Space CommunicationsProtocol Standards --

Capabilities and SoftwareRobert C. Durst

The MITRE Corporation

22 February 2001

Congestion control appropriate formixed-loss environments(congestion, corruption, outage);Selective negative acknowledgment;Robust header compression;RFC 1323 window scaling;Partial Reliability service (BETS);

Delimitation of record boundaries;RFC 1323 timestamps for high ratesequencing, delay measurement.

Record read & record update;File & record Integrity;Automatic restart;User suspend/resume;Suppress ASCII reply codes.

SCPS FILE TRANSFER PROTOCOL(SCPS-FP)

SCPS TRANSPORT PROTOCOL(SCPS-TP)

SCPS SECURITY PROTOCOL(SCPS-SP)

INTERNET SECURITY

PROTOCOL (IPSec)

SCPS NETWORKPROTOCOL(SCPS-NP)

7

4

3.5

3

Underlying Link Protocol2

(Optional)

+/-FTP

Authentication: guarantee of the identity of a source;Access Control: prevention of unauthorized access;Integrity: protection against modification;Confidentiality: protection from disclosure.

Provide both connectionless and managed- connection routing;Support precedence (priority) based handling;Offer multiple routing options;Signal errors to the layer above;Support packet lifetime control;Scalable - tailor capability to need, e.g., highcommunications efficiency in constrainedbandwidth conditions.

+/-TCP/UDP

SCPS Capabilities

SCPS sits on top of existing linkcapabilities, and augments them

(Optional)

INTERNETPROTOCOL

(IP)

3

SCPS Protocols -- Layering Options

SCPS-NPSCPS-NP IPIP

LinkLink

SCPS-SPSCPS-SP

Socket Interface

Other AppsOther Apps

IPSecIPSec

UDPUDP

SCPS Extensionsto the SocketInterface

TCPTCPS

CP

S-F

PS

CP

S-F

P

CommonNetwork-LayerInterface

TCPOptions

TCPTCPOptionsOptions

FTPFTPFTPFeatures

FTPFTPFeaturesFeatures

SCPS-TP Optionsin yellow

4

SCPS Reference Implementation

l The SCPS protocols have been implemented as anapplication that runs on most Unix platforms

- Software is freely available to all interests (no longerexport controlled)

- Copies distributed to commercial, academic, andgovernment organizations

l Commercialization activities- Avtec Systems - commercial SCPS satellite ground

systems and SCPS transport layer gateway- Major Spacecraft Bus Contractor “1” - building VxWorks-

based version of SCPS protocols for spacecraft on-boardOS

- Major Aerospace Contractor “2” - Building VxWorks-based stack for military use

- Major Aerospace Contractor “3” - testing SCPS Gatewayfor commercial UHF SATCOM

5

Reference Implementation - Capabilities

l End-system configuration- Application-space implementation: primarily an

evaluation tool- Implementations of the FP, TP, SP, NP (and interface to IP)- Simple test applications- Configuration scripts to set various host and

configuration defaults- Portable across most UNIX systems

l Protocol-translating transport-layer gateway configuration- TCP-to-TP conversion- UDP pass through (with rate control)- Optional use of SP- Either IP or IP-to-NP conversion- FreeBSD or Linux (with Divert sockets)- Java Graphical User Interface to configure gateway rules

6IP or UDP/IP EncapsulationIP or UDP/IP Encapsulation

SCPS Reference Implementation Options:End System Configuration

SCPS-NPSCPS-NP IP InterfaceIP Interface

SCPS-SPSCPS-SP

SCPS Sockets

Other AppsOther Apps

UDPUDP

User Application

TCPTCPS

CP

S-F

PS

CP

S-F

P

TCPOptions

TCPTCPOptionsOptions

FTPFTPFTPFeatures

FTPFTPFeaturesFeatures

Kernel Sockets

7IPIP

SCPS Reference Implementation Options:Transport Layer Gateway Configuration

SCPS-NPSCPS-NP IP InterfaceIP Interface

SCPS-SPSCPS-SP

Gateway FunctionGateway Function

User Application

TCPTCPTCPOptions

TCPTCPOptionsOptions

Kernel Sockets

LinkLink

RoutesRoutesJava GUIJava GUI

8

SCPS Reference ImplementationDistribution

l Unrestricted distribution as of July 2000- 13 non-US requesters to date

l 79 total copies of the SCPS Reference Implementationdistributed (does not include updates) as of 8 Jan 2001

