Skip to content

Commit 0fd3f8b

Browse files
committed
Updated doc. Changes to make SecureLogReader.xml RTI Spy-friendly.
1 parent 6c8d609 commit 0fd3f8b

11 files changed

Lines changed: 126 additions & 55 deletions

File tree

README.md

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,6 @@ This repository contains documentation and module demo applications showcasing d
1414
- [Module 03: Remote Teleoperation with RTI Real-Time WAN Transport](#module-03-remote-teleoperation-with-rti-real-time-wan-transport)
1515
- [Module 04: Security Threat Demonstration](#module-04-security-threat-demonstration)
1616
- [Hands-On: Architecture](#hands-on-architecture)
17-
- [Architecture Overview](#architecture-overview)
18-
- [Hands-On: Architecture](#hands-on-architecture)
1917
- [Architecture Overview](#architecture-overview)
2018
- [Data Types](#data-types)
2119
- [Quality of Service (QoS)](#quality-of-service-qos)
@@ -139,6 +137,12 @@ The RTI MedTech Reference Architecture demonstrates use cases and capabilities o
139137

140138
Use the module-specific READMEs when you want to run a demo. They describe what each workflow launches, why it exists, and the exact `launch.py` commands to use from the repository root.
141139

140+
`launch.py` accepts either a single module (`python3 launch.py <module> [apps ...] [-s]`) or a **predefined scenario** that launches a curated set of applications across modules in one command (`python3 launch.py --scenario <name> [-s]`). Scenarios are declared in [`resource/config/scenarios.json`](./resource/config/scenarios.json) and cover common multi-component workflows (e.g. `record`, `replay`, `teleop-or-side`, `security-threat`). List them with:
141+
142+
```bash
143+
python3 launch.py --list-scenarios
144+
```
145+
142146
### [Module 01: Digital Operating Room](./modules/01-operating-room/)
143147

144148
### [Module 02: RTI Recording Service & RTI Replay Service](./modules/02-record-playback/)
@@ -220,10 +224,12 @@ This reference architecture defines the following QoS Profiles in [Qos.xml](./sy
220224
| Qos Library | Qos Profile | Intended Use
221225
| ----------- | --------- | -----------
222226
| System | DefaultParticipant | Common, or base, *system configuration* (e.g. transport, network interfaces, discovery, thread priorities, etc.)
227+
| System | WanConfig | WAN transport (UDPv4_WAN) configuration, used by Module 03: Remote Teleoperation
223228
| DataFlow | Streaming | Periodic data that is published at a high frequency (i.e. frequencies <1 second)
224229
| DataFlow | Status | "Current status"-like data, sent once at the beginning of operation and again only upon change to the status
225230
| DataFlow | Command | Data that represents commands or trigger some action in the system
226231
| DataFlow | Heartbeat | Assert and detect the presence of system devices
232+
| DataFlow | SecureLog | Reliable, transient-local delivery for the DDS Security builtin secure-log topic
227233

228234
### Domains & Topics
229235

@@ -242,11 +248,12 @@ Legend:
242248

243249
This reference architecture defines the following Domains in [DomainLibrary.xml](./system_arch/xml_app_creation/DomainLibrary.xml):
244250

245-
| Domain | Intended Use
246-
| ------ | -----------
247-
| OperationalDataDomain | Real-time operational medical device data
251+
| Domain | Domain ID | Intended Use
252+
| ------ | --------- | -----------
253+
| OperationalDataDomain | 0 | Real-time operational medical device data
254+
| SecureLogDomain | 0 | DDS Security builtin secure logging (consumed by the SecureLogReader participant)
248255

249-
*Note, this reference architecture defines just a single Domain. As a Connext system design scales over time, additional domains could be defined for monitoring, logging, etc. Those additional domains should not affect the performance of our operational data, and therefore should belong to a different domain.*
256+
*Note, both domains are defined with the same Domain ID (`0`), so they currently resolve to the **same** DDS domain. `SecureLogDomain` is defined separately to keep the secure-logging configuration distinct, so that as a Connext system design scales over time, logging (and other concerns such as monitoring) can be moved to a different Domain ID without touching the operational data configuration. Isolating such data on a separate domain ensures it does not affect the performance of operational data.*
250257

251258
This reference architecture defines the following Topics in [DomainLibrary.xml](./system_arch/xml_app_creation/DomainLibrary.xml):
252259

