value the feature will provide to the security analyst as well. Although NetFlow and IPFIX are often only thought to be useful for threat investigations, they can also be used to alert on patterns of strange network traffic. Most NetFlow technologies implemented on routers don’t inspect traffic in the same



Figure 1 Like any good detective, catching threats to the network involves gathering basic facts of “who, what, when, where” and the nature of the problem.

way as direct packet inspection technologies such as IDS and IPS. When the flows are forwarded to the collector, it does not have direct access to the packet details. Instead, the flow collector uses metadata about the packets such as packet length, flags set, port numbers and other characteristics to determine the presence of malicious traffic. The more stealthy and clever the attack, the harder it is to identify with any single security measure. Threat detection systems that leverage NetFlow and IPFIX can provide an approach to threat detection that is unique and different from other security technologies. They provide

an excellent defense, in-depth story, and mesh well with traditional methods. These are the top five reasons customers have said they use flows for security: #5 - Powerful forensics and incident response capabilities Flows provide a 24/7 account of all network activity. They are like a CCTV system for your enterprise. And given the relatively lightweight nature of flow data, customers can store weeks or months of flows without spending $100,000+ on expensive packet libraries from companies like NetWitness and Niksun. When an in-

technology connected

cident does occur, the information needed to identify the root cause and enact an orderly cleanup is in the flows (Figure 1). #4 - Deep situational awareness for the network This point is a bit more difficult to describe given its ambiguity. But the idea is that from a tactical perspective, flows provide a “what’s happening to my network right now” view that other systems struggle to provide. While traditional IDSs and other security systems only alert when something is actively detected, flow collection systems can constantly collect information to provide a view into network happenings even when bad things don’t appear to be occurring. It’s perfect for a network or security operations center (SOC) wall. #3 - Internal network visibility The idea of monitoring the internal network and not just the perimeter is somewhat new. With the advent of bring your own device (BYOD) policies, Wi-Fi devices and the mobile worker, the internal network is not nearly as safe as it used to be. Many customers understand this and are looking for ways to get a better handle on traffic patterns in the network core and access layers (Figure 2). #2 - Inexpensive to deploy and maintain Just enter a few commands on the router and voila, you have coverage at that location. The larger and more distributed the enterprise, the more this message will resonate. “Oh, you have 500 remote sites? Don’t send out hundreds of IDSs. Enable NetFlow on the routers at each remote site instead.” Monitoring very high speed networks is also much less expensive. 10G IDSs and IPSs are very expensive—in the $100,000+ range. #1 - Detects attacks without signatures Without a doubt, the item that drives most sales of flow-based security is the idea that flow-based analysis relies on algorithms and behavior rather than signature matching. This gives the collector an ability to detect attacks before a signature is available. Zero-hour detection is really what a flow-based security analysis technology provides. Given the increased threat from advanced persistent threats (APTs), mobile malware, botnets, etc., se-

Figure 2 End-to-end visibility is essential, including through the cloud. Names here have been blurred to protect actual sites.

curity people are looking for new ways to detect and react. Flow analysis is a new and effective way.

Analyzing Flow Data

One way flow data can be used to detect traffic anomalies is through the use of Transport Control Protocol (TCP) flags. During the process of packet aggregation into flows in the router cache, a logical “OR” is performed on the TCP flags seen for an individual flow. For this reason, at a minimum, each flow is started with a SYN/ACK combination. A volume of above-threshold SYN-only flows from a host could be used to determine that the source of the flow is infected with malware and could be scanning and looking for vulnerable hosts on the network. In addition, TCP flags are used to determine the client/server role of each side of the flow. This can be important for firewall validation and network access policy management. If you are implementing a new NetFlow export feature, be sure to include OR’ed TCP flags in your exports. As with TCP Flags, Internet Control Message Protocol (ICMP) Type and Code can be extremely useful for security analysis. When large numbers of TTL Expired in transit occur, a Smurf Amplifier DoS attack could be in play. Large volumes of Port Unreachable ICMP messages often represent peer-to-peer file sharing or UDP port scanning. Information Element ID 32 (icmpTypeCodeIPv4) is used for this field.

It is also possible to detect potential malware by monitoring the behavior of flows. Collector vendors that monitor for security events provide canned algorithms that are applied to the incoming flow data. These flow analysis algorithms measure ICMP rates, TCP flag combinations, flow creation rates and more. Other suspicious behaviors detectable with flow data include excessive small flows from a single host to the same destination, DoS attacks through measurement of bit rates, packet rates and other flow volume indicators, and hosts attempting to connect to numerous other hosts with a low number of flows to each destination (scanning).

Custom Flow Behavior Monitoring

In addition to canned algorithms, detecting odd behaviors can be done through the use of custom-flow behavior monitors. This tactic can also be effective at sleuthing out inappropriate connection behaviors or for monitoring acceptable use by employees and contractors. For example, DNS traffic that doesn’t involve the local DNS servers could qualify as potentially suspicious traffic. Non-HTTP traffic to a web server that isn’t from authorized hosts could also fall into the suspect category. Another example might include alerting on any connections from China to the corporate DMZ—especially if the user’s company doesn’t do business in China. Due to the operational characteristics at most businesses, the volume of unique RTC MAGAZINE JANUARY 2013


technology connected

detection methods is nearly limitless. The more the customer knows about their business (which they will learn through the use of flows), the more powerful Custom Flow Behavior Monitors will become. Some vendors watch end system behaviors over time and create behavior profiles of what can be considered “normal” behavior for each host that resides on the network. Once a baseline is derived, new flows from the host are compared to unique behaviors captured in the baseline. Behaviors not consistent with the baseline can trigger alarms or at the very least heighten awareness. Behavior analysis mechanisms are still fairly new and unproven.

Identity Awareness

Although it is beneficial to have the source IP address when trying to track down a problem, having the user name is even better. Since many hosts leverage DHCP-acquired IP addresses, which can change over time, reporting on user name can provide more definitive evidence when trying to mitigate an issue. As a vendor exporting user name details, there are important criteria to keep in mind. The ID used for the user name should not be reused by another host even if the flow exporting device is rebooted. Ideally, the ID used should persist over time and if possible, be consistent across flow exporting devices.

Figure 3 An overview of suspicious behavior can be sorted according the Unique Index (UI) and identify such things as severity and frequency of anomalous behavior.

IP Host Reputation

Comparing the source and destination IP addresses in a flow to a host reputation database is a great way to find malware infected hosts that aren’t exhibiting the behaviors outlined above. The “Internet Threats Monitor” downloads an updated list of known compromised Internet hosts every hour from Emerging Threats or Cymru. Flow collection systems can detect if internal hosts are communicating with known botnets or Command and Control (C&C) servers. C&C hosts could be participating in an APT. By sending NetFlow and IPFIX from the Internet facing routers to a NetFlow collector that can compare all flows to the host reputation database, internal machines talking with known compromised Internet hosts can be identified. Many companies are building next-generation intrusion detection and prevention engines that include reputation lookups.



The semantics used for user name ID are important for long-term historical trending and forensic analysis. Reach out to a consultant or an experienced NetFlow developer if your company desires to export user name details. Vendors exporting user name details include Cisco, Palo Alto Networks, SonicWALL and possibly others. This highly desired element is sure to set vendors apart in a vendor comparison.

Alarm Correlation

With all of these detection systems sending messages on potential malware they have detected, a central location for reviewing and sorting out the threats found becomes necessary. One of the goals of most alarm consoles is to prioritize the alerts that could most negatively impact the business and the applications it depends on. In pursuit of this effort, some vendors have introduced a Concern or Unique Index (UI). The Unique

Index can mean many things depending on the implementation. Generally, the UI is impacted by the number of unique alarm types violated by each host, the number of times each unique alarm type is violated and the severity of each alarm. By having a UI that increases based on several criteria, the intention is that the hosts exhibiting the most behaviors indicative of malware will rise to the top as shown in Figure 3. Most threat detection systems will forward detected messages to a central third-party alarming server. Whatever the preferred method, choosing which alarm to react to still requires consideration. When approaching the detected threats in an alarm view, use a common sense approach to remediation. Security administrators should ask themselves: Who is being targeted? If there are 25 alarms, look at the servers first: • Is the server a critical resource or is it a power user or executive within the company? • Does the host have access to critical resources; if not, move on to the next alarm that could be more important. • Check the host’s unique index and trend the volume of alarms for the host over time. • Is the application or server involved critical to the business? Human involvement is almost always necessary when it comes to prioritizing and taking action on the alarms. Although most systems can be set up to take action, these features should be implemented only after careful consideration of any possible consequences.

Threat Mitigation

Once the alarm has been identified, it is time to take the next step toward removal of the issue. This process can be automated by automating the addition of an ACL entry on a router or firewall. Oftentimes, however, it is wise to collect additional details before making any changes. Further investigation into how a problem has impacted the network or who else may have been infected is one of the areas where flow information can shine. A flow report provides several details on which end systems were communicating with the Internet host, who was sending the most, for how long, when it started and

technology connected

how much. Once the problem is resolved and cleaned up, it is important to go back to the alarming console and verify that the anomaly is no longer occurring NetFlow and IPFIX should not be the entire network security protection plan and are unlikely to replace the IDS or IPS anytime soon. However, flow-based security analysis is an excellent defense-in-depth strategy for any enterprise network that contains high-risk information. We are seeing more and more hardware (e.g., routers, switches and firewalls) implement deeper security methods and export the findings as messages using NetFlow and IPFIX. Host reputation lookups are one of the most effective ways to defend against Internet malware, and are a wiser course of action than blocking a specific country. Many attacks are still initiated from within the United States and oftentimes from machines that were also hacked. Safeguarding a company’s data from malware such as an APT invasion is an ongoing task. Paranoia can be considered a good defense against the possible insurgence. Many experts combating these Internet threats suggest that organizations always be on the alert, assuming that malware is always present, or already underway, and to operate defensively rather than passively. Adding a layer of security with flow analytics is one of the best ways to detect internal suspicious traffic that has circumvented the traditional firewalls and other threat detection measures. Some forms of malware (e.g., APTs) have no trouble sneaking right past even the best security appliances, but they have a habit of exhibiting the same suspicious behaviors: large transfers of data to hosts that have poor reputations. Companies should develop an incident response guide, integrate flow analysis into the strategy and routinely test the procedure for mitigating advanced intrusions. This will help provide clear guidelines and protocols on: • What should happen when malware is detected? • Which individuals within the company should be mobilized? • What information will be needed? • What services could be disrupted by the breach and subsequent cleanup? • What outside resources/individuals can the company tap into for addi-

tional assistance? • How to proceed with a thorough disaster recovery plan. Security administrators should also be aware of state and federal regulations and laws that require the disclosure of information upon detecting such threats. Regulations such as the Health Insurance Portability and Accountability Act (HIPPAA) have specific guidelines that must also be followed.

Untitled-18 1

Finally, education is a major deterrent to threats such as APT invasions. Regular employee trainings must be conducted to share up-to-date knowledge on how social networking sites and email can be used to assist in the spread of malware. Plixer International Sanford, ME. (207) 324-8805. [].


