top - download
⟦297cac393⟧ Wang Wps File
Length: 22783 (0x58ff)
Types: Wang Wps File
Notes: Handbook
Names: »1882A «
Derivation
└─⟦f10202801⟧ Bits:30006091 8" Wang WCS floppy, CR 0143A
└─ ⟦this⟧ »1882A «
WangText
…00……00……00……09……02……09…
…00……00……09… …09……05……08……0d……08…
…07……86…1 …02… …02… …02… …02…
…02…
…02… …02……02…
…02……02…
III DEFENSE COMMUNICATION SYSTEMS
AT
CHRISTIAN ROVSING A/S
C. A NATIONAL STRATEGIC NETWORK
CASE HISTORY
FIKS
A̲ ̲N̲A̲T̲I̲O̲N̲A̲L̲ ̲S̲T̲R̲A̲T̲E̲G̲I̲C̲ ̲N̲E̲T̲W̲O̲R̲K̲ ̲-̲ ̲F̲I̲K̲S̲
1. O̲B̲J̲E̲C̲T̲I̲V̲E̲ ̲
The obvjective of FIKS is to provide a fully integrated,
tri-service communications network for the army, the
navy, and the air force of Denmark. FIKS must provide
rapid and reliable communication of adequate capoacity,
incorporating a high degree of security. Additionally,
FIKS must be expandable - in capacity and function
- so that new systems and future developments do not
render FIKS absolete for many years to come.
2. B̲E̲N̲E̲F̲I̲T̲S̲
FIKS meets all requirements for speed, acpacity, security,
reliability and expandability.
It will be possible to deliver signals of the highest
priority to the correct address within 2 minutes.
The system can manage a traffic of 2500 incoming and
17,000 delivered signals per hour. The security provided
is so good that military messages of highest classification
may now be transferred by FIKS, and therefore messages
previously sent by courier can be sent rapidly via
FIKS - all traffic will automatically be encrypted.
Availability will be ensured by fault-tolerant equipment
dualization and components of highest reliability.
Finally, FIKS has been planned from the start to accomodate
connection to other networks. Via a secure gateway,
FIKS can, for example, be connected to NATO's automated
teleprinter network, NICS/TARE. ADditionally, the
data transfer facility will accomodate integration
with voice communication networks in the future.
In brief the advantages of the FIKS network are:
- More r̲e̲l̲i̲a̲b̲l̲e̲ communications through computer con-
trol, equipment dualization and system redundancy;
- Higher s̲u̲r̲v̲i̲v̲a̲b̲i̲l̲i̲t̲y̲ through multiple interconnec-
tions, alternative paths, and automatic rerouting;
- Improved s̲e̲c̲u̲r̲i̲t̲y̲ through message and data encryp-
tion and limited access;
- Greater e̲f̲f̲i̲c̲i̲e̲n̲c̲y̲, faster delivery and higher
throughput through real-time, multiplexed use of
network facilities;
- Tighter c̲o̲n̲t̲r̲o̲l̲ through centralized computer coor-
dination, supervisor visibility, and automatic
col- lection of statistics and status information;
- Operational s̲i̲m̲p̲l̲i̲c̲i̲t̲y̲ through computer-aided message
preparation and entry, automatic distribution,
and minimum operator intervention;
- Easier e̲x̲p̲a̲n̲s̲i̲o̲n̲ through flexible, common and interchangeable
hardware/software modules.
3. S̲y̲s̲t̲e̲m̲ ̲F̲u̲n̲c̲t̲i̲o̲n̲s̲
The FIKS network consists of up to 15 nodal switching
centers, interconnected by internodal trunk lines,
ope- rated at speeds up to 64 KBPS.
The network provides two types of services:
M̲e̲s̲s̲a̲g̲e̲ ̲S̲w̲i̲t̲c̲h̲i̲n̲g̲: Store and forward message switching
of military messages. Messages may be entered-in
the ACP127 format or in a simplified format called
SMF-from teleprinters or VDUs.