- Industry: 46- Academia: 10- Government: 23

Contact Information:Robert C. Durst

The MITRE Corporationdurst@mitre.org

+1 703 883-7535 voice+1 703 883-7142 fax

Backup Information:SCPS Overview

Robert C. DurstThe MITRE Corporation

durst@mitre.org+1 703 883-7535 voice+1 703 883-7142 fax

11

Agenda

l SCPS Capabilities and Layers- Layering options and key protocol relationships- Capabilities by layer

l SCPS Software- Reference Implementation- Independent implementations- Testing

12

CCSDS International

Standardization Complete

A Journeyman’s Perspective

Munich IETF:TCP Performance

Issues

Autobuffer tuning

Mobicom ‘96: TCP Extensions for

Space Comm.

NASA/DOD meetings,NASA participation

in GPALS TIM

SCPS Development Timeline

AIAA-brokeredintroductions between

USSPACECOM and NASA

Internet congestion

collapse, TCPFast Retransmit,

RFC 1072

TCP Fast Recovery

RFC 1323

1991 1992 1993 1994 1995 1996 1997 1998 1999 2000199019891988

SACK TCP (RFC 2018)

SCPS Phase 2 - Specification,

Development, & Test

SCPS Phase 1 - Exploration

and Definition

Beginning of SCPS Phase 3 -

Deployment

The Dark Ages of GOSIP

TCPSAT WG

RED ECN

SCPS Capabilities andLayers

14

SCPS Protocols -- Layering Options

SCPS-NPSCPS-NP IPIP

LinkLink

SCPS-SPSCPS-SP

Socket Interface

Other AppsOther Apps

IPSecIPSec

UDPUDP

SCPS Extensionsto the SocketInterface

TCPTCPS

CP

S-F

PS

CP

S-F

P

CommonNetwork-LayerInterface

TCPOptions

TCPTCPOptionsOptions

FTPFTPFTPFeatures

FTPFTPFeaturesFeatures

SCPS-TP Optionsin yellow

Congestion control appropriate formixed-loss environments(congestion, corruption, outage);Selective negative acknowledgment;Robust header compression;RFC 1323 window scaling;Partial Reliability service (BETS);

Delimitation of record boundaries;RFC 1323 timestamps for high ratesequencing, delay measurement.

Record read & record update;File & record Integrity;Automatic restart;User suspend/resume;Suppress ASCII reply codes.

SCPS FILE TRANSFER PROTOCOL(SCPS-FP)

SCPS TRANSPORT PROTOCOL(SCPS-TP)

SCPS SECURITY PROTOCOL(SCPS-SP)

INTERNET SECURITY

PROTOCOL (IPSec)

SCPS NETWORKPROTOCOL(SCPS-NP)

7

4

3.5

3

Underlying Link Protocol2

(Optional)

+/-FTP

Authentication: guarantee of the identity of a source;Access Control: prevention of unauthorized access;Integrity: protection against modification;Confidentiality: protection from disclosure.

Provide both connectionless and managed- connection routing;Support precedence (priority) based handling;Offer multiple routing options;Signal errors to the layer above;Support packet lifetime control;Scalable - tailor capability to need, e.g., highcommunications efficiency in constrainedbandwidth conditions.

