The attached DRAFT document (provided here for historical purposes), released on August 21, 2017, has been superseded by the following publication:
Publication Number: NIST Special Publication (SP) 500-325
Title: Fog Computing Conceptual Model
Publication Date: March 2018
• Final Publication: https://doi.org/10.6028/NIST.SP.500-325 (which links to https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.500-325.pdf). • Related Information on CSRC: Final: https://csrc.nist.gov/publications/detail/sp/500-325/final
1 NIST Special Publication 800-191 (Draft) 2
3 The NIST Definition of Fog Computing 4
5 6 Michaela Iorga 7 Larry Feldman 8 Robert Barton 9 Michael J. Martin 10 Nedim Goren 11 Charif Mahmoudi 12 13 14 15 16 17 18 19 C O M P U T E R S E C U R I T Y 20 21
22 NIST Special Publication 800-191 (Draft) 23
24 The NIST Definition of Fog Computing 25
26 Michaela Iorga 27 Computer Security Division 28 Information Technology Laboratory 29 30 Larry Feldman 31 G2 Inc. 32 33 Robert Barton 34 Cisco 35 36 Michael J Martin 37 IBM Canada Ltd. 38 39 Nedim Goren 40 Computer Security Division 41 Information Technology Laboratory 42 43 Charif Mahmoudi 44 Advanced Network Technologies Division 45 Information Technology Laboratory 46 47 48 49 August 2017 50 51
52 53 54 55 U.S. Department of Commerce 56 Wilbur L. Ross, Jr., Secretary 57 58 National Institute of Standards and Technology 59 Kent Rochford, Acting NIST Director and Under Secretary of Commerce for Standards and Technology
60 Authority
61 This publication has been developed by NIST in accordance with its statutory responsibilities 62 under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et 63 seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security 64 standards and guidelines, including minimum requirements for federal information systems, but 65 such standards and guidelines shall not apply to national security systems without the express 66 approval of appropriate federal officials exercising policy authority over such systems. This 67 guideline is consistent with the requirements of the Office of Management and Budget (OMB) 68 Circular A-130.
69 Nothing in this publication should be taken to contradict the standards and guidelines made 70 mandatory and binding on federal agencies by the Secretary of Commerce under statutory 71 authority. Nor should these guidelines be interpreted as altering or superseding the existing 72 authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. This 73 publication may be used by nongovernmental organizations on a voluntary basis and is not subject 74 to copyright in the United States. Attribution would, however, be appreciated by NIST.
75 National Institute of Standards and Technology Special Publication 800-191 76 Natl. Inst. Stand. Technol. Spec. Publ. 800-191, 13 pages (August 2017) 77 CODEN: NSPUE2
78
79 Certain commercial entities, equipment, or materials may be identified in this document in order to describe an 80 experimental procedure or concept adequately. Such identification is not intended to imply recommendation or 81 endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best 82 available for the purpose. 83 There may be references in this publication to other publications currently under development by NIST in accordance 84 with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, 85 may be used by federal agencies even before the completion of such companion publications. Thus, until each 86 publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For 87 planning and transition purposes, federal agencies may wish to closely follow the development of these new 88 publications by NIST. 89 Organizations are encouraged to review all draft publications during public comment periods and provide feedback 90 to NIST. Many NIST cybersecurity publications, other than the ones noted above, are available at 91 http://csrc.nist.gov/publications.
92 Public comment period: August 21, 2017 through September 21, 2017 93 94 National Institute of Standards and Technology 95 Attn: Computer Security Division, Information Technology Laboratory 96 100 Bureau Drive (Mail Stop 8930) Gaithersburg, MD 20899-8930 97 Email: [email protected] 98
99 All comments are subject to release under the Freedom of Information Act (FOIA).
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
100 Reports on Computer Systems Technology
101 The Information Technology Laboratory (ITL) at the National Institute of Standards and 102 Technology (NIST) promotes the U.S. economy and public welfare by providing technical 103 leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test 104 methods, reference data, proof of concept implementations, and technical analysis to advance the 105 development and productive use of information technology. ITL’s responsibilities include the 106 development of technical, physical, administrative, and management standards and guidelines for 107 the cost-effective security and privacy of sensitive unclassified information in Federal computer 108 systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach 109 efforts in computer security and its collaborative activities with industry, government, and 110 academic organizations.
111 Abstract
112 Managing the data generated by Internet of Things (IoT) sensors is one of the biggest challenges 113 faced when deploying an IoT system. Traditional cloud-based IoT systems are challenged by the 114 large scale, heterogeneity, and high latency witnessed in some cloud ecosystems. One solution is 115 to decentralize applications, management, and data analytics into the network itself using a 116 distributed and federated compute model. This approach has become known as fog 117 computing. This document presents a formal definition of fog and mist computing and how they 118 relate to cloud-based computing models for IoT. This document further characterizes important 119 properties and aspects of fog computing, including service models, deployment strategies, and 120 provides a baseline of what fog computing is, and how it may be used. 121 122 Keywords
123 cloud computing; cloudlet; edge computing; fluid computing; fog computing; fluid computing; 124 Internet of Things (IoT); mist computing 125 126 127 128 129
ii
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
130 Acknowledgments
131 The authors would like to thank their colleagues and the experts in industry and government who 132 contributed their thoughts to the creation and review of this definition. 133
134 Audience
135 The intended audience of this document is system planners, system architects, system engineers, 136 system managers, program managers, technologists and networking specialists that consume or 137 provide Internet of Things solutions leveraging cloud and/or fog computing services. 138 139 140
iii
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
141 142 Table of Contents 143 1 Introduction ...... 1 144 1.1 Purpose and Scope ...... 1 145 2 The NIST Definition of Fog Computing ...... 2 146 2.1 Fog Computing Definition ...... 2 147 2.2 Fog Computing Characteristics ...... 2 148 2.3 Fog Node Definition ...... 3 149 2.4 Fog Node Architectural Service Types ...... 4 150 2.5 Fog Node Deployment Models ...... 4 151 3 Mist Computing as Lightweight Fog Layer ...... 5 152 3.1 Mist Computing Definition ...... 5 153 154 List of Appendices 155 Acronyms ...... 7 156 157 List of Figures
158 Figure 1 – Fog comuting supporting a cloud-based ecosystem for smart end-devices. .. 2 159
iv
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
160 1 Introduction
161 Ubiquitous deployment of smart, interconnected devices is estimated to reach 50 billion units by 162 20201. This exponential increase is fueled by the proliferation of mobile devices (e.g. mobile 163 phones and tablets), smart sensors serving different vertical markets (e.g. smart power grids, 164 autonomous transportation, industrial controls, smart cities, wearables, etc), wireless sensors and 165 actuators networks. New concepts and technologies are needed to manage this growing fleet of 166 Internet of Things (IoT) devices.
167 1.1 Purpose and Scope
168 The acute need of the multitude of smart, end-user IoT devices and near-user edge devices to carry 169 out, with minimal latency, a substantial amount of data processing and to collaborate in a 170 distributed way, triggered technology advancements towards adaptive, decentralized 171 computational paradigms that complement the centralized cloud computing model serving IoT 172 networks.
173 Researchers, computer scientists, system and network engineers developed innovative solutions to 174 fill the technological gaps. These solutions provide faster approaches that gain better situational 175 awareness in a far more timelier manner. Such solutions or computational paradigms are referred 176 to as fog computing, mist computing, cloudlets, or edge computing. Since no clear distinction 177 among these concepts existed at the time the document was created, the authors considered it 178 imperative to provide a formal definition that best matches the experts’ views.
179 This document provides a formal definition of fog computing and its subsidiary mist computing 180 concept, and aims to place these concepts in relation to cloud computing, cloudlets and edge 181 computing.
182 Additionally, the document introduces the notion of a fog node and the nodes federation model 183 composed of both, distributed and centralized clusters of fog nodes operating in harmony. This 184 model is introduced as a building-block architectural approach for constructing, enhancing or 185 expanding the fog and mist computing layers.
186 Furthermore, the document characterizes important aspects of fog computing and is intended to 187 serve as a means for broad comparisons of fog capabilities, service models and deployment 188 strategies, and to provide a baseline for discussion of what fog computing is and the way it may be 189 used.
190 The capabilities, service types and deployment models form a simple taxonomy that is not intended 191 to prescribe or constrain any particular method of deployment, service delivery, or business 192 operation.
193
1 https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf
1
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
194 2 The NIST Definition of Fog Computing
195 2.1 Fog Computing Definition
196 Fog computing is a horizontal, physical or virtual resource paradigm that resides between smart 197 end-devices and traditional cloud or data centers. This paradigm supports vertically-isolated, 198 latency-sensitive applications by providing ubiquitous, scalable, layered, federated, and distributed 199 computing, storage, and network connectivity. 200 201
202 203 204 Figure 1 – Fog comuting supporting a cloud-based ecosystem for smart end-devices.
205 Figure 1 above depicts fog computing in the broader context of a cloud-based ecosystem serving 206 smart end-devices. It is important to note that, in authors’ view, fog computing is not perceived as 207 a mandatory layer for such ecosystem. 208
209 2.2 Fog Computing Characteristics
210 Contextual location awareness, and low latency. The origins of the Fog can be traced to 211 early proposals supporting endpoints with rich services at the edge of the network, including 212 applications with low latency requirements (e.g. gaming, video streaming, and augmented
2
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
213 reality). Because Fog nodes tend to sit very close to the IoT endpoints, analysis and response 214 to data generated by the endpoints is much quicker than from a centralized cloud. 215 Geographical distribution. In sharp contrast to the more centralized Cloud, the services and 216 applications targeted by the Fog demand widely distributed deployments. For instance, the Fog 217 will play an active role in delivering high quality streaming services to moving vehicles, 218 through proxies and access points positioned along highways and tracks. 219 Large-scale sensor networks to monitor the environment, and the Smart Grid are other 220 examples of inherently distributed systems, requiring distributed computing and storage 221 resources. 222 Very large number of nodes, as a consequence of the wide geo-distribution, as evidenced in 223 sensor networks in general, and the Smart Grid in particular. 224 Support for mobility. It is essential for many Fog applications to communicate directly with 225 mobile devices, and therefore support mobility techniques, such as the LISP protocol, that 226 decouple host identity from location identity, and require a distributed directory system. 227 Real-time interactions. Important Fog applications involve real-time interactions rather than 228 batch processing. 229 Predominance of wireless access. Although Fog computing is used in wired environments, 230 the large scale of wireless sensors in IoT demand distributed analytics and compute. For this 231 reason, Fog is very well suited to wireless IoT access networks. 232 Heterogeneity. Fog nodes come in different form factors, and will be deployed in a wide 233 variety of environments, and the devices they collect data from may also vary in form factor 234 and network communication capability. 235 Interoperability and federation. Seamless support of certain services (real-time streaming 236 services is a good example) requires the cooperation of different providers. Hence, Fog 237 components must be able to interoperate, and services must be federated across domains. 238 Support for real-time analytics and interplay with the Cloud. The Fog is positioned to play 239 a significant role in the ingestion and processing of the data close to the source as it is being 240 produced. While Fog nodes provide localization, therefore enabling low latency and context 241 awareness, the Cloud provides global centralization. Many applications require both Fog 242 localization and Cloud globalization, particularly for analytics and Big Data. Fog is particularly 243 well suited to real-time streaming analytics as opposed to historical, Big Data batch analytics 244 that is normally carried out in a data center. 245
246 2.3 Fog Node Definition
247 Fog nodes are intermediatary compute elements of the smart end-devices access network that are 248 situated between the Cloud and the smart end-devices. Fog nodes may be either physical or virtual 249 elements and are tightly coupled with the smart end-devices or access networks. Fog nodes 250 typically provide some form of data management and communication service between the 251 peripheral layer where smart end-devices reside and the Cloud. Fog nodes, especially virtual ones,
3
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
252 also referred as cloudlets, can be federated to provide horizontal expansion of the functionality 253 over disperse geolocations.
254 2.4 Fog Node Architectural Service Types
255 Fog computing is an extension of the traditional cloud-based computing model where 256 implementations of the architecture can reside in multiple layers of a network’s topology. Similar 257 to cloud, the following types of service models can be implemented: 258 259 Software as a Service (SaaS). The capability provided to the fog service customer is to use the fog 260 provider’s applications running on a cluster of federated fog nodes managed by the provider. This 261 type of service is similar to the cloud computing Software as a Service (SaaS) and implies that the 262 end-device or smart thing access the fog node’s applications through a thin client interface or a 263 program interface. The end-user does not manage or control the underlying fog node’s 264 infrastructure including network, servers, operating systems, storage, or even individual 265 application capabilities, with the possible exception of limited user-specific application 266 configuration settings. 267 Platform as a Service (PaaS). The capability provided to the fog service customer is similar to the 268 cloud computing Platform as a Service (PaaS) and allows deployment onto the platforms of 269 federated fog nodes forming a cluster, of customer-created or acquired applications created using 270 programming languages, libraries, services, and tools supported by the fog service provider. The 271 fog service customer does not manage or control the underlying fog platform(s) and infrastructure 272 including network, servers, operating systems, or storage, but has control over the deployed 273 applications and possibly configuration settings for the application-hosting environment. 274 Infrastructure as a Service (IaaS). The capability provided to the fog service customer is to 275 provision processing, storage, networks, and other fundamental computing resources leveraging 276 the infrastructure of the fog nodes forming a federated cluster. Similar to cloud Infrastructure as a 277 Service (IaaS) services, the customer is able to deploy and run arbitrary software, which can 278 include operating systems and applications. The consumer does not manage or control the 279 underlying infrastructure of the fog nodes cluster but has control over operating systems, storage, 280 and deployed applications; and possibly limited control of select networking components (e.g., 281 host firewalls).
282 2.5 Fog Node Deployment Models
283 Since fog computing is identified and defined as an extension of the traditional cloud-based 284 computing model, the following deployment models are also supported: 285 Private fog node. A fog node that is provisioned for exclusive use by a single organization 286 comprising multiple consumers (e.g., business units.) It may be owned, managed, and operated by 287 the organization, a third party, or some combination of them, and it may exist on or off premises. 288 Community fog node. A fog node that is provisioned for exclusive use by a specific community 289 of consumers from organizations that have shared concerns (e.g., mission, security requirements, 290 policy, and compliance considerations.) It may be owned, managed, and operated by one or more 291 of the organizations in the community, a third party, or some combination of them, and it may 292 exist on or off premises.
4
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
293 Public fog node. A fog node that is provisioned for open use by the general public. It may be 294 owned, managed, and operated by a business, academic, or government organization, or some 295 combination of them. It exists on the premises of the fog provider. 296 Hybrid fog node. A complex fog node that is a composition of two or more distinct fog nodes 297 (private, community, or public) that remain unique entities, but are bound together by standardized 298 or proprietary technology that enables data and application portability (e.g., fog bursting for load 299 balancing between these fog nodes.) 300 301 3 Mist Computing as Lightweight Fog Layer
302 Fog computing solutions are adopted by many industries, and efforts to develop distributed 303 applications and analytics tools exist and continue to develop. The need for geographically 304 disbursed, low-latency computational resources triggered the technological evolution of fog 305 computing promoting development of more specialized, dedicated nodes that exhibit low 306 computational resources. These nodes referred to as mist nodes, are perceived as lightweight fog 307 nodes. These mist nodes that form the mist computing layer are placed even closer to the peripheral 308 devices and users than the more powerful fog nodes they collaborate with, often sharing same 309 locality with the smart end-devices they service.
310 3.1 Mist Computing Definition
311 Mist computing is a lightweight and rudimentary form of computing power that resides directly 312 within the network fabric2 at the edge of the network fabric, the fog layer closest to the smart end- 313 devices, using microcomputers and microcontrollers to feed into fog computing nodes and 314 potentially onward towards the cloud computing services. 315 Mist layer is not viewed as a mandaroty layer of fog. When implemented, mist nodes can leverage 316 the deployment models described in Section 2.5 and the service types described in Section 2.4. 317
2 Network fabric is an industry term that describes a network topology in which components pass data to each other through interconnecting switches.
5
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
318 Annex A—Fog Computing vs. Edge Computing
319 320 For the purpose of this document, the Edge is the network layer encompassing the smart end- 321 devices and their users, to provide, for example, local computing capability on a sensor, metering 322 or some other devices that are network-accessible. This peripheral layer is also often referred to as 323 IoT network. 324 Fog computing also is often erroneously called edge computing, but there are key differences. Fog 325 works with the cloud, whereas edge is defined by the exclusion of cloud and fog. Fog is 326 hierarchical, where edge tends to be limited to a small number of peripheral layers. Moreover, in 327 addition to computation, fog also addresses networking, storage, control and data-processing 328 acceleration. 329
6
NIST SP 800-191 (DRAFT) THE NIST FOG COMPUTING DEFINITION
330 Acronyms
331 Selected acronyms and abbreviations used in this paper are defined below.
IaaS Infrastructure as a Service
IoT Internet of Things
PaaS Platform as a Service
SaaS Software as a Service
332
7