Military Embedded Systems

PCIe Gen3 and NVMe drive classified data-at-rest data-storage rates


October 11, 2019

Mark Grovak


A simple but essential truth about military intelligence, surveillance, and reconnaissance (ISR) applications is that the sensor bandwidth and compute power needed to support them continuously increases. Today, for example, the Sensor Open System Architecture (SOSA) consortium is driving industry for data recorders that can support 100 Gb Ethernet with encryption to support the U.S. Department of Defense (DoD) ISR roadmap.

Until recently, deployed data-storage systems were based on the Serial ATA (SATA) bus interface, which tops out at 3 Gb/s. At that rate, even users who have a RAID design and multiple encryptors wouldn’t reach their desired bandwidth performance. The good news is that although SATA has run out of gas for the highest-performance ISR application requirements, the advent of a new generation of data-storage systems based on high-speed non-volatile memory express (NVMe) protocol can deliver a transmission/storage performance improvement of almost 50% over earlier SATA-based solutions, enabling Type 1 NSA encryption and data storage to reach previously unachievable speeds.

Legacy interfaces, such as SCSI, ATA, and SATA, were originally designed for use with spinning media-based hard drives. Today, using SATA with much faster solid-state drive (SSD) memory creates a system bottleneck. NVMe memory, in contrast, was designed to be used with solid-state media and enables data to be stored at the full read/write speeds of flash memory itself. While previous generations of data recorders had SATA interfaces, or converted PCIe to SATA before it could be stored, today’s state-of-the-art data recorders use NVMe memory to reduce latency and boost bandwidth.

Now, thanks to high-speed Type 1 encryption design and the use of NVMe to eliminate storage interface bottlenecks, system designers can achieve higher rate performance throughout the data-storage system, resulting in a powerful alternative to slower SATA-based legacy cryptographic solutions.

The recent U.S. Air Force-hosted FACE [Future Airborne Capability Environment]/SOSA Exposition and Technical Interchange Meeting – held during September 2019 – saw Curtiss-Wright and L3Harris collaborating to present the first live demonstration of a next-generation classified data-at-rest tactical data-storage system based on high-speed PCIe Gen3 communications and high-performance NVMe storage technology. The demo system automatically monitors the RF spectrum to detect, isolate, and classify ISR communications signals for secure situational awareness of mission environments. The resulting metadata is encrypted and securely stored, allowing for postprocessing and further analysis.

The demo system – which featured L3Harris’ new NSA Type-1 certification-ready PCIe Gen3-based DataCrypt NVMe cryptographic module running on Curtiss-Wright DSP module (Figure 1) – performed at a read/write throughput of 10/17 Gbps (nom/max) per data channel. Each encryption device is designed to support two data channels, which when used together deliver aggregated throughput of 34 Gbps. In addition, multiple aggregated modules can be integrated to deliver 100 Gbps Ethernet rates. The demo system was housed in Elma’s SOSA-conformant E-Frame Development Platform designed for C4ISR/EW Modular Open Suite of Standards (CMOSS). It also featured an AI-based machine learning software application that provided the signal classification capability described earlier and a CMOSS-compliant and SOSA-aligned 2 MHz-to-6 GHz phase coherent digitized tuner.

Figure 1 | A classified data-at-rest tactical data-storage system based on PCIe Gen3 and NVMe storage technology.



In addition to the new Type 1 encryptor module, the demonstration also showed rugged open architecture OpenVPX modules developed to be aligned with the SOSA Technical Standard, including a security-enabled DSP engine, an Intel Coffee Lake-based single-board computer, and an Ethernet switch.

The hard numbers: The data-storage system demo featured up to 34 Gbps total read and write throughput, interoperability with native NVMe drivers (NVMe 1.2) for host and storage devices, concurrent multilevel security processing of classified levels from Unclassified to Top Secret, a NSA Type 1 certification-ready crypto engine, a single-width XMC mezzanine card conforming to VITA 42.0 XMC (74 by 149 mm), and standard VITA 42.0 XMC and VITA 42.3 XMC PCI Express Protocol Layer (PCIe Gen3).

The demonstration showed that ISR system designers can begin the process of transitioning to PCIe Gen3/NMVe-based architectures to reach previously unreachable encrypted data-storage throughput rates. It also showed that 100 Gb/s performance is no longer “on the horizon” but is achievable right now.

Mark Grovak is Director, Avionics Business Development, at Curtiss-Wright Defense Solutions.

Curtiss-Wright Defense Solutions


Featured Companies


20130 Lakeview Center Plaza
Ashburn, Virginia 20147