Flexible Deep Learning in Edge Computing for Internet of Things

Deep learning is a promising approach for extracting accurate information from raw sensor data from IoT devices deployed in complex environments. Because of its multilayer structure, deep learning is also appropriate for the edge computing environment. Traditional edge computing models have rigid characteristics. Flexible edge computing architecture solves rigidity in IoT edge computing. Proposed model combines deep learning into edge computing and flexible edge computing architecture using multiple agents. Since existing edge nodes have limited processing capability, we also design a novel offloading strategy to optimize the performance of IoT deep learning applications with edge computing. FEC architecture is a flexible and advanced IoT system model characterized by environment adaptation ability and user orientation ability. In the performance evaluation, we test the performance of executing deep learning tasks in FEC architecture for edge computing environment. The evaluation results show that our method outperforms other optimization solutions on deep learning for IoT

Flexible Deep Learning in Edge Computing for Internet of Things

Deep learning is a promising approach for extracting accurate information from raw sensor data from IoT devices deployed in complex environments. Because of its multilayer structure, deep learning is also appropriate for the edge computing environment. Traditional edge computing models have rigid characteristics. Flexible edge computing architecture solves rigidity in IoT edge computing. Proposed model combines deep learning into edge computing and flexible edge computing architecture using multiple agents. Since existing edge nodes have limited processing capability, we also design a novel offloading strategy to optimize the performance of IoT deep learning applications with edge computing. FEC architecture is a flexible and advanced IoT system model characterized by environment adaptation ability and user orientation ability. In the performance evaluation, we test the performance of executing deep learning tasks in FEC architecture for edge computing environment. The evaluation results show that our method outperforms other optimization solutions on deep learning for IoT

A use case of low power wide area networks in future 5G healthcare applications

Abstract. The trend in all cellular evolution to the Long-Term Evolution (LTE) has always been to offer users continuously increasing data rates. However, the next leap forwards towards the 5th Generation Mobile Networks (5G) will be mainly addressing the needs of devices. Machines communicating with each other, sensors reporting to a server, or even machines communicating with humans, these are all different aspects of the same technology; the Internet of Things (IoT). The key differentiator between Machine-to-Machine (M2M) communications and IoT will be the added -feature of connecting devices and sensors not only to themselves, but also to the internet. The appropriate communications network is the key to allow this connectivity. Local Area Networks (LANs) and Wide Area Networks (WANs) have been thought of as enablers for IoT, but since they both suffered from limitations in IoT aspects, the need for a new enabling technology was evident. LPWANs are networks dedicated to catering for the needs of IoT such as providing low energy consumption for wireless devices. LPWANs can be categorized into proprietary LPWANs and cellular LPWANs. Proprietary LPWANs are created by an alliance of companies working together on creating a communications standard operating in unlicensed frequency bands. An example of proprietary LPWANs is LoRa. Whereas cellular LPWANs are standardized by the 3rd Partnership Project (3GPP) and they are basically versions of the LTE standard especially designed for machine communications. An example of cellular LPWANs is Narrowband IoT (NB IoT). This diploma thesis documents the usage of LoRa and NB IoT in a healthcare use case of IoT. It describes the steps and challenges of deploying an LTE network at a target site, which will be used by the LoRa and NB IoT sensors to transmit data through the 5G test network (5GTN) to a desired server location for storing and later analysis.Matalan tehonkulutuksen ja pitkänkantaman teknologian käyttötapaus tulevaisuuden 5G:tä hyödyntävissä terveydenhoidon sovelluksissa. Tiivistelmä. Pitemmän aikavälin tarkastelussa matkaviestintäteknologian kehittyminen nykyisin käytössä olevaan Long-Term Evolution (LTE) teknologiaan on tarkoittanut käyttäjille yhä suurempia datanopeuksia. Seuraavassa askeleessa kohti 5. sukupolven matkaviestintäverkkoja (5G) lähestytään kehitystä myös laitteiden tarpeiden lähtökohdista. Toistensa kanssa kommunikoivat koneet, palvelimille dataa lähettävät anturit tai jopa ihmisten kanssa kommunikoivat koneet ovat kaikki eri puolia samasta teknologisesta käsitteestä; esineiden internetistä (IoT). Oleellisin ero koneiden välisessä kommunikoinnissa (M2M) ja IoT:ssä on, että erinäiset laitteet tulevat olemaan yhdistettyinä paitsi toisiinsa myös internettiin. Tätä kytkentäisyyttä varten tarvitaan tarkoitukseen kehitetty matkaviestinverkko. Sekä lähiverkkoja (LAN) että suuralueverkkoja (WAN) on pidetty mahdollisina IoT mahdollistajina, mutta näiden molempien käsitteiden alle kuuluvissa teknologioissa on rajoitteita IoT:n vaatimusten lähtökohdista, joten uuden teknologian kehittäminen oli tarpeellista. Matalan tehonkulutuksen suuralueverkko (LP-WAN) on käsite, johon luokitellaan eri teknologioita, joita on kehitetty erityisesti IoT:n tarpeista lähtien. LP-WAN voidaan jaotella ainakin itse kehitettyihin ja matkaviestinverkkoihin perustuviin teknologisiin ratkaisuihin. Itse kehitetyt ratkaisut on luotu lukuisten yritysten yhteenliittymissä eli alliansseissa ja nämä ratkaisut keskittyvät lisensoimattomilla taajuuksilla toimiviin langattomiin ratkaisuihin, joista esimerkkinä laajasti käytössä oleva LoRa. Matkaviestinverkkoihin perustuvat lisensoiduilla taajuuksilla toimivat ratkaisut on puolestaan erikseen standardoitu 3GPP-nimisessä yhteenliittymässä, joka nykyisellään vastaa 2G, 3G ja LTE:n standardoiduista päätöksistä. Esimerkki 3GPP:n alaisesta LPWAN-luokkaan kuuluvasta teknologiasta on kapea kaistainen IoT-teknologia, NB-IoT. Tässä diplomityössä keskitytään terveydenhoidon käyttötapaukseen, missä antureiden mittaamaa tietoa siirretään langattomasti käyttäen sekä LoRa että NB-IoT teknologioita. Työssä kuvataan eri vaiheet ja haasteet, joita liittyi kun rakennetaan erikseen tiettyyn kohteeseen LTE-verkon radiopeitto, jotta LoRa:a ja NB-IoT:a käyttävät anturit saadaan välittämään mitattua dataa halutulle palvelimelle säilytykseen ja myöhempää analysointia varten. LTE-radiopeiton rakensi Oulun yliopiston omistama 5G testiverkko, jonka tarkoitus on tukea sekä tutkimusta että ympäröivää ekosysteemiä tulevaisuuden 5G:n kehityksessä

