Internet-Draft An Intent-Based SDV Framework March 2024
Jeong & Shen Expires 5 September 2024 [Page]
Workgroup:
Operations and Management Area Working Group
Internet-Draft:
draft-jeong-opsawg-intent-based-sdv-framework-00
Published:
Intended Status:
Informational
Expires:
Authors:
J. Jeong, Ed.
Sungkyunkwan University
Y. Shen
Sungkyunkwan University

An Intent-Based Management Framework for Software-Defined Vehicles in Intelligent Transportation Systems

Abstract

Software-Defined Vehicle (SDV) is a new player towards autonomous vehicles in Intelligent Transportation Systems (ITS). An SDV is constructed by a software platform like a cloud-native system like Kubernetes and has its internal network. To facilitate the easy and efficient configuration of networks in the SDV, an intent-based management is an appropriate direction. This document proposes a framework of intent-based management for networks, security, and applications in SDVs so that they can communicate with other SDVs and infrastructure nodes for safe driving and infotainment services in the road networks.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 5 September 2024.

Table of Contents

1. Introduction

Software-Defined Vehicle (SDV) is a new paradigm in Intelligent Transportation Systems (ITS). The SDVs interact with each other and infrastructure (e.g., edge servers) for safe driving and infotainment services through vehicular networks, as shown in Figure 1. SDVs can communicates with each other via Vehicle-to-Vehicle (V2V) communications. They can communicate with infrastructure nodes (e.g., gNodeB in 5G [TS-23.501]) via Vehicle-to-Infrastructure (V2I) communications.

                              Vehicular Cloud
               *******************************************
             *                                             *
            *              +------------------+             *
           *               | Cloud Controller |              *
           *               +------------------+              *
           *                         ^                       *
            *                        |                      *
             *                       v                     *
               *******************************************
                 ^ +------------+   ^ +------------+   ^ +------------+
                 | |Edge-Server1|   | |Edge-Server2|   | |Edge-Server3|
                 | +------------+   | +------------+   | +------------+
                 |   ^              |   ^              |   ^
                 |   |              |   |              |   |
                 v   V              v   V              v   V
               +---------+         +---------+        +---------+
               | IP-RSU1 |<------->| IP-RSU2 |<------>| IP-RSU3 |
               +---------+         +---------+        +---------+
                    ^                   ^                    ^
                    :                   :                    :
           +-----------------+ +-----------------+   +-----------------+
           |        : V2I    | |        : V2I    |   |       : V2I     |
           |        v        | |        v        |   |       v         |
+--------+ |   +--------+    | |   +--------+    |   |   +--------+    |
|  SDV1  |===> |  SDV2  |===>| |   |  SDV3  |===>|   |   |  SDV4  |===>|
+--------+<...>+--------+<........>+--------+    |   |   +--------+    |
           V2V     ^         V2V        ^        |   |        ^        |
           |       : V2V     | |        : V2V    |   |        : V2V    |
           |       v         | |        v        |   |        v        |
           |  +--------+     | |   +--------+    |   |    +--------+   |
           |  |  SDV5  |===> | |   |  SDV6  |===>|   |    |  SDV7  |==>|
           |  +--------+     | |   +--------+    |   |    +--------+   |
           +-----------------+ +-----------------+   +-----------------+
                 Subnet1              Subnet2              Subnet3
                (Prefix1)            (Prefix2)            (Prefix3)

        <----> Wired Link   <....> Wireless Link   ===> Moving Direction
Figure 1: Vehicular Networks for Software-Defined Vehicles

SDV is regarded as a future platform for autonomous vehicles and electric vehicles. Many automotive-related companies are developing the platform of SDVs, such as AUTOSAR [AUTOSAR-SDV] and Eclipse SDV [Eclipse-SDV]. An SDV consists of computing devices, operating systems, and a cloud-native platform (e.g., Kubernetes [Kubernetes]). Kubernetes is an open-source platform for managing containerized workloads and services with portability and extendibility. It can facilitate intent-based management with both declarative configuration and automation.