@@ -257,6 +264,7 @@ This reference architecture defines the following Topics in [DomainLibrary.xml](
257264
| OperationalDataDomain | `t/DeviceHeartbeat` | Assert that a unique system component is alive
258265
| OperationalDataDomain | `t/DeviceCommand` | Command initiating a status (e.g. `START`, `SHUTDOWN`) to a unique system component
259266
| OperationalDataDomain | `t/Vitals` | Data representative of a unique patient's collected vital signs
267+
| SecureLogDomain | `DDS:Security:LogTopicV2` | DDS Security builtin logging topic, carrying the `DDSSecurity::BuiltinLoggingTypeV2` type
260268

261269
*Note, this reference architecture defines a unique Topic for each Data Type defined. While a Topic may only reference a single Data Type, a multi-purpose Data Type can be associated with multiple Topics. It is a **best practice** to limit the number of defined Topics, but in doing so, it may be feasible to reuse a Data Type for several Topics.*
262270

@@ -302,6 +310,7 @@ This reference architecture defines the following DomainParticipants in [Partici
302310
| OperationalDataDomain | Orchestrator | `t/DeviceStatus`, `t/DeviceHeartbeat` | `t/DeviceCommand` | Administer device-level commands and monitor presence and status of all devices.
303311
| OperationalDataDomain | PatientSensor | `t/DeviceCommand` | `t/Vitals`, `t/DeviceStatus`, `t/DeviceHeartbeat` | Stream simulated patient vitals.
304312
| OperationalDataDomain | PatientMonitor | `t/DeviceCommand`, `t/Vitals` | `t/DeviceStatus`, `t/DeviceHeartbeat` | Process and display patient vitals.
313+
| SecureLogDomain | SecureLogReader | `DDS:Security:LogTopicV2` | -- | Subscribe to the DDS Security builtin secure-log topic.
305314

306315
*Note, this reference architecture utilizes one DomainParticipant for each device application. It is a **best practice** to define one DomainParticipant per application. However, in more complex systems, an application may be required to operate on multiple Domains. This requires defining multiple DomainParticipants for those applications that run in parallel.*
307316

@@ -315,8 +324,8 @@ The reference architecture configures security in [SecureAppsQos.xml](./system_a
315324

316325
| Component | Security Features
317326
| ---------------------- | -----------------
318-
| **LAN Communications** | Domain 0 governance, participant-specific certificates and permissions
319-
| **WAN Communications** | Domain 1 governance for WAN connections
327+
| **LAN Communications** | `OperationalDomain` governance, participant-specific certificates and permissions
328+
| **WAN Communications** | `TeleopWanDomain` governance for WAN connections (Module 03), including PSK-protected RTPS
320329
| **RTI Services** | Dedicated security profiles for Recording/Replay Services and Routing Services
321330

322331
Security Artifacts Structure in [security](./system_arch/security/):

docs/CONTRIBUTING.md

Lines changed: 45 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -87,17 +87,28 @@ the commit is recorded:
8787

8888
| Hook | What it checks / fixes |
8989
| --- | --- |
90-
| `ruff` | Python lint — auto-fixes where possible |
90+
| `ruff-check` | Python lint — auto-fixes where possible |
9191
| `ruff-format` | Python formatting — auto-reformats files |
9292
| `trailing-whitespace` | Removes trailing whitespace from all text files |
9393
| `end-of-file-fixer` | Ensures files end with a single newline |
94-
| `check-yaml` | Validates YAML syntax |
94+
| `check-yaml` | Validates YAML syntax (excludes `.clang-format`) |
95+
| `check-json` | Validates JSON syntax |
96+
| `check-toml` | Validates TOML syntax |
9597
| `check-xml` | Validates XML syntax |
98+
| `check-merge-conflict` | Blocks committed merge-conflict markers |
99+
| `check-case-conflict` | Blocks names that collide on case-insensitive filesystems |
100+
| `check-illegal-windows-names` | Blocks filenames invalid on Windows |
101+
| `check-executables-have-shebangs` / `check-shebang-scripts-are-executable` | Keep executable bits and shebangs consistent |
102+
| `detect-private-key` | Blocks accidentally committed private keys |
103+
| `requirements-txt-fixer` | Normalizes `requirements*.txt` ordering |
104+
| `mixed-line-ending` | Enforces LF (CRLF for batch files) |
105+
| `name-tests-test` | Enforces `test_*` naming for pytest files |
96106
| `check-added-large-files` | Blocks files larger than 500 KB |
97107
| `codespell` | Checks spelling for source and docs using `pyproject.toml` settings |
98108
| `clang-format` | Reformats C/C++ source files |
99-
| `rumdl` | Markdown lint + auto-fix |
100-
| `rumdl-fmt` | Markdown formatting pass |
109+
| `rumdl` / `rumdl-fmt` | Markdown lint + auto-fix and formatting pass |
110+
111+
See `.pre-commit-config.yaml` for the authoritative hook list and configuration.
101112

102113
If a hook **modifies files**, the commit is aborted. Re-stage the modified
103114
files and commit again:
@@ -123,22 +134,17 @@ committing. In exceptional circumstances you can bypass hooks with
123134

124135
### CI pipeline (`.github/workflows/ci.yml`)
125136

137+
The pipeline has two jobs; `test` runs only after `lint` passes:
138+
126139
| Job | What it does |
127140
| --- | --- |
128-
| Lint & Format | `ruff check`, `ruff format --check`, codespell, clang-format dry-run, markdown lint via `rvben/rumdl` action |
129-
| Build | CMake configure + build all C++ modules |
130-
| Project-level Tests | `pytest tests/` |
131-
| Unit Tests | Fast Python type/script/QoS tests |
132-
| DDS Communication Tests | Non-GUI DDS pub/sub tests |
133-
| Integration Tests | Slow end-to-end demo flow tests |
134-
| GUI Tests | Headless Qt application tests |
135-
| Security Tests | DDS Security plugin tests |
136-
| Module 02 Tests | Record/Playback module tests |
137-
| Module 04 Tests | Security Threat module tests |
138-
139-
CI uses a pinned Ruff version (see [Upgrading Ruff](#upgrading-ruff)). If
140-
pre-commit and CI share the same pin, a clean local commit will not produce
141-
lint failures in CI.
141+
| `lint` (Lint & Format) | Runs **all** pre-commit hooks across the repo (`pre-commit/action` with `--all-files`) — the same ruff, ruff-format, codespell, clang-format, rumdl, and hygiene hooks you run locally. |
142+
| `test` (Build & Test) | Installs Connext (apt) and Python deps, builds all C++ modules with `python build.py`, generates the system and Module 04 security artifacts, starts Xvfb, then runs the full suite from the repo root with `python -m pytest -v -m "not build_pipeline"` and uploads `results.xml`. |
143+
144+
Because the `lint` job runs `pre-commit` itself, CI and your local hooks execute
145+
the **exact same** hook versions (pinned in `.pre-commit-config.yaml`). A clean
146+
local commit will therefore not produce lint failures in CI. See
147+
[Upgrading Ruff](#upgrading-ruff) for how the Ruff pin is managed.
142148

143149
## Testing CI Locally with act (Optional)
144150

@@ -191,8 +197,9 @@ docker compose -f tests/docker/docker-compose.yml run --rm --build test \
191197
modules/01-operating-room/tests/test_types.py -v
192198
```
193199

194-
> **Note:** The Docker default command runs `pytest -v` via the
195-
> test entrypoint. It executes functional/behavioral tests. It does **not** run Ruff lint,
200+
> **Note:** With no arguments, the Docker test entrypoint runs `pytest` over the
201+
> whole repo (it passes any arguments you supply straight through to pytest).
202+
> It executes functional/behavioral tests. It does **not** run Ruff lint,
196203
> rumdl markdown lint, or clang-format; those are enforced by pre-commit
197204
> (locally) and the CI lint job (on push/PR).
198205
@@ -228,37 +235,37 @@ Before opening a PR, verify:
228235

229236
## Upgrading Ruff
230237

231-
Ruff is pinned in two places so that local pre-commit hooks and CI produce
232-
identical results. When upgrading, update **both together**:
238+
The CI `lint` job runs `pre-commit`, so there is a **single** Ruff pin that
239+
governs both local hooks and CI: the `astral-sh/ruff-pre-commit` revision in
240+
`.pre-commit-config.yaml`. Bump that one pin to upgrade Ruff everywhere.
233241

234-
| File | Setting to change |
235-
| --- | --- |
236-
| `.github/workflows/ci.yml` | `pip install ruff==<new-version>` |
237-
| `.pre-commit-config.yaml` | `rev: v<new-version>` under `astral-sh/ruff-pre-commit` |
242+
| File | Setting to change | When |
243+
| --- | --- | --- |
244+
| `.pre-commit-config.yaml` | `rev: v<new-version>` under `astral-sh/ruff-pre-commit` | Every Ruff bump (this is the authoritative pin used by CI). |
245+
| `pyproject.toml` | `required-version = ">=<major.minor>"` | Only when raising the minimum supported version. |
246+
| `requirements-dev.txt` | `ruff>=<major.minor>` | Only when raising the minimum supported version. |
238247

239-
`pyproject.toml` carries a minimum version (`required-version = ">=0.15"`) and
240-
`requirements-dev.txt` carries a matching lower bound (`ruff>=0.15`). These do
241-
**not** need to change on every Ruff bump unless the new version introduces a
242-
breaking change to the configuration format.
248+
The `pyproject.toml` and `requirements-dev.txt` bounds are lower bounds for
249+
developers who run Ruff outside pre-commit; they do **not** need to change on
250+
every Ruff bump unless the new version introduces a breaking change to the
251+
configuration format.
243252

244253
### Procedure
245254

246255
```bash
247-
# 1. Update the two pinned locations (ci.yml and .pre-commit-config.yaml)
248-
249-
# 2. Update your local pre-commit environment
256+
# 1. Update the pin in .pre-commit-config.yaml
250257
pre-commit autoupdate --freeze # or manually set the rev
251258

252-
# 3. Run the full pre-commit suite to surface any new lint findings
259+
# 2. Run the full pre-commit suite to surface any new lint findings
253260
pre-commit run --all-files
254261

255-
# 4. Fix any new violations introduced by the new Ruff version
262+
# 3. Fix any new violations introduced by the new Ruff version
256263

257-
# 5. Update the minimum version bounds if appropriate
264+
# 4. Update the minimum version bounds only if appropriate
258265
# pyproject.toml: required-version = ">=<new-major.minor>"
259266
# requirements-dev.txt: ruff>=<new-major.minor>
260267

261-
# 6. Commit everything together
262-
git add .pre-commit-config.yaml .github/workflows/ci.yml pyproject.toml requirements-dev.txt
268+
# 5. Commit everything together
269+
git add .pre-commit-config.yaml pyproject.toml requirements-dev.txt
263270
git commit -m "chore: bump Ruff to <new-version>"
264271
```

docs/release/RELEASE_PLAN.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -376,8 +376,8 @@ and update them as part of the release process.
376376

377377
| Dependency | Current Minimum Version | Tracked In |
378378
| --- | --- | --- |
379-
| RTI Connext DDS | 7.3.0 | CMakeLists.txt, README.md |
380-
| RTI Code Generator | 4.3.0 | Generated source headers |
379+
| RTI Connext DDS | 7.7.0 | README.md, `.github/workflows/ci.yml` |
380+
| RTI Code Generator | Bundled with Connext 7.7.0 | Generated source headers |
381381
| CMake | 3.17 | CMakeLists.txt |
382382

383383
**When a dependency version changes:**

modules/02-record-playback/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ Module-specific notes:
4848
## Run the Demo
4949

5050
> Important: Run the commands below from the repository root. `launch.py` lives at the project root and is the single runtime entrypoint for this project.
51+
>
52+
> Tip: the predefined `record` and `replay` scenarios bundle the operating room apps and the corresponding service into a single command (e.g. `python3 launch.py --scenario record`). The step-by-step flow below instead runs them in separate terminals so you can start and stop the service independently of the OR apps. Run `python3 launch.py --list-scenarios` to see all scenarios.
5153
5254
### 1. Run Operating Room Applications
5355

modules/04-security-threat/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,8 @@ Ensure the RTI Security Plugins are installed on every machine that will run a s
8787
## Run the Demo
8888

8989
> Important: Run the commands below from the repository root. `launch.py` lives at the project root and is the single runtime entrypoint for this project.
90+
>
91+
> Tip: the predefined `security-threat`, `threat-inject`, and `threat-exfiltrate` scenarios bundle the operating room apps with the threat application(s) in a single command (e.g. `python3 launch.py --scenario threat-inject`). The step-by-step flow below runs them in separate terminals so you can switch the OR between unsecured and secured modes independently. Run `python3 launch.py --list-scenarios` to see all scenarios.
9092
9193
### 1. Run Operating Room Applications
9294

system_arch/qos/README.md

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,11 +10,13 @@ This README describes how we've approached QoS in this reference architecture. F
1010
- [Qos.xml](#qosxml)
1111
- [SystemLibrary](#systemlibrary)
1212
- [SystemLibrary::DefaultParticipant profile](#systemlibrarydefaultparticipant-profile)
13+
- [SystemLibrary::WanConfig profile](#systemlibrarywanconfig-profile)
1314
- [DataFlowLibrary](#dataflowlibrary)
1415
- [DataFlowLibrary::Streaming profile](#dataflowlibrarystreaming-profile)
1516
- [DataFlowLibrary::Status profile](#dataflowlibrarystatus-profile)
1617
- [DataFlowLibrary::Command profile](#dataflowlibrarycommand-profile)
1718
- [DataFlowLibrary::Heartbeat profile](#dataflowlibraryheartbeat-profile)
19+
- [DataFlowLibrary::SecureLog profile](#dataflowlibrarysecurelog-profile)
1820
- [Application-specific QoS: NonSecureAppsQos.xml and SecureAppsQos.xml](#application-specific-qos-nonsecureappsqosxml-and-secureappsqosxml)
1921
- [XML QoS Best Practices](#xml-qos-best-practices)
2022

@@ -78,11 +80,21 @@ This reference architecture defines the following QoS Libraries in [Qos.xml](./Q
7880
| QoS Profile | Intended Use
7981
| ----------- | ------------
8082
| [*DefaultParticipant*](#systemlibrarydefaultparticipant-profile) | Configuration common to all DomainParticipants.
83+
| [*WanConfig*](#systemlibrarywanconfig-profile) | WAN transport configuration, used by Module 03: Remote Teleoperation.
8184

8285
#### ***SystemLibrary::DefaultParticipant* profile**
8386

8487
This QoS profile acts as a common base configuration for all DomainParticipants in the system to provide a level of consistency. It inherits from a builtin profile called *BuiltinQosLib::Generic.Common* through the `base_name` XML attribute.
8588

89+
#### ***SystemLibrary::WanConfig* profile**
90+
91+
This QoS profile configures the DomainParticipant for communication over the Wide Area Network (WAN). It inherits from *BuiltinQosLib::Generic.Common* and additionally:
92+
93+
- Enables the **UDPv4_WAN** builtin transport (via the `transport_builtin` mask), which provides the RTI Real-Time WAN Transport's NAT-traversal capabilities.
94+
- Shortens the participant liveliness assert period to speed up discovery over the WAN.
95+
96+
It is used by Module 03: Remote Teleoperation. See the [Module 03 README](../../modules/03-remote-teleoperation/README.md) for the WAN scenarios that rely on it.
97+
8698
### ***DataFlowLibrary***
8799

88100
*DataFlowLibrary* contains the following QoS profiles (`<qos_profile>`):
@@ -93,6 +105,7 @@ This QoS profile acts as a common base configuration for all DomainParticipants
93105
| [*Status*](#dataflowlibrarystatus-profile) | *RELIABLE* | *KEEP_LAST 1* | *TRANSIENT_LOCAL* | -- | "Current status"-like Topics, sent once at the beginning of operation and again only upon change to the status.
94106
| [*Command*](#dataflowlibrarycommand-profile) | *RELIABLE* | *KEEP_LAST 1* | *VOLATILE* | -- | Topics that transmit commands or trigger some action in the system.
95107
| [*Heartbeat*](#dataflowlibraryheartbeat-profile) | *BEST_EFFORT* | *KEEP_LAST 1* | *VOLATILE* | *200 ms* | To assert and detect the presence of system components.
108+
| [*SecureLog*](#dataflowlibrarysecurelog-profile) | *RELIABLE* | *KEEP_LAST 64* | *TRANSIENT_LOCAL* | -- | Delivery of the DDS Security builtin secure-log Topic.
96109

97110
#### ***DataFlowLibrary::Streaming* profile**
98111

@@ -141,6 +154,16 @@ Since this QoS profile uses *BEST_EFFORT* Reliability QoS, a minimal amount of s
141154

142155
>**Best Practice:** Publish samples on Topics for which the DataWriter QoS defines a finite Deadline QoS period, at a rate that is 2x-4x that of the configured Deadline period. This ensures an infrequent drop in sample does not falsely trigger the `REQUESTED_DEADLINE_MISSED` status for DataReaders.
143156
157+
#### ***DataFlowLibrary::SecureLog* profile**
158+
159+
This QoS profile is used by the *dr/SecureLog* DataReader (under the *dp/SecureLogReader* DomainParticipant) to consume the RTI Security Plugins builtin secure-logging Topic.
160+
161+
It inherits from *BuiltinQosLib::Generic.KeepLastReliable.TransientLocal* and applies:
162+
163+
- *RELIABLE* Reliability QoS and *TRANSIENT_LOCAL* Durability QoS, matching the QoS the Security Plugins use for their builtin secure-logging writers.
164+
- *KEEP_LAST, depth=64* History QoS (with a matching `max_samples` resource limit), the default history depth used by the secure-logging writers.
165+
- Dynamic memory allocation for the DataReader cache, since the secure-logging type is unbounded.
166+
144167
## Application-specific QoS: [NonSecureAppsQos.xml](NonSecureAppsQos.xml) and [SecureAppsQos.xml](SecureAppsQos.xml)
145168

146169
In addition to the [Qos.xml](#qosxml) file, this reference architecture describes *per-application* QoS in 2 additional XML files:

0 commit comments

Comments
 (0)