+/-TCP/UDP

SCPS Capabilities

SCPS sits on top of existing linkcapabilities, and augments them

(Optional)

INTERNETPROTOCOL

(IP)

16

SCPS Network Protocol:Key Features

l 4-octet minimum header size, increases only to supportrequired options (on per-packet basis)

l Addressing - Transport interface is via IP Addresses

- Available translations for bandwidth efficiency:

l“Flow ID” style (1 byte)

lShort source and destination (1 byte each)

- If translation not defined, regular addresses shipped

l Precedence - 16 levels (independent of IP TOS field)

l Routing - different routing treatments selectable per packet(e.g., standard, flood)

l IP TOS Field supported

l Enhanced network control functions

17

Important DifferencesBetween SCPS-NP and IP

l SCPS-NP has 8191-byte packet size limit and no fragmentation

l SCPS-NP has max of 16 upper-layer protocols identifiable

l SCPS-NP has 16 levels of precedence, independent of TOS field

l SCPS-NP’s version of ICMP (SCMP) supports explicit signalingof congestion, corruption, and link outage (requires informationfrom link layer)

18

SCPS Security Protocol

l Resides above SCPS-NP or IP

l Developed under NSA sponsorship by SPARTA- Originally conceived for Brilliant Eyes/Brilliant Pebbles- Major design driver was reduction in header overhead -

ruled out use of existing Internet protocols such asIPSec

Security Protocol Capabilities Comparison

Capability SCPS IP Remarks SP SEC

• Confidentiality l l

• Integrity l l

• Authentication l l

• Access Control l l

• Replay Protection l SP uses transport sequence numbers

• Multiple security l Omitted for bit-efficiency

associations per

address pair

20

SCPS Transport Protocol

l SCPS-TP is TCP, with extensions, and UDP- TCP extensions developed to improve performance in

tetherless environments- Additional services defined to support enhanced

operations modes- Fully interoperable with existing TCPs - enhanced

capabilities signaled by TCP options on connectionestablishment

l SCPS extensions developed for spacecraft communication- Equally applicable to SATCOM, low bandwidth, and/or

error-prone environments- Rate control capability applicable in bandwidth-

reserved environments (e.g. integrated services)

21

SCPS-TP Enhancements to TCP

l Congestion control alternatives:- “Standard” TCP (RFC 2001)- Adaptations of TCP-“Vegas” congestion avoidance- Rate control (with or without other congestion control)

l Selective Negative ACKl Explicit corruption and link outage responsesl Loss-tolerant header compressionl Partial reliability servicel Record boundary marking

22

Major SCPS-TP Enhancements to TCP

l Congestion control alternatives:- Standard TCP (RFC 2001)- TCP-Vegas

lAvoids congestion loss by measuring queuing- Rate control

lAvailable in combination with RFC 2001 or VegaslCan be used solo -- ideal for layering over Dynamic

QOS RSVP enhancements (ongoing research) orbetween SCPS gateways over dedicated capacitylink

23

Major SCPS-TP Enhancements to TCP(Continued)

l Error recovery modifications- Selective NACK defined

lMore bandwidth-efficient than SACKlDoesn’t require 3 duplicate ACKs to invoke

retransmission- Explicit corruption and link outage responses defined

lCorruption response doesn’t reduce transmissionrate

lLink outage response invokes zero-window probe(persist)

lCoupled to network-layer signals- Can configure TCP-Vegas congestion control to not

assume loss is a signal of congestionlUses queueing and explicit congestion notification

as indications of congestion

24

Major SCPS-TP Enhancements to TCP(Continued)

l Additional enhancements- Loss-tolerant header compression

lOperates end-to-end - integrated with TCP statemachine - multi-hop does not requiredecompression/recompression

lDoes not lose synchronization when packets are lost- Record boundary marking

lAdds an option to delimit the end of a record,preserved appropriately across segmentation andreassembly

