WIXLIB

YNQ : A Portable SMB Solution forEmbedded SystemsA Visuality Systems WhitepaperYNQ Whitepaper 2019 Visuality Systems Ltd1

Table of ContentsEmbedded Market Overview3Challenges4The Solution5Customer Case Studies6YNQ Architecture8Using YNQ 10Functionality11Compliance and Connectivity122Summary133YNQ Whitepaper 2019 Visuality Systems Ltd2

Embedded Market OverviewThe world of embedded systems is large and diverse. The worldwide embedded marketby most estimates is valued at 140 billion, and is growing at rates between 5% and 8%annually.Embedded software is a critical component of an overarching embedded systemarchitecture for devices, which run on a low footprint, and low RAM, RTOS, etc. Fromhome appliances to on-board aircraft networks, robotics to medical equipment,automotive to smart watches, ATMs to printers, there are many types of embeddedsoftware applications running on different hardware, each with its own size, shape andcustom requirements.There is something, however, that unites most of them, and that is the need for networkconnectivity. This is because, nowadays, devices are not isolated anymore. For instance,they may need to save their jobs on a remote server or may want to expose their files tothe outer world.Figure 1: YNQ possible connectivityYNQ Whitepaper 2019 Visuality Systems Ltd3

Remote file access and print services are two common embedded software firmwarerequirements. Some use cases of these are as follows: MFPs (multifunctional printers) save scan jobs over the networkRouters share flash drives to the networkRobots read jobs from a network serverMedical equipment writes test results to the hospital serverAircraft console clients retrieve maps from the on-board map serverSince a large percentage of devices are communicating with back-end Windows systems,the Server Message Block or SMB protocol, the default standard in Microsoft-basedsystems, is typically used for this remote connectivity. SMB has been widely adopted inheterogeneous environments involving Linux, MacOS, UNIX, different RTOSes, iOS,Android and other environments.ChallengesLack of a portable and standard embedded system SMBsolutionEmbedded systems typically lack a native SMB solution.Linux and UNIX can use the open source Samba solution,but it is limited due to its support model, large footprint andrestrictive licensing requirements. RTOS platforms do notinclude the SMB protocol solution.Figure 2: ChallengesLimited resourcesEmbedded systems are facing the same challenges as computers, one example being thelatest security threats. Contrary to computers, however, embedded systems are muchmore limited in resources.Consider the following scenarios: Devices are still using old, unsecured SMB1, exposing files externally Vendors cannot adhere to Samba licensing changes The solution’s high footprint narrows the market to only high-end devices The firmware is not truly portable, thus limiting customers to more expensiveor less efficient environments Existing file transfer solutions must read/write entire files, thus limitingperformanceThe overall embedded market therefore requires a comprehensive, secure, standardsbased SMB Server and Client solutions with favorable licensing that is easy toimplement, reliable, and carries a low resource footprint and low RAM usage.YNQ Whitepaper 2019 Visuality Systems Ltd4

The SolutionWhy SMB?The SMB protocol, formally referred to as CIFS, is a file and printer sharing protocol,which serves as the basis for Microsoft's Distributed File System implementation.Contrary to FTP and HTTP, the SMB protocol allows not only copying an entire file, butalso grants access to files over the network. File editing, for example, can be executedover SMB without a change in its location. The latest dialect - SMB 3.1.1 - enjoys thehighest levels of built-in security, including pre-authentication and encryption for all fileoperations.While desktop computers and servers such as Windows and Macintosh natively benefitfrom SMB connectivity, the situation in the embedded world is more complicated. Adevice may be developed on top Linux/Unix or an RTOS that lacks an SMB solutionsuch as VxWorks, ThreadX, Integrity, Itron, or any other of a great variety of RTOS oroperating systems such as iOS, Windows CE, etc.Visuality Systems YNQ : Comprehensive SMB Client and ServerYNQ is a portable SMB Server and Client solutions that can be used with anyenvironment operating system (OS), device, CPU or compiler. It enables devices toconnect with a network through SMB. Being a highly portable library, YNQ can beintegrated into virtually any hardware or software platform and fully complies withMicrosoft SMB/SMB2/SMB3 specifications. YNQ stays current with the latestreleases of the SMB protocol, including critical, built-in connectivity and file encryptionstandards that protect your environment from security intrusions and other maliciousactivity.YNQ is the flagship product of Visuality Systems Ltd. At its launch in 1999, it wascalled CIFS NQ and was subsequently renamed to NQE in 2014. YNQ is the newgeneration of the NQ product family, released in 2019 and was developed under theAgile methodology.YNQ has 3 levels of modularity (Figure 6): High: API/Protocol level – APIs (NQ), server, client, NetBIOSMedium: Service level – Authentication, common, networkLow: OS level – System, user defined, driverEach level utilizes the level below. The API level utilizes both the Service level andOS levels, whilst the Service level utilizes the OS level. The High level is namedFrontend, and the Low level is named Backend.The YNQ modern software structure allows the Visuality Systems customer toknow which module the fix/patch/update is related to at any given time.YNQ Whitepaper 2019 Visuality Systems Ltd5

