wso2 @ connected car

WSO2 @ Connected CarDeutsche Telekom / T-Systems

Dr. Andreas Wichmann

Evaluation Criteria – what middleware we need

Operational Criteria – what operators like

The Concept of Connected Car – what we are going to provide

WSO2 Quickstart – what we have verified

WSO2 ESB Proxies – what we have implemented so far

WSO2 at Connected Car - Agenda

Next Steps – what we are about to add6

Connected Life & Work @ Car

Services of Telekom and Service Providers

Suitable Controls

Videos

Internet

Phone/Email

Photos

Communities

Local Services

Adaption for Car Drivers

Touch ControlVoice Control

mobile

at home

in the office

ConnectedConnected Life & Life & WorkWork

@ Car@ Car

Calendar

E-Call / B-Call

Remote Diag.

Remote Mgmt.Navigation

in the car

Connected Car – Our positioning in the target markets

Solutions

Fleet Operators

Cost-efficient retail solution

for safe and driver-specific

usage of communication and

infotaiment features

Consumer

Logistics

Modular retail solution

for the integration of customer-

specific processes into the

vehicle

Cost-efficient and vendor-

independent tracking & tracing

of truck, trailer and goods

Flexible white label platform

for the integration of brand-

specific services and 3rd party

applications

Deutsche Telekom’s contribution

WeWe connectconnect thethe vehiclevehicle withwith itsits environmentenvironment

and and thethe driverdriver withwith his private and his private and professionalprofessional servicesservices. .

All services on all screens!

Connected Car – Intelligence in the cloud (open system)

Connected Car Platform

@Mobile @Office @Home

Embedded Retail Solution

Central Platform Services

…Identity Management Billing Installation & Updates Security

OEM Services 3rd Party ServicesTelekom Services

Connected Car – Dynamics of open platform

Connected Car PlatformEnabling Services

…Identity

Management Billing Installation & Updates

Secu-rity

Telco Provider

Suppliers

Government

Content Provider

Service Provider

Devices

RevenueShare

White Label White Label

Any to any Any to any

Client

Connected Car Platform – based on existing and future standards

Standard

Architectures, e.g.

GENiVi, OSGi, …

Existing Platforms

e.g. iOS, Android,

Windows, …

Backend Infrastructure

Connected External Services

http/https

ProtocolStandards Standard Architecture

OSS/ BSS

e.g. OMA-DM

e.g. SSL, SAML

e.g. eCall

Operating Standards

Security Standards

Application/Service Standards

Embedded

Smartphone InterfaceStandards

OMA-DM = Open Mobile Alliance - Device Management, OSS/BSS = Operational Support Services / Business Support Services

OSGi = Open Services Gateway initiative, SOAP = Simple Object Access Protocol, REST = Representational State Transfer

Core ServicesCore ServicesCore ServicesCore Services

Display deviceDisplay deviceDisplay deviceDisplay device

EmbeddedEmbeddedEmbeddedEmbedded SmartphoneSmartphoneSmartphoneSmartphone

Client / Device

Central PlatformCentral PlatformCentral PlatformCentral Platform

NetworkNetworkNetworkNetworkManagementManagementManagementManagement

Core Services / ContentsCore Services / ContentsCore Services / ContentsCore Services / Contents

Cloud / Central

1) TSP = Telematics Service Provider

Remote Device Management Rights Management

Monitoring Identity Management

Security GPS Positioning

OTA Communication Portal

StolenVehicleTrackin

E-MailNavi-gation

HMI …

… …

SIMSIMSIMSIM SIMSIMSIMSIM

HardwareHardwareHardwareHardware Data CenterData CenterData CenterData CenterNetworkNetworkNetworkNetworkInfrastructureInfrastructureInfrastructureInfrastructure

Mgmt. Platform (ECCP)Mgmt. Platform (ECCP)Mgmt. Platform (ECCP)Mgmt. Platform (ECCP)

National,National,National,National,International/ International/ International/ International/ 3rd Party Provider3rd Party Provider3rd Party Provider3rd Party Provider

M2M PlatformM2M PlatformM2M PlatformM2M PlatformDe/Activation,

Configuration

Netw. Services,

Rating, Billing,

Monitoring/

Reporting

Remote Device Mgmt. Rights Mgmt.

Monitoring Ident. Mgmt.

Security Portal Server

OTA Commun.