Evaluating Performance of Serverless Virtualization

Abstract. The serverless computing has posed new challenges for cloud vendors that are difficult to solve with existing virtualization technologies. Maintaining security, resource isolation, backwards compatibility and scalability is extremely difficult when the platform should be able to deliver native performance. This paper contains a literature review of recently published results related to the performance of virtualization technologies such as KVM and Docker, and further reports a DESMET benchmarking evaluation against KVM and Docker, as well as Firecracker and gVisor, which are being used by Amazon Web Services and Google Cloud in their cloud services. The context for this research is coming from education, where students return their programming assignments into a source code repository system that further triggers automated tests and potentially other tasks against the submitted code. The used environment consists of several software components, such as web server, database and job executor, and thus represents a common architecture in web-based applications. The results of the research show that Docker is still the most performant virtualization technology amongst the selected ones. Additionally, Firecracker and gVisor perform better in some areas than KVM and thus are viable options for single-tenant environments. Lastly, applications that run untrusted code or have otherwise really high security requirements could potentially leverage from using either Firecracker or gVisor

Integration of LoRa Wide Area Network with the 5G Test Network

Abstract. The global communication network is going through major transformation from conventional to more versatile and diversified network approaches. With the advent of virtualization and cloud technology, information technology (IT) is merging with telecommunications to alter the conventional approaches of traditional proprietary networking techniques. From radio to network and applications, the existing infrastructure lacks several features that we wished to be part of 5th Generation Mobile Networks (5G). Having a support for large number of applications, Internet of Things (IoT) will bring a major evolution by creating a comfortable, flexible and an automated environment for end users. A network having the capability to support radio protocols on top of basic networking protocols, when blended with a platform which can generate IoT use cases, can make the expectations of 5G a reality. Low Power Wide Area Network (LPWAN) technologies can be utilized with other emerging and suitable technologies for IoT applications. To implement a network where all the technologies can be deployed virtually to serve their applications within a single cloud, Network Functions Virtualization (NFV) and Software Defined Network (SDN) is introduced to implement such a networking possibility for upcoming technologies. The 5G Test Network (5GTN), a testbed for implementing and testing 5G features in real time, is deployed in virtual platform which allows to add other technologies for IoT applications. To implement a network with an IoT enabler technology, LoRa Wide Area Network (LoRaWAN) technology can be integrated to test the feasibility and capability of IoT implications. LoRaWAN being an IoT enabler technology is chosen out of several possibilities to be integrated with the 5GTN. Using MultiConnect Conduit as a gateway, the integration is realized by establishing point to point protocol (PPP) connection with eNodeB. Once the connection is established, LoRa packets are forwarded to the ThingWorx IoT cloud and responses can be received by the end-devices from that IoT cloud by using Message Queuing Telemetry Transport (MQTT) protocol. Wireshark, an open source packet analyser, is then used to ensure successful transmission of packets to the ThingWorx using the 5GTN default packet routes

OpenEPC Integration within 5GTN as an NFV proof of concept

Abstract. Gone are the days, when a hardware is changed on every malfunctioning and the whole operation either stays down or load on the replacing hardware becomes too much which ultimately compromises the QoS. The IT industry is mature enough to tackle problems regarding scalability, space utilization, energy consumption, cost, agility and low availability. The expected throughput and network latency with 5G in the cellular Telecommunication Networks seems to be unachievable with the existing architecture and resources. Network Function Virtualization promises to merge IT and Telecommunications in such an efficient way that the expected results could be achieved no longer but sooner. The thesis work examines the compatibility and flexibility of a 3GPP virtual core network in a virtualization platform. The testbed is established on an LTE (Long Term Evolution) based network being already deployed and OpenEPC is added as virtual core network on it. The integration of OpenEPC in 5GTN (5TH Generation Test Network) is discussed in details in the thesis which will give an account of the possibility of implementing such a simulated vEPC (Virtual Evolved Packet Core) in a real network platform. The deployed setup is tested to check its feasibility and flexibility for a platform which could be used for NFV deployment in future. The monitoring of OpenEPC’s individual components while utilizing the major resources within them, forms the primary performance test. The CPU Load and Memory Utilization is tested on different CPU stress levels having a constant data traffic from actual UEs. At the completion of the thesis work, a consensus is built up based on the test results that the test setup can hold number of subscribers to a certain amount without any performance degradation. Moreover, the virtual core network throughput and network latency is also compared to the commercial LTE networks and theoretical maximum values on similar resources to check performance consistency OpenEPC must offer

Technology pillars in the architecture of future 5G mobile networks: NFV, MEC and SDN

This paper analyzes current standardization situation of 5G and the role network softwarization plays in order to address the challenges the new generation of mobile networks must face. This paper surveys recent documentation from the main stakeholders to pick out the use cases, scenarios and emerging vertical sectors that will be enabled by 5G technologies, and to identify future high-level service requirements. Driven by those service requirements 5G systems will support diverse radio access technology scenarios, meet end-to-end user experienced requirements and provide capability of flexible network deployment and efficient operations. Then, based on the identified requirements, the paper overviews the main 5G technology trends and design principles to address them. In particular, the paper emphasizes the role played by three main technologies, namely SDN, NFV and MEC, and analyzes the main open issues of these technologies in relation to 5G.Preprin

