This week, Richard Conway, Lead Architect for EOEPCA, presented Towards a Common Architecture for EO Exploitation Platforms at ESA's Living Planet Symposium in Bonn, Germany.
This was part of a major all-day session on the theme of Big EO data Platforms, featuring a range of exciting developments in Applications, Products, Architectures, Federations and Data Cubes.
EOEPCA is a community project, sponsored by ESA and led by Telespazio UK, collaborating with expert partners from European industry leaders and the Open Geospatial Consortium (OGC). After two years restricted to online meetings, it was wonderful to meet again in person with colleagues, as well as to find new people interested in our work.
Richard's presentation gave an overview of the project, explaining the motivation and approach, then highlighting the various building blocks available, including a Resource Catalogue supporting SpatioTemporal Asset Catalogs (STAC) and our pioneering implementation of OGC Best Practice for Earth Observation Application Package. All the software, including HELM charts for deployment on kubernetes, is freely available on GitHub.
The presentation slides are available here.
Abstract
There are many web-based platforms offering access to a wealth of satellite earth observation (EO) data. Increasingly, these are collocated with cloud computing resources and applications for exploiting the data. Users are beginning to appreciate the advantages of processing close to the data, some maintaining accounts on multiple platforms. The ‘Exploitation Platform’ concept derives from the need to process an ever-growing volume of data. Rather than download the data, the exploitation platform offers a cloud environment with hosted EO data and associated compute and tools that facilitate the analysis and processing close-to-the-data.
The Users benefit from the data proximity, scalability and performance of the cloud infrastructure – and avoid the need to maintain their own hardware. The Infrastructure Providers gain an increased cloud user base