Cloud Computing Designed for the Distributed Edge

Zededa has developed an edge management and orchestration solution that sits at the convergence of the IT and OT worlds. The cloud-based, SaaS solution brings visibility and security to highly distributed networks, regardless of the hardware and software deployed.

Article Key

Image credit: Zededa

Change is upon us as Industry 4.0 moves forward. Manufacturers and developers are integrating more capabilities at the edge as companies seek to automate and gain more insights from their systems. To leverage their existing systems as they digitize their networks, companies need the technologies that blend the IT and OT worlds.

Much of the IT world is focused on data centers, but that approach doesn’t always translate well in industrial environments, where devices can be isolated or physically distant—like on an oil field.

“We’re taking the principles developed in the data center, and we’re extending it out to the field,” says Jason Shepherd, Zededa’s vice president of Ecosystem. “IT is coming down from the data center in the cloud, and OT is coming up from the physical world. As those two worlds converge, we help you scale it out.”

The EVE of Convergence

The heart of Zededa’s solution is the EVE-OS, an open source, vendor neutral foundational layer that manages the applications above it and the hardware below. “We integrated the agent into the OS as the fundamental layer you put down first,” Shepherd says.

“EVE is doing for IoT edge solutions what Android did for mobile,” Shepherd says. Zededa’s cloud console can communicate with anything built using the open API, giving customers choice and flexibility. “It’s an insurance policy for our customers,” Shepherd says.

Highly distributed systems often are managed using an agent on top of Linux, but that can render devices useless in the field. As more capabilities are embedded in the hardware, the agent has to be integrated with the hardware, not just run above it. “You cannot brick a box with our solution, because the OS is so tightly coupled to the hardware,” Shepherd says.

High Level Security and Reliability

Security is paramount for all networks, but devices in the field have additional security challenges. Zededa addresses that through silicon-level security and software-defined infrastructure. Unlike a data center solution, where physical access is controlled, Zededa assumes the field equipment can be touched or tampered with and that full-time connectivity isn’t guaranteed.

When deploying a new device, Zededa partners with service providers, including Arrow Electronics, who preloads the software and drops the devices in the field. EVE-OS finds the device’s unique credential within the silicon, and performs a measured boot to ensure it is valid and operating in a trusted fashion. Role-based access control is supported, but access must be granted first through the cloud, and all interactions are monitored and tracked. EVE-OS features a distributed firewall that allows operators to set policies that govern which applications, modules, CPU cores, and GPUs can talk to each other.

To ensure reliability, every device runs two copies of the EVE-OS. Changes and updates are sent out to only one copy, which checks and tests the software. If it performs well, it updates the second OS; if not, it reverts back to the prior version.

“We keep two copies running for the uptime,” Shepherd says. “It’s very unique compared to other [solutions].” In addition, Zededa can support virtual machines, legacy applications, and new containers. EVE-OS can talk to Windows, SCADA, HMI, and other control system architectures, allowing those devices to be managed remotely. A dashboard enables operators to manage the entire system, check performance, and review alerts.

Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries.