350 likes | 493 Views
DARPA. CoAX Technology Contributions TTCP Meeting - Malvern - September 2000 AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed Martin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMC Support from BBN, GITI, ISX, MITRE, Schafer Coalition Agents eXperiment (CoAX)
E N D
DARPA CoAX Technology Contributions TTCP Meeting - Malvern - September 2000 AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed Martin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMC Support from BBN, GITI, ISX, MITRE, Schafer Coalition Agents eXperiment (CoAX) http://www.aiai.ed.ac.uk/project/coax/
Technical Contributions • GITI - CoABS Grid Infrastructure • Boeing and UWF/IHMC- KAoS Domain Management • AIAI Process Panel - Task and Process Management • DERA Master Battle Planning • LM ATL EMAA/CAST AODB - Restricted Data Base Access • AFRL/BBN/GITI CAMPS - Air Logistics Support Tool • USC/ISI Ariadne - Open Information Access • UWF/IHMC - NOMADS safe and secure mobile agents • Stand alone demonstrations at 9 months: • MIT Robustness Services • Stanford Incentives Management • Dartmouth Observer Agent • Michigan Coordination Planning Aid
GITI/ISXThe CoABS Grid • The CoABS/Infrastructure code provides a framework for integrating diverse agent-based systems, and provides additional common services. • The Grid allows agents to find services and other agents so that agent teams can be dynamically formed to solve context-based tasks. • The Grid is built using JiniTM technology. Direct agent communication is provided using message queues built on JAVA RMI. Grid Logging Markup Language based on XML.
Prototype Grid Architecture Grid Aware Services e-mail Proxi Agents Auction/Trader Agents Information Retrieval Agents Grid Ready Components OAA Proxy Agent RETSINA Proxy Agent Matchmaker Mobility EventMessaging Grid Core Services Logging Admin Instrument- ation Object Visualization Events Security AgentRep Message Queue Grid Agent Helper ServiceRep Registry Grid Service Helper Java Platform: RMI, Jini™ • Interoperability of distributed, heterogeneous objects, services, and multi-agent systems. • Registration and advertisement of capabilities. • Discovery of relevant participants, and flexible run-time communications. • Current Grid services include: Logging, Visualization, Security, Instrumentation, Communication, Registration, and Event Services.
Boeing/UWF - Agent Domains DM An agent domain consists of one or more agents registered with a common Domain Manager which provides for common administration and enforcement of domain-wide, platform-specific, and agent-specific policies.
Agent Domain Management in CoAX • Broadens typical distributed security concerns to include: • Communication and access management: Who can communicate with whom for what services? • Registration management: Who can join the domain under what circumstances? • Resource management: Who can have which kind and how much of a given computing resource? • Mobility management: Who can move where under what circumstances? • Conversation management: What constraints govern interaction between conversing agents? • Obligation management: Who is not meeting commitments? Initial capability shown in six-month demo Initial capability slated for nine-month demo Initial capability slated for 2001-2002 demos
Policy Admin Tool Policy Management Framework Authorized user makes changes over the Web KAoS Domain Manager 1. Ensures policy consistency at all levels 2. Stores policy changes 3. Notifies guards HTTP RMI Servlet Event-driven policy changes RMI JNDI Policy Directory Other Guard Aroma VM Guard Java VM Guard Agent Native Mech Agent Agent Agent Agent Agent Native Mech 1. Abstract, mechanism- neutral representation/XML syntax (DAML collaboration) 2. Distributed networked availability 3. Secure Guard is responsible for: 1. Interpreting policy 2. Enforcing with appropriate native mechanism
AIAI I-X Process Panel • Initially maintains an overview of the current status the coalition C2 processes in accessible shared military terms. • Later adds the ability to monitor, plan and control the coalition C2 processes. • Can take on and address “issues” in the C2 process. • Links to and assists with domain management, authority, exception management and other Grid management services. • To be packaged as generic task and process management facilities that can be made available to other Grid applications.
DERAMaster Battle Planner • Visual planning tool for air operations. • Map-based graphical user interface - operator builds scenario and air missions using simple dialogs and “point and click” techniques. • Analyzes plans (identifying over-tasking, GANTT charts, animated flyout facility) • Obtains data on targets and assets from other agents. • Integrates air missions (e.g. air transport) and weather forecasts from other agents into the air visualisation. • Informs AIAI’s Process Panel of current planning status.
AFRL/GITI/BBNCAMPS Mission Planner • Develops schedules for aircraft to pick up and deliver cargo within specified time windows. • Takes into account a large number of constraints (aircraft & port capabilities, crew availability, work schedule rules) • Can be tasked by other agents. • Domain-aware agent obtains scheduled air transport flights and forwards them to Master Battle Planner for integration into the air visualisation.