An SDV needs an intent-based management for networks and security inside its in-vehicle networks. An intent is a declarative command to request a configuration for a network or security function [TS-28.312][TR-28.812]. It emphasizes more on ``What'' is needed (i.e., declarative command) to be accomplished than ``How'' it should be accomplished (i.e., imperative command). Since there are a huge number of vehicles produced by each automotive company, the networks and security for the SDV needs to be remotely configured and monitored by a control center of each automotive company. The in-vehicle networks are based on Gigabit Ethernet and can be configured as multiple subnets including Electric Control Units (ECU) and infotainment devices. It requires huge overhead for an operator to configure and monitor networks and security for those in-vehicle networks.

This document proposes a framework of intent-based management for networks, security, and applications in SDVs that are Service Functions (SFs). Such SFs can be contructed and managed by Software-Defined Networking (SDN) [RFC7149], Network Functions Virtualization (NFV) [ETSI-NFV][ETSI-NFV-Release-2], and Cloud Native Computing Platform (e.g., Kubernetes [Kubernetes]). This framework automates the configuration and monitoring for the networks and security in each SDV through a vehicular cloud and the SDV's mobile network. An SDV User (i.e., administrator) for the management of SDVs can configure and monitor the networks and security through an intent. The intent from the SDV User is delivered to a Cloud Controller in charge of a vehicular cloud for SDVs. The Cloud Controller translates the intent into the corresponding high-level policy, and delivers the high-level policy to an SDV Controller in charge of an SDV. The SDV translates the high-level policy into the corresponding low-level policy and delivered it to an appropriate Network Function (NF) for a specific service (e.g., router, firewall, and navigator) in the SDV.

2. Terminology

This document uses the terminology described in [RFC8329], [I-D.ietf-i2nsf-applicability], [I-D.jeong-i2nsf-security-management-automation], [I-D.jeong-nmrg-ibn-network-management-automation], and [I-D.yang-i2nsf-security-policy-translation]. In addition, the following terms are defined below:

3. Intent-Based Management Framework for Software-Defined Vehicles

SDVs are managed and monitored by the vehicular cloud. They get help for software updates as well as the configuration of their networks and security from the vehicular cloud. Figure 1 shows a vehicular network architecture for SDVs. SDVs as vehicles can communicate with each other via V2V and with infrastructure nodes such as IP Road-Side Unit (IP-RSU), for example, gNodeB in 5G networks, respectively. Edge servers can help SDVs to perform their safe driving by processing environmental data collected by the SDVs and giving maneuver guidance to the SDVs.

                                                 +-----------------+
                        (*)<........>(*)  +----->| Vehicular Cloud |
     (2001:db8:1:1::/64) |            |   |      +-----------------+
+------------------------------+  +---------------------------------+
|                        v     |  |   v   v                         |
| +---------+        +-------+ |  | +-------+         +---------+   |
| |Navigator|        |IP-OBU1| |  | |IP-RSU1|         |Navigator|   |
| +---------+        +-------+ |  | +-------+         +---------+   |
|     ^                  ^     |  |     ^                  ^        |
|     |                  |     |  |     |                  |        |
|     v                  v     |  |     v                  v        |
| ---------------------------- |  | ------------------------------- |
| 2001:db8:10:1::/64 ^         |  |     ^ 2001:db8:20:1::/64        |
|                    |         |  |     |                           |
|                    v         |  |     v                           |
| +---------+    +-------+     |  | +-------+ +-------+   +-------+ |
| |Firewall |    |Router1|     |  | |Router2| |Server1|...|ServerN| |
| +---------+    +-------+     |  | +-------+ +-------+   +-------+ |
|     ^              ^         |  |     ^         ^           ^     |
|     |              |         |  |     |         |           |     |
|     v              v         |  |     v         v           v     |
| ---------------------------- |  | ------------------------------- |
|      2001:db8:10:2::/64      |  |       2001:db8:20:2::/64        |
+------------------------------+  +---------------------------------+
     SDV1 (Mobile Network1)              EN1 (Fixed Network1)

   <----> Wired Link   <....> Wireless Link   (*) Antenna
Figure 2: In-Vehicle Network and Edge Network