Management Platform (CCCP)Management Platform (CCCP)Management Platform (CCCP)Management Platform (CCCP)Management Platform (ECCP) Management Platform (ECCP) Management Platform (ECCP) Management Platform (ECCP)

Internat.National

Connected Car Architecture

DT Offering OEM Offering 3rd Party Offering

CAN Controller WiFi

CPU/ Storage Bluetooth

Power Management SIM

Security GPS

Onboard Communication Unit (OCU)Onboard Communication Unit (OCU)Onboard Communication Unit (OCU)Onboard Communication Unit (OCU)

Enabling Services: Enabling Services: Enabling Services:

Operational Support ServicesOperational Support ServicesOperational Support ServicesOperational Support Services Business Support ServicesBusiness Support ServicesBusiness Support ServicesBusiness Support Services

EnablingEnablingEnablingEnabling ServicesServicesServicesServices

External

Billing

External

Billing

Portal

Solutions

Portal

Solutions

Rental

Services

Rental

Services

Central Connected Car Platform Central Connected Car Platform Central Connected Car Platform Central Connected Car Platform (CCCP) (CCCP) (CCCP) (CCCP) ---- Big PictureBig PictureBig PictureBig Picture

Security

……

SMSSMS

SOAPSOAP

JSONJSON

ProtocolProtocolProtocolProtocol

HandlersHandlersHandlersHandlers

Buffer Buffer Buffer Buffer

QueuesQueuesQueuesQueues

DeviceDeviceDeviceDevice GatewayGatewayGatewayGateway

CallCenterCallCenter

External

DT Payment

Services

DT Payment

Services

Backplane

External External External External

Service Service Service Service

IntegratorIntegratorIntegratorIntegrator

Content

Provider

Content

Provider

Service Integration BusService Integration BusService Integration BusService Integration Bus

CoreCoreCoreCore ServicesServicesServicesServices

Download Download Download Download GatewayGatewayGatewayGateway

Plattform

PlattformCentral Database Central Database Central Database Central Database

ServicesServicesServicesServices

External

Payment

External

Payment

TCPTCP

httphttp

Security

Service PortalService PortalService PortalService Portal

TCPTCP

httphttp

Security

TCPTCP

httphttp

External

Billing

External

Billing

Portal

Solutions

Portal

Solutions

Rental

Services

Rental

Services

Security

……

SMSSMS

SOAPSOAP

JSONJSON

External

DT Payment

Services

DT Payment

Services

Backplane

Content

Provider

Content

Provider

Plattform

External

Payment

External

Payment

TCPTCP

httphttp

Security

TCPTCP

httphttp

Security

TCPTCP

httphttp

Evaluation Criteria

� Maturity

� Several systems in production

� Reference call with eBay

Evaluation Criteria

� Market Position

� WSO2 established on the market

Evaluation Criteria

� Integration Flexibility

� Many standard builders/formatters

� Custom adaptors

Evaluation Criteria

� Cost

� Software is open source and free

� Commercial support at a reasonable price

Evaluation Criteria

� Performance

� State-of-the-art performance

Evaluation Criteria

� Scalability

� Cluster/farm supported

Evaluation Criteria

� High Availability

� Master/slaves supported

� No single point of failure

Evaluation Criteria

� Completeness of Product Offering

� Identity Management, Governance Registry and some more productsoffered

� Integration with e. g. BPEL

Evaluation Criteria

� Business Activity Monitoring

� Integration with WSO2BAM

� Custom implementations possible

Evaluation Criteria

� Mediation / Proxying

� Supported

Evaluation Criteria

� Transforming and Mapping

� Supported

Evaluation Criteria

� Content Based Routing

� Supported

� Xpath, regexp and custom parsers

Evaluation Criteria

� Message Flows

� Supported, e. g. pipe, filter, splitter

Evaluation Criteria

� Fault Handling

� Supported, e. g. retry strategy

� Defined by explicit scripting

Evaluation Criteria

� Security

� SSL

� LDAP

� WS-Security

� SAML

Evaluation Criteria

� Auditing

� Supported

Evaluation Criteria

� Reliable Messaging

� Several JMS Providers supported

Evaluation Criteria

� Compliance to Standards

� Based on components that implement standards

Evaluation Criteria

� Mobile and Wireless Communications StandardsMobile and Wireless Communications StandardsMobile and Wireless Communications StandardsMobile and Wireless Communications Standards

� UMTS

� LTE

� GSM

� WiFi (IEEE 802.11)

� Network ProtocolsNetwork ProtocolsNetwork ProtocolsNetwork Protocols

� TCP

� UDP

� HTTP

� FTP

� SMTP

� POP3

� OMA DM

� Network Cryptographic ProtocolsNetwork Cryptographic ProtocolsNetwork Cryptographic ProtocolsNetwork Cryptographic Protocols

� SSL

� TLS

� Data Definition and RetrievalData Definition and RetrievalData Definition and RetrievalData Definition and Retrieval

� XML

� XML Schema (XSD)

� JSON

� SQL

� Web Service Standards and ProtocolsWeb Service Standards and ProtocolsWeb Service Standards and ProtocolsWeb Service Standards and Protocols

� WSDL, RESTful HTTP

� SOAP

� WS-Security

� WS-Policy

� WS-Interop

� SecuritySecuritySecuritySecurity

� SAML

� XACML

� XKMS

� X.509

� Runtime PlatformsRuntime PlatformsRuntime PlatformsRuntime Platforms

� JVM

� OSGi

� Design and DevelopmentDesign and DevelopmentDesign and DevelopmentDesign and Development

� Java Enterprise Edition 6.0 (JPA, EJB 3.0, JMS, JMX, JSF, JAAS, JAX-WS, JAX-RS)

� HTML 5

� UML 2.0

� SOA, MDSD

� De facto standard frameworks Spring and Hibernate

Evaluation Criteria

Result:

�WSO2 looks good concerning the evaluation criteria

Operational Criteria

Assume we have operators…

�… in a large data center

�… running a critical system

�… with some responsibility for smooth operation also on application level

� Installation

� Flexibility – Virtualization, Terminal Server, Ports etc.works fine

� Limited interaction – scriptscomplete automatic installation possible

� Simple Configurationfew configuration files

� Patch Installation

� Patch Strategyjust directories & database

� Patch Deinstallationrestore files / db reimport

� Integrity

� Transactionalityto some degree, but we have a SOA

� Poison message problemfault queues supported, still really difficult

� Integrity checks

� Load balancing

� Availability

� Online Backup

� Consistency after reconnect

� Consistency after crash

� Consistency after point-in-time recoverybad problem in distributed systems

� Disaster tolerance

� Scalability and Performance

� Cluster / farm support

� Load balancing

� Security

� Three layers – presentation, application, storage

� Partitioning – demilitarized zones

� More Security

� SSL / certificatesSSL out-of-the-box

� Loggingnice job for an ESB

� LDAP & password management

� Even more Security

� Security concept

� Baseline Protection („IT-Grundschutz“)>4000 pages provided by the german BSI

� Privacy

� Compliance with Data Protection Acts

� Data Economydo not take more data than necessary

� Data Reductionerase data, even backups

� Administration

� Scheduling

� Shutdown (friendly, fast, abort) preferably not kill -9

� Monitoring

� of availabilityecho services

� of resourcesmemory, cpu, network, processes, threads

� of performancesimilar to BAM

� Monitoring

� Logging / log levels

� Logging to the database

� Event Correlationusing global identifiers in messages

� Auditing acceptabilityin some cases required by law

� Maintainability

� Configurability

� Limited downtime

� Online reconfiguration

� Versioning

� Extensibility

…a lot of stuff, and WSO2 meets the requirements.

And one more:

�Professional Support

� for analysis / bugfixing

… and for a Quickstart Workshop.

Quickstart Workshop

�Time & Place:

� 6 days in June 2011 in Bonn / Germany

�Team:

� 2 architects/developers from WSO2

� about 4 architects/developers from T-Systems

�Goal:

� Proof of concept for the required features

Quickstart Workshop

�Installation

� really simple – just unzip, change ports, and run!

� only 4s per ESB

� plus 30-60s to start up

Quickstart Workshop

�ESB Management Console

Pitfalls:

only one login cookieper host in a browser

… and we used ssh port forwarding to localhost

� maybe use several hostnames per host

SSL Certificates and hostname vs. DNS name vs. IP

symptom: empty soap request templates

� using hostnames worked for us

Quickstart Workshop

�SOAP Proxy

� straight forward

� may include WSDL

Pitfalls:

references to XSDs

� set schemaLocation in <xs:import>

reachable by the browser vs. reachable by the ESB

Quickstart Workshop<?xml version="1.0" encoding="UTF-8"?>

</endpoint><inSequence><log level="full"/>

</inSequence><outSequence><log level="full"><property name="out" value="out"/>

</log><send/>

</outSequence></target>

<publishWSDL>…

</publishWSDL></proxy>

</xml>

Quickstart Workshop

�HTTP GET Proxy

� simple

<rewriterule><action value="" regex="/services/MyProxy"

type="replace" fragment="path"/>

</rewriterule>

Quickstart Workshop

�Restful HTTP POST Proxy

� set ContentType, messageType, HTTP_METHOD

� trivial

Pitfall:

POST parameters got lost

� fixed by WSO2

Quickstart Workshop

�HTTP SOAP to GET Proxy

� extract variables via xpath

<source clone="true“

xpath="//query-string/text()"/>

</enrich>

� build URL

<property name="REST_URL_POSTFIX"

expression="fn:concat('service/insert?',get-property('POSTFIX') )"

scope="axis2"/>

Quickstart Workshop

�Custom Protocol (TCP) Proxy

� Implement and deploy two Java classes:

� custom MessageBuilder

� custom MessageFormatter

� requires axis2-wso2.jar

� quite easy

Quickstart Workshop

�Portability of ESB configuration

� in filesystem: simple copy

� in Governance Registry: export/import

� very nice and simple!

Pitfalls:

ESB must be running when the files are deployed,otherwise they are never read

Resources must be deployed first,otherwise proxy definitions may complain about missing files

Quickstart Workshop

�Filtering and Dynamic Routing

</then><else><header name="To"expression="get-property('ENDPOINT')"/><send/>

</else></filter>

clean, but still verbose compared to non-xml languages“if ($a > 10) send(); else send(to => $endpoint)“

Quickstart Workshop

�Mapping based on DB table

<password>wso2</password><user>wso2</user><url>jdbc:mysql://192.168.3.4:3306/wso2</url><driver>com.mysql.jdbc.Driver</driver>

</pool></connection><statement>

<sql>select mapped_id from mapping_table where id = ?</sql><parameter expression="get-property('ID')" type="VARCHAR"/><result name="mapped_id" column="mapped_id"/>

</statement></dblookup>

Quickstart Workshop

�Sequence Number Generation

� via database lookup

Quickstart Workshop

�Random Number Generation – Javascript

<inSequence><script language="js">var randomnumber = Math.floor(Math.random()*10);mc.setProperty("GeneratedID", randomnumber);</script><xslt key="IdMapper.xslt">

</xslt></inSequence>

Quickstart Workshop

�Traffic Shaping

� Throttling at Service Level

� Throttling at Mediator Level

� <throttle>-Sequence

� Policies

� Prioritization

� <priorityExecutor>

Quickstart Workshop

� Message Handling

� Buffering via JMS queue

� e. g. Apache qpid, ActiveMQ

� Resend

� Dead letter queue

Quickstart Workshop

� SSL

� the usual steps for handling certificates

� otherwise very simple

Quickstart Workshop

� WS-Security

� the usual steps for handling certificates

� and some stuff to declare the policy

� but otherwise quite simple

Quickstart Workshop

� OpenID

� ESB as an OpenID provider

�SAML

� ESB as a security token service

� quite some stuff to do

�SAML2 single sign on

Quickstart Workshop

� Business Activity Monitoring

� WSO2 BAM server

� ESBs cache and send events to BAM

� e. g. count by xpath expression

Quickstart Workshop

�Benchmarks

� with JVM memory settings increased

� up to 1680 req/s for SOAP proxy

� with client/ESB/backend running in VMson a single host with 2 x Xeon X7460

difficult to measure on VMs

� at least reasonable fast

Pitfalls:

the ESB may be faster than your client or backend

Quickstart Workshop

Result of the Quickstart Workshop:

� WSO2 Components really work fine

Final Result:

� Let‘s try and take WSO2

� all necessary features

� sufficiently mature

� relatively lightweight

� very good personal support

ESB Proxies

Back to the real world…

External

Billing

External

Billing

Portal

Solutions

Portal

Solutions

Rental

Services

Rental

Services

Security

……

SMSSMS

SOAPSOAP

JSONJSON

External

DT Payment

Services

DT Payment

Services

Backplane

Content

Provider

Content

Provider

Plattform

External

Payment

External

Payment

TCPTCP

httphttp

Security

TCPTCP

httphttp

Security

TCPTCP

httphttp

ESB Proxies

� Automatic ESB installation

� unzip, change ports etc.

� delivery built by Jenkins

� Automatic service installation

� One script to set up everything from scratch

ESB Proxies

�Task #1: Proxies for existing SOAP services

� 33 services, 159 XSDs

� modelled in Enterprise Architect

� WSDLs generated via EMF scripts (xtend/xpand)

ESB Proxies

Strategy:

� convert existing WSDL/XSDsto ESB proxy service definitions

� by XSLT called by ant

� customized by a host-specific config file with URLs

� deploy to the ESB via file copy

Pitfall:

Do not use subdirectories for XSDs!

ESB Proxies

�Task #2: Proxy for another SOAP service (task #2)

� simple

Pitfalls:

Every external real-world service seems to be a little different

namespaces, path conventions, casing,dependencies on external XSDs…

ESB Proxies

�Task #3: Proxy for non-XML HTTP POST and GET service

� use URL rewrite

� set body via <enrich>

Pitfalls:

Make sure to set no-proxy in your browser.

And make sure the browser cares.

Don‘t be fooled by your browser‘s cache.

� Use TcpMon!

ESB Proxies

�Task #4: Proxy with Transformation

� define XSLT mediators for in and out sequences

� generate ID via JavaScript

Pitfalls:

Enough. XSLT is designed for simple transformations,

not as a comfortable full-featured language.

Make sure your service is redeployed when necessary.

Changing just an XSLT may not be sufficient.

ESB Proxies

�Task #5: Proxy for binary XML

� one proxy for both XML and WB-XML

� use ApplicationXMLBuilder / -Formatter

Pitfalls:

It‘s simple as soon as you have found the right builder/formatterand the right options.

DISABLE_CHUNKING was required.

ESB Proxies

�Task #6: Proxy for POST with Query Parameters

� simple

Pitfalls:

Hit a bug - Query Parameters got dropped

� inSequence works fine if an URL rewrite is inserted

� Fix provided by WSO2

ESB Proxies

� Result:

� Everything works so far!

after fixing a bunch of simple problems

External

Billing

External

Billing

Portal

Solutions

Portal

Solutions

Rental

Services

Rental

Services

Security

……

SMSSMS

SOAPSOAP

JSONJSON

External

DT Payment

Services

DT Payment

Services

Backplane

Content

Provider

Content

Provider

Plattform

External

Payment

External

Payment

TCPTCP

httphttp

Security

TCPTCP

httphttp

Security

TCPTCP

httphttp

Next Steps

� NGTP (Next Generation Telematics Pattern)

� Binary messages

� Header may be processed by the ESB

� Plugin (Builder) to be implemented in Java

by NGTP Group, cc-by-sa, http://creativecommons.org/licenses/by-sa/3.0/legalcode

Next Steps

�Hardware Security Modules (Cryptoserver)

� Idea of HSMs:

� Offer restricted set of cryptographic operations

� But keep the keys inside

Next Steps

Why use Hardware Security Modules?

� Keys kept secure

� Hardware acceleration

� Non-standard implementations

Next Steps

�Using a Hardware Security Module

� Typically some binary TCP protocol

� Java module for the ESB may be developed

� With all operational requirements:

� Reconnect, failover, logging, …

Next Steps

�OSGi

� 2 ways to deploy services

� as a stand-alone web service e. g. on Tomcat

� as an OSGi module within the ESB or within Carbon

� Maybe go for OSGi

� Easier to handle?

� Better dependency management?

� With less resources?

� Better deployment options?

Next Steps

�WSO2 Stratos

� Software for Platform as a Service (PaaS)

� T-Systems plans to become a PaaS Providerfor the Connected Car Platform

Elektromobility Services based on the Connected Car Platform.

Existing services: Planned services:

� Mobility Services: choose best means of

transport

� Driver-specific informationen: e. g. heating

dependent on data from a server

� Charging: Authentifikation/Authorization,

Charge Control, Billing

� Track/Trace/Locate: where is my car,

when will I arrive?

� Diagnosis/Maintenance/Health:

Charge status, Status of eCar

components

� POI/Navigation: next Charging Point

Summary

�T-Systems provides the Connected Car Platform

� Generic platform for services used in cars

� WSO2 contributes the Middleware

� ESB

� Governance Registry, Identity Server, Stratos

�Development is ongoing

Thank you for your attention.

======!"§==Systems=Dr. Andreas WichmannSystems Integration.Systems Integration.Systems Integration.Systems Integration.

T-Systems GEI GmbH

Vorgebirgsstr. 49, 53111 Bonn

Phone: +49 228 9841 4447

Fax: +49 228 9841 5158

Mobile: +49 170 9223 406

E-Mail: andreas.wichmann@t-systems.com

Address:

Contact:

wso2 @ connected car

Technology

everis connected car report - amazon...

connected car

the connected car is here to stay...the connected car is...

connected car forecast: global connected car market … ·...

wso2 con building the api centric enterprise - towards a...

connected car technology

q1 2015 connected car market update - woodside...

bigdata : connected car

kaspersky automotive security · remote assistance...

connected car world

q1 2015 connected car market update - woodside cap€¦ ·...

seat ee55 connected car

cloudmade - connected car - overview

connected car overview

the connected car 2011

wso2 integration platform - the most comprehensive...

the connected car industry 2013 report -...

kaspersky connected car 2014

kickoff connected car challenge

impact connected car