5/2/12 2:03:25 PM RTC MAGAZINE JANUARY 2013

technology in


BYOD: Smartphones and Tablets as UIs

BYOD – Bring Your Own Display Recruiting personal devices for embedded user interfaces is becoming increasingly popular both in the IT and the embedded world as devices routinely include connectivity. Still, considerations for how and where to implement a user interface should be carefully considered. by Bill Weinberg, Olliance Consulting


oday, BYOD—Bring Your Own Device—allows or even encourages corporate users to leverage personal mobile phones and tablets to gain remote access to company assets and enterprise apps. BYOD is all the rage in both embedded and enterprise IT circles. Increasingly ubiquitous smartphones, tablets, Internet-enabled TVs and other “smart screens” are extending the BYO paradigm to domains beyond enterprise. In particular, if you find yourself designing almost any device with a user interface (UI), you can either embed an LCD screen directly in the device or let users BYOD—Bring Your Own Display. This paradigm is not new. I advised developers/customers to embed HTTP servers in their products as far back as 1996, as a means to present a rich and reprogrammable UI in lieu of or together with dedicated display hardware. But 16 years ago, most devices deployed 16-bit CPUs running embedded OSs lacking TCP/IP or networking of any kind. By comparison, today’s embedded hardware boasts 32- or 64-bit silicon, deploys Ethernet or Wi-Fi, and runs Linux, Android or a full-function RTOS. And unlike device operators of a decade ago, today’s users don’t need a desktop PC to support a web UI. Instead, they carry around richly provisioned display-capable web clients— mobile handsets and tablets.



Another big difference in this brave new world of BYOD is that originally, HTML and Java device UIs often represented “second class” user experiences (UX) compared to native GPU-enabled ones (excepting “lumps on a line” (LoaL) devices like routers and access points). Conversely, today’s web-based UIs are where developers put their best feet forward, with device-local displays reduced to a bare minimum (e.g., the simple, elegant UI on the NEST thermostat itself vs. the fancy mobile NEST UI presented to iPhones and web browsers). This shift in emphasis is predicated by cost (browser pixels are cheaper than liquid crystals) and by the ability to present a superior UX using Flash, HTML5 and native apps purpose-built to run on remote mobile devices under Android or iOS (Figure 1).

Deciding When to BYO Display

When embarking upon new design projects, device developers should think seriously about where to make their UI investments. Start by asking whether the device requires device-local intervention. Do common usage scenarios involve users working in close proximity (a kitchen appliance, an automotive/IVI dashboard, a high-speed milling machine)? If not, then the design is a strong candidate for BYO Display. Even if a device does require an integrated console, it can still benefit from a secondary remote UI for diagnostics,

pre-programming, remote control, etc. And if the local intervention occurs only through a reset switch or a big red STOP button, all the more reason to remove the remaining UX to a remote device. Another consideration is whether it will participate in a local area network (LAN).If the device is already provisioned with Ethernet or Wi-Fi, then it’s a trivial step to embed a web server (Apache, TinyHTTP, etc.) to enable BYO Display. Or is it going to connect to a WAN or the Cloud? Many locally networked devices also benefit from connection to points beyond the firewall. Examples include telemedicine systems, premises monitoring and automation systems, storage appliances and others. The entire class of M2M clients falls into this category as well. Deciding whether to follow the BYO Display route or embed a local display requires considering a number of functional and financial factors. These considerations were driven home to me over the last year during specification of an inhome display (IHD) system for residential and commercial energy monitoring and premises control, from which I will draw arguments and examples.

Interface Latency and Locality of UI

An important rule of good UX design is that users should receive immediate feedback and presumably near-im-

tech in systems

mediate responsiveness from UI input. In the case of our IHD, a user might want to turn on or off a set of lights or engage an air conditioner or heat pump. The reference UX is the legacy light switch or thermostat. “Click”—users expect a light to illuminate instantaneously, and heating and cooling systems to respond audibly after a few seconds. Device-local UIs and LAN-based BYO Display can deliver a comparable UX even on slow hardware and low bandwidth control and communications networks. An increasingly common use case is premises monitoring and control in the Cloud. If a user wants to analyze energy usage, turn lights off or turn air conditioning on remotely, then latency is not a huge issue—delays of seconds or even minutes induced by Cloud implementation will not greatly impact the UX. But if a user demands an immediate response from a Cloud-based control system, all bets are off. Fast response scenarios include realtime temperature monitoring, fire detection, and control on behalf of a third party, for example, turning up or down the heat in your mother’s apartment while she is on the phone with you. Cloud-based implementation can have strong promoters in the supply chain. For example, an energy supplier may offer big rate breaks to premises owners who opt in to a combination of Smart Metering and IHD-based monitoring and control. A utility’s priority is clearly data gathering and billing, not user experience, predicating a Cloud-based implementation over a more user-friendly local one. Mission-critical and life-critical applications tilt in the direction of devicelocal or LAN-based BYO Display. While it’s tempting to try and control a chemical plant or check on patient vital signs from a smartphone while sitting on the beach, extremely bad outcomes can arise from user isolation and unbounded interface latency.


A BYO Device in the enterprise is cause for concern and debate among security wonks and IT managers. Similarly, security is a key concern when thinking about when or if to implement remote BYO Display UIs. Both device-local and mobile client UIs present security risks.


Local Display/UI

Legacy Desktop


LAN, WAN Cloud

Mobile Apps Headless LoaL Device


Tablets and Handsets

Flash Figure 1 Evolution from fixed/integrated display to BYO.

Local displays engender primarily physical security concerns. If a system console is exposed to human access, it is subject to cracking and to physical attack. Systems with local displays also can have network interfaces and potentially exposed I/O ports, presenting entry points and attack surfaces. On the other hand, remote UIs expand the security perimeter and/or the extent of vulnerability. The primary device can devolve to a more defensible and concealable “lump-on-a-line,” but the networked UI is then exposed to exploits of data in transit, man-in-the-middle attacks, DoS attacks, spoofing the UI device ID, and cracking the web or native app UI on the remote/mobile device. The BYO Display paradigm, if applied judiciously, can reduce the attack surfaces to 1) a single TCP/IP port and 2) the web interface itself. In today’s hostile network security environment, no device should come to market that is not locked down and subject to security scrutiny as part of test and QA processes. Otherwise, the remote UI can become the point of entry for buffer overflow and other browserbased attacks.

Open or Closed Systems

Embedded systems, with and without displays and UIs, were originally more or less closed, mono-function devices. The application encompassed the entire device and device programming did not change over deployment lifetimes. With the advent of application-level OSs, Linux and Android in particular, all types of intelligent devices can become open systems, amenable to deployment of new applications with various options for changing firmware and system software as well. The open vs. closed distinction impacts how and if designers implement BYO Display. If you want to build a system that is open to user-mediated deployment of application-level software, then you are likely to build your device on Android. Android and Linux both can easily host web servers and run back-end web apps. But Android applications from Google Play, the Amazon AppStore for Android and other channels, only run and output on a device-local UI (think phone and tablet-based LCD screens). You could also integrate a webbased BYO Device UI, but it would not benefit directly from the application platform nature of Android. RTC MAGAZINE JANUARY 2013


Tech In Systems

Path 1 Rich Device

• HTML • Java • Flash • X11 and Thin Client protocols (when available)

3rd Party Android Apps

Device with Local Display/UI


User Interface


Mobile Apps

Remote UI DTV

Path 2 Lump-on-a-Line


Headless LoaL Device

LAN, WAN Cloud

User Interface Tablet Phone

Figure 2 Design path alternatives for local vs. remote user interfaces.

Conversely, for more static and closed designs, Linux or even a legacy RTOS would suffice, presenting a web-only UI and a UX colored by the richness of available browsers. Although such systems enjoy straightforward updates to the entire software stack, including the UI, there is no one single application development method nor a unified distribution channel for after-market apps. Application architectures and frameworks vary greatly across a rich if fragmented marketplace.

Cost / Device Provisioning

In our debate for the IHD design, this open/closed, local/remote divide led to two fairly distinct design paths, BoM costs and accompanying business models shown in Figure 2. 1. An Android-based device with an attached display, offering rich local functionality and running third party apps. 2. A Linux-only LoaL device with no display and a primary web-based UI. Path 1 requires a more robust bill of materials (BoM)—in particular, the physical display itself, a graphics chipset or GPU, VRAM, local input devices (touchscreen, etc.), and to run Android effectively, a mid-level or better CPU.



In sharp contrast, Path 2 presents a much more modest BoM. It’s a lump-ona-line. There are no local display or input devices, no graphics chips or VRAM, and running just a Linux Apache MySQL Perl/ PHP/Python (LAMP) stack or comparable requires less CPU horsepower and it demands less DRAM and flash storage—no apps to store and run concurrently. Each has its virtues. Path 1 is more amenable to acting as a services host—the IHD can do more than just implement smart energy functions. It can act as a conduit for secondary capabilities (and revenue streams) like premises security and telemedicine and run third-party apps to enhance its core and secondary functions, but only via the fixed, local display. Path 2 is much cheaper to build and deploy. However, given its more meager provisioning, it offers less local functionality and is best deployed as a conduit to/ from Cloud-based infrastructure.

Client UI Architecture – Browser or Native App?

Until the introduction of the second-generation iPhone Appstore, and the launch of the Android Market (today called Google Play), remote UIs built on one of several architectures:

When iPhone apps replaced web apps as state-of-the-art, they captured the imagination of tens of thousands of developers and gave intelligent devices a new UI option—the mobile app. Today, device manufacturers increasingly ship their wares accompanied by iOS and Android apps as favored BYO UI implementations. At my house, my thermostat, my IP camera (to watch the puppies), my printer and my broadband router all boast smartphone and tablet apps. My neighbor’s car, washing machine and sprinkler system do the same. Mobile app development lies beyond the scope of this article, but the topic merits a few comments in terms of supporting BYO Display. For one thing, many iPhone and Android apps are just web apps encased in a native application wrapper. While native mobile apps today offer the greatest marketing cachet, they are more expensive to develop, test and maintain, especially across the fragmented Android portfolio of hundreds of devices and dozens of versions and forked implementations. And now, with the growing popularity of HTML5, web apps are poised to make a comeback, especially for BYO Display, with the benefit of less fragmentation and greater interoperability across UI client device types, OSs and versions. Web protocols, Cloud infrastructure and APIs, along with mobile apps, give device developers powerful tools for building UIs and crafting engaging user experiences. The BYO Display paradigm is a good option for almost all types of devices, but not necessarily as the primary UI. Careful consideration of design goals and use scenarios will reveal whether it makes the most sense to leverage readily available display surfaces on smartphones, tablets, TVs and desktop PCs, or whether a design calls for a local display and a heftier BoM. Olliance Consulting

ARM Module & MicroTCA Showcase Featuring the latest in ARM Module & MicroTCA technologies

SM-3517 PMIC Module Board for SMARC Ultra Low-Power (ULP) Computer-on-Module Texas Instruments Sitara AM3517 Cortex-A8 processor + TPS65023 Parallel digital display output 3 x high-speed MMC/SD/SDIO SMARC low-power embedded architecture platform

ADLINK Technology, Inc. Phone: (408) 360-0200 Fax: (408) 360-0222

ULP-COM-sAMX6i Ultra Low-Power (ULP) Computer-on-Modules based on Freescale i.MX6 family Solo – Dual – Quad Core

ULP-COM-sA3874i Ultra Low-Power (ULP) Computer-on-Modules based on Texas Instruments AM3874 up to 800MHz

Based on Freescale i.MX 6 Family SoC scalable from Solo Core up to Quad Core X86-alike interface configuration

Kontron America Phone: (888) 294-4558 Fax: (858) 677-0898

ARM building block on Cortex A8 Texas Instruments AM3874 up to 800MHz Constructed to withstand harsh industrial environments

Kontron America E-mail: Web:

Phone: (888) 294-4558 Fax: (858) 677-0898

ULP-COM-sAT30 Ultra Low-Power (ULP) Computer-on-Modules based on NVIDIA® Tegra® 3 ARM technology (1.2GHz)

Kontron America

E-mail: Web:

ULP-COM Evaluation Carrier Evaluation Carrier Board for Ultra Low Power (ULP-COM) Computeron-modules Broad range of interface options for design development flexibility Dual power options for mobile and fixed base applications Compliant with ULP-COM specification

ARM building block on Cortex A9 NVIDIA® Tegra® 3 Quad Core 1.2 GHz Constructed to withstand harsh industrial environments

Phone: (888) 294-4558 Fax: (858) 677-0898

E-mail: Web:

Kontron America E-mail: Web:

Phone: (888) 294-4558 Fax: (858) 677-0898

E-mail: Web:

technology in


BYOD: Smartphones and Tablets as UIs

BYOD for Industrial Control and Automation Increasingly, user-owned smartphones and tablets are being brought into both the IT space in businesses as well as into industrial control environments. This dual-use scenario raises questions of corporate security as well as personal privacy. by David Kleidermacher, CTO, Green Hills Software


he enterprise world is going mobile, Corporate Internet, Network, driven by distributed workforces, AppStore MDM the need to stay connected, and the sheer productive horsepower of modern handheld devices. However, unlike PCs that are traditionally IT-owned and manIT Persona Private Persona aged, handhelds are inherently personal: Productivity apps, Personal apps, data we use them to watch movies, browse VPN, Encrypted Storage photos, chat with family and friends, and play games. Enterprises cannot tolerate the use of these unmanaged personal deAndroid vices for the processing of sensitive information and connection to corporate and nies providing solutionsnetworks. now industrial The inexorable conion into products, technologies andIT companies. Whether your goal is sumerization of demands a solution toto research the latest Mobile Microprocessor ation Engineer, or jump to a company's technical page, the goal of Get Bring Your Own Device (BYOD), where Connected is to put you you require for whatever type of technology, Figure 1 a worker can use a handheld for personal and products you are searching for. activities or in the workplace while ensurApplication-level sandboxes. ing both parties are satisfied with security, usability and cost. The industrial control and automation with other workers and managers, search cians use aPAC to wirelessly monitor and industries provide an excellent example of corporate databases for relevant informa- control Opto hardware in the field. The the need for devices that must bridge the tion, and to commission and wirelessly app can be used for debugging, respondgap between gadgets designed for the gen- manage industrial control systems and ing to alarms, and system configuration. eral consumer and purpose-built tools for other computerized factory equipment. The aPAC software harnesses the power the mobile worker. Workers use mobile A great example of the increased use of modern consumer electronics to make devices to track inventory, communicate of mobile devices in industrial settings industrial workers more efficient, saving is the Opto aPAC, an Android applica- time and money during installation and tion created by Opto 22. Opto 22 manu- maintenance. Get Connected factures controllers, I/O and solid-state The traditional approach to equipwith companies mentioned in this article. relays for industrial automation and con- ping workers with mobile devices is trol. Automation engineers and techni- corporate-liable: the employer purchases

ploration your goal k directly age, the source. ology, d products

End of Article


JANUARY 2013 RTC MAGAZINE Get Connected with companies mentioned in this article.

Tech In Systems


Hypervisor App


Mobile Microprocessor

Multiple Personae

Figure 2 Type-2 hypervisor.

Android Apps

Android Apps

Android Apps


INTEGRITY Secure VM Virtual Self-Encrypting Drive (vSED) Virtualized Block Device with XTS-AES

Passphrase Authentication with Virtual Keyboard

INTEGRITY Multivisor Mobile SoC Figure 3 Data protection using Type-1 hypervisor.

IT “approved” devices, such as a Blackberry on behalf of the employee and pays the employee’s monthly service fees. The result is a device that the employee reviles and represents a TCO (total cost of ownership) to the corporation that is approximately equal to that of a new PC. For most companies, this is essentially a doubling in per-capita client computing cost.


While the employer can require the installation of mobile device management (MDM) solutions to reign in the maintenance cost of such devices, this is ultimately a losing battle using common mobile operating systems: they simply do not provide the isolation required to keep the personal and industrial apps, networks and data from interfering with each other. Employees do not feel comfortable with the privacy of their information, and corporations do not feel comfortable with the liability associated with this privacy risk nor with the security of their own internal networks and information.


What if the employee was permitted to bring his or her personal smartphone or tablet to use in the workplace? The employee-liable approach would seem to solve some important problems: the employee gets to use the latest and coolest gadgets, and the employer doesn’t need to purchase a device (only reimburse the applicable service fees).

An increasingly popular answer to BYOD is the multiple personae concept: a single handheld device divided into isolated virtual environments: one for the user’s personal information and apps and another for an IT-managed workspace. Commercial examples include AT&T Toggle and VMware Horizon. The persona concept is easy to understand, use and manage. What these products have in common is they take advantage of Android’s native sandboxing capabilities, as shown in Figure 1. It is easy to see that the mobile operating system, in this case Android, itself acts as the vulnerability surface area, an area that has proven extremely fertile. While Android and its underlying Linux kernel are developed to quality open source development standards, the lack of formal high assurance design and the dependence upon a monolithic architecture ensure a steady flow of severe vulnerabilities that have been well publicized. These flaws are regularly used to root smartphones and tablets. Vulnerabilities enable malware originating in the private persona to hijack or disable application-level protections associated with the aforementioned products. Approximately 100 Android kernel vulnerabilities are discovered each year and posted publicly on the U.S. CERT National Vulnerability Database. With 100% probability, hundreds of undiscovered flaws exist today and countless more will be added due to

tech in systems

immense code churn: literally thousands of edits per day from thousands of authors worldwide. Opto 22’s aPAC software communicates wirelessly with fielded industrial controllers, which begs the question: how are these connections protected against these vulnerabilities and their exploits? Even if a security protocol, such as SSL, is used to authenticate the mobile device and encrypt sensitive data transmitted from controller to device, what happens once that data is stored on the handheld? And what assurance can the owners of the industrial equipment have that an Android smartphone, which is very good at downloading malware as well as apps from the Internet, is not going to infect the control system? While the Stuxnet virus was introduced by corrupted USB thumb drives, a wireless connection provides a far more attractive target for hackers. The multiple persona technology must ensure that the wild west of the open environment cannot affect the industrial environment. In fact, an Opto 22 technician needs a persona dedicated exclusively to managing the equipment and connecting to the industrial network. The sandboxing technology must enforce a policy in which the industrial environment is firewalled from connecting to anything other than a secure tunnel protecting the industrial network.

Virtualization Alternatives

Let’s take a look at the major types of multiple persona architectures in the context of the goal of providing enhanced isolation between the employee’s personal domain and the industrial domain. Containers: Linux has a concept of containers, called LXC. Containers are not a form of system virtualization. Rather, containers implement what is called OS virtualization, providing execution environments with access to a subset of the available file system and sometimes separate CPU scheduling resources. Containers can provide the illusion of a multiple personae, running for example two instances of Android and/or other software environments. Clearly, this approach can be used to implement the dual persona concept.

However, both personas depend on the security of the single underlying mobile OS. Type-2 Hypervisor: Type-2 hypervisors are similar to containers in that the secondary environment runs as an application on top of the primary operating system. However, instead of hosting only a private file system and its contained applications, the secondary persona is a full-fledged guest operating system running within a virtual machine created by the hypervisor application (Figure 2). The hypervisor uses the primary operating system to handle I/O and other resource management functions. Type-2 mobile hypervisor products, such as VMware Horizon, are used to provide an industrial persona on top of the primary employee-personal environment. However, once again the Type-2 model fails to provide strong isolation. Faults or security vulnerabilities in the primary general-purpose operating system will impact the critical functions running in the virtual machine. Furthermore, Type-2 hypervisor applications deployed in the enterprise space have themselves been found to contain vulnerabilities that break the sandbox. Type-1 Hypervisor: Type-1 hypervisors also provide functional completeness and concurrent execution of a secondary persona. However, because the hypervisor runs on the bare metal, persona isolation cannot be violated by weaknesses in the mobile operating system. Thus, a Type-1 hypervisor represents a promising approach from both a functionality and security perspective. But the hypervisor vulnerability threat still exists, and not all Type-1 hypervisors are designed to meet high levels of security. One particular variant, the microkernel-based Type-1 hypervisor, is specifically designed to meet high-assurance, security-critical requirements. Microkernels are well known to provide a superior architecture for security relative to large, general-purpose operating systems such as Linux and Android. In a microkernel Type-1 hypervisor, system virtualization is built as a

service on the microkernel. Thus, in addition to isolated virtual machines, the microkernel provides an open standard interface for lightweight critical applications, which cannot be trusted to a general-purpose guest. For example, user authentication and data encryption can be provided by microkernel apps, impervious to vulnerabilities in either persona (Figure 3). The isolation properties of some secure microkernels can even protect against sophisticated covert and sidechannel software-borne attacks. The microkernel can also manage and utilize a hardware root-of-trust, such as a smart card microcontroller embedded within a microSD or SIM card when available, providing protection against physical attacks on critical data, such as cryptographic keys. One example of a microkernel Type-1 hypervisor is the Integrity Multivisor from Green Hills Software. The Multivisor’s microkernel is widely deployed in enterprise and embedded electronics and NSA certified cryptographic devices, and is the only software technology certified to Common Criteria EAL 6+ / High Robustness, the level required to protect high value information against sophisticated attackers. Dual-persona BYOD, based upon secure virtualization technology, provides a strategy for increasing the assurance of mobile device data protection and isolation between the open and industrial worlds. There is simply too much vulnerability to prevent subversion between sandboxes built upon general-purpose mobile operating systems. A modern BYOD solution marries the power of mobile multimedia and applications deployment infrastructure with the ability to wirelessly manage and control critical fielded systems with confidence that the industrial environment will be protected. Green Hills Software Santa Barbara, CA. (805) 965-6044. []. Opto22 Temecula, CA. (951) 695-3000. []. RTC MAGAZINE JANUARY 2013


technology deployed Digital Signage

Trends in Mobility and Their Implications for Digital Signage – Revisited The use of smartphones to interact with digital signage systems is a growing trend among consumers. However, just what kind of convergence can be expected depends on the underlying technology and, most importantly, the experience it provides for the consumer. by Steve Gurley, Pyrim Technologies

It can be said that digital signage is a twenty-first century technology that uses 1950s measurement methodologies to quantify viewer engagement habits. It can also be said that today’s digital signage networks present content that is designed using sophisticated software; managed by intricate scheduling systems; delivered over sophisticated networks; run on technologically advanced media players; presented on state-of-the-art monitors, but is seen and acted upon by... well... who knows? The preceding was the opening paragraph of a white paper entitled “Trends In Mobility and Its Implications on Digital Signage” that was written nearly four years ago. In that paper, I postulated that the burgeoning adoption of the “new mobile ecosystem” was going to fundamentally change how people would engage with digital signage. The paper presumed that this new mobile ecosystem would ultimately allow consumers to use their smartphones to control, extend and respond to digital signage; thereby providing a more engaging experience for the viewer and greater



utilization insight for the digital signage network operator. Here we will revisit what was said about convergence four years ago, look at where it is today and project where it is going tomorrow.