C̲i̲r̲c̲u̲i̲t̲ ̲S̲w̲i̲t̲c̲h̲i̲n̲g̲: Transparent transfer of data
between computers and terminals of any type and
protocol. The switching technique is based on
a special packet switching method which ensures
rapid delivery with only small variations. By
this means the network is suited for transfer of
real time data like radar track data and digital
voice.
N̲e̲t̲w̲o̲r̲k̲ ̲O̲v̲e̲r̲v̲i̲e̲w̲
The nodal switching centres are configured with three
functional entities:
the NODE - providing access to FIKS for data termi-
nals, interfacing MEDEs, and performing
network-oriented functions common to both
data and message traffic
the MEDE - Message Entry and Distribution Equipment,
providing access to FIKS for communications
centers and performing terminal-oriented
functions related to message traffic
the SCC - System Control Center, providing network
supervision and control, and functions
as a center for software development and
maintenance.
These FIKS system elements may be co-located and physi-
cally integrated.
Initially, FIKS is structured as an 8-NODE grid network
whose topology, shown in figure 1, is described in
the sections to follow.
F̲U̲N̲C̲T̲I̲O̲N̲A̲L̲ ̲S̲U̲M̲M̲A̲R̲Y̲
FIKS, The Danish Defence Integrated Communication System,
is an integrated and fully automated message switch
and data transfer communication system used by the
Danish Armed Forces. It replaces individual torn tape
message traffic networks and dedicated data cir- cuits
until now operated by the three services - army, navy
and air force.
M̲E̲S̲S̲A̲G̲E̲ ̲U̲S̲E̲R̲S̲
Message users are served through 23 COMCENTERS, eight
of which are colocated with the Nodes. About 150 mes-
sage terminals-assigned to the COMCENTERS-are given
ac- cess to FIKS through dedicated or multiplexed low
and …86…1 …02… …02… …02… …02…
medium speed circuits terminated in the Node/MEDE pro-
cessors. All message traffic is encrypted and message
traffic rates between 50 and 2400 bps can be accomo-
dated.
Based on the current message traffic input of about
2000 messages per busy hour, FIKS is initially sized
to handle a throughput of 25,000 messages per busy
hour; This will include messages, retrievals, reports,
con- trol messages and a 25% spare capacity.
Each Node has a throughput of 3 messages per second
(1000 characters messages).
Figure 1…01…FIKS Nodal Network and Terminals
D̲A̲T̲A̲ ̲U̲S̲E̲R̲S̲
Data users, consisting initially of 12 data systems
ex- change information through FIKS on a continuous
or non- continuous basis through direct interconnections
with the Node processors and internodal trunk. Up to
15 dif- ferent data users with speeds ranging from
300 - 4800 bps may be multiplexed on each 9.6 kbit
trunk. Data channel set-up time is less than 75 m.sec.
per Node and delay variation with respect to set-up
time is less than 50 m.sec. per Node.
N̲E̲T̲W̲O̲R̲K̲ ̲S̲U̲P̲E̲R̲V̲I̲S̲I̲O̲N̲
The entire FIKS network is monitored and supervised
by two System Control Centers, SCCs. The SCCs handle
the exchange of messages between FIKS and NICS-TARE
on a fully automatic basis.
T̲R̲A̲F̲F̲I̲C̲ ̲S̲E̲C̲U̲R̲I̲T̲Y̲
FIKS handles all security classifications of narra-
tive messages and data transmission (i.e. Danish and
NATO Unclassified, Restricted, Confidential, Secret,
Top Secret) as well as 4 categories of SPECAT messages.
Password checks ensure that only authorized viewers
will be allowed to examine message content.
Provisions have been made for security class marking,
protection of stored messages and unauthorized retrieval,
message deletion, and special handling procedures.
Crypto-graphic security equipment protects all trans-
missions. Crypto equipment is of the type approved
by NATO, generically referred to as DOLCE. Automatic
de- tection of crypto garbling prevents loss of information.
