Next Generation Networks and Grids Bill St. Arnaud

CANARIE Inc.- Overview Federal leadership: Concept born in 1990 out of Industry Canada discussions Founding: Incorporated in 1993 by industry and academia Funding: From Industry Canada: For networks and research applications from Canadian Heritage, HRDC, Health Canada Mission: To facilitate development and use of Canada’s advanced communications infrastructure Primary stakeholders: Government Departments, universities, provincial research networks, broader research community, colleges, carriers, IT sector, SMEs, broader education sector, broader health sector, provinces

CANARIE’s S&T Integration Platform: CA*net 4 CANARIE supports federal and provincial innovation and government science centers across Canada. CRC NRC Granting Councils Granting Councils NCEs CFI Genome Canada Genome Canada DFO Stats Can DND NRCAN Ag-Cda CSA Canada’s National Research and Innovation Network: Links 200+ Research Organizations International Research Institutes International Research Institutes Provincial Research Institutes & Universities Provincial Research Institutes & Universities 56 international peer networks in Asia (12), Europe (30), and North/South America (14) 40 countries connected 10 provincial networks, 10+ provincial institutes 80 universities 50 colleges

Canada as a global network hub >Canada through CA*net 4 is becoming a global hub for international research network connectivity >Countries such as Korea, Japan, Taiwan, Ireland, etc are acquiring wavelengths across CA*net 4 and routing their traffic through Canada >New milestones in scientific collaboration have been achieved

Canada’s role: Huygens probe Titan/Saturn >Real time eVLBI data from Huygens/Cassini satellite with be distributed from Australian receiving dishes across Canada’s CA*net 4 to correlators in Netherlands >First time demonstration of collection and distribution of satellite eVLBI data using advanced networks >Critical for mid-course correction and analyzing descent into Titan atmosphere >Understanding Titan’s atmosphere will give insight into our own climate and atmosphere

Grid Canada’s Certification Service >In partnership with NRC, CANARIE operates Canada’s national certificate and authentication service – Canada’s science “passport” to authenticate users for access to remote labs and facilities – Recognized around the world by science labs, grids and facilities – Allows single sign on to multiple resources – One of the largest science certificate authorities in the world with over 1000 users >For more information –

Enabling US Science Integration: “Cyber-Infrastructure” >To provide an integrated, high-end system of computing, data facilities, connectivity, software, services, and instruments that enables all scientists, engineers and educators to work in new ways on advanced research problems that would not otherwise be solvable … Peter Freeman, National Science Foundation >“[Science is] a series of peaceful interludes punctuated by intellectually violent revolutions...[in which]... one conceptual world view is replaced by another.” --Thomas Kuhn, from The Structure of Scientific Revolutions >We are in the midst of just such a revolution – Peter Freeman NSF >Proposed budget of $1 billion per year >In addition NASA, DoE, DARPA plan to spend $250m per year in related areas

“i-Infrastructure”: CANARIE’s proposed platform to enable S&T Integration Strategy >i-Infrastructure – “intelligent infrastructure” >CA*net 4 has made Canada a world leader in next generation optical networks >Through intelligent infrastructure we have an opportunity to leverage our leadership in optical networking to help Canada become a world leader in integrative science infrastructure

Canadian i-Infrastructure Projects SAFORAH TRIUMF- ATLAS Canadian Light Source Neptune Canada GEO-ICT Sensor Web Canadian Virtual Observatory Canadian Bio-Informatics Resource eVLBI for GPS

Canadian Forestry Grid >SAFORAH (System of Agents for Forest Observation Research with Automation Hierarchies). >SAFORAH connects five locations across the country to support the monitoring of Canada's forests >Together, all five locations will generate data equaling 40 terabytes (TB) per month >Integrates data from satellites, sensors, chemical, biologic info, etc

Neptune Integrative Science Plate tectonic processes and earthquake dynamics Dynamic processes of fluid fluxes and gas hydrates in the sea bed Regional ocean/climate dynamics and effects on the marine biota Deep-sea ecosystem dynamics

Purpose of i-Infrastructure >To use common network services architectures to improve ability to access and control instruments, facilities, databases, computers and sensors across the network >To allow remote access to distributed or difficult to reach instruments and facilities – E.g. Undersea sensors, remote telescopes >To facilitate international S&T collaboration relating to large expensive scientific instruments – ….and provide developing world scientists access to Canadian facilities >To reduce waste and duplication by enabling consolidation and shared use of scientific instruments and facilities – E.g. Ottawa U/NRC Nuclear Magnetic Resonance Farm

How it will work >i-Infrastructure uses web services and web services workflow architectures – Includes User Controlled Lightpaths (UCLP) technology developed by CANARIE >Web has been about accessing images, text, video and data >Next generation “web services” makes instruments, databases, sensors, etc an integral part of the web >Web services workflow tools will allow scientists to construct multi-disciplinary scientific orchestrations integrating data from sensors across networks linked to computers and databases

UCLP Objectives >Allow institutions to integrate wavelengths and fiber from different suppliers and integrate with institution's network management domain – And offer VPNs to users >Create discipline specific re-configurable IP networks – Multihomed network which bypasses firewalls with direct connect to servers and routers >User controlled traffic engineering – Active replacement for Sockeye and Route Science – Alternative to MPLS

Today’s hierarchical IP network University Regional National or Pan-Nationl IP Network Other national networks NREN A NREN B NREN C NREN D

Tomorrow’s peer to peer IP network World University Regional Server World National DWDM Network NREN A NREN B NREN C NREN D Child Lightpaths Child Lightpaths

Creation of application VPNs Commodity Internet Bio-informatics Network University CERN University High Energy Physics Network eVLBI Network Dept Research Network

CANARIE provides APN to TRIUMF Amsterdam New York Toronto Vancouver Victoria Edmonton Ottawa Geneva 10G Lightpath WS 1G Interface WS 5G Interface WS 1.Note: An incoming lightpath (STS) can be assigned to an outgoing STS or a specific interface 2.TIUMF UCLP GUI would only see this APN 3.CANARIE UCLP GUI can this APN or underlying network or other APN 1G Lightpath WS Montreal To Fermi To Brookhaven URI:

TRIUMF APN web service (illustrative example) /etc/ /List of Lightpath web services/ /via winnipeg thunder bay/ /etc/ /List of Interface Web services/ <5GbE interface Victoria /etc/

TRIUMF GUI harvests other APNs UoToronto Physics Tier 2 UoVictoria Physics Tier 2 TRIUMF Tier 1 CERN Tier 0 Amsterdam New York Chicago Toronto Vancouver Victoria FERMI Tier 1 Brookhaven Tier 1 UBC Physics UA Physics UoT Physics Carleton Physics UdM Physics CA*net 4 Edmonton Ottawa Geneav 10G Lightpath WS TRIUMF APN UoT APN UoV APN 1G Interface WS 5G Interface WS External links or APNs Note: Typical View on TRIUMF UCLP GUI Montreal

1G HEPnet daisy chain routed TRIUMF partitions APN and establishes cross connects with 3 rd parties APNs UoToronto Physics Tier 2 UoVictoria Physics Tier 2 TRIUMF Tier 1 CERN Tier 0 Amsterdam New York Chicago Toronto Vancouver Victoria FERMI Tier 1 Brookhaven Tier 1 UBC Physics UA Physics UoT Physics Carleton Physics UdM Physics CA*net 4 Edmonton Ottawa To other physics users at smaller universities Geneav CWDM 5G Tier 1 data 2G Tier 2 data Optional interfaces Note: Typical View on TRIUMF UCLP GUI

CANARIE provides APN to NRC New York Chicago Seattle Victoria Vancouver Edmonton Calgary Regina Saskatoon Winnipeg Toronto Ottawa Montreal Fredericton Halifax CA*net 4 router 2G Lightpath WS GbE interface WS

NRC partitions APN New York Chicago Seattle Victoria Vancouver Edmonton Calgary Regina Saskatoon Winnipeg Toronto Ottawa Montreal Fredericton Halifax

NRC logical view of APN New York Chicago Seattle Victoria Vancouver Edmonton Regina Saskatoon Winnipeg Toronto Ottawa Montreal Fredericton Halifax

UCLP intended for projects like National LambdaRail CAVEwave acquires a separate wavelength between Seattle and Chicago and wants to manage it as part of its network including add/drop, routing, partition etc NLR Condominium lambda network Original CAVEwave

Typical Large system today Sensor Instrument Sensor Layer 2 switch Layer 3 switch/router SONET/DWDM Process SONET/DWDM DMAS Security Web Services OGSA Internet VPN USER Instrument Pod

Service Oriented Architectures Sensor Instrument Sensor Layer 2/3 switch LAN Data Management System CA*net 4 VPN USER Instrument Pod WS* WS CA*net 4 Lightpath Process WS** WS* Process WS** WS* Process WS Web service Interface *CANARIE UCLP **New web services HPC

Science user perspective Sensor/Instrument WS** LAN WS* Science Pod LAN WS* Log Archive Process 1 WS** Log Archive Process 2 WS** ONS15454 WS* NLR or CA*net 4 WS* CANARIE UCLP WS* New Web service DMAS WS** New development Lightpath WS* WS AAA process WS** User defined WSFL bindings WS HPC Process WS** USER with WSFL binding software UDDI or WSIL service registry

Features >All hardware (sensors -wireless and wired), software processes (Data processing and HPC) and network elements (ORAN, CA*net 4) expressed as WSDL web services – Web services may be instantiations of orchestrations >Hardware, software and network web services linked together by science user with BPEL – WSDL and BPEL provide for generic and open control plane >Elimination of network made up of layers – Every layer a web service that can communicate with other WS >Hence all “science” processes use network data recursive architectures – Re use and replication of same modules for software, hardware and network for each science project

Taverna Workflow graph

End to end choreography Neptune/ ORION Instrument WS Visualization WS IP Flow QoS WS OMNInet Bandwidth Reservation WS Lightpath WS NeptuneInstrumentServicePT BandwidthReservationPT LightPathConectionPT InstrumentNetworkServicePT Super user orchestration End user orchestration Neptune admin orchestration Xconnect WS Lightpath WS Xconnect WS

1. E-gun & Linear Accelerator 3. Storage Ring 4. Beamline End Station VESPERS Beamline at the Canadian Light Source  microanalysis with unprecedented sensitivity Courtesy of CLSI

Current CLS Infrastructure

Proposed Infrastructure

Significance of UCLP v2 >Many power plants, water, sewage and process control SCADA (System Control and Data Acquisition) are moving to TCP/IP so that they can integrate process control with other eBusiness systems >But this makes systems more vulnerable to DOS attacks, viruses, etc >Impossible to fully protect with firewalls etc because too many back doors >Need to build “micro” firewalls around each SCADA sub-system with web services and link them together with web services workflow