The Mobile Ecosystem

The premise of the original “Trends in Mobility” paper was that this new mobile ecosystem was going to fundamentally change how consumers engaged with digital signage, so let’s look at the genesis of the mobile ecosystem and see how it has progressed. In 2008, Apple launched the 3G iPhone and the iTunes app store. This one event became the cornerstone of a new mobile era in which: 1) hyper-sophisticated smartphones, 2) ubiquitous broadband wireless networks, 3) vast repositories of mobile content, 4) a plethora of third-party applications (apps) and 5) seamless access to mobile commerce all came together to form a new mobile ecosystem. Four years later, Apple’s “out of the box” thinking has created a world in which over 700 thousand apps have been

developed, over 20 billion apps have been downloaded and countless numbers of mobile use-cases have been generated. As it turns out, Apple’s vision was so appealing to consumers that companies like Samsung, Google, Amazon and Microsoft all created mobile ecosystems of their own. These ecosystems have fundamentally altered how consumers engage with technology, with one another and with the world around them. This can be seen in the following examples: In retail, consumers are now using mobile ecosystems to change the shopping experience, make more intelligent purchase decisions and save money. No longer is the retailer in full control. Consumers are leveraging the mobile ecosystem to get competitive pricing, check product features, access promotions and purchase competitive products—all from within retail stores. Research shows that nearly 70% of smartphone owners are using their phones to shop while inside a retail venue. Consumers are drifting away from traditional entertainment platforms in favor of mobile. Television manufacturers are seeing a decline in TV sales growth— despite a continual reduction in retail prices—as video content is increasingly being consumed via mobile technologies. Sales growth of game consoles is declining as consumers are doing more gaming on mobile devices. Audio content, which has long been moving away from CDs, is increasingly being distributed and consumed via mobile. In the world of news and information, consumers are moving away from traditional print media in favor of content delivered via mobile. Centuries-old industries are teetering on oblivion as consumers migrate from physical books, magazines and newspapers toward electronic media that is delivered and consumed on mobile devices. Mobile is also increasingly being used by consumers to help manage and monitor their health, control diets, track physical activity and report their progress. The mobile ecosystem is also being used to monitor—on a real-time basis—the state of consumer health. Biometric sensors that interface with consumers’ mobile devices are providing doctors with remote

Technology deployed

access to their patient’s vital signs. For the first time ever, doctors are now well positioned to proactively address problems before they become issues. Institutions of higher education are using mobile to change the learning experience in the classroom to facilitate a participatory environment where the students become actively involved in the acquisition and sharing of information while inside and outside of class, fundamentally redefining the role of the professor. And of course, smartphones have increasingly become a tool for purchasing digital goods such as songs, videos, books, apps, etc. In only four years, digital goods purchased via smartphones have grown from only a few million dollars annually to multi-billions of dollars. But, digital goods represent only a small fraction of the $20+ trillion in real-world, invenue products that some believe could be purchased via mobile technologies. Brands like Google, MasterCard, AT&T, Verizon, Wal-Mart, etc. recognize this and are working to extend the mobile commerce model from the virtual world of digital goods to the physical world of tangible products and services.

Mobile and Digital Signage Convergence

The original “Trends in Mobility” paper proposed seven scenarios in which mobile and digital signage would converge: Dial Tone Multi Frequency (DTMF): Utilizing the touch-tone sounds generated by a smartphone’s keypad to interact with a digital sign, the viewer is invited to call a number and instructed to press specific number keys on their cell phone, which produces certain results on the screen or additional audio information is provided to the viewer. Short Messaging Services (SMS): Using calls-to-action embedded within the signage content to invite viewers to initiate SMS-based interactions, the viewer sends a text message in a short code and either receives additional information on their smartphone or the text message causes screen content to change. Proximity Logging: Using either Bluetooth or Wi-Fi transmitters located at or near the digital signage to communicate complementary content to a viewer’s

Figure 1 Digital signage viewers are provided supplemental product information using Blue Bite’s mobile QRCode/NFC solution.

cell phone, the viewer receives a message on their smartphone inviting them to receive content. If the viewer accepts the invitation, additional information is made available to their phone. Barcoding: Employing 2D barcodes, such as QR Codes, embedded within the digital signage content allows a viewer to open a barcode reader app on their smartphone to “flash,” which then reads the barcode and executes an action, typically the launch of a mobile web page. Graphic Recognition: Employing a specialized smartphone application that the viewer uses to photograph digital signage content, the application accesses a cloud-based system that matches the photo against a repository of photos maintained in a database. If there is a match, then the additional content linked to that photo is sent to the viewer’s app. Web-linked: Using digital signage content to promote a web address (URL) that links to smartphone-optimized content, the viewer must launch their mobile browser, manually enter the URL and then initiate the connection. Location-Based: Utilizing a special smartphone application to determine the longitude and latitude of the viewer, the

app accesses a cloud-based system to acquire content that is created for and linked to those geo coordinates, sending it to the viewer’s smartphone app for display. It was originally assumed that convergence would enhance the digital signage viewing experience and that network operators would readily embrace convergence in order to obtain greater usage metrics. Did that happen?

Four Years Later

We now have a better understanding of convergence, the depth of viewer engagement and the degree of network operator participation. Convergence has actually evolved to include two additional scenarios: Audio Recognition: Utilizing a special smartphone app that listens to audio signals emitted from the digital signal, the app accesses a cloud-based system that matches the audio signal against a database of audio signals and then sends that content to the viewer’s app. Tag-Based: Employing Near Field Communication (NFC) tags attached to or near digital signage, a viewer uses an NFC-enabled smartphone to “tap” the tag to initiate content engagement. Like QR Codes, the NFC tag stores a link to a moRTC MAGAZINE JANUARY 2013


technology deployed

Figure 2 Text messaging provides digital signage viewers with an easy-to-use method for receiving additional information.

Figure 3 Symon Communications’ InView Mobile application displays real-time business performance information as an interactive complement to the information.

bile optimized web site. When the viewer taps the tag, the web address is resolved and content is displayed. But unlike QR Codes, it does not require a special reader app (Figure 1).



Success Assessment of Convergence Methods

DTMF actually preceded the advent of the mobile ecosystem and has proven to be better suited to feature phones as

opposed to smartphones. An example of this method is the promotional campaign used in New York’s Times Square by Nike. Viewers of Nike’s ad used their cell phones to personalize the style of a Nike shoe displayed on the Times Square billboard. SMS has proven popular because text messaging is familiar to the majority of smartphone users (Figure 2). One example is Norwegian-based’s interactive solution for clothing manufacturer Diesel, which used digital signage to encourage viewers to text “stupid” pictures of themselves to a special short code. The pictures were then routed to digital signs located in Diesel’s Copenhagen retail stores. The Proximity-based convergence has proven particularly viable in European and Asian markets, but more limited in the U.S. where smartphone users are not as acquainted with receiving unsolicited information via Bluetooth. A successful example is New York-based Blue Bite’s work for the Today digital signage network, which used Blue Bite’s technology integrated into the screens to deliver enhanced content on an opt-in basis to the viewers’ smartphones. Barcoding has been deployed fairly extensively, but consumer engagement has been questionable because there are no publically available metrics on how many digital signage viewers “flashed” barcodeenabled content. While the 2D barcode has become fairly ubiquitous, only about six percent of smartphone users actively scan barcodes, which suggests that overall usage would be no more than six percent. Based on publically available data, graphic recognition has been one of the least used forms of convergence, even though a large out-of-home advertising company launched a smartphone app that allowed viewers to use their iPhones to photograph displays to request more information. While the Web-Linked method is very straightforward, it places the burden on the digital signage viewer to launch their browser and then enter a URL. This can be relatively time-consuming and for that reason discourages consumers, although it is often used in conjunction with a QR Code or NFC call to action. Location-based is the most sophisti-

Technology deployed

cated convergent method. An example is embodied in the InView Mobile smartphone application developed by Symon Communications, which allows venue owners or content providers to deliver interactive, multimedia content to specific locations (Figure 3). A digital signage viewer can receive one content experience while inside of a venue and another experience when away from the venue. This implementation is being primarily used in corporate communication applications. It is unclear how extensively Audio Recognition is being used because it is a fairly new implementation, but it bears watching to see if it catches on with network operators and signage viewers. Tag-based is very new but growing rapidly, although it is being used almost exclusively with static signage. Samsung’s Galaxy SIII smartphone ad campaign is an example that features posters inviting viewers to tap their NFC-enabled smartphones on the signs to receive song downloads and other premiums. This form of NFCenabled static signage could be considered a competitive threat to digital signage.


The original assumption was that the mobile ecosystem would enable smartphone users to engage with digital signage in new and exciting ways, and that the promise of advanced engagement metrics would entice network operators to embrace convergence. Has this happened? Yes and no. It has provided an enhanced viewing experience and engaged viewers in new and exciting ways, but network operators have not flocked to convergent implementations for two reasons: 1) the cost and complexity of developing multiple sets of content, and 2) the fragmentation of responsibilities connected with deploying digital signage. Digital signage content can be costly to develop. The scope and volume of content required to deliver a compelling mobile experience is often more comprehensive than that of the digital signage itself. This added information, which contributes to the viewing experience, tends to add cost and development time to a digital signage deployment. Many considering a convergent implementation

are not willing to cover the additional time and cost. Few providers can offer true end-toend digital signage solutions, which consist of the technology, its sale, design, development, installation, training, support and—most importantly—content. Most purchasers either have to deal with many suppliers to implement signage or find a project management firm that can coordinate all of the various pieces, and mobile becomes one more discouraging level of complexity. As with content, complexity often drives up cost and deployment time. Nevertheless, mobile and digital signage convergence will thrive in campaign-oriented implementations where the viewer engagement experience is the primary focus; the content can be built from templates; and digital signage suppliers can offer end-to-end solutions—including the mobile component. Pyrim Technologies Plano, TX. (469) 366-4440. [].

Device Developers’ Conference May - Cambridge / Bristol / Manchester - UK

The UK’s No.1 Event for Developers of Intelligent Systems and Devices ͻ ͻ ͻ ͻ

1/2 Day Technical Workshops /ŶĨŽƌŵĂƟǀĞdĞĐŚŶŝĐĂůWƌĞƐĞŶƚĂƟŽŶƐ dŽŽůƐĂŶĚdĞĐŚŶŽůŽŐLJsĞŶĚŽƌdžŚŝďŝƟŽŶ An Opportunity to Meet Experts in Their Field

WƌŽĚƵĐƟǀĞĂŶĚŝŶĨŽƌŵĂƟǀĞͲďƌŝŶŐŝŶŐLJŽƵƵƉƚŽĚĂƚĞ Hardware - Software - PCB / Circuit - Enclosure - Test - Production

Register your free place today at : Untitled-3 1

Something to get excited about... 37

1/8/13 11:35 AM RTC MAGAZINE JANUARY 2013

technology deployed Digital Signage

Technology Advancements Enable Accelerated Development of Digital Signage Deployments Digital signage must be designed to identify and engage the customer. But beyond that lies an infrastructure of data gathering, database and evaluation technologies along with networking that reaches from smartphone to kiosk and on into the Cloud. by Satish Ram, Kontron


ompanies are embracing digital signage as never before. One cannot step inside a retail store, airport or healthcare facility without seeing a kiosk or video display. And, there is great expectation that the evolution of digital signage will be ongoing and pervasive—as it has been projected that more consumers will view video on digital signs than on Internet sites. The growth is being driven as advertisers and retailers realize new ways to attract and engage consumers with innovative digital signage concepts. An estimate from Intel suggests that the digital signage revolution will continue to expand at an astronomical pace to more than 22 million screens and 10 million players by 2015. The expansion of digital signage is creating vast new opportunities as retailers and other organizations are discovering new ways to engage customers with rich multimedia content that they can manage remotely while measuring for effectiveness against goals and objectives. However, developers have faced nu-



merous challenges in the development of new digital signage deployments. First, there has been a lack of design resources and tools that allow for cost-effective development, which has lead to expensive and time-consuming integration headaches. The need for the signage developer to solve similar problems again and again as new hardware is reviewed or deployed painfully reveals why deployment costs have increased and is the main cause of the overall fragmentation in the marketplace. Second, OEMs developing digital signage for the infotainment, retail, vending and transportation markets need standards to ease their workload and that will allow them to focus on reducing total cost of ownership (TCO) and maximizing return on investment (ROI) while obtaining the edge to differentiate their solutions from the competition. Third, deployers of digital signage systems need quick and easy ways to measure the effectiveness of their content and to be able to dynami-

cally change it to improve effectiveness (Figure 1). Also impacting digital signage designs is that viewer expectations today demand that digital signage deliver a mediarich experience in any environment—be it standing in line, at the register or in transit. Another important factor for OEMs is that new technologies are now available that allow advertisers to monitor gestures, social media interaction and implement multiple screens to make up a network of intelligent and connected devices. All these technology features enable access to actionable business data that can be gathered from customers so businesses can make more intelligent decisions. This data is essential for companies to target content to the viewer, which can be used to significantly increase profitability and is one of the main reasons digital signage is pervasive and ongoing. An Open Pluggable Specification (OPS) was developed by Intel with the goal of simplifying installation, usage, maintenance and upgrade of digital signage infrastructure. The OPS standard also contributes to making digital signage applications more intelligent, connected and secure while reducing costs because all OPS-compliant devices are interchangeable by design. Many suppliers are building OPS-compliant digital signage solutions, which allow companies to now deploy scalable applications that can more easily network with other components or devices. The availability of modular and pre-validated design resources and development platforms empower OEMs to build digital signage solutions that enable companies to achieve higher customer satisfaction. Advertisers also want to be assured of maximum reliability and uptime with the ability to integrate remote management capabilities that enable easier upgrades and scheduling of repairs. Using this design approach allows OEMs to future-proof design investments by maintaining interoperability and simplifying application upgrades.