Uplink data measurement and analysis for 5G eCPRI radio unit

Abstract. The new 5G mobile network generation aims to enhance the performance of the cellular network in almost every possible aspect, offering higher data rates, lower latencies, and massive number of network connections. Arguably the most important change from LTE are the new RU-BBU split options for 5G promoted by 3GPP and other organizations. Another big conceptual shift introduced with 5G is the open RAN concept, pushed forward by organizations such as the O-RAN alliance. O-RAN aims to standardize the interfaces between different RAN elements in a way that promotes vendor interoperability and lowers the entry barrier for new equipment suppliers. Moreover, the 7-2x split option standardized by O-RAN has risen as the most important option within the different low layer split options. As the fronthaul interface, O-RAN has selected the packet-based eCPRI protocol, which has been designed to be more flexible and dynamic in terms of transport network and data-rates compared to its predecessor CPRI. Due to being a new interface, tools to analyse data from this interface are lacking. In this thesis, a new, Python-based data analysis tool for UL eCPRI data was created for data quality validation purposes from any O-RAN 7-2x functional split based 5G eCPRI radio unit. The main goal for this was to provide concrete KPIs from captured data, including timing offset, signal power level and error vector magnitude. The tool produces visual and text-based outputs that can be used in both manual and automated testing. The tool has enhanced eCPRI UL datapath testing in radio unit integration teams by providing actual quality metrics and enabling test automation.Uplink datamittaukset ja -analyysi 5G eCPRI radiolla. Tiivistelmä. Uusi 5G mobiiliverkkogeneraatio tuo mukanaan parannuksia lähes kaikkiin mobiiliverkon ominaisuuksiin, tarjoten nopeamman datasiirron, pienemmät viiveet ja valtavat laiteverkostot. Luultavasti tärkein muutos LTE teknologiasta ovat 3GPP:n ja muiden organisaatioiden ehdottamat uudet radion ja systeemimoduulin väliset funktionaaliset jakovaihtoehdot. Toinen huomattava muutos 5G:ssä on O-RAN:in ajama avoimen RAN:in konsepti, jonka tarkoituksena on standardisoida verkkolaitteiden väliset rajapinnat niin, että RAN voidaan rakentaa eri valmistajien laitteista, laskien uusien laitevalmistajien kynnystä astua verkkolaitemarkkinoille. O-RAN:n standardisoima 7-2x funktionaalinen jako on noussut tärkeimmäksi alemman tason jakovaihtoehdoista. Fronthaul rajapinnan protokollaksi O-RAN on valinnut pakettitiedonsiirtoon perustuvan eCPRI:n, joka on suunniteltu dynaamisemmaksi ja joustavammaksi datanopeuksien ja lähetysverkon suhteen kuin edeltävä CPRI protokolla. Uutena protokollana, eCPRI rajapinnalle soveltuvia data-analyysityökaluja ei ole juurikaan saatavilla. Tässä työssä luotiin uusi pythonpohjainen data-analyysityökalu UL suunnan eCPRI datalle, jotta datan laatu voidaan määrittää millä tahansa O-RAN 7-2x funktionaaliseen jakoon perustuvalla 5G eCPRI radiolla. Työkalun päätarkoitus on analysoida ja kuvata datan laatua laskemalla datan ajoitusoffsettia, tehotasoa, sekä EVM:ää. Työkalu tuottaa tulokset visuaalisena ja tekstipohjaisena, jotta analyysia voidaan tehdä niin manuaalisessa kuin automaattisessa testauksessa. Työkalun käyttöönotto on tehostanut UL suunnan dataputken testausta radio-integrointitiimeissä, tarjoten datan laatua kuvaavaa metriikkaa sekä mahdollistaen testauksen automatisoinnin

Intrusion Detection System against Denial of Service attack in Software-Defined Networking

