Hardware adds features much faster
By Tony Fitzpatrick
A team of graduate students led by John Lockwood, Ph.D., assistant professor of computer science, has developed computer hardware applicable to the Internet that enables remote deployment of new hardware to computer networking hardware.
 |
| Photo by David Kilper |
| John Lockwood, PH.D., assistant professor of computer science, examines a stand-alone fierwall system in the School of Engineering & Applied Science's Applied Research Laboratory. A key component of the firewall is the Field Programmable Port Extender (FPX) hardware developed by Lockwood and his graduate students |
Such hardware is called "dynamically reconfigurable" because it changes over time.
"New features can be added to hardware and evolvable services -- a firewall, for instance, with which you're trying to protect your network," Lockwood said. "What it allows is reprogramming the firewall to protect against something else in an evolving environment. You can do the reprogramming from a PC a thousand miles away."
The device also can be reprogram-med to scan data, encrypt and decrypt data and perform image-processing in real time.
The component fits onto existing very high-speed networking switches. The port extender platform plugs into the backplane of a conventional network switch to add applications.
The device is a plug-in card with two components, called field-programmable gate arrays (FPGAs). These can be programmed either by a user at a Web browser or by another FPX.
If programmed by each other, one of the FPGAs can be altered in as little as 20 milliseconds.
Hardware modules are loaded into the FPGAs to add features to the switch. Researchers have developed modules to implement a scheduling algorithm with approximately two-gigabit-per-second traffic loads, fast routing tables, data compression and video recoding.
Lockwood and his collaborators have developed a program that runs in one of the FPGAs to manage the swappable modules. This permits the parts to add and drop features in response to changing traffic flows without reliance on an external control-plane processor.
University researchers over the past two years have brought in researchers from other universities to build packet-switching systems that can implement new functionality in Internet routers and firewalls.
Lockwood and his group have built 85 cards, and approximately 20 have been distributed to eight national universities. Global Velocity, a St. Louis start-up company, is contracting with Lockwood's group to implement a content-aware packet-processing application. Effectively, the hardware device can stop confidential data from leaving a computer network and prevent unsafe data, like viruses, from entering.
The research is being conducted out of the University computer science department's Applied Research Laboratory.