Wrapping up the tail end of the tail end of the multicast encryption work here. VxWorks port is looking good and looking forward to new challenges. It has been an interesting three years getting this defined, implemented, handed off to the teams and wrapped up.

It has been a wild ride taking an early stage prototype and building it out to something that is deployable across a line of products. Adding to the challenge was a multicast protocol that is central to the functioning of the systems that isn’t similar enough to anything out there for there to be an off the shelf solution and devices that are low-spec enough that no modern public key solutions perform adequately.

I was surprised to realize how much of the design ended up being key management. The algorithm and packet packaging stuff tends to get most of the attention but making sure that keys are updated and that updates can happen seamlessly without creating coverage gaps (important with ICU monitors) gets quite involved.

Dealing with the issues of systems coming into and out of coverage and devices that are not on or not working properly during key rotation makes things even more of a challenge.

In the end I feel good about the solution and it appears to be rolling out relatively smoothly to the product teams for implementation. The heavy lifting was largely done last fall but tying up loose and and a new platform to target has kept me busy since then…