A highly-available and scalable microservice architecture for access management

Access management is a key aspect of providing secure services and applications in information technology. Ensuring secure access is particularly challenging in a cloud environment wherein resources are scaled dynamically. In fact keeping track of dynamic cloud instances and administering access to them requires careful coordination and mechanisms to ensure reliable operations. PrivX is a commercial offering from SSH Communications and Security Oyj that automatically scans and keeps track of the cloud instances and manages access to them. PrivX is currently built on the microservices approach, wherein the application is structured as a collection of loosely coupled services. However, PrivX requires external modules and with specific capabilities to ensure high availability. Moreover, complex scripts are required to monitor the whole system. The goal of this thesis is to make PrivX highly-available and scalable by using a container orchestration framework. To this end, we first conduct a detailed study of mostly widely used container orchestration frameworks: Kubernetes, Docker Swarm and Nomad. We then select Kubernetes based on a feature evaluation relevant to the considered scenario. We package the individual components of PrivX, including its database, into Docker containers and deploy them on a Kubernetes cluster. We also build a prototype system to demonstrate how microservices can be managed on a Kubernetes cluster. Additionally, an auto scaling tool is created to scale specific services based on predefined rules. Finally, we evaluate the service recovery time for each of the services in PrivX, both in the RPM deployment model and the prototype Kubernetes deployment model. We find that there is no significant difference in service recovery time between the two models. However, Kubernetes ensured high availability of the services. We find that Kubernetes is the preferred mode for deploying PrivX and it makes PrivX highly available and scalable

Storage Solutions for Big Data Systems: A Qualitative Study and Comparison

Big data systems development is full of challenges in view of the variety of application areas and domains that this technology promises to serve. Typically, fundamental design decisions involved in big data systems design include choosing appropriate storage and computing infrastructures. In this age of heterogeneous systems that integrate different technologies for optimized solution to a specific real world problem, big data system are not an exception to any such rule. As far as the storage aspect of any big data system is concerned, the primary facet in this regard is a storage infrastructure and NoSQL seems to be the right technology that fulfills its requirements. However, every big data application has variable data characteristics and thus, the corresponding data fits into a different data model. This paper presents feature and use case analysis and comparison of the four main data models namely document oriented, key value, graph and wide column. Moreover, a feature analysis of 80 NoSQL solutions has been provided, elaborating on the criteria and points that a developer must consider while making a possible choice. Typically, big data storage needs to communicate with the execution engine and other processing and visualization technologies to create a comprehensive solution. This brings forth second facet of big data storage, big data file formats, into picture. The second half of the research paper compares the advantages, shortcomings and possible use cases of available big data file formats for Hadoop, which is the foundation for most big data computing technologies. Decentralized storage and blockchain are seen as the next generation of big data storage and its challenges and future prospects have also been discussed

PLC Virtualization and Software Defined Architectures in Industrial Control Systems

Today’s automation systems are going through a transition called Industry 4.0, referring to the Fourth Industrial Revolution. New concepts, such as cyber-physical systems, mi-croservices and Smart Factory are introduced. This brings up the question of how some of these new technologies can be utilized in Industrial Control Systems. Machines and production lines are nowadays controlled by hardware PLCs and this is considered as a state-of-the-art solution. However, the market demands are continuously increasing and pushing the industry e.g. to lower the operational costs and to develop more agile solutions. Industry 4.0 provides promising approaches to take a step forward and consider PLC virtualization. The purpose of this thesis was to evaluate PLC virtualization possibilities using different Software Defined Architectures. Requirements and benefits of different solutions were evaluated. The major objective of the case study was to compare container- and hypervisor-based virtualization solutions using Docker and KVM. The case study provides a modular and scalable IIoT solution in which a virtual PLC takes over the control instead of a hardware PLC. Node-RED was used as a runtime environment and an I/O-module was needed to set up a control loop test. Response time of the control loop was measured by capturing Modbus traffic with tcpdump. Multiple iterations were performed to show minimum, maximum, average, median and 90th pctl. latencies. The results indicate that the container-based solution has a smaller overhead than the hypervisor-based solution and it has a very little overhead in general. Peak latencies are a concern and even the average latencies show that this solution would not be suitable for any hard real-time or safety-related applications. Further investigation on the topic would be needed to estimate the actual potential of PLC virtualization on hard real-time applications. First of all, a more powerful hardware PC would be needed to perform such tests. Secondly, a faster industrial protocol than Modbus TCP/IP would be required. Perhaps another kind of approach would be needed to overcome the issues that were experienced in this case study. It would be interesting to test a direct communication between virtual PLC and I/O and use Node-RED nodes for example to trigger inputs. Anyhow, it seems that container-based solution is holding much promise as a virtualization approach

Web application for energy system

This bachelor thesis describes the development of a web application that allows users to configure and save simulations for an energy system. The application utilizes a pre-existing simulator pack to generate real-time results, which are displayed to the user in chart form. The development stack includes Sveltekit, FastAPI, and GraphQL, with the latter used to retrieve and display data. The application features a login system and user-specific configuration options, enabling users to tailor simulations to their needs. The system is built to be scalable and easy-to-implement new features such as a better system for storage and automated test. The team focused on long term for this project and made sure it would be easy for other people to work on it later. The resulting application provides an efficient and user-friendly means of simulating energy systems, with potential applications in both research and industry

Web application for energy system integration

This bachelor thesis describes the development of a web application that allows users to configure and save simulations for an energy system. The application utilizes a pre-existing simulator pack to generate real-time results, which are displayed to the user in chart form. The development stack includes Sveltekit, FastAPI, and GraphQL, with the latter used to retrieve and display data. The application features a login system and user-specific configuration options, enabling users to tailor simulations to their needs. The system is built to be scalable and easy-to-implement new features such as a better system for storage and automated test. The team focused on long term for this project and made sure it would be easy for other people to work on it later. The resulting application provides an efficient and user-friendly means of simulating energy systems, with potential applications in both research and industry

Web application for energy system integration

This bachelor thesis describes the development of a web application that allows users to configure and save simulations for an energy system. The application utilizes a pre-existing simulator pack to generate real-time results, which are displayed to the user in chart form. The development stack includes Sveltekit, FastAPI, and GraphQL, with the latter used to retrieve and display data. The application features a login system and user-specific configuration options, enabling users to tailor simulations to their needs. The system is built to be scalable and easy-to-implement new features such as a better system for storage and automated test. The team focused on long term for this project and made sure it would be easy for other people to work on it later. The resulting application provides an efficient and user-friendly means of simulating energy systems, with potential applications in both research and industr