- Partial Reliability Servicel In-sequence, correct, possibly incompletelSender controls retransmission attempts, just “moves

on” if retransmission count exceeded

25

SCPS-File Protocol

l Standard FTP with enhancements

- Record Read

- Record Update

- Autorestart

- Manual Interrupt

- Suppression of Reply Text

SCPS Software

27

SCPS Reference Implementation

l The SCPS protocols have been implemented as anapplication that runs on most Unix platforms

- Software is freely available to all interests (no longerexport controlled)

- Copies distributed to commercial, academic, andgovernment organizations

l Commercialization activities- Avtec Systems - commercial SCPS satellite ground

systems and SCPS transport layer gateway- Major Spacecraft Bus Contractor “1” - building VxWorks-

based version of SCPS protocols for spacecraft on-boardOS

- Major Aerospace Contractor “2” - Building VxWorks-based stack for military use

- Major Aerospace Contractor “3” - testing SCPS Gatewayfor commercial UHF SATCOM

28

Reference Implementation - Capabilities

l End-system configuration- Application-space implementation: primarily an

evaluation tool- Implementations of the FP, TP, SP, NP (and interface to IP)- Simple test applications- Configuration scripts to set various host and

configuration defaults- Portable across most UNIX systems

l Protocol-translating transport-layer gateway configuration- TCP-to-TP conversion- UDP pass through (with rate control)- Optional use of SP- Either IP or IP-to-NP conversion- FreeBSD or Linux (with Divert sockets)- Java Graphical User Interface to configure gateway rules

29IP or UDP/IP EncapsulationIP or UDP/IP Encapsulation

SCPS Reference Implementation Options:End System Configuration

SCPS-NPSCPS-NP IP InterfaceIP Interface

SCPS-SPSCPS-SP

SCPS Sockets

Other AppsOther Apps

UDPUDP

User Application

TCPTCPS

CP

S-F

PS

CP

S-F

P

TCPOptions

TCPTCPOptionsOptions

FTPFTPFTPFeatures

FTPFTPFeaturesFeatures

Kernel Sockets

30IPIP

SCPS Reference Implementation Options:Transport Layer Gateway Configuration

SCPS-NPSCPS-NP IP InterfaceIP Interface

SCPS-SPSCPS-SP

Gateway FunctionGateway Function

User Application

TCPTCPTCPOptions

TCPTCPOptionsOptions

Kernel Sockets

LinkLink

RoutesRoutesJava GUIJava GUI

31

SCPS Reference ImplementationDistribution

l Unrestricted distribution as of July 2000- 13 non-US requesters to date

l 79 total copies of the SCPS Reference Implementationdistributed (does not include updates) as of 8 Jan 2001

- Industry: 46- Academia: 10- Government: 23

32

An Internet

An Internet

ES

ES

ES

ES

ES

ESES

ES

ES

ESES

ES

ES

GW

Distinguishing features:• Single gateway configuration - provides

IP<->NP conversion, possibly peer gatewayin spacecraft or space-based hosts use NP

• Terrestrial hosts are IP based and use IP infrastructure

SCPS

Deployment Alternative:End-to-End SCPS Transport Modifications

33

Non-SCPS

An Internet

An Internet

ES

ES

ES

ES

ES

ESES

ES

ES

ESES

ES

ES

GW

Distinguishing features:• Single gateway configuration• ES connections on satellite/

wireless side traverse the satellitehop - ES’s must be SCPS-aware

• Wireless ES-to-ES communication using SCPS possible without GW’s

SCPS

Deployment Alternative:Single Transport-Layer Gateway

34

An Internet

A LAN/Internet

An Internet

ES

ES

ES

ES

ES

ESES

ES

ES

ES

ES

ES

ESES

ESES

GWGWSCPS

Distinguishing features:• Dual-gateway configuration• ES transport connections do not

cross the satellite/wireless link so ES’s do not have to be satellite/wireless aware (I.e., can be non-SCPS)

• Application layer connections run end-to-end

Non-SCPS

Non-SCPS

Deployment Alternative:Dual Transport-Layer Gateways

35

Transport Layer Gateways - Discussion

l Applications run end-to-end- Consistent with “End-to-End Argument” - the application

process is the true endpoint, not the box- Even with TCP, applications still responsible for

assurance of delivery - socket close/shutdown semanticsl Gateway advantages

- “Impedance matching” - transport and network protocolfeatures and assumptions suited to the environment

- Control loop isolation, appropriate default assumptions

- Doesn’t require host modifications - “stock” TCP/IP in hosts canstill derive benefits of enhanced TCP

l Issues- IPSec interaction: transparent gateways vs. security

associations

- End-to-end security at application layer

36

Test and Implementation Experience:Developer Testing

l Three major test reports available via SCPS web page(http://www.scps.org)

- “Bent-pipe”- STRV 1B- ACTS

l Innumerable lab tests to examine specific issuesl Upcoming: STRV 1D Test

- 4Q2000 - 1Q2001- NP and IP over CCSDS Link- SCPS Gateway in control center- VPN via IPSEC from control center to Internet-based users- Follow-on testing using commercial ground system

provider and commercial ground equipment (includingSCPS Gateway)

- Testing at least delayed due to spacecraft problems

ACTS Satellite Test Configuration

User Site 1 User Site 2

SOURCE DESTINATION

Ethernet LAN Ethernet LAN

TP/IPor

TCP/IP

TP/IPor

TCP/IP

IP IP

Single GEO satellite

Router Router

WS1 WS2WS3

Congestion TrafficGenerator

Ground Station 1 Ground Station 2

38

Selected Results: 2Mbps Corruption Test -Throughput

Throughput - Corruption Environment - Normalized to 2 Mbps

4 Mbyte file, 1400 byte packets

0

10

20

30

40

50

60

70

80

90

100

1.00E-08 1.00E-07 1.00E-06 1.00E-05 1.00E-04 1.00E-03

Link Bit Error Rate

TP, Rate Ctl.

TP, Vegas

TCP

39

Selected Results: 2Mbps Congestion Test -Throughput

T h r o u g h p u t - C o n g e s t i o n E n v i r o n m e n t a t 2 M b p s

4 M b y t e f i l e , 1 4 0 0 b y t e p a c k e t s

0

200

400

600

800

1000

1200

1400

1600

100 110 120 130 140 150 160 170 180 190 200

Congestion (random variable: max % of link capacity)

TP

TCP

40

Test and Implementation Experience:Independent Testing

l Avtec Systems - Commercial CCSDS equipment supplier- Port of SCPS Reference Implementation over ACTS

satellite -- Test results in AIAA paper:http://www.avtec.com/sgs/pubs/pdf/AIAA_Paper.pdf

l New Mexico State University- Built hardware link simulator- Tested SCPS enhancements versus TCP over simulator

lResults taken with important SCPS features disabled --didn’t see differences from TCP

lThey are currently rerunning their test suite with SCPSfeatures enabled -- initial results consistent with ourlab testing

l Joint Expeditionary Force Experiment 2000 (JEFX 2000)- Joint US services test- SCPS Gateways with SATCOM and military tactical radios

from C130 to ground

41

Independent Implementations

l Avtec Systems- Implemented Windows-NT based in-kernel port- End system and gateway products in development- Avtec SCPS Gateway to be used in STRV-1D follow-on

l Xiphos Technologies- Canadian company- Developed hardware implementation of SCPS-NP for

spacecraft onboard use- Currently developing independent implementation of

SCPS-TPl Global Sciences and Technology

- Currently developing Linux kernel implementation- Lead on VxWorks “kernel” implementation for STRV-1D

Contact Information:Robert C. Durst

The MITRE Corporationdurst@mitre.org

+1 703 883-7535 voice+1 703 883-7142 fax