Upload
hilda-carson
View
213
Download
1
Embed Size (px)
Citation preview
CoAX Technology ContributionsCoAX Technology ContributionsTTCP Meeting - Malvern - September 2000TTCP Meeting - Malvern - September 2000
AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed Martin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMCMartin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMC
Support from BBN, GITI, ISX, MITRE, SchaferSupport from BBN, GITI, ISX, MITRE, Schafer
Coalition Agents eXperiment (CoAX)Coalition Agents eXperiment (CoAX)http://www.aiai.ed.ac.uk/project/coax/http://www.aiai.ed.ac.uk/project/coax/
DARPADARPA
DARPADARPA
CoAX /Tech Briefing - 3
Technical ContributionsTechnical Contributions
GITI - CoABS Grid InfrastructureGITI - CoABS Grid Infrastructure Boeing and UWF/IHMC- KAoS Domain ManagementBoeing and UWF/IHMC- KAoS Domain Management AIAI Process Panel - Task and Process ManagementAIAI Process Panel - Task and Process Management DERA Master Battle PlanningDERA Master Battle Planning LM ATL EMAA/CAST AODB - Restricted Data Base AccessLM ATL EMAA/CAST AODB - Restricted Data Base Access AFRL/BBN/GITI CAMPS - Air Logistics Support ToolAFRL/BBN/GITI CAMPS - Air Logistics Support Tool USC/ISI Ariadne - Open Information AccessUSC/ISI Ariadne - Open Information Access UWF/IHMC - NOMADS safe and secure mobile agentsUWF/IHMC - NOMADS safe and secure mobile agents Stand alone demonstrations at 9 months:Stand alone demonstrations at 9 months:
MIT Robustness ServicesMIT Robustness Services Stanford Incentives ManagementStanford Incentives Management Dartmouth Observer AgentDartmouth Observer Agent Michigan Coordination Planning AidMichigan Coordination Planning Aid
CoAX /Tech Briefing - 4
GITI/ISXGITI/ISXThe CoABS GridThe CoABS Grid
J iniLookupS ervice
D iscover ,J oin,
L ookup
Regist erCapabilit ies
Rout eS ent inel
I nf or mat ionM ediat or
A gentCommunity 2
L E I FA pplicat ion
L E I FA pplicat ion
A gentCommunity
3
D ist r ibut edO bj ect
A gentCommunity 1
Gr id S ervice H elper
Gr id I nf r ast r uct ur e S er vicesA r iadne
W ebT rader
EGents
Gr id A gent H elper
D ist r ibut edO bj ect
Gr id S ervice H elper
Regist erCapabilit ies
S endM essage
S ear ch
S ear ch
Regist erCapabilit ies
Gr id A gent H elper
Gr id A gent H elperGr id S ervice H elper
Gr id S ervice H elper
Gr id A gent H elper
Gr id A gent H elper
USC/IS IARIADNE
USC/IS ITheseus
USC/IS ITEAMCORE
SRI Maestro
SRI Multi-Modal Map SRI W eather
Agent
SRI F lightAgent
OGIQuickSet
OGI AAA
CMUExPressCMU Route
P lanner CMUMessenger
CMU FlightAgent BBN/Kestrel
CAMPS
OBJSMBNLI
OBJSW ebTrader
Grid A wareS ervices
The CoABS/Infrastructure code provides a framework for integrating diverse agent-based systems, and provides additional common services.
The Grid allows agents to find services and other agents so that agent teams can be dynamically formed to solve context-based tasks.
The Grid is built using JiniTM technology. Direct agent communication is provided using message queues built on JAVA RMI. Grid Logging Markup Language based on XML.
CoAX /Tech Briefing - 5
Prototype Grid ArchitecturePrototype Grid Architecture
Java Platform: RMI, Jini™
Grid Core Services
Grid Agent Helper
Grid Service Helper ServiceRep Registry
AgentRepMessage
Queue
Logging
Visualization
Admin
Events Security
Object
RETSINAProxy Agent
OAAProxy Agent
Grid Ready Components
Grid Aware ServicesInformation
Retrieval AgentsAuction/Trader
Agentse-mail
Proxi Agents
Matchmaker MobilityEvent
Messaging
Instrument-ation
0 Interoperability of distributed, heterogeneous objects, services, and multi-agent systems.
0 Registration and advertisement of capabilities.
0 Discovery of relevant participants, and flexible run-time communications.
0 Current Grid services include: Logging, Visualization, Security, Instrumentation, Communication, Registration, and Event Services.