High-End Processors Enable Optimal Image Processing

New faster processors are delivering power, performance and energy efficiencies to make it easier and more cost-effective to develop and operate innovative and

Technology deployed

Digital Signage Ecosystem Brands i.e., P&G, Toyota, Kraft, Lego Media Agencies / Ad Aggregators



OS Vendors

Display Vendors

Software Vendors

Player Vendors

Network Operators System Integrators

Video Analytics Vendors Sites and Venues

Hardware Vendors Retail






i.e., Best Buy, Hilton, Mayo Clinic, United, Bank of America, Carleton University Figure 1 The fragmented digital signage ecosystem is very complex and represents a major challenge for solutions developers.

interactive digital signage solutions. The 3rd generation Intel Core i7 processors with integrated graphics, CPU to GPU accelerator and reduced die geometries provide superior integrated graphics performance. For example, new processors are available that offer integrated graphics, CPU to GPU acceleration in a smaller footprint to provide the necessary feature set for optimal image processing that is an enabler of nextgeneration digital signage solutions. Featuring the latest processor technology, the Kontron DSEK-12 system has at its core the Kontron COMe-bSC6, which delivers a proven Computer-onModule (COM) solution that provides high-end graphics and display support features. Utilizing the Kontron COMebSC6 gives OEMs a modular approach that enables optimized and cost-effective scalability of application-specific implementations in terms of graphics and processing performance (Figure 2). This 100 percent OPS v1.0-compliant system integrates the 3rd Generation Intel Core processor and is pre-validated for use with a Microsoft Windows Embedded OS (such as WES7 Pro 64-bit) and Intel Audience Impression Metric (Intel AIM) Suite technology based on Anonymous Viewer Analytics (AVA) software. Digital signage

systems employing the DSEK-12 with the AIM Suite and running a content management system (CMS) can simultaneously play high-definition video while gathering valuable viewer demographics without invading their privacy to push customtailored messaging to the target audience, which results in delivering a rich, immersive user experience that can offer significant infrastructure cost savings.

Connected and Cloud-Based Solutions Push Content in Real Time

The rise in M2M (machine to machine) technology that allows connected communications to be enabled by WWAN (Wireless Wide Area Networks), WLAN (Wi-Fi), WPAN and the cloud, makes it possible to deliver content to consumers in real time while supplying analytics and data acquisition to advertisers. Connected signage networks are comprised of many types of signage including digital displays, billboards, transit signage, bus stops and more. Advertising management of all of these types of signage can be centrally screened and administrated in a connected Cloud-based signage network. Intelligent content distribution and scheduling is also managed centrally.

For instance, the ability to deliver messages to public displays according to preselected geography, environment or user behavior criteria is now possible. Messages can be disseminated at the most opportune time to increase awareness or responsiveness. Over a Cloud-based communication network, displays that are linked to a content management platform can respond to gestures, traffic and climate conditions to deliver messages crafted to enhance viewer engagement and targeted marketing opportunities. This type of connected content platform would also be used to produce audience or messaging reports so that advertisers could use the data to enhance viewer impressions or update content strategies against marketing goals. Intel developed its AIM Suite technology to allow digital signage applications to anonymously screen viewer metrics such as gender, age bracket and length of viewer attention. The technology permits retailers and advertisers to deliver more relevant content for individual viewers and track return on investment with greater accuracy. The Intel AIM Suite uses Intel processorbased computers and small optical devices connected to a digital sign. Millions of pixels per second can be analyzed to identify viewers. The software then anonymously RTC MAGAZINE JANUARY 2013


technology deployed

and interact with consumers in a more personal and compelling manner through new usage models such as augmented reality and interactive product explorations, which can have a positive impact in increasing revenue and customer loyalty.

Putting Digital Signage to Work

Figure 2 The high quality of real-time information attainable from the pre-validated content creation and content management software supported by the DSEK-12 gives companies access to actionable business data as well as being able to provide viewers with a dynamic, media-rich experience that is tailored to them.

aggregates the viewer’s data to deliver the metrics to retailers. Optical sensors mounted on digital signage displays use the Intel AIM Suite software to detect an arrangement of pixels that resembles the general pattern of a human face. The pixels are analyzed using specific algorithms to determine a person’s gender, age bracket and dwell time. No images are recorded and no individual data is collected so the Intel AIM Suite maintains consumer anonymity by using audience detection algorithms, which cannot collect any personally identifiable information, and cannot record any images or video footage.

Advantages Derived from Multiple Screen Capabilities

New emerging screen technologies are exciting when one considers the possibilities of displaying compelling content on polygon and hexagon screens, concave and convex walls. The visual displays of messaging can now go so far beyond the flat rectangular formats to capture a viewer’s attention and deliver engaging content. The ability to remotely manage multiple interactive displays for advertising and information sharing is driving the quick adoption of smart digital signage. Brands and companies are realizing the value of de-



livering targeted real-time content to a variety of display types. Using a multi-touch holographic screen, Intel has demonstrated how customers can explore products, learn about various promotions, provide product feedback, read other customers’ reviews, view past purchasing histories and share via social media audience impressions and reactions to all of the messages delivered. OEMs are also embracing the convergence of new technologies such as the integration of mobile devices and tablets with Near Field Communication (NFC) that allows devices to establish communication with each other by touching or being in close proximity. Useful too is the integration of multi-touch, gesturing and multi-user capabilities. The more interactive a display is, the more engaged customers become. Delivering this type of comprehensive merchandising goes a long way in improving the customer’s shopping experience. Brick and mortar retail outlets understand that they need to present more advantages in-store versus their online retailer competitors. Digital signage makes companies competitive in dispersing targeted and interactive content to shoppers to put them on a level playing field, complementing their in-store offerings with their online offerings seamlessly. Retailers can engage

A simplified example of a fast food ordering kiosk application explains the advancements realized with pre-validated platforms that offer Intel AIM software and content creative and management software. The ability to push tailored information to the customer as well as communicate information about user preferences back to the business in real time can be shown when a mother with a small child goes to the kiosk to order food. The Intel AIM Suite software allows it to recognize the aspects of the buyer, and is able to display a promotional screen about healthy child meals with a toy. The customer has the choice of either buying the promoted item(s) or going to the regular menu. The kiosk is equipped for credit card or cash transactions, provides a receipt and then communicates the order to the kitchen. When ready, a staffer gives the selected meal to the customer and scans the barcode on the receipt to confirm that the meal has been delivered. At the same time that the order is communicated to the kitchen, this customer data is also communicated to the corporate marketing team enabling them to have important customer data on the effectiveness of their kiosk promotions. An actual example was shown at the London Olympics and throughout London. There was a plethora of digital signage deployments—from signage at venues to displays on the subway system—demonstrating that the human-tomachine interface between digital signage and our normal everyday lives is growing and pervasive. Similarly, for the future Olympics and World Cup events in Brazil, organizers are planning a big role for digital signage. Estimates projecting that $350 million worth of digital signage will be deployed for those two events. Kontron Poway, CA. (888) 294-4558. [].

products &

TECHNOLOGY Flexible I/O Module for EtherCAT Also Available as Board-Level Product The new EtherCAT I/O Module “ETCio 100” from IXXAT enables the quick and easy connection of analog and digital input and output signals to EtherCAT systems—whether in component test stands, mobile applications, or for industrial automation applications. The device has two analog inputs and four analog outputs with a 12-bit resolution. The analog output voltage range can be individually programmed between 0 to +10V. In addition, the device has six digital inputs and four digital outputs. The output voltage range can be freely selected within a wide range with the switching threshold of the inputs automatically adjusting according to the selected voltage range. The outputs are short circuit protected. The configuration of the module is made by the EtherCAT master device by writing EtherCAT objects. Like the other devices of the IXXAT I/O module series with their wide input voltage range from 6V to 32V, robust aluminum housing and operating temperature range of -40° to +70°C, they are suited for integration into existing systems and for use in mobile and industrial applications. Along with the aluminum housing model, IXXAT offers the ETCio 100 also as an embedded board version that can be easily integrated in customer specific devices. Customized versions with custom I/O interfaces, individual form factors or connectors can be developed by IXXAT in a short time and at reasonable prices. IXXAT, Bedford, NH. (603) 471-0800. [].

Super-Small GigE Vision/CameraLink SWIR Camera with Low Noise A low-noise, low-dark-current camera equipped for GigE Vision or CameraLink is an ultracompact short wave infrared (SWIR) camera with an InGaAs detector. The Bobcat-640 from Xenics is designed for machine vision and high temperature process control, as well as science and R&D featuring a GigE Vision or CameraLink interface for easy system integration and fast data transfer. The Bobcat-640 features a form factor of just 55 x 55 x 67 mm3 for the CameraLink version and 55 x 55 x 85 mm3 for a small GigE Vision interface and offers excellent low-noise and low-dark-current performance. The use of industrial components increases the operating temperature range from -400° up to 700°C. Power over Ethernet is possible for stand-alone operation. In terms of resolution, Bobcat-640 drives pixel pitch down to 20μm from conventional levels of 25μm, at a high overall resolution of 640x512 pixels. This efficient optical layout makes the new camera compatible with a broad range of exchangeable standard C-mount lenses as well as the full range of other lower-cost lenses. With onboard image processing, Bobcat-640 operates as a complete IR camera system. Image quality is optimized with onboard signal processing with 14-bit A-to-D conversion. It is configurable with single non-uniformity correction (NUC), or multiple NUC in Xeneth software. Auto gain, span control as well as trigger in/out are also provided on board. Xenics, Leuven, Belgium, +32 16 38 99 00 [].



Vibration Amplifier for Jet Engine and Aircraft Auxiliary Power Unit Measurements A microprocessor-based vibration amplifier is designed to condition and display rotating machinery data while offering simultaneous outputs as broadband, acceleration, velocity and displacement. The Endevco 6634C from Meggitt Sensing Systems is designed to accept inputs from a single-ended, differential piezoelectric or ISOTRON (IEPE) accelerometer, velocity coil or remote charge converter. Full-scale AC and DC output ranges, as well as sensitivity, are user programmable in selectable engineering units and are representative of acceleration, velocity or displacement. Programming is accomplished from the front panel keyboard or optional RS-232 computer interface. Units also have an optional six-pole filter, which may be programmed from the front panel. Up to ten unique setups can be stored and recalled from the non-volatile memory, while two TTL- compatible latched alarm outputs provide both warning and alert functions. An optional 19-inch mounting rack, also available from Meggitt Sensing Systems, can accommodate up to six units. With its versatility to accept and condition multiple transducer output types, the Endevco 6634C vibration amplifier is suitable for the turbine and generator health monitoring of jet engines, generators, turbines and pumps. They are also well-suited for aerospace engine test cell applications, which further incorporate the use of high-temperature accelerometers, or where vibration data is required to be expressed in terms of velocity. These rugged units may also be used with other balanced differential output devices. Additional applications include fixed and mobile test cells for small turbofans, air cyclers, as well as in-laboratory test rigs. Meggitt Sensing Systems, Fribourg, Switzerland. +41 26 407 11 11. [].


