Edge computing encompasses a variety of technologies that are poised to enable new applications across the Internet that support data capture, storage, processing and communication near the edge of the Internet. Edge computing environments pose new challenges, as devices are heterogeneous, widely distributed geographically, and physically closer to end users, such as mobile and Internet-of-Things (IoT) devices. This project develops EdgeVPN, a software element that addresses a fundamental challenge of networking for edge computing applications: establishing Virtual Private Networks (VPNs) to logically interconnect edge devices, while preserving privacy and integrity of data as it flows through Internet links. More specifically, the EdgeVPN software developed in this project addresses technical challenges in creating virtual networks that self-organize into scalable, resilient systems that can significantly lower the barrier to entry to deploying a private communication fabric in support of existing and future edge applications. There are a wide range of applications that are poised to benefit from EdgeVPN; in particular, this project is motivated by use cases in ecological monitoring and forecasting for freshwater lakes and reservoirs, situational awareness and command-and-control in defense applications, and smart and connected cities. Because EdgeVPN is open-source and freely available to the public, the software will promote progress of science and benefit society at large by contributing to the set of tools available to researchers, developers and practitioners to catalyze innovation and future applications in edge computing.
Edge computing applications need to be deployed across multiple network providers, and harness low-latency, high-throughput processing of streams of data from large numbers of distributed IoT devices. Achieving this goal will demand not only advances in the underlying physical network, but also require a trustworthy communication fabric that is easy to use, and operates atop the existing Internet without requiring changes to the infrastructure. The EdgeVPN open-source software developed in this project is an overlay virtual network that allows seamless private networking among groups of edge computing resources, as well as cloud resources. EdgeVPN is novel in how it integrates: 1) a flexible group management and messaging service to create and manage peer-to-peer VPN tunnels grouping devices distributed across the Internet, 2) a scalable structured overlay network topology supporting primitives for unicast, multicast and broadcast, 3) software-defined networking (SDN) as the control plane to support message routing through the peer-to-peer data path, and 4) network virtualization and integration with virtualized compute/storage endpoints with Docker containers to allow existing Internet applications to work unmodified. EdgeVPN self-organizes an overlay topology of tunnels that enables encrypted, authenticated communication among edge devices connected across disparate providers in the Internet, possibly subject to mobility and constraints imposed by firewalls and Network Address Translation, NATs. It builds upon standard SDN interfaces to implement packet manipulation primitives for virtualization supporting the ubiquitous Ethernet and IP-layer protocols.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