LM ATL EMAA/CAST AODB Access Agent • Provides access to AODB via XML formatted Grid messages. • Supports different kinds of queries: one shot, update, and persistent. • Will be evolving EMAA/CAST technology to create a deliverable generic Grid-aware core agent engine to other end users. This technology will be configurable and is intended to easily allow access to alternative sources.
USC/ISI Open Information Access • Provide real-time access to Web data sources • Tools for learning wrappers to extract data for semi-structured sources • Agents learn the structure of data to support: • Source verification automatically detect when the source no longer provides correct data (possibly because the source has changed) • Source reinduction automatically revise wrapper when site change
Resource Control and Security in NOMADS • Dynamic and fine-grained resource control • NOMADS enforces security policies specified by the KAoS domain manager • Security policies include limits on CPU, disk, and network resource usage • Resource consumption monitoring • NOMADS Guard constantly monitors the resource consumption of the GAO agent • When the guard detects a potential denial of service, the guard reduces the resource limits available to the GAO agent
Observers Domain KPAT Domain Manager Java VM Resource Control and Security in NOMADS Aroma VM G GAO DAO
Field Observations (Dartmouth) • Team of soldiers • PDA’s • Ad-hoc wireless networking • Soldiers make observations. • Ground traffic • Air traffic • Personnel and equipment • Buildings and other structures • Observations are fed into battle-planning systems (e.g., MBP) through the CoABS Grid. • In the demo, a team of CoAX soldiers will make observations to correct Gao mis-information.
D’Agents API Observation Agent Grid API Field Observations (Dartmouth) I see a tank! Query/ Response Observation Viewer (9-month demo - standalone) Registration/ Update Stream MBP (18-month demo - integrated) Observations
MIT Robustness Service • The Challenge • Open systems (like coalitions) include unreliable agents (bugs, malice) and infrastructures • The MIT Robustness Service • Monitors agent ‘health’ via polling • Tracks inter-agent commitments • Controls task cancellation, result caching & task re-announcement • Maintains reliability information (failure avoidance) • Informs registry of hung agents
Michigan Multilevel Coordinator Agent • Analyses the alternative plan spaces of coalition functional teams that plan independently and act asynchronously • Works top-down with plans chosen by teams to predict unintended interactions (resource contentions; friendly fire). • Identifies candidate resolutions (timing or action constraints). • Notifies process panel of possible plan conflicts and computed workarounds. • Operationalizes/enforces coordination decisions selected. • Given more time, isolates and resolves conflicts more precisely and efficiently. • Allows planning and coordination decisions to be postponed until runtime conditions become better known. • Packaged as a Grid-aware component that can be proactively executing and utilized by the AIAI Process Panel.
Removed and Spare Slides • Old versions and spare slides
Policy EnforcementProblems and Solutions • Solution: Platform-based enforcement (e.g., Java 2 security) • Problem: Permissions granted statically according to code source (can’t have different permissions for two agent instances from same code base) • Problem: Enforcing policies on unmodified, potentially malicious agents • Solution: Hack JAAS (Java Authentication and Authorization Service) to allow dynamic permissions and instance-level authentication and authorization • Problem: High-level agent security requirements do not always map to low-level built-in Java security mechanisms • Solution: Lock down permissions of untrusted (agent) code and force agent to use a trusted privileged-code wrapper under control of the guard (eventually to be packaged as domain-aware “grid helper”) to perform selected actions • Problem: Fine-grained resource allocation and control and revocation of permissions in the face of denial-of-service attacks • Solution: Run agent under Java-compatible Aroma VM allowing dynamic fine-grained resource rate and quantity control • Problem: “Obligation policies” cannot be enforced by preventing actions in advance but only by monitoring and after-the-fact sanctions • Solution: Sentinel-based policy enforcement (relevant work in this area by MIT)
Michigan Coalition Coordination Coalitions formed in response to emergent needs Functional teams (firestorm, logistics, etc.) formed with participants from contributing partners Without prior history, functional teams can possibly act redundantly, counterproductively, or even harmfully (e.g., friendly fire) Problem: Supporting (through automation) the identification of potential interferences between functional teams at appropriate level(s) of detail, and proposing mitigation strategies
Alpha Foxtrot Gamma Delta Michigan Coalition Coordination Example Logistics: Deliver experimental weapon from Alpha to Foxtrot Combat: Deny airspace Beta; destroy bridge Epsilon • Coordination Decisions: • Logistics stays on ground • Combat waits for Logistics • to use Epsilon before destroying Beta Epsilon