1U Rackmount Platform with Dual Intel Sandy Bridge Xeon Processors A powerful new 1U rackmount platform based on Intel Sandy Bridge-EP Xeon processors was developed for maximum performance, scalability and functionality. In the PL-80430 from Win Enterprises, two Intel QuickPath Interconnects run up to 8.0 GT/s to support the unit’s two Intel Xeon LGA 2011 series processors. Cross-socket memory I/O latencies are reduced while throughput is increased. The two Xeon E5 series processors can support up to 8 cores each, plus 20 Mbyte cache and the latest PCIe 3.0 interface to provide 80 PCIe lanes. Each CPU socket supports 4 DDR3 channels with speeds up to 1600 MHz and a maximum capacity of up to 128 Gbyte of ECC memory— when using the latest LR DIMM technology. The Intel C604 chipset supports standard platform I/O and high-speed mass storage with two 2.5” SATA hard disks or solid state drives. The PL-80430 platform can provide the OEM with different Ethernet port types, such as 10 Gigabit SFP+, Gigabit copper (bypass function as option) and Gigabit fiber ports. Maximum LAN capacity provides 9 GbE ports and 12x 10GbE ports. Two PCI Gen3 slots provide for a maximum of four Cavium Nitrox III chip modules via custom card. These high-performance security coprocessors enable hardware-level cryptographic acceleration, data compression, faster application delivery, as well as cloud and WAN optimization. WIN Enterprises, North Andover, MA. (978) 688-2000. [].

Third Generation Core i7-Based 6U CompactPCI Blade with Remote Management A 6U single-slot CompactPCI processor blade is designed for use by robust computer makers and intelligent system integrators in mission-critical applications such as those developed for the military sector. With its 22nm 3rd generation quad- and dual-core Intel Core i7 Processor and Mobile Intel QM77 Express Chipset with dual channel DDR3-1333/1600 ECC memory up to 16 Gbyte capacity, the cPCI-6520 from Adlink Technology delivers high computing power, massive I/O and memory capacity, and flexible connectivity for robust computing applications requiring server-class performance. The cPCI-6520 is a performance computing solution with enhanced management features such as PICMG 2.9-compliant IPMI, remote management based on Intel vPro technology and optional Trusted Platform Module (TPM) for security management. Wide temperature range support is available up to -40° to 85°C (operating). The Adlink cPCI-6520 Series offers oustanding processing and graphics performance for applications requiring reliable, scalable CompactPCI products with the latest quad-core CPU, 2D/3D graphics engine with multiple displays. Three independent display functionality is provided via two dual-mode DisplayPorts and DVI/VGA graphics interfaces. The DisplayPort interface supports single-link DVI or HDMI with a passive adapter cable and analog VGA output via an active adapter cable. When coupled with an Adlink XMC-G460 graphics module installed in the XMC site, or an Adlink cPCIR6700 Rear Transition Module, the cPCI-6520 Series supports up to four independent displays. On-card connectivity includes two front panel GbE egress ports, three USB 3.0 ports, bootable CompactFlash socket, onboard 7-pin SATA 6 Gbit/s connector for external storage device and SATA 6 Gbit/s direct connector for an onboard 2.5” drive to provide flexible storage capabilities. The cPCI-6520 also provides a PMC/XMC expansion site supporting 64-bit 133 MHz PCI modules or PCI Express x8 XMC modules. Rear I/O storage interface includes up to three SATA ports with RAID 0/1/5/10 support and up to eight SAS ports supporting hardware RAID by the cPCI-R6200 RTM. The cPCI-6520 is also validated for reliability in extended temperature conditions ranging from -20° to 70°C. Select SKUs can support extreme temperatures ranging from -40° to 85°C with optional conformal coating. ADLINK Technology, San Jose, CA. (408) 360-0222. [].

Ad Index Freescale i.MX6-Based ULP-COM Modules Enable Ultra Low Power Applications

A new, highly scalable COM module family with single, dual Connected technologywide and or quad core ARM Cortex A9Get technology coverswith an extremely providing now performance range. Based oncompanies Freescale’s i.MX6 solutions Series processors, Get Connected a new resource for furtherofexploration the Kontron ULP-COM-sAMX6i enables an isefficient development into products, technologies and companies. Whether your goal scalable smart devices that need an extremely compact, fanless design is tographics research the latest datasheet from abenefit company, speak directly with balanced processor and performance. OEMs from with an Application Engineer, or jump to a company's technical page, the these new modules by a standardized basis for the industrial environgoal of Get Connected is to put you in touch with the right resource. ment with enhancedWhichever design security for the and developlevel of service yourapid require for efficient whatever type of technology, ment of mobile, energy-efficient embedded appliances with open stan-and products Get Connected will help you connect with the companies dards software. you are searching for. On the extremely compact footprint of the ULP-COM short form factor (82 mm x 50 mm), the Kontron ULP-COMsAMX6i integrates all core components including non-volatile memory for a rugged, closed system design without any moving components. The new Kontron ULP-COM-sAMX6i Computer-on-ModGet Connected ule family is available with 800 MHz single,with dualtechnology and companies prov and quad core processorsGet of Connected the Freescale iMX6 is a new resource for further exploration into pro datasheet from a company, speak directly with an Application Engine series. in touch with the right resource. Whichever level of service you requir On a project basis, further variants with additional versions from Get Connected will help you connect with the companies and produc the extensive range of these long-time available processors are possible. Depending on the SoC model, they integrate one or two independent graphics engines with up to four 3D shaders for vivid 3D visuals and video de- and encoder, which can process HD videos up to 1080p @ 60 Hz. Dual independent displays are possible via parallel 18/24 bit LCD or 18/24 bit single-channel LVDS and HDMI. In addition, two MIPI-conforming camera inputs enable the use of device-specific video sensors. Application-specific extensions can be integrated via up to three PCI Express lanes, 3 x USB 2.0, 2 x SPI, 5x I2C and 2x CAN. For multimedia, interconnect developers can rely on 1 x Media Local Bus 150, 2 x I2S and SPDIF. Storage media can be connected via SATA, SDIO and eMMC. For networking there is a 10/100/1000 Ethernet port. The input Get Connected with companies and voltage ranges from 3V up to 5.25 VDC. In this way it can be directly products featured in this section. powered via a single-cell lithium-ion battery as well as the classic 3.3 VDC or 5 VDC power supply, which in addition simplifies the system design.


Kontron, Poway, CA. (888) 294-4558. []. Get Connected with companies and products featured in this section.




CompactPCI Serial SBC Features Quad-Core i7 and Up to 16 Gbyte ECC Memory A rich-featured, high-performance 4HP/3U CompactPCI Serial CPU board is equipped with an Intel Core i7 Ivy Bridge + ECC (dual- or quad-core) mobile processor based on 22nm technology. The front panel of the SC1-Allegro from EKF Elektronik is provided with two Gigabit Ethernet jacks, two USB 3.0 receptacles and two Mini-DisplayPort connectors for attachment of high-resolution digital displays. The SC1-Allegro is equipped with a set of local expansion interface connectors, which can be optionally used to attach a mezzanine side board. A variety of expansion cards is available, providing legacy I/O and additional PCI Express-based I/O controllers such as SATA, USB 3.0 and Gigabit Ethernet, or a third video output. Most mezzanine side cards can accommodate in addition a 2.5-inch drive. The module is equipped with up to 16 Gbyte RAM with ECC support. 8 Gbyte of memory are provided for rugged applications, and another 8 Gbyte are available via the DDR3 ECC SO-DIMM socket. As an option, a low-profile mezzanine module with dual mSATA SSDs may serve as a high-speed RAID mass storage solution. The SC1-ALLEGRO backplane connectors comply with the PICMG CompactPCI Serial system slot specification. Typically, the SC1-Allegro and the related side card would come as a ready-assembled 8HP unit. As an alternative, low-profile flash-based mezzanine storage modules are available that fit on the SC1-Allegro while maintaining the 4HP profile. The C42-SATA module is equipped with a very fast 1.8-inch SATA Solid State Drive (SSD), which is suitable for installation of any popular operating system. EKF Elektronik, Hamm, Germany. +49 (0)2381/6890-0. [].

Profinet-CANopen Gateway Enables Easy Integration of CANopen devices A new Profinet-CANopen gateway offers a powerful and easily configurable gateway solution for connecting CANopen devices and networks to Profinet systems. The COP-CON 220/PN gateway from IXXAT enables bi-directional data exchange allowing for both the integration of existing, low-cost CANopen devices into Profinet systems as well as the provision of data from Profinet for use in CANopen. For this, the gateway operates as a Profinet I/O device and uses slots and sub-slots for data exchange. On the CANopen side, the device acts as a CANopen NMT master with PDO and SDO support. The gateway configuration is easily accomplished by using the IXXAT configuration tool that is included free of charge. Using EDS files, the configuration of the CANopen devices as well as establishing communication links is quick and intuitive. In addition to the configuration file necessary for the CANopen side (CDC file), the tool also automatically generates a GSDML file. The GSDML file allows for simple gateway integration into Profinet networks and the access of PLC applications to the gateway. At this, the gateway is represented as a single I/O device. All data on the CANopen side, which is exchanged through the gateway with the Profinet network, are defined in the GSDML file as variables with variable name, data size and data direction. This unprecedented dual side approach simplifies the configuration significantly. The Profinet-CANopen gateway features a 32-bit microcontroller, which enables the processing of large amounts of data. DIN rail housing, a temperature range of -40째 to +85째C and a wide supply voltage range of 9-32V allow for easy integration into existing systems. The device and communication status is indicated by LEDs. The gateway has an integrated 2-port switch, thus allowing easy integration into line topologies. The connection to the CANopen bus and the power supply is made using screw terminals. Device configuration and firmware upgrades can be made via a USB 2.0 port. IXXAT, Bedford, NH. (603) 471-0800. [].



COM Express Type 6 Module with Three High-Performance Independent Display Interfaces A new COM Express offering is a highperformance COM.0 R2.0 Type 6 module featuring an Intel Core i7/i5/i3 processor supporting Intel HD Graphics integrated on the CPU with three independent displays. On the Express-IB from Adlink Technology, a PCI Express x16, Generation 3.0 bus is available for discrete graphics expansion or general purpose PCIe and can optionally be configured as 2 x8 or 1 x8 + 2 x4. The module targets applications in government, military, medical, digital signage and communications and is suitable for customers with advanced processing performance and graphics requirements looking to reduce development time by outsourcing the base design of their system and focusing on application functionality. The Express-IB supports Intel Advance Vector Extensions (Intel AVX v1.0), with its improved floating point intensive applications, and also offers the benefits of increased bandwidth provided by USB 3.0. New with the COM Express Type 6 module are three Digital Display Interface (DDI) ports supporting HDMI, DVI and DisplayPort outputs, in addition to legacy VGA and dual-channel 18/24-bit LVDS displays. The Express-IB also offers Gigabit Ethernet, up to four USB 3.0 ports, four USB 2.0 ports, two SATA 6 Gbit/s ports and two SATA 3 Gbit/s ports (RAID 0/1/5/10) and support for SMBus and I2C. The module is equipped with AMI EFI BIOS supporting remote console, CMOS backup, hardware monitor and watchdog timer. The Express-IB features the Intel Core i7/i5/i3 processor supporting Intel Hyperthreading Technology (4 cores, 8 threads) and up to 16 Gbyte of DDR3 dual-channel memory at 1333/1600 MHz on dual stacked SODIMM sockets to provide excellent overall performance. Intel Flexible Display Interface and Direct Media Interface provide highspeed connectivity to the Mobile Intel QM77 Express Chipset. ADLINK Technology, San Jose, CA. (408) 360-0222. [].


High Performance 4-Channel PCI/104-Express Frame Grabber A new PCI/104-Express 4-channel frame grabber with audio capture simultaneously captures four channels of analog video and four channels of stereo audio. The Model 911 from Sensoray captures raw video frames from each channel at up to the full frame rate, resulting in an aggregate frame capture rate of up to 120 fps for NTSC and 100 fps for PAL. The high frame capture rate, through two x1 links of PCIe bus interface, makes it well suited for applications that require uncompromising capturing of multiple video sources in a compact form factor, such as remote video surveillance and traffic monitoring. A 24-pin header provides convenient access to all I/O signals on the board. The board’s PCI/104-Express connectors support both stack-up and stack-down, and its full conformance to the PCI/104-Express specification guarantees that it won’t mechanically interfere with adjacent boards. The unit supports a wide range of video capture resolutions, including D1, VGA, QVGA, SIF, 4SIF, CIF, QCIF and 4CIF. Captured frames are formatted as raw RGB or YUV. Four general-purpose digital I/O signals are provided for controlling cameras and illumination sources, alarm signal monitoring, etc. and can be configured to function as all outputs or all inputs. Sensoray provides an SDK for the Model 911 that includes drivers, programming examples and comprehensive documentation for both Windows and Linux operating systems. Quantity 2-9 pricing is $581. Sensoray, Tigard, OR. (503) 684-8005. [].

COM Family with Freescale QorIQ Speeds Telecomm and Number Crunching Systems A new family of COM Express-compliant Power Architecture processor modules features Freescale’s QorIQ 32-bit P2020 (COMecP2020) and the 64-bit P5020 (COMe-cP5020) processor. The Kontron COMe-cP2020 is especially suited for low-power, deeply embedded number crunching systems that do not require graphic functionality, but instead need especially high single-threaded performance-per-watt of the Power Architecture. With its long-term availability of more than 10 years, fanless operation and support for the extended temperature range up to -40° to +70°C, the new modules are also designed to run in especially durable applications even in harsh environments. The Kontron COM Express basic sized COMe-cP5020 targets high-bandwidth telecommunication and data processing applications. The Kontron COMe-cP2020 in the COM Express compact (95 mm x 95 mm) form factor is based on the Freescale QorIQ P2020 dual-core power architecture with 1.2 GHz. The Kontron COMe-cP5020 in the COM Express basic (95 mm x 125 mm) form factor is based on the Freescale QorIQ P5020 dual-core power processor with 2.0 GHz. Featuring 64bit technology, it integrates up to 8 Gbyte of soldered DDR3 RAM at 1333 MHz and ECC. Two additional Mbyte of shared third level cache facilitate core-to-core communications to minimize accesses to main memory. The Kontron COMe-b5020 with its Data Path Acceleration Architecture (DPAA) assures that even heavy network traffic does not affect the processing performance of the cores. With DPAA it offloads the cores from the common packet-handling tasks, which leaves more headroom for the relevant processing even at full load. Common features to both Computer-on-Modules are up to 2 Gbyte of NAND Flash as well as a socket for MicroSD cards on the module to offer reliable storage space for application data. In terms of I/Os, the new modules interface the QorIQ-specific I/Os toward the carrierboard. Besides USB 2.0 ports there are also UART (TxD, RxD, RTC and CTS) und Gigabit Ethernet interfaces. Flexible interface support is guaranteed by 4 (COMe-cP2020) or 18 (COMe-bP5020) SERDES lanes, which can be configured according to application-specific needs in a whole range of different combinations for example as PCIe x4, sRIO x4 or Serial Gigabit Media Independent Interface (SGMII). In addition, the Kontron COMe-bP5020 offers XAUI and SATA interfaces. Kontron, Poway, CA. (888) 294-4558. [].

Ad Index

GUI Development Board with Projected-Capacitive Touch

withthe technology and A new tool makes it easyGet for Connected designers to add combination companies providing now 16-bit of multitouch projected-capacitive interfaces and solutions high-quality Get Connected is a new resource for further exploration color graphics to WQVGA displays in any application. Additionally, into products, technologies and companies. Whether your goal the PIC32 GUI Development Board from Microchip Technology usis to research the latest datasheet from a company, speak directly ing Microchip’s 32-bit PIC32 microcontroller can directly drive LCDs, with an Application Engineer, or jump to a company's technical page, the eliminating the costgoal and complexity of an of Get Connected is toexternal put you ingraphics touch with controlthe right resource. ler. Microchip’s onboard MTCH6301 is ayou turnkey Whichever level of service require projected-capacitive for whatever type of technology, Get Connected help you connect with the multitouch companies and products touch controller that simplifies thewill integration of popular you arereduced searching design for. and gestures with greatly time and risk. In with Microchip’s free graphics and multitouch software, this board enables rich, modern user interfaces for cost-sensitive designs in a broad range of markets, such as consumer, industrial and medical. Get Connected with technology and companies prov Get Connected is a new resource for further exploration into pro Following the prolifdatasheet from a company, speak directly with an Application Engine eration of smartphones, users in touch with the right resource. Whichever level of service you requir now expect similar touch Get and Connected will help you connect with the companies and produc graphics interfaces in thing they use. However, the cost structure of most products can’t support the BOM of a typical smartphone, nor do designers have the time or desire to become user-interface experts. Microchip makes it easy and cost-effective to add rich user interfaces to nearly any product, by providing what is essentially a “GUI in a box” that can be inserted—as is—into most designs. In fact, the “PIC32 GUI Development Board with Projected Capacitive Touch” enables bezel mounting and connections between LCD displays and most of the PIC32’s on-chip peripherals. The board also provides ready-to-use PCB pads for common serial and analog connections. Additionally, the PIC32 has processing power to spare for additional tasks, such as communication, control and audio. The board is priced at $249. Get Connected with companies and Microchip Technology, Chandler, (888) 624-7435. products featured in thisAZ. section. [].


Get Connected with companies and products featured in this section.




Surface Thermography Liquid Crystals Reveal Hot Spots in Electronic Devices A new kit for identifying hot spots in electronic devices features spray-on thermochromic liquid crystals that change color at different temperatures to reveal heat issues on chips and other electronic components. By applying these liquid crystals using the TLC-100 Kit from Advanced Thermal Solutions, engineers can visually find hotspots and temperature fields. TLC-100 liquid crystals are designed for heat transfer studies and mapping heat fields on electronic components or boards. The crystals change color at a specified temperature starting at red, changing to green then blue. For electronics cooling applications, this provides the user accurate information about the location of hot spots on a device, their temperature and temperature gradient. To map the temperature profile of a component or board, black ink is airbrushed on to the specimen. Then TLCs, with a temperature range depending on the application, are sprayed onto the measurement surface. Once the device is turned on, and the components are brought to activation temperature, the liquid crystals begin turning red, then into different colors, representing the temperature distribution of the component or board. Thermochromic liquid crystals are available in a variety of temperature ranges from 12° to 120°C, each one has a particular bandwidth from 1° to 20°C. Hotspot locations can be confirmed and changing temperatures can be seen at various current output levels. The TLC-100 crystals can show thermal patterns, not just at the chip but on the surrounding hardware. The TLC-100 Thermochromic Liquid Crystal kit is priced at $761.87 Advanced Thermal Solutions, Norwood, MA. (781) 949-2518. [].

Fourth Generation ATCA Shelf Management Solution A new fourth generation Shelf Management Mezzanine (ShMM) product has been tested in customer shelves for many months, and multiple customer-specific Shelf Manager boards are now in development. The ShMM-700R module from Pigeon Point Systems is priced about 30% below the predecessor ShMM-500R, which is the dominant independent shelf management solution in the worldwide ATCA market. Based on the 204-pin DDR3 SODIMM form factor, the ShMM700R is also about 20% smaller than the ShMM-500R, yielding even more packaging flexibility. The ShMM-700R’s flexibility and carefully crafted implementation philosophy were recognized at its introduction with the ATCA Summit 2011 Best of Show award for infrastructure products. Release 3.0.0 of the Pigeon Point Shelf Manager supports the ShMM-700R, the ShMM500R and the ShMM-1500R, continuing the record of quality and stability that the ShMM-500R and ShMM-1500R have earned in the most demanding applications of ATCA. With the ShMM700R, the Shelf Manager runs on Pigeon Point Linux, which is based on the 2.6.34 revision of the Linux kernel. The ShMM-700R uses a Freescale i.MX287 ARM9-based main processor to execute Linux and the Shelf Manager application, plus a Microsemi SmartFusion A2F060 intelligent mixed signal FPGA for critical supplementary functions. (Pigeon Point also delivers SmartFusionbased variants of its market-leading Board Management Reference (BMR) series of xTCA board and module management controller solutions.) The ShMM-700R is Pigeon Point’s first offering based on the Pigeon Point Management Mezzanine or PPMM-700R physical module. After the VITA 46.11 standard is finalized within the VITA, the PPMM-700R will also be offered as a VITA 46.11 Chassis Manager, the ChMM700R. Pigeon Point Systems, Oceanside, CA. (760) 757-2304. [].



Slim, Fan-Free Panel PC with Atom Dual Core Processor D2550 A new Panel PC features the Intel Atom dual-core processor D2550 1.86 GHz and Intel NM10 chipset. The 5-wire resistive single touch screen and aluminum front bezel come standard. With its ultra-slim, lightweight, HDD tray, CF cover and cable-less design, the FUDA Panel PC series from American Portwell is stylish and fan-free. Its flexible I/O board docking and COM port are selectable by BIOS. In addition to operating in a wide DC input range, the FUDA panel PCs are tested to IP65 water and dust resistant standards. The FUDA also comes equipped with APIs and EtherCAT support. The FUDA is also rugged and capable of operating in harsh environments with temperatures ranging from 0° to 50°C and relative humidity of 5% to 95%. It is also resistant to vibrations up to 1G and shock up to 15G. The aluminum front bezel is IP65 certified as non-corrosive and can be customized to true flat overlay in order to conform to DIN EN 1672-2 and DIN 42115-2 standards, which permit the use of various cleaning solvents. FUDA also offers a full HD Video decoder to deliver greater graphics performance. Application Programming Interface (API) and EtherCAT support system integration of HMI and Cloud Computing efficiently, which enables quick and efficient changes or updates by way of Internet when necessary. This cable-less model has an easily removable back cover, HDD tray and CF cover. It comes equipped with an I/O board docking design and a Golden Finger connector with a RS-232/433/485 option via BIOS for the use of additional peripheral legacy devices. All of these features are packed within a slim 50 mm thick console and designed with a choice of display sizes of 10.4˝ to 19˝. Furthermore, FUDA supports both VESA and panel mounting for more flexible installations. American Portwell, Fremont, CA. (510) 403-3399. [].


Virtualization Software Enables Development of RTOS Applications to Run Alongside Windows or Stand-Alone An updated release of INtime for Windows and the new INtime Distributed RTOS from TenAsys provide a new level of flexibility for embedded system developers in reducing system-level costs and adding scalability to PC-based embedded designs. With INtime Release 5, designers can now develop RTOS applications alongside Windows, or stand-alone RTOS applications with the same tools and familiar Microsoft Visual Studio integrated development environment. This gives users the flexibility to use and move INtime software code and applications across environments to INtime for Windows addressing applications with advanced Windows-based humanmachine interfaces (HMIs) or INtime Distributed RTOS, ideal for running deeply embedded applications. Key to the scalability that INtime enables is GOBSnet, a built-in inter-process communication mechanism that manages communications between a network of processing nodes. Using GOBSnet, developers distributed an application across diverse system solution, from a single-core system to a number of networked multicore systems. INtime Release 5 includes improvements in the node-to-node interfaces, such as a new optimized Message Queue, resulting in higher performance communications between nodes. The new software release also supplements its existing USB stack implementation with a completely new USB stack, which includes support for USB 3.0 and the AHCI controllers found on the latest PC platforms. Also, the OS application interface has been improved for better performance and functionality.

Ad Index

TenAsys, Beaverton, (503) 748-4720. OR. [].

Get Connected with technology and

OpenVPX Interoperability in SFF Signal Processing Platform Expands VPX Ecosystem

companies providing solutions now of TI-Based ULP-COM Modules Help Reduce Costs Get Connected is a new resource for further exploration Ultra Low Power SFF Systems

Elma Electronic Inc., in cooperation with Pentek and Concurrent Technologies, has developed a small form factor (SFF), OpenVPXbased signal acquisition system for processing and recording applications. The new SigPro1, the first in Elma’s OpenATR Series of systems, demonstrates interoperability of a multivendor OpenVPX-compliant board set, strengthening the VPX ecosystem and reducing user dependence on single-sourced systems. Recording at over 200 Mbyte/s, the rugged SFF signal processing platform can be used for data acquisition, radar, beam forming and other signal processing applications in harsh environments. It can operate in dual channel record and playback mode with dual A/D converters operating at 200 MS/s, 14-bit or 500 MS/s, 12-bit. The system is based on Pentek’s Cobalt series FPGA XMC with a high-performance A/D front end, Concurrent Technologies’ 803 Series 3U VPX-REDI Core i7 single board computer for processing and a storage subsystem using high-capacity solid state disks developed by Elma. The new SigPro1 is a very configurable hardware platform base for multiple uses. Any of Pentek’s FPGA cards, all of which support configurable front-end data acquisition and recording environments using Pentek’s Talon data record software, can be implemented in the new SFF system. The platform uses a three-slot VPX backplane, with the card payload packaged in a compact, conduction-cooled chassis measuring only 5.12” x 6.9” x 12.25”. The SigPro1 is passively cooled, with sealed MIL-STD DTL 38999 connectors for I/O. Using Pentek’s Talon data acquisition and record system architecture and application software, the platform can function as a data recorder. System Flow, Pentek’s data record application, operates at the core of the Talon system. SigPro1, which operates from a 28 VDC power supply, includes two-output D/A converters and two 2-1/2” SATA drives. Other I/O includes two Gigabit Ethernet ports, two USB ports and an external VGA port.

A new series of ULP-COM-based Comis to research the latest datasheet from a company, speak directly puter-on-Modules helps embeddedEngineer, OEMs with an Application or jump to a company's technical page, the drive down system goal costsof for Getultra-low-power Connected is to put you in touch with the right resource. small form factor (SFF) solutions. The you ex-require for whatever type of technology, Whichever level of service Get Connected will help you panded ULP-COM portfolio from Kontron is connect with the companies and products are searching for. block designed as a highlyyouscalable building for the swift and cost-effective development of energy-efficient mobile devices. Featuring an extremely low Thermal Design Power (TDP), the Kontron ULP-COM-sA3874i is well-suited for space-constrained, fanless and harsh environment applications. Offering single core ARM Cortex A8 technology performance based on Texas Instrument’s AM3874 Sitara ARM processors, Kontron’s latest ULP-COM module delivers the Connected with and being companies prov computing power requiredGet by the diverse range of technology smart devices Get Connected is a new resource for further exploration into pro designed today in an exceptionally small 82 mm x 50 mm footprint. datasheet from a company, speak directly with an Application Engine The ULP-COM-sA3874i module supports an extended operating in touch with the right resource. Whichever level of service you requir temperature range of -40° to +85°C and expands the scalable ComputerGet Connected will help you connect with the companies and produc on-Module building block model to a broader range of SFF systems that must operate in harsh environmental conditions such as those in the military, industrial automation/HMI, digital signage and medical markets. Support for Android, Linux, WEC7 and additionally a variety of real-time operating systems on project request, enables embedded OEMs to leverage an active ecosystem of development partners. The new Kontron ULP-COM-sA3874i Computer-on-Module family is available with the Texas Instruments Sitara single core Cortex-A8 technology-based microprocessors (MPUs) for the extended temperature range, which offer performance up to 800 MHz. Kontron’s ULP-COM modules support 3D graphics acceleration and HD video processing. Dual independent displays are possible via parallel 18/24-bit LCD or 18/24-bit single-channel LVDS and HDMI. Additionally, the module Get Connected with companies and supports a parallel interface input. The modules provide a x1 Gen products camera featured in this section. 2 PCI Express lane and interface flexibility with 4-bit SDIO and SDMMC storage, SPI x2, I2S x4, I2C x4 for general purpose and CAN Bus x 2. Networking is supported by a 10/100/1000 Gigabit Ethernet port.

into products, technologies and companies. Whether your goal


Kontron, Poway, CA. (888) 294-4558. [].

Elma Electronic, Fremont, CA. (510) 656-3400. []. Pentek, Upper Saddle River, NJ. (201) 818-5900. []. Concurrent Technologies, Woburn, MA. (781) 933-5900. [].

Get Connected with companies and products featured in this section.




Rugged IF Signal Recorder for Extreme Environments

Qseven Starter Kit Offers Quick Way to ARM-Based Designs

The first of a new recorder family called Extreme Talon is an IF signal recording and playback system, suitable for military and aerospace applications, UAVs and other severe temperature, shock and vibration environments. The configurable, multi-channel Model RTX 2786 from Pentek features a compact, conduction-cooled half-ATR chassis with up to 1.92 Terabytes of solid-state redundant array of independent disks (RAID) storage for sustained recording rates to 500 Mbytes/second. Pentek’s SystemFlow software allows turn-key operation through a graphical user interface, while the SystemFlow API allows for easy integration of the recording software into custom applications. Signal recordings are stored as files in the native Windows new technology file system (NTFS) format for immediate use by PCs and applications without the need for post-recording file conversion. “As complete recording systems, the Extreme Talon recorders are ideal for capturing a range of wideband analog signals for communications and radar systems,” said Rodger Hosking, vice president of Pentek. “The RTX 2786 extends the advanced recorder technology developed for our commercial Talon products to extreme operating environments.” The RTX 2786 digitizes and records multiple analog input channels using 200 MHz 16-bit ADCs. The system can capture up to 80 MHz of instantaneous bandwidth for IF signals ranging up to 700 MHz. Built-in digital downconverters allow signals to be translated to baseband. These signals can be reproduced at their original IF frequency using the optional 800 MHz 16-bit DAC with built-in digital upconversion. The recording system supports sustained recording rates to 500 Mbytes/s from up to four data channels. The built-in Windows 7 Professional workstation with an Intel Core i7 processor gives the user total flexibility in routing data to various drives, networks and I/O channels. Also, the user can install post-processing and analysis tools on the system itself to operate on the recorded data. The RTX 2786 is fully supported with Pentek’s SystemFlow software for system control and turn-key operation. The software provides a graphical user interface with point-and-click configuration management and can store custom configurations for single-click setup. The software also includes a virtual oscilloscope and signal analyzer to monitor signals before, during and after data collection. The RTX 2786 starts at $89,995. Delivery is 12-16 weeks ARO.

A new Qseven starter kit provides developers with a complete package to rapidly prototype embedded systems for ARM designs. Thanks to their compact size and extremely low power, Qseven embedded computer modules based on ARM architectures are a good solution for virtually any low-power or ultra-mobile embedded PC application. To minimize the development costs of such systems, congatec has combined all the necessary components in a comprehensive starter kit. The kit’s centerpiece is the new conga-QMX6 Qseven module, based on the Freescale i.MX6 ARM Cortex A9 processor. The module has an ingenious 3D-capable high-end HD graphics interface with extremely low power consumption. The integrated graphics core is designed for multimedia applications featuring a video processing unit (VPU), 2D and 3D graphics (GPU2D/3D), four shaders with up to 200 MT/s (million triangles/second) plus dual stream with 1080p/720p. The available graphics interfaces include HDMI v1.4 and 18/24 bit dual channel LVDS with a resolution of up to 1920x1200 (WUXGA). The starter kit also includes the flexible Qseven evaluation carrier board conga-QEVAL and a matching 12V power adapter. With the supplied cable set, it takes just minutes to build a compact demo system. The conga-QEVAL is easy to integrate and offers multiple interfaces including five USB ports, a Gigabit Ethernet port, HDMI, 18/24 bit LVDS and a PCI Express socket. For the connection of mass storage devices 1x SATA and SD card are integrated on the baseboard. The Qseven module itself provides a microSD socket and has an optional extra, eight gigabytes of soldered solid state drive (eMMC) for robust applications. The included microSD card features a boot loader with pre-installed Ubuntu Linux so that the system can be started immediately. Alternatively, Android or Windows Embedded Compact 7 will be available in the near future. For customers interested in customization, congatec has an established network of partners to provide consulting and implementation services. The board support packages for Windows Embedded and Linux are provided and supported in close cooperation with congatec’s software partner Adeneo Embedded. Combining many years of software experience with congatec’s hardware expertise makes an ideal platform for successful customer projects.

Pentek, Upper Saddle River, NJ. (201) 818-5900. [].



Congatec, San Diego, CA. (858) 457-2600. [].

Conference Sponsor:

February 25-28, 2013 - DoubleTree, San Jose, CA TECHNICAL SESSIONS



Tuesday, February 26

Monday, February 25







Wednesday, February 27




Tuesday, February 26 Walden C. Rhines

Chairman and CEO of Mentor Graphics Corp.

Booth # Bo

* = First Time Exhibitor



Exhibitor List EEx hibi hi bittorr Li bi stt




PANEL: Industry Leaders Panel

3:30 - 6:30pm


Thursday, February 28

,ĂƌĚĐŽƌĞhsDͲ// PANEL: Where Does Design End and sĞƌŝĮĐĂƟŽŶĞŐŝŶ͍



^>ĂŶĚͬŽƌd>D ,ĂƌĚĐŽƌĞhsDͲ/

3:30 - 6:30pm






ϳϬϰ ϳϬϮ ϴϬϭ ϯϬϱ ϴϬϮ ϭϭϬϮ ϳϬϱ ϳϬϭ ϱϬϭ ϭϬϬϮ ϵϬϮ ϰϬϭ ϯϬϭ ϲϬϭ ϵϬϭ ϲϬϮ ϴϬϱ ϰϬϮ ϯϬϮ ϱϬϮ ϮϬϭ ϰϬϰ ϱϬϱ

Media Sponsors:




Conference & Exhibit Details at

Advertiser Index

Company Page Website ACCES I/O Products, Inc................................................................................................... Advanced Micro Devices, Inc............................................................................................. 52................................................................................................ ARM Module & MicroTCA Showcase.................................................................................. 29........................................................................................................................................ congatec, Inc.................................................................................................................... 20............................................................................................................. Design & Verification Conference & Exhibition.................................................................... Device Developers’ Conference.......................................................................................... Digital Signage Expo.......................................................................................................... Dolphin Interconnect Solutions........................................................................................... 51......................................................................................................... Embedded World Exhibition & Conference 2013................................................................. 41................................................................................................. Extreme Engineering Solutions, Inc..................................................................................... 2.............................................................................................................. Intelligent Systems Source................................................................................................. 50................................................................................... MEDS Events..................................................................................................................... 4....................................................................................................... MEN Micro, Inc................................................................................................................. 14......................................................................................................... Microsoft Windows Embedded Evolve 2012....................................................................... 13................................................................................................. One Stop Systems, Inc................................................................................................... 17, Phoenix International.......................................................................................................... 4............................................................................................................ Super Micro Computer, Inc................................................................................................. 7........................................................................................................ Themis Computer.............................................................................................................. 15.............................................................................................................. WDL Systems.................................................................................................................... WinSystems, Inc................................................................................................................. RTC (Issn#1092-1524) magazine is published monthly at 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673. Periodical postage paid at San Clemente and at additional mailing offices. POSTMASTER: Send address changes to RTC, 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673.


meds1301_rtec_ad.indd 2


1/8/13 6:58 PM

RTC magazine  

January 2013

RTC magazine  

January 2013