CoAX /Tech Briefing - 6
Boeing/UWF - Agent DomainsBoeing/UWF - Agent Domains
A
A
AAA
AA
AA
A
A
AA DM
An agent domain consists of one or more agents registered with a common Domain Manager which provides for
common administration and enforcement of domain-wide, platform-specific, and agent-specific policies.
CoAX /Tech Briefing - 7
Agent Domain Agent Domain Management in CoAXManagement in CoAX
Broadens typical distributed security concerns to include:Broadens typical distributed security concerns to include: Communication and access management: Who can Communication and access management: Who can
communicate with whom for what services?communicate with whom for what services? Registration management: Who can join the domain Registration management: Who can join the domain
under what circumstances?under what circumstances? Resource management: Who can have which kind and Resource management: Who can have which kind and
how much of a given computing resource?how much of a given computing resource? Mobility management: Who can move where under what Mobility management: Who can move where under what
circumstances?circumstances? Conversation management: What constraints govern Conversation management: What constraints govern
interaction between conversing agents? interaction between conversing agents? Obligation management: Who is not meeting Obligation management: Who is not meeting
commitments?commitments?Initial capability shown in six-month demoInitial capability slated for nine-month demoInitial capability slated for 2001-2002 demos
CoAX /Tech Briefing - 8
NativeMech
NativeMech
OtherOther
GuardGuard
Policy Management Framework
Policy Management Framework
PolicyAdminTool
PolicyAdminTool
Java VMJava VM
Guard
Aroma VMAroma VM
GuardGuard
ServletServletRMI KAoS
DomainManager
KAoSDomainManager
HTTP
Agent
Policy DirectoryPolicy Directory
Agent
Agent
Agent
AgentAgent
RMIJNDI
Guard is responsible for:1. Interpreting policy2. Enforcing with appropriate native mechanism
1. Abstract, mechanism- neutral representation/XML syntax (DAML collaboration)2. Distributed networked availability3. Secure
1. Ensures policy consistency at all levels2. Stores policy changes3. Notifies guards
Authorized user makes changes over the Web
Event-driven policy changes
CoAX /Tech Briefing - 9
KAoS Policy Admin Tool
CoAX /Tech Briefing - 10
AIAI I-X Process PanelAIAI I-X Process Panel Initially maintains an overview of the current status the Initially maintains an overview of the current status the
coalition C2 processes in accessible shared military coalition C2 processes in accessible shared military terms.terms.
Later adds the ability to monitor, plan and control the Later adds the ability to monitor, plan and control the coalition C2 processes.coalition C2 processes.
Can take on and address “issues” in the C2 process.Can take on and address “issues” in the C2 process. Links to and assists with domain management, Links to and assists with domain management,
authority, exception management and other Grid authority, exception management and other Grid management services.management services.
To be packaged as generic task and process To be packaged as generic task and process management facilities that can be made available to management facilities that can be made available to other Grid applications.other Grid applications.
CoAX /Tech Briefing - 11
AIAI I-X Process PanelAIAI I-X Process Panel
CoAX /Tech Briefing - 12
DERADERAMaster Battle PlannerMaster Battle Planner
Visual planning tool for air operations.Visual planning tool for air operations. Map-based graphical user interface - operator builds Map-based graphical user interface - operator builds
scenario and air missions using simple dialogs and “point scenario and air missions using simple dialogs and “point and click” techniques.and click” techniques.
Analyzes plans (identifying over-tasking, GANTT charts, Analyzes plans (identifying over-tasking, GANTT charts, animated flyout facility)animated flyout facility)
Obtains data on targets and assets from other agents.Obtains data on targets and assets from other agents. Integrates air missions (e.g. air transport) and weather Integrates air missions (e.g. air transport) and weather
forecasts from other agents into the air visualisation.forecasts from other agents into the air visualisation. Informs AIAI’s Process Panel of current planning status.Informs AIAI’s Process Panel of current planning status.
CoAX /Tech Briefing - 13
DERADERAMaster Battle PlannerMaster Battle Planner
CoAX /Tech Briefing - 14
DERADERAMaster Battle PlannerMaster Battle Planner
CoAX /Tech Briefing - 15
AFRL/GITI/BBNAFRL/GITI/BBNCAMPS Mission PlannerCAMPS Mission Planner
Develops schedules for aircraft to pick up and deliver cargo within specified time windows.
Takes into account a large number of constraints (aircraft & port capabilities, crew availability, work schedule rules)
Can be tasked by other agents.Can be tasked by other agents. Domain-aware agent obtains scheduled air Domain-aware agent obtains scheduled air
transport flights and forwards them to Master transport flights and forwards them to Master Battle Planner for integration into the air Battle Planner for integration into the air visualisation.visualisation.