An SDV has its own internal networks (called in-vehicle networks), as shown in Figure 2. The in-vehicle networks consist of multiple subnets connected with each other through routers. IP On-Board Unit (IP-OBU) is a network device in an SDV that has a basic processing ability and can be driven by a low-power CPU (e.g., ARM) with 5G Vehicle-to-Everything (V2X) communication device [RFC9365]. IP Road-Side Unit (IP-RSU) is a network device situated along the road as an infrastructure node. It has at least two distinct IP-enabled interfaces where one is for 5G V2X and the other is for the wired network connected to the vehicular cloud [RFC9365]. An Edge Network (EN) is a radio access network which has an IP-RSU for wireless communication with other SDVs having an IP-OBU and wired communication with other network devices (e.g., routers, IP-RSUs, and edge servers) [RFC9365]. As shown in Figure 2, the IPv6 prefixes should be configured for the in-vehicle network (called mobile network) and Edge Network (called EN). Also, for V2X IP networking, the wireless interfaces of IP-OBU and IP-RSU should be configured with appropriate IPv6 network prefixes and default gateways towards the infrastructure network connected to the vehicular cloud.

                        <Vehicular Cloud (VC)>
+---------------------------------------------------------------------+
| +------------------+                      +--------------------+    |
| |     SDV User     |          +---------->|    SDV Database    |    |
| +------------------+          |           +--------------------+    |
|          ^                    |                     ^               |
|          | Consumer-Facing    | Management          | Analytics     |
|          | Interface (Intent) | Interface           | Interface     |
|          V                    |                     V               |
| +------------------+<---------+           +--------------------+    |
| |Cloud  Controller |                      |Vendor's Mgmt System|<-+ |
| +------------------+<-------------------->+--------------------+  | |
|          ^           Analytics Interface                          | |
|          |                                                        | |
+----------|--------------------------------------------------------|-+
           | Controller-Facing Interface                  Analytics |
           |     (High-level Policy)                      Interface |
+----------|--------------------------------------------------------|-+
|          |                                                        | |
|          v                                                        | |
| +------------------+     Registration     +--------------------+  | |
| |  SDV Controller  |<-------------------->|Vendor's Mgmt System|  | |
| +------------------+      Interface       +--------------------+  | |
|          ^      ^                                                 | |
|          |      |                                                 | |
|          |      |   Analytics Interface   +--------------------+  | |
|          |      +------------------------>|    SDV Analyzer    |<-+ |
|          |                                +--------------------+    |
|          | Service-Facing Interface          ^       ^       ^      |
|          |   (Low-level Policy)              |       |       |      |
|          |                                   |       |       |      |
|          |    +------------------------------+       |       |      |
|          |    |              +-----------------------+       |      |
|          |    |              |   Monitoring Interface        |      |
|          v    v              v                               v      |
|   +---------------+  +---------------+        +---------------+     |
|   |     SF-1      |--|     SF-2      |........|     SF-n      |     |
|   |   (Router)    |  |  (Firewall)   |        |  (Navigator)  |     |
|   +---------------+  +---------------+        +---------------+     |
+---------------------------------------------------------------------+
                  <Software-Defined Vehicle (SDV)>
Figure 3: Intent-Based Management Framework for Software-Defined Vehicles

For the automatic network configuration of SDVs, an intent-based management is required between the vehicular cloud and SDVs [I-D.jeong-nmrg-ibn-network-management-automation]. Figure 3 shows a framework of intent-based management for SDVs. The framework consists of a vehicular cloud and SDVs. The vehicular cloud consists of SDV User (as network administrator), Cloud Controller (as an orchestrator for a vehicular cloud), SDV Database (as a main repository for SDV management and monitoring), and Cloud Analyzer (as a monitoring data analyzer for SDVs) such as Network Data Analytics Function (NWDAF) in 5G networks [TS-23.288][TS-29.520]. The SDV is composed of SDV Controller (as a manager for an SDV), SDV Analyzer (as a monitoring data analyzer for an SDV) [I-D.jeong-nmrg-ibn-network-management-automation], Vendor's Management System (as a vendor system to provide cloud-native containers) [RFC8329][I-D.ietf-i2nsf-applicability], and Network Functions (NF) such as router, DNS server, and firewall [I-D.jeong-nmrg-ibn-network-management-automation]. In this figure, interfaces are defined between a pair of system components in the vehicular cloud and SDV. The intent, high-level policy, and low-level policy can be either XML documents [RFC6020][RFC7950] or YAML documents [YAML]. They can be delivered to the destination components via NETCONF [RFC6241], RESTCONF [RFC8040], or REST API [REST].

