Part 1: Data Distribution Service

This three-part series focuses on Data Distribution Service (DDS). DDS drives systems like railways, autonomous cars and spacecraft, as well as diagnostic imaging machines, luggage handling and military tanks. We will also examine the current state of DDS and offer recommendations for enterprises to reduce the risks associated with this middleware.

Let's first discuss DDS and how it's used in different industries.

Overview

DDS is a standard middleware software that uses the publish-subscribe paradigm. It allows for the creation of middleware layers to facilitate machine-to-machine communication. This software is essential for embedded systems and applications that have real-time requirements. The Object Management Group (OMG)7 maintains DDS. It is used in all types of critical applications to provide a reliable communication layer between controllers and actuators.

DDS is located at the start of the software supply chain. This makes it easy for hackers to get lost and makes it an attractive target. These companies and agencies are among those that use DDS. This is not a complete list.

  • National Aeronautics and Space Administration at the Kennedy Space Center
  • Siemens invests in wind power plants
  • Bosch and Volkswagen for autonomous valet parking systems
  • Nav Canada and European CoFlight are both available for air-traffic control

DDS can be seen as a communication middleware that allows for interoperability between programs across all programming languages. DDS, a data-centric publishing-subscribe communication protocol, allows developers to create a flexible shared data space for any application that requires two or more nodes to exchange typed information.

DDS is an excellent application programming interface (API) from a programmer's point of view. DDS, in addition to the plain byte streams and C-strings supports serialization or deserialization for any custom built-in data type via a dedicated interface language (IDL).

DDS Applications

DDS is the foundation for other industry standards like OpenFMB (smart-grid applications) and Adaptive AutoSAR (smart-grid applications). DDS is the default middleware in Robot Operating System 2 ("ROS 2"), which is the standard OS for robotics, automation, and other technologies.

DDS is used in conjunction with Real-Time Publish-Subscribe to (RTPS) to implement high-quality middleware layers for mission-critical applications. DDS can be used to transport an artificial intelligence (AI), such as a turn left command, from the electronic control unit to the steering motors.

Below is a list of DDS-related examples, with external resources that provide estimates about the number of devices in each sector or expected to be in the near future.

Sector

Examples of Use Cases

Notable users

Telecommunications networks and networks

* SDN (Software-defined Networking) technologies

*Appliance - Life Cycle

*Management tools (LCM), including 5G

* Fujitsu

Defense

* Command-and-control (C&C), systems

* Navigation systems and radar systems

* Start systems

*National Aeronautics and Space Administration, (NASA).

* NATO Generic Vehicle Architecture, (NGVA)15

* Spanish Army

Virtualization and Cloud

* Intra- and inter-communications between security operations centers (SOC).

* VVIDIA

Energy

* Distribution and power generation

* Research

* GE Healthcare

* Plug-and-Play interoperability program for medical devices (MD PnP).

Mining

* Precision mining

* Mining system automation

* Geological modeling

* Komatsu

* Diagramlogic

* Atlas Copco

Industrial internet-of-things (IIoT), and robotics

* Universal middleware

Robot Operating System (ROS 2)

* AWS Robot

* IRobot

Public and Private Transportation

*Autonomous Vehicles

* ATC (Air Traffic Control)

*Railway management

*Control

*Volkswagen, and Bosch16

* Coflight Consortium - Selex-SI, Thales

* Nav Canada

Examining the DDS Attack Feasibility

Our team of experts analyzed DDS standards and found multiple security flaws. In November 2021, thirteen new CVE IDs were created for the six most popular DDS implementations. There was also one vulnerability in the standard specifications.

We scanned over 100 organizations across a variety of industries, including telecommunications and cloud services, as well as research and software companies from various countries for a month. Some of these CVEs were detected and affected, while others were identified through nearly 90 90 internet service provider (ISP) numbers and other details.

To get feedback from key DDS users, system integrators and researchers in their respective research areas on our findings, we also interviewed them. The specifications of DDS were then examined, along with the six most active implementations that are maintained by certified vendors worldwide and with millions of deployments.

DDS is the head of the software supply chain and makes it an attractive target for attackers. Between 2020 and 2021 66% of attacks were focused on suppliers' codes. While doing our research, we discovered a source-code repository host in an proprietary DDS implementation. This would have allowed an attacker to infect the source code if left open (MITRE ATT&CK, T0873, and T0839).

DIGITAL DEVICES LTD

Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.

 Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.

 

Comments

Post a Comment

Popular posts from this blog

Support Your Developing business with adaptable application stages

Image
  Reliable, effective, and reasonable - find the PowerEdge T40 from Dell and Intel Windows Server 2022 is here and it's carefully designed to safeguard efficiency with cutting edge development in multifaceted security, mixture abilities and adaptable application stages. Matched with the Dell EMC PowerEdge T40 controlled by the most recent Intel® Xeon® Scalable processors, you get the power, stockpiling, and security you really want to containerise your applications and scale your business with certainty. Also, with essential elements that address normal responsibilities, the T40 upholds your everyday tasks so you can zero in on your business. Further Developed Execution To Help Your Developing Business The Dell EMC PowerEdge T40 tower server is intended to help your private venture with the most recent age of Intel® Xeon® Scalable processors. Assume command over your information - remembering for site availability - and oversee costs by keeping away from obscure public cloud handli...
Read more