Data streams requiring security are terminal-to-termi-
nal encrypted and routed through FIKS without need
for decryption and re-encryption at intermediate nodes.
Stable timing is provided from frequency standards
to maintain end-to-end synchronization and bit count
inte- grity throughout the network for several weeks
without adjustment.
FIKS is designed to prevent misrouting, inadvertent
plain text and unauthorized access and retrieval. Nodal
switching equipment is separable into RED areas for
MEDEs, where plain text unencrypted information is
allowed, and BLACK areas for NODEs where classified
in- formation appears only in encrypted form.
M̲E̲S̲S̲A̲G̲E̲ ̲C̲A̲T̲E̲G̲O̲R̲I̲E̲S̲,̲ ̲C̲O̲D̲E̲S̲ ̲A̲N̲D̲ ̲F̲O̲R̲M̲A̲T̲S̲
Four categories of traffic are handled: (1) narrative
messages with precedence and multiple addressees in
FIKS standard message format (SMF) with the essential
elements of the ACP-127 format; (2) service messages
using an abbreviated format; (3) continuous data requiring
virtually dedicated channels with minimum delay and
routed as an un-interrupted bit stream; and, (4) discontinuous
data requiring channels on a call-up basis with predictable
set-up time and delay. For message traffic, FIKS will
accept either 5-level (Baudot/ITA-2) or 7-level (ASCII/ITA-5)
codes; inter- nally, message processing and storage
will be in ASCII code.
For data traffic, FIKS will accept any format or code,
as FIKS is entirely transparent to the formats and
protocols used for the continuous and discontinuous
data categories.
.
Narrative messages are modified before transmission
to add an envelope containing FIKS internodal routing
and local address information, and the original messages
are restored at the destination terminals.
Internal to the FIKS network, between Nodes, all traf-
fic is handled as packets compatible with CCITT X25
HDLC protocol.
A special protocol (LITSYNC) is used between FIKS and
NICS-TARE.
M̲E̲S̲S̲A̲G̲E̲ ̲E̲N̲T̲R̲Y̲,̲ ̲S̲T̲O̲R̲A̲G̲E̲ ̲A̲N̲D̲ ̲D̲I̲S̲T̲R̲I̲B̲U̲T̲I̲O̲N̲
Messages enter the FIKS network from a number of mes-
sage preparation and receiving terminals such as tele-
printers and visual display units. Each MEDE initially
serves up to 30 full duplex terminals. However the
total capacity of the MEDE is 242 terminals and 12
interfaces to host computers. Message preparation is
interactive with prompts from the MEDE computer. An
example of a message preparation format (SMF) is shown
in figure 2. The underlined portions are either prompts
or other computer inserted information. Address information
is keyed-in as a character representing the MEDE to
which the terminal is connected, followed by 3 digits.
The computer replaces this by the correct address,
which then appears in the delivered message. See fig.
3.
Message terminal operators can use a number of inter-
active procedures such as:
- preparation (4 types)
- coordination
- release
- retrieval
- readdressing
- distribution, local
- log on
- log off
- special handling
- editing
FIKS MESSAGE PREPARATION FORMAT
(CR) = carriage return)
P̲R̲O̲C̲ PRE (CR)
A̲B̲C̲ ̲1̲2̲3̲ (CR)
F̲O̲R̲M̲A̲T̲T̲E̲D̲ ̲M̲E̲S̲S̲A̲G̲E̲ A21 (CR)
P̲R̲E̲C̲ ̲A̲C̲T̲ O (CR)
P̲R̲E̲C̲ ̲I̲N̲F̲O̲ R (CR)
F̲M̲ / (CR) C̲H̲O̲D̲D̲E̲N̲
T̲O̲ AIG 1601 (CR)
X̲M̲T̲ (CR)
T̲O̲ E104 / (CR) T̲A̲C̲D̲E̲N̲
T̲O̲ (CR)
I̲N̲F̲O̲ X115 (CR)
I̲N̲F̲O̲ (CR)
B̲T̲
C̲L̲A̲S̲S̲ NS (CR)
S̲P̲E̲C̲A̲T̲ (CR)
S̲I̲C̲ RHQ (CR)
.......TEXT............
