Remote Network Boot Reduces Cost and Risk
Network Booting in Modern Deployed Systems
For many years, deployed systems used direct attached storage (DAS) to host the operating system (OS) and application (APP) software for embedded computers in deployed vehicles. Each computer had its own local storage which was not shared with any other computer. This approach meant that each DAS device had to be purchased, maintained, and updated separately.
With the advent of Ethernet networks in deployed vehicles, network file servers or network attached storage (NAS) devices have been used to service multiple computers (or network clients). In addition to normal file sharing and storing functions, network attached storage devices can also host the OS and APP software for all clients remotely and deliver significant benefits.
The technique of hosting the OS and APP software on a network attached storage device is called network booting, or netboot for short. Netboot was developed initially to allow desktop PC thin clients to run without an OS installed on the computer. Now netboot is being widely used in deployed systems by the military vehicle developers in both attended and unattended systems.
The most common protocol used for netbooting is Preboot eXecution Environment (PXE). Pronounced ‘pixie’, PXE protocol must work in conjunction with other support protocols like DHCP and TFTP to complete the requests and transfers of the OS and APP software for each client.
Network booting of the deployed clients offers three advantages over the direct attached storage approach.
1 Lower SWaP-C
One advantage of the netboot approach is the elimination of many direct attached storage devices. If there are many clients, the elimination of all the DAS devices can result in a reduction of Size, Weight, Power, and Cost (SWaP-C) for the deployed vehicle. Most developers today strive to reduce SWaP-C, especially in smaller, unattended vehicles. So, removing the local drives from each network client can add up to significant SWaP-C savings.
2 Increase MTBF
Another advantage of removing all the local drives is increased mean time between failure (MTBF). Removal of many local drives and replacing it with one NAS device will enhance the calculated MTBF numbers for each client and for the vehicle.
3 Reduced Maintenance Cost and Risk
While a reduction in SWaP-C and an increase in MTBF are certainly important, perhaps the most significant advantage is the reduction in maintenance cost and risk. Hosting the OS and APP files on one network attached storage device rather than on many direct attached storage device dramatically reduces the time and effort required for OS and APP software updates for the clients. Let’s look at the reasons why maintenance cost and risk are reduced with the netboot approach.
Reduction in Maintenance Cost and Risk
Today, Curtiss-Wright customers are using the DTS1 network attached storage device to provide OS and APP files to network clients in several different vehicle types including both manned and unmanned. Some customers are booting a dozen or more clients from the DTS1 (see case study). With its two certified encryption layers (one software and one hardware), the DTS1 protects the valuable OS and APP boot files during the deployment. So, an adversary cannot use the files if the deployed vehicle were lost or captured. A significant number of deployed vehicles have been lost or captured in the last few years. So, data security is a major concern. For more details regarding deployed data security, see the white paper DAR Series Part 1: Data Threats and Protection.
Those network clients that receive their boot files may be mission computers, sensor management computers, communication computers, or other similar computing systems handling the various functions for the vehicle’s intended mission.
The Old Direct Attached Storage Approach
For the real-life illustration of over a dozen network clients in an unattended vehicle, how would those clients be updated with new software in a traditional configuration with local drives only? The vehicle would have to be taken out of service. Then each of the clients would have to be removed from their respective locations in the vehicle. The clients, sometimes known as line replaceable units (LRU), would usually be sent back to a depot for their respective software upgrades. The upgrade process for each LRU may vary, but the LRU may have to be disassembled to get at the local disk drive. Alternatively, an updated port may be available, making the update easier. After the LRU upgrade and testing were concluded, the clients would be returned to the vehicle and re-inserted. The vehicle then needs to be tested to ensure that all the clients are correctly connected and functioning as prescribed. This whole process adds lots of cost and risk at each step.
- Unless replacement LRUs are re-inserted immediately, the vehicle will be taken out of service. Substitute vehicles and extra LRU subsystems are an extra cost and likely very significant.
- The cables and connectors are stressed each time an LRU is removed or re-inserted. Cable and connector defects may begin to show up over time and may be intermittent which is worse than simple failure.
- The LRU must be shipped to and from the depot. There is always a risk of damage or loss in shipping and handling, especially if the repair depot is far away. Besides the risk aspect, shipping and handling also have an added cost.
The New Netboot Approach
Instead of removing the clients for an OS or APP upgrade, a more modern approach uses netboot instead. Each client's latest OS and APP software can be loaded onto a DTS1 removable memory cartridge (up to 8TB capacity). Upon booting the system, all network clients can be upgraded in the vehicle without removal or handling.
Upon power-up, the OS and APP software upgrade is handled automatically and without added cost and risk. Plus, the classified OS and APP software is protected by 2 layers of Commercial Solutions for Classified (CSfC) encryption which are both National Security Agency approved. The vehicle is ready to go again. The cables and connectors get less stress. Numerous local drives are replaced by one network attached storage device, which increases MTBF and reduces SWaP-C. Shipping and handling cost to and from the depot is saved. In addition, countless man-hours of effort are avoided as well. Over the program life, the total cost of ownership (TCO) is reduced.
Those profound benefits can easily be realized with a modern approach to OS and APP software upgrades and with the right network-attached storage device.
Director, Product Management
Paul Davis began his career for Curtiss-Wright as a Research Manager for the Dayton, OH facility in 1997. Paul has held positions including Director of Engineering managing a staff of 40+ engineers, managers, technicians, and co-op students; Product Manager for the switches, recorders, and various board-level products; and then Director of Product Management. Now retired, Paul worked in engineering and engineering management positions for 19 years.
Network Attached Storage
Our encrypted, solid-state network attached storage subsystems are designed to reliably provide file services to clients on an Ethernet network in a harsh environment. These network attached storage solutions protect data-at-rest (DAR) with the industry’s first NIAP Common Criteria (CC) certified 2-Layer encryption, as well as an option for NSA Type 1 encryption. With terabytes of available storage space and 100k insertion cycle connectors, these scalable rugged Ethernet file servers enable the reliable, secure storage of your critical data.