Das exponentielle Wachstum der Online-Dienste und des über die Kommunikationsnetze übertragenen Datenvolumens macht es erforderlich, die Struktur traditioneller Netzwerke durch ein neues Paradigma zu ersetzen, das sich den aktuellen Anforderungen anpasst. Software-Defined Networking (SDN) ist hierfür eine fortschrittliche Netzwerkarchitektur, die darauf abzielt, das traditionelle Netzwerk in ein flexibleres Netzwerk umzuwandeln, das sich an die wachsenden Anforderungen anpasst. Im Gegensatz zum traditionellen Netzwerk ermöglicht SDN die Entkopplung von Steuer- und Datenebene, um Netzwerkressourcen effizient zu überwachen, zu konfigurieren und zu optimieren. Es verfügt über einen zentralisierten Controller mit einer globalen Netzwerksicht, der seine Ressourcen über programmierbare Schnittstellen verwaltet. Die zentrale Steuerung bringt jedoch neue Sicherheitsschwachstellen mit sich und fungiert als Single Point of Failure, den ein böswilliger Benutzer ausnutzen kann, um die normale Netzwerkfunktionalität zu stören. So startet der Angreifer einen massiven Datenverkehr, der als Distributed-Denial-of-Service Angriff (DDoSAngriff) von der SDN-Infrastrukturebene in Richtung des Controllers bekannt ist. Dieser DDoS-Angriff führt zu einer Sättigung der Steuerkanal-Bandbreite und belegt die Ressourcen des Controllers. Darüber hinaus erbt die SDN-Architektur einige Angriffsarten aus den traditionellen Netzwerken. Der Angreifer fälscht beispielweise die Pakete, um gutartig zu erscheinen, und zielt dann auf die traditionellen DDoS-Ziele wie Hosts, Server, Anwendungen und Router ab. In dieser Arbeit wird das Verhalten von böswilligen Benutzern untersucht. Anschließend wird ein Intrusion Detection System (IDS) zum Schutz der SDN-Umgebung vor DDoS-Angriffen vorgestellt. Das IDS berücksichtigt dabei drei Ansätze, um ausreichendes Feedback über den laufenden Verkehr durch die SDN-Architektur zu erhalten: die Informationen von einem externen Gerät, den OpenFlow-Kanal und die Flow-Tabelle. Daher besteht das vorgeschlagene IDS aus drei Komponenten. Das Inspector Device verhindert, dass böswillige Benutzer einen Sättigungsangriff auf den SDN-Controller starten. Die Komponente Convolutional Neural Network (CNN) verwendet eindimensionale neuronale Faltungsnetzwerke (1D-CNN), um den Verkehr des Controllers über den OpenFlow-Kanal zu analysieren. Die Komponente Deep Learning Algorithm(DLA) verwendet Recurrent Neural Networks (RNN), um die vererbten DDoS-Angriffe zu erkennen. Sie unterstützt auch die Unterscheidung zwischen bösartigen und gutartigen Benutzern als neue Gegenmaßnahme. Am Ende dieser Arbeit werden alle vorgeschlagenen Komponenten mit dem Netzwerkemulator Mininet und der Programmiersprache Python modelliert, um ihre Machbarkeit zu testen. Die Simulationsergebnisse zeigen hierbei, dass das vorgeschlagene IDS im Vergleich zu mehreren Benchmarking- und State-of-the-Art-Vorschlägen überdurchschnittliche Leistungen erbringt.The exponential growth of online services and the data volume transferred over the communication networks raises the need to change the structure of traditional networks to a new paradigm that adapts to the development’s demands. Software- Defined Networking (SDN) is an advanced network architecture aiming to evolve and transform the traditional network into a more flexible network that responds to the new requirements. In contrast to the traditional network, SDN allows decoupling of the control and data planes functionalities to monitor, configure, and optimize network resources efficiently. It has a centralized controller with a global network view to manage its resources using programmable interfaces. The central control brings new security vulnerabilities and acts as a single point of failure, which the malicious user might exploit to disrupt the network functionality. Thus, the attacker launches massive traffic known as Distributed Denial of Service (DDoS) attack from the SDN infrastructure layer towards the controller. This DDoS attack leads to saturation of control channel bandwidth and destroys the controller resources. Furthermore, the SDN architecture inherits some attacks types from the traditional networks. Therefore, the attacker forges the packets to appear benign and then targets the traditional DDoS objectives such as hosts, servers, applications, routers. This work observes the behavior of malicious users. It then presents an Intrusion Detection System (IDS) to safeguard the SDN environment against DDoS attacks. The IDS considers three approaches to obtain sufficient feedback about the ongoing traffic through the SDN architecture: the information from an external device, the OpenFlow channel, and the flow table. Therefore, the proposed IDS consists of three components; Inspector Device prevents the malicious users from launching the saturation attack towards the SDN controller. Convolutional Neural Network (CNN) Component employs the One- Dimensional Convolutional Neural Networks (1D-CNN) to analyze the controller’s traffic through the OpenFlow Channel. The Deep Learning Algorithm (DLA) component employs Recurrent Neural Networks (RNN) to detect the inherited DDoS attacks. The IDS also supports distinguishing between malicious and benign users as a new countermeasure. At the end of this work, the network emulator Mininet and the programming language python model all the proposed components to test their feasibility. The simulation results demonstrate that the proposed IDS outperforms compared several benchmarking and state-of-the-art suggestions

InDEx – Industrial Data Excellence

InDEx, the Industrial Data Excellence program, was created to investigate what industrial data can be collected, shared, and utilized for new intelligent services in high-performing, reliable and secure ways, and how to accomplish that in practice in the Finnish manufacturing industry.InDEx produced several insights into data in an industrial environment, collecting data, sharing data in the value chain and in the factory environment, and utilizing and manipulating data with artificial intelligence. Data has an important role in the future in an industrial context, but data sources and utilization mechanisms are more diverse than in cases related to consumer data. Experiences in the InDEx cases showed that there is great potential in data utili zation.Currently, successful business cases built on data sharing are either company-internal or utilize an existing value chain. The data market has not yet matured, and third-party offerings based on public and private data sources are rare. In this program, we tried out a framework that aimed to securely and in a controlled manner share data between organizations. We also worked to improve the contractual framework needed to support new business based on shared data, and we conducted a study of applicable business models. Based on this, we searched for new data-based opportunities within the project consortium. The vision of data as a tradeable good or of sharing with external partners is still to come true, but we believe that we have taken steps in the right direction.The program started in fall 2019 and ended in April 2022. The program faced restrictions caused by COVID-19, which had an effect on the intensity of the work during 2020 and 2021, and the program was extended by one year. Because of meeting restrictions, InDEx collaboration was realized through online meetings. We learned to work and collaborate using digital tools and environments. Despite the mentioned hindrances, and thanks to Business Finland’s flexibility, the extension time made it possible for most of the planned goals to be achieved.This report gives insights in the outcomes of the companies’ work within the InDEx program. DIMECC InDEx is the first finalized program by the members of the Finnish Advanced Manufacturing Network (FAMN, www.famn.fi).</p