By knowing which modules the changes have been carried out on integration andtesting time is naturally decrease as the focus required is for the specific modules.This utilization allows to separate the YNQ implementation into four separateproducts: Standalone Client – full SMB client functionalityCorporate Client – full SMB client functionality with the ability to registerthe machine to the corporate Active DirectoryStandalone Server – full SMB server functionalityCorporate Server – full SMB server functionality with the ability to registerthe server to the corporate Active Directory and has the pass throughauthentication ability.Customer Case StudiesScan to FolderThe YNQ Client is today a de facto SMB solution for MFPs (Multi-FunctionalPrinters). It is running in numerous models of MFPs, granting to end users a seamless andsecure way of saving scanned documents.YNQ , when built into an MFP, connects it to the network, so that the printer can savescan jobs directly to a network folder. The entire transaction happens completely from theMFP, thus eliminating hopping between the MFP and a PC, for e.g., between campuses.The Visuality Systems’ SMB functionality grants the scanner the ability to browse thenetwork, locate available computers or servers, view shared folders and deliverdocuments to the accessible destinations in a desired format, quickly, reliably,conveniently and securely.Since the YNQ Client fully supports SMB3, scan jobs are securely transferred underend-to-end encryption.Figure 3: Scan to folderYNQ Whitepaper 2019 Visuality Systems Ltd6

Automotive Manufacturing FloorA high-end European automotive manufacturerembeds Visuality Systems’ YNQ in theircustom factory test “data acquisition” system torecord and distribute extensive equipmentenvironment data for each test run.The configuration data to drive all tests isupdated by an automated controller system withYNQ over SMB protocol. The recorded datafor each test run is then transferred using SMBto be loaded into a massive data warehouse forad-hoc analysis.Figure 4: Auto manufacturing automationAdopting YNQ with the SMB3’s encryption guarantees all data in transit is securedand helps close remaining critical security holes. They have found SMB connectivity tobe faster, more consistent and more reliable than FTP.On Board Navigation Embedded SystemsA defense customer embeds Visuality SystemsYNQ client and server into their real-time,onboard navigation system to speed up fileprocessing and save precious time that can helpsave lives in critical situations.Audio and GEO map files, which are updatedfrequently, can also be accessed directly using theSMB protocol. This provides a much faster endto-end solution than one based on FTP, whichrequires a full file download to the cockpit clientnavigation system.Figure 5: Aircraft use caseYNQ Whitepaper 2019 Visuality Systems Ltd7

YNQ ArchitectureYNQ is a pure C, highly portable library which can be integrated into virtually anyplatform. It is important to distinguish between two levels of YNQ adaptation - Portingand Integration.PortingThe Porting process occurs when YNQ is about to be used on yet another platform, beit an Operating System (OS), another CPU or any other system. Porting YNQ involvesimplementing its low layer by means of the most common platform services. This processis seamless and requires minimum efforts.IntegrationFor selected platforms (Linux/UNIX, VxWorks, Nucleus, iOS and Windows), off-theshelf solutions are available. Integration occurs when YNQ is incorporated into a newsolution on a platform for which Porting has being already done. In most cases, this doesnot require any significant efforts besides fine tuning of a couple of parameters.The model for using YNQ is illustrated in Figure 6. The components shown in blue arefully portable, while those in green may be modified during either Porting or Integration.The YNQ Level 1 here is the central component of the entire architecture. It isresponsible for the SMB Server and SMB Client functionality. The Level 3 (Environmentabstraction component) maps an abstract system API on the exact operating system calls.There is a distinction between Project-Dependent or User-Defined (UD) and SystemDependent (SY) layers. With reference to the difference between Porting and Integration,SY corresponds to Porting, while UD corresponds to Integration.Figure 6: YNQ Architecture LayersYNQ Whitepaper 2019 Visuality Systems Ltd8

From a functional perspective, YNQ may be seen as an SMB Server, SMB Client andNetBIOS Daemon (see Figure 7). Since the SMB Server is an application, using it isseamless and requires minimum efforts, only for fine tuning. The SMB Client is asoftware library available through its API. To benefit from the SMB Client, a YNQ customer should develop an application (or a set of applications). The SMB CorporateServer also uses SMB Client to achieve Domain Authentication (also called ActiveDirectory Authentication). Another component (not shown in Figure 7) is the File System(FS) Driver. This feature is system dependent, and the Driver is currently available onVxWorks and Linux/UNIX (through FUSE). The Driver option allows developing clientapplications on top of the native API instead of Client API. The NetBIOS Daemoncomponent is shared between the Server and Client to provide NetBIOS services, mostlyname resolution.Figure 7: YNQ ComponentsThe YNQ architecture was designed for the embedded world archetype, for which thefollowing techniques can be used: Pre-allocated memory: YNQ uses fixed-size tables, which are either allocatedstatically or pre-allocated on startup. Though it applies some restrictions in termsof maximum connections, open files, etc., it perfectly fits the main constants ofan embedded system. Multi-threading: This technique applies to the SMB Client, which complieswith a fully thread-safe library. SMB Server of YNQ is single-threaded, whichguarantees the most stable and reliable behavior. Zero-copy: YNQ avoids copying payload of read and write operations.YNQ Whitepaper 2019 Visuality Systems Ltd9