As shown in Figure 3, the Intent-Based Management SDV Framework enforces an intent from an SDV User, which as a user (or administrator), into a target system such as SDV. The intent from the SDV User can be translated into the corresponding high-level policy by an intent translator in the Cloud Controller of the Vehicular Cloud [I-D.jeong-i2nsf-security-management-automation]. The high-level policy can also be translated into the corresponding low-level policy by a policy translator in the SDV Controller of the SDV [I-D.yang-i2nsf-security-policy-translation]. The low-level policy is dispatched from the SDV Controller to appropriate Service Functions (SFs) in the SDV, such as Router, Firewall, and Navigator, as shown in the figure. Through the monitoring of the SFs, the activity and performace of the SFs in the SDV is monitored and analyzed by the SDV Analyzer in the SDV. If needed, the rules of the high-level or low-level network policy can be augmented by the SDV Analyzer. Also, new rules can be automatically generated and configured to appropriate SFs by the SDV Analyzer.

Therefore, this document proposes a framework of intent-based management for networks in a Software-Defined Vehicle (called SDV). Through this intent-based management, SDVs can communicate with other SDVs and infrastructure nodes (e.g., IP-RSU) via V2X communications for safe driving and infotainment services in vehicular networks. As future work, we will design and implement YANG data models for the system components and interfaces in the intent-based management framework for SDVs.

4. IANA Considerations

This document does not require any IANA actions.

5. Security Considerations

The same security considerations for the Interface to Network Security Functions (I2NSF) Framework [RFC8329] are applicable to the intent-based management framework this document.

6. References

6.1. Normative References

[RFC6020]
Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, , <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241]
Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, , <https://www.rfc-editor.org/info/rfc6241>.
[RFC7950]
Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, , <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040]
Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, , <https://www.rfc-editor.org/info/rfc8040>.
[RFC8329]
Lopez, D., Lopez, E., Dunbar, L., Strassner, J., and R. Kumar, "Framework for Interface to Network Security Functions", RFC 8329, DOI 10.17487/RFC8329, , <https://www.rfc-editor.org/info/rfc8329>.
[RFC9315]
Clemm, A., Ciavaglia, L., Granville, L. Z., and J. Tantsura, "Intent-Based Networking - Concepts and Definitions", RFC 9315, DOI 10.17487/RFC9315, , <https://www.rfc-editor.org/info/rfc9315>.
[RFC9365]
Jeong, J., Ed., "IPv6 Wireless Access in Vehicular Environments (IPWAVE): Problem Statement and Use Cases", RFC 9365, DOI 10.17487/RFC9365, , <https://www.rfc-editor.org/info/rfc9365>.