CoAX /Tech Briefing - 16
AFRL/GITI/BBNAFRL/GITI/BBNCAMPS Mission PlannerCAMPS Mission Planner
CoAX /Tech Briefing - 17
USC/ISI Ariadne USC/ISI Ariadne Weather AgentWeather Agent
CoAX /Tech Briefing - 18
LM ATL EMAA/CAST LM ATL EMAA/CAST AODB Access AgentAODB Access Agent
Provides access to AODB via XML formatted Grid Provides access to AODB via XML formatted Grid messages.messages.
Supports different kinds of queries: one shot, Supports different kinds of queries: one shot, update, and persistent.update, and persistent.
Will be evolving EMAA/CAST technology to create Will be evolving EMAA/CAST technology to create a deliverable generic Grid-aware core agent a deliverable generic Grid-aware core agent engine to other end users. This technology will be engine to other end users. This technology will be configurable and is intended to easily allow configurable and is intended to easily allow access to alternative sources.access to alternative sources.
CoAX /Tech Briefing - 19
LM ATL EMAA/CAST LM ATL EMAA/CAST AODB Access AgentAODB Access Agent
DARPACoABS
Grid
Response
Machine B
Machine A
Client
Message Queue
EMAA Server
Controller Agent
Query
1
23
4
5
6
7
1. Client sends the Query via a Grid Data Message.2. Agent Engine receives the Query on it’s Message Queue.3. Agent Engine processes the Query.4. Agent Engine creates a Controller Agent.5. Controller Agent spawns other agents to retrieve data from each of the JDBC sources.6. Controller Agent generates response message and sends it via the Grid to the Client.7. Client receives response for processing.
AgentEngine
CoAX /Tech Briefing - 20
Lm ATL EMAA/CAST Lm ATL EMAA/CAST AODB Access AgentAODB Access Agent
CoAX /Tech Briefing - 21
USC/ISI Open USC/ISI Open Information AccessInformation Access
Provide real-time access to Web data sourcesProvide real-time access to Web data sources Tools for learning wrappers to extract data for Tools for learning wrappers to extract data for
semi-structured sourcessemi-structured sources Agents learn the structure of data to support:Agents learn the structure of data to support:
Source verificationSource verificationautomatically detect when the source no longer automatically detect when the source no longer
provides correct data (possibly because the provides correct data (possibly because the source has changed)source has changed)
Source reinductionSource reinductionautomatically revise wrapper when site changeautomatically revise wrapper when site change
CoAX /Tech Briefing - 22
CoAX /Tech Briefing - 23
Resource Control and Resource Control and Security in NOMADSSecurity in NOMADS
Dynamic and fine-grained resource controlDynamic and fine-grained resource control NOMADS enforces security policies specified by the NOMADS enforces security policies specified by the
KAoS domain managerKAoS domain manager Security policies include limits on CPU, disk, and Security policies include limits on CPU, disk, and
network resource usagenetwork resource usage Resource consumption monitoringResource consumption monitoring
NOMADS Guard constantly monitors the resource NOMADS Guard constantly monitors the resource consumption of the GAO agentconsumption of the GAO agent
When the guard detects a potential denial of service, When the guard detects a potential denial of service, the guard reduces the resource limits available to the the guard reduces the resource limits available to the GAO agentGAO agent
CoAX /Tech Briefing - 24
Resource Control and Resource Control and Security in NOMADSSecurity in NOMADS
Aroma VM
GAO
Java VM
DAO
Observers Domain
G
KPATDomainManager
CoAX /Tech Briefing - 25
Field Observations (Dartmouth)
• Team of soldiers
• PDA’s
• Ad-hoc wireless networking
• Soldiers make observations.
• Ground traffic
• Air traffic
• Personnel and equipment
• Buildings and other structures
• Observations are fed into battle-planning systems (e.g., MBP) through the CoABS Grid.
• In the demo, a team of CoAX soldiers will make observations to correct Gao mis-information.
CoAX /Tech Briefing - 26
Observations
Field Observations (Dartmouth)
ObservationAgent
D’Agents API
GridAPI
I see a tank!
ObservationViewer
MBP
(9-month demo - standalone)
(18-month demo - integrated)
Query/Response
Registration/Update Stream
CoAX /Tech Briefing - 27
MIT Robustness MIT Robustness ServiceService
The ChallengeThe Challenge Open systems (like coalitions) include unreliable Open systems (like coalitions) include unreliable
agents (bugs, malice) and infrastructuresagents (bugs, malice) and infrastructures The MIT Robustness ServiceThe MIT Robustness Service
Monitors agent ‘health’ via pollingMonitors agent ‘health’ via polling Tracks inter-agent commitmentsTracks inter-agent commitments Controls task cancellation, result caching & task re-Controls task cancellation, result caching & task re-
announcementannouncement Maintains reliability information (failure avoidance)Maintains reliability information (failure avoidance) Informs registry of hung agentsInforms registry of hung agents
CoAX /Tech Briefing - 28
CoAX /Tech Briefing - 29
Michigan Multilevel Michigan Multilevel Coordinator AgentCoordinator Agent
Analyses the alternative plan spaces of coalition functional Analyses the alternative plan spaces of coalition functional teams that plan independently and act asynchronouslyteams that plan independently and act asynchronously
Works top-down with plans chosen by teams to predict Works top-down with plans chosen by teams to predict unintended interactions (resource contentions; friendly fire).unintended interactions (resource contentions; friendly fire).
Identifies candidate resolutions (timing or action Identifies candidate resolutions (timing or action constraints).constraints).
Notifies process panel of possible plan conflicts and Notifies process panel of possible plan conflicts and computed workarounds.computed workarounds.
Operationalizes/enforces coordination decisions selected.Operationalizes/enforces coordination decisions selected. Given more time, isolates and resolves conflicts more Given more time, isolates and resolves conflicts more
precisely and efficiently.precisely and efficiently. Allows planning and coordination decisions to be postponed Allows planning and coordination decisions to be postponed
until runtime conditions become better known.until runtime conditions become better known. Packaged as a Grid-aware component that can be Packaged as a Grid-aware component that can be
proactively executing and utilized by the AIAI Process Panel.proactively executing and utilized by the AIAI Process Panel.
CoAX /Tech Briefing - 30
Michigan Multilevel Michigan Multilevel Coordinator AgentCoordinator Agent
CoAX /Tech Briefing - 31
Removed and Spare Removed and Spare SlidesSlides
Old versions and spare slidesOld versions and spare slides
CoAX /Tech Briefing - 32
Policy EnforcementProblems and Solutions
Problem: Enforcing policies on unmodified, potentially malicious agents Solution: Platform-based enforcement (e.g., Java 2 security) Problem: Permissions granted statically according to code source (can’t have different permissions for two agent instances from same code base)
Solution: Hack JAAS (Java Authentication and Authorization Service) to allow dynamic permissions and instance-level authentication and authorization
Problem: High-level agent security requirements do not always map to low-level built-in Java security mechanisms
Solution: Lock down permissions of untrusted (agent) code and force agent to use a trusted privileged-code wrapper under control of the guard (eventually to be packaged as domain-aware “grid helper”) to perform selected actions
Problem: Fine-grained resource allocation and control and revocation of permissions in the face of denial-of-service attacks
Solution: Run agent under Java-compatible Aroma VM allowing dynamic fine-grained resource rate and quantity control
Problem: “Obligation policies” cannot be enforced by preventing actions in advance but only by monitoring and after-the-fact sanctions
Solution: Sentinel-based policy enforcement (relevant work in this area by MIT)
CoAX /Tech Briefing - 33
Field Observations (Dartmouth)Field Observations (Dartmouth)
CoAX /Tech Briefing - 34
Michigan Coalition Michigan Coalition CoordinationCoordination
Coalitions formed in response to emergent needsCoalitions formed in response to emergent needs
Functional teams (firestorm, logistics, etc.) formed with Functional teams (firestorm, logistics, etc.) formed with participants from contributing partnersparticipants from contributing partners
Without prior history, functional teams can possibly act Without prior history, functional teams can possibly act redundantly, counterproductively, or even harmfully redundantly, counterproductively, or even harmfully (e.g., friendly fire)(e.g., friendly fire)
Problem: Supporting (through automation) the Problem: Supporting (through automation) the identification of potential interferences between identification of potential interferences between functional teams at appropriate level(s) of detail, and functional teams at appropriate level(s) of detail, and proposing mitigation strategiesproposing mitigation strategies
CoAX /Tech Briefing - 35
Coordination Decisions:• Logistics stays on ground• Combat waits for Logistics to use Epsilon before destroying
Michigan Coalition Michigan Coalition Coordination ExampleCoordination Example
Logistics: Deliver experimental weapon from Alpha to Foxtrot
Alpha
Foxtrot
Gamma
Delta
Combat: Deny airspace Beta; destroy bridge Epsilon
Beta
Epsilon