NNNN (CR)
B̲T̲
D̲T̲G̲ / (CR) 0̲1̲2̲3̲4̲7̲z̲ ̲J̲A̲N̲
P̲R̲O̲C̲
Fig. 2…01…FIKS MESSAGE PREPARATION FORMAT
E X A M P L E
0801 KAb
N A T O R E S T R I C T E D
O R 012347z JAN 80 MSG ID ABC 123
FM CHODDEN
TO AIG 1601
TACDEN
INFO SHAPE
BT
N A T O R E S T R I C T E D
SIC RHQ
IN REPLY REFER TO TST 312.1-1227
SUBJECT CONTRACT NO FK 7900
IN ACCORDANCE WITH PARAGRAPH 16.5 OF THE SUBJECT CONTRACT AMC IS PLEASED TO SUBMIT AN ORDER
FOR THE OPTION FOR ADDITIONAL RDS-V PPI DISPLAYS AS FOLLOWS
QTY IN UNITED STATES DOLLARS
1-2 1000 DOLLARS EA.
3-6 976 DOLLARS EA.
THE EQUIPMENT SHALL INCLUDE THE RDS-V PPI DISPLAY/DATA ENTRY AND TRACKBALL WITH THE NECESSARY
SYSTEM MODIFICA- TION TO ALLOW SEPARATION OF THE DISPLAY OF UP TO 3500 METERS. DELIVERY
SHALL BE ACCOMPLISHED AT THE RATE OF TWO PER MONTH STARTING 10 MONTHS AFTER RECEIPT OF A
CONTRACT MODIFICATION.
ALL OTHER TERMS AND CONDITIONS SHALL BE IN ACCORDANCE WITH THE SUBJECT CONTRACT.
BT
INT DIST O-DIV
ACCEPTANCE TIME 020005z
RETRIEVAL TIME 020006z
N A T O R E S T R I C T E D
Fig. 3 FIKS HARD COPY EXAMPLE
The MEDEs are manned 24 hours a day and MEDE super-
visors have control over the security and traffic of
the system and its terminals. A number of special pro-
cedures are available for supervisor, e.g.:
- distribution (2 types)
- control of terminal queue status
- re-arrangement of queues
- relocation of queues
- re-routing of terminal traffic
- block/unblock terminals
- security interrogation of terminals
- establishment of PTT data net connections
- updating of route and address tables
- security profile handling
- call-up of daily traffic statistics
Full accountability is provided for all messages.
Messages are queued by precedence (Flash, Immediate,
Priority, Routine and two other, yet unspecified, levels)
to the Node for network routing and for automatic distribution
to local addressees.
All outgoing and incoming messages are stored at the
MEDEs for 10 days. SPECAT messages will be deleted
from local storage after transmission and delivery.
Retrieval of messages from 10 day storage by authorized
users are provided. Messages can be retrieved by message
identification subject indicator codes (SIC) and date/time
indication.
M̲E̲S̲S̲A̲G̲E̲ ̲R̲O̲U̲T̲I̲N̲G̲ ̲A̲N̲D̲ ̲D̲A̲T̲A̲ ̲S̲W̲I̲T̲C̲H̲I̲N̲G̲
Message traffic is relayed from the originating MEDEs
through intermediate FIKS Nodes to the destination
MEDEs, and data traffic is transferred between terminals
directly interconnected to FIKS Nodes over internodal
trunks. The associated message routing and data line
switching functions are allocated to the Node proces-
sors.
Messages received by the Node are routed to other Nodes
or delivered to the locally connected MEDE on the basis
of routing indicators and precedence contained in a
special header. Each Node is interconnected to adjacent
Nodes through at least 3 independently routed trunks.
The optimum trunk route to the final destination Node
is based upon shortest route (minimum hop) and network
connectivity. A routing algorithm is used which allows
the Node to be independent of SCC control. SCC will
be informed of all changes in the network and calculate
routing tables for optimization of the network traffic.
The SCC routing algorithm uses weighted delay factors
for the individual trunks. These weighting factors
will be derived from the traffic Q-reports and be used
to
calculate message routing tables which are down-loaded
to the Nodes.
The routing tables contain three alternative routes
per destination and the Nodes select the proper routes
from the tables based on trunk queue lengths. If both
SCCs are in-operative, the Node/MEDE supervisors can
manual- ly update the tables.
Data traffic - both continuous and discontinuous -
is switched through predetermined routes over internodal
trunks. Each data user is allocated a primary and a
secondary route through the network. If the primary
route fails, the secondary route is automatically established.
Switch-back to the primary route is con- trolled by
supervisory commands.
End-to-end set-up and transmission delays will be less
than 1 second. The Node is transparent to data traffic;
all data traffic is in the black. Crypto synchroniza-
tion, channel coordination, error control, and recovery
procedures are terminal-to-terminal or computer-to-
computer.
S̲Y̲S̲T̲E̲M̲ ̲S̲U̲P̲E̲R̲V̲I̲S̲I̲O̲N̲,̲ ̲C̲O̲N̲T̲R̲O̲L̲ ̲A̲N̲D̲ ̲M̲A̲I̲N̲T̲E̲N̲A̲N̲C̲E̲
Centralized supervision and control of the overall
FIKS network maintains network efficiency and regulates
or re- store service in case of congestion, outages,
or failures. Continuous network status is monitored
and dis- played at System Control Centers. Two SCCs
are provided but neither is dualized; back-up is geographic.
Both SCCs may be on-line with one exercising network
control and the other on standby monitoring the network;
or, the second may be off-line and dedicated to program
development, maintenance, or training.
The SCCs exercise control of the network by use of
a number of procedures, e.g.:.
- threshold setting for trunk queue lengths
- threshold setting for message retransmission rate
- control of SCC switchover
- change of tables
- request of diagnostic results from Node/MEDEs
- open/close trunks
Control messages from the Node/MEDEs concerning traffic
queues, trunk and Node status, retransmission rate
and, equipment availability, etc. are transmitted to
the SCCs; from this, statistics are gathered, alarm
condi- tions noted, and reports presented to allow
timely net- work decisions by supervisory personnel.
A log of con- trol messages and SCC action provides
an audit trail to trace all network control actions.
Figure 4
FIKS STATUS DISPLAY
Downline loading of routing, security and address tables
from the SCC to the network permits selective re-routing
of message traffic, change of routing plan, reconfiguration
of the network, and change of security tables.
The current operational status of the FIKS nodal net-
work is displayed on a color TV, dynamically updated
by reports and alarms from the network (see fig. III.C-4).
The open/closed status of each internodal trunk and
ac- tive PTT back-up channels as well as configuration
and availability of each Node/MEDE and SCC are displayed.
Statistics are gathered by the SCC from control mes-
sages, periodic reports and traffic received from the
network. Message flow, trunk usage, queuing delays,
outages, equipment up-time, and other statistics will
be available for off-line statistical analysis, reports
and network planning. A summary message traffic report
will be automatically generated and distributed every
24 hours to the Node/MEDEs.
The interchange of message traffic between the FIKS
and NICS-TARE network will be performed by SCCs. TARE
may send messages to FIKS terminals; national routine
indi- cators and addressees will be recognized and
the mes- sage will be converted from ACP-127 format
to FIKS Standard Message Format for routing and distribution
on the FIKS network. Similarly, FIKS terminals will
send messages to TARE Using NATO addresses. Valid NICS
routing indicators will be extracted from an SCC file
and the message will be translated to ACP-127 format
for transmission on the FIKS/NICS channel. The recognizable
NICS routing indicator directory consists of 1200 se-
lected NATO addresses at the SCC are 200 at Node/MEDEs;
messages containing undefined NATO Addresses or errors
will be intercepted for manual handling.
Maintenance of the system is performed partly by Node/MEDE
supervisors crosstrained to operate the off-line diagnostic
programs, change modules and perform manual switchover,
and partly by technicians located at the two SCCs and
a technician mobile team which can be called out to
the different sites to locate and repair faults. Software
personnel will be located at the two SCCs.
4. E̲q̲u̲i̲p̲m̲e̲n̲t̲ ̲D̲e̲s̲i̲g̲n̲
F̲I̲K̲S̲ ̲G̲e̲n̲e̲r̲i̲c̲ ̲E̲l̲e̲m̲e̲n̲t̲s̲
The generic elements of FIKS and their interrelation-
ship are shown in Figure 5. The various demarcation
points which will be encountered between the Node/MEDE/SCCs,
FIKS Network, COMCENTERs, message terminals, data systems,
computers, and data terminals are also indicated. A
system overview giving more details about interconnection
of the FIKS elements is shown in fig. 6.
The Node processor is colocated with the MEDE in the
red area for security reasons. The Node Line Termina-
tion Units (LTUs) and LTU controller are located in
the black area as they will carry either encrypted
or non- secure traffic.
F̲I̲K̲S̲ ̲N̲o̲d̲a̲l̲ ̲N̲e̲t̲w̲o̲r̲k̲
FIKS consists of a multi-node network geographically
distributed throughout Denmark (fig. 1). As initially
structured, 8 Nodes are arranged in a grid configura-
tion and interconnected via full-duplex trunks opera-
ting at 9.6 Kbit. These internodal trunks are perma-
nently leased circuits backed up by automatically-
dialed PTT data circuits. The internodal trunks may
be upgraded to 64 Kbit when higher traffic rates are
re- quired.
Message and data traffic is interchanged between mili-
tary users under control of computerized nodal switch-
ing centers. Node and MEDE (M̲essage E̲ntry and D̲istribu-
tion E̲quipment) processors are located at all Nodes.
The internodal trunk circuits carry a mixture of mes-
sage and data traffic. The 9.6 Kbit bandwidth is dyna-
mically allocated between message and data sources.
A minimum of 1.2 Kbit will always be available for
mes- sage traffic, and 2,4 kbit is reserved for signalling,
and protocol overhead (See fig. 7). The remaining band-
width of 6,0 kbit is divided into 20 time slots, each
with a capacity of 300 bps. These slots are dynamically
allocated to continuous and non-continuous (polling,
contention and dial-up) data traffic. Data …86…1
…02… …02… …02… …02…
traffic sources will be allowed to use the 300 bps
slots in ac- cordance with bandwidth requirements and
priority. Up to 15 different priority levels are used,
and the nodal software automatically preempts lower
priority data users if bandwidth becomes too small
to accomodate all data users simultaneously. Preemption
is expected however only to take place when the network
becomes partly inoperable due to trunk equipment failure.
Fig. 5…01…FIKS GENERIC ELEMENTS
Fig. 6…01…FIKS SYSTEM OVERVIEW SCHEMATIC
Fig. 7…01…TRUNK USAGE
5. E̲x̲p̲a̲n̲d̲a̲b̲i̲l̲i̲t̲y̲
The FIKS nodal switching center are based on a multiprocessing
concept that provides a growth potential from 1 to
100 million instructions per second (MIPS). Growth
is implemented by simply adding more modules of equipment
instead of replacing old equipment. The modularity
of the system supports this expandability and enables
extensions to be performed without system interruption.
In its actual configuration, FIKS has an installed
capa- city for 25% growth and a wired capacity for
three times the actual load. In addition, the network
has been designed for distribution of electronic mail
and for handling of digital telephone transmission.