6.2. Informative References

[I-D.ietf-i2nsf-applicability]
Jeong, J. P., Hyun, S., Ahn, T., Hares, S., and D. Lopez, "Applicability of Interfaces to Network Security Functions to Network-Based Security Services", Work in Progress, Internet-Draft, draft-ietf-i2nsf-applicability-18, , <https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-applicability-18>.
[I-D.jeong-i2nsf-security-management-automation]
Jeong, J. P., Lingga, P., Jung-Soo, J., Lopez, D., and S. Hares, "Security Management Automation of Cloud-Based Security Services in I2NSF Framework", Work in Progress, Internet-Draft, draft-jeong-i2nsf-security-management-automation-07, , <https://datatracker.ietf.org/doc/html/draft-jeong-i2nsf-security-management-automation-07>.
[I-D.jeong-nmrg-ibn-network-management-automation]
Jeong, J. P., Ahn, Y., Kim, Y., and J. Jung-Soo, "Intent-Based Network Management Automation in 5G Networks", Work in Progress, Internet-Draft, draft-jeong-nmrg-ibn-network-management-automation-03, , <https://datatracker.ietf.org/doc/html/draft-jeong-nmrg-ibn-network-management-automation-03>.
[I-D.yang-i2nsf-security-policy-translation]
Jeong, J. P., Lingga, P., and J. Yang, "Guidelines for Security Policy Translation in Interface to Network Security Functions", Work in Progress, Internet-Draft, draft-yang-i2nsf-security-policy-translation-16, , <https://datatracker.ietf.org/doc/html/draft-yang-i2nsf-security-policy-translation-16>.
[YAML]
Ingerson, B., Evans, C., and O. Ben-Kiki, "Yet Another Markup Language (YAML) 1.0", Available: https://yaml.org/spec/history/2001-05-26.html, .
[TS-23.501]
"System Architecture for the 5G System (5GS)", Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3144, .
[TS-28.312]
"Intent Driven Management Services for Mobile Networks", Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3554, .
[TR-28.812]
"Study on Scenarios for Intent Driven Management Services for Mobile Networks", Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3553, .
[TS-23.288]
"Architecture Enhancements for 5G System (5GS) to Support Network Data Analytics Services", Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3579, .
[TS-29.520]
"Network Data Analytics Services", Available: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3355, .
[RFC7149]
Boucadair, M. and C. Jacquenet, "Software-Defined Networking: A Perspective from within a Service Provider Environment", RFC 7149, , <https://www.rfc-editor.org/rfc/rfc7149>.
[ETSI-NFV]
"Network Functions Virtualisation (NFV); Architectural Framework", Available: https://www.etsi.org/deliver/etsi_gs/nfv/001_099/002/01.02.01_60/gs_nfv002v010201p.pdf, .
[ETSI-NFV-Release-2]
"Network Functions Virtualisation (NFV) Release 2; Management and Orchestration; Architectural Framework Specification", Available: https://www.etsi.org/deliver/etsi_gs/nfv/001_099/006/02.01.01_60/gs_nfv006v020101p.pdf, .
[REST]
Fielding, R. and R. Taylor, "Principled Design of the Modern Web Architecture", ACM Transactions on Internet Technology, Vol. 2, Issue 2,, Available: https://dl.acm.org/doi/10.1145/514183.514185, .
[USENIX-ATC-Lumi]
Jacobs, A., Pfitscher, R., Ribeiro, R., Ferreira, R., Granville, L., Willinger, W., and S. Rao, "Hey, Lumi! Using Natural Language for Intent-Based Network Management", USENIX Annual Technical Conference, Available: https://www.usenix.org/conference/atc21/presentation/jacobs, .
[BERT]
Devlin, J., Chang, M., Lee, K., and K. Toutanova, "BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding", NAACL-HLT Conference, Available: https://aclanthology.org/N19-1423.pdf, .
[Deep-Learning]
Goodfellow, I., Bengio, Y., and A. Courville, "Deep Learning", Publisher: The MIT Press, Available: https://www.deeplearningbook.org/, .
[AUTOSAR-SDV]
"AUTOSAR Adaptive Platform", Available: https://www.autosar.org/standards/adaptive-platform, .
[Eclipse-SDV]
"Eclipse Software Defined Vehicle Working Group Charter", Available: https://www.eclipse.org/org/workinggroups/sdv-charter.php, .
[Kubernetes]
"Kubernetes: Cloud Native Computing Platform", Available: https://kubernetes.io/, .

Appendix A. Acknowledgments

This work was supported in part by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea Ministry of Science and ICT (MSIT)(No. 2022-0-01015, Development of Candidate Element Technology for Intelligent 6G Mobile Core Network).

This work was supported in part by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea Ministry of Science and ICT (MSIT) (No. 2022-0-01199, Regional strategic industry convergence security core talent training business).

Appendix B. Contributors

This document is made by the group effort of OPWAWG, greatly benefiting from inputs and texts by Linda Dunbar (Futurewei) Yong-Geun Hong (Daejeon University), and Joo-Sang Youn (Dong-Eui University). The authors sincerely appreciate their contributions.

The following are coauthors of this document:

Yoseop Ahn
Department of Computer Science & Engineering
Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu
Suwon
Gyeonggi-Do
16419
Republic of Korea
Phone: +82 31 299 4106
URI: http://iotlab.skku.edu/people-Ahn-Yoseop.php
Mose Gu
Department of Computer Science & Engineering
Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu
Suwon
Gyeonggi-Do
16419
Republic of Korea
Phone: +82 31 299 4106
URI: http://iotlab.skku.edu/people-Moses-Gu.php

Authors' Addresses

Jaehoon Paul Jeong (editor)
Department of Computer Science and Engineering
Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu
Suwon
Gyeonggi-Do
16419
Republic of Korea
Phone: +82 31 299 4957
URI: http://iotlab.skku.edu/people-jaehoon-jeong.php
Yiwen Shen
Department of Computer Science and Engineering
Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu
Suwon
Gyeonggi-Do
16419
Republic of Korea
Phone: +82 31 299 4106
URI: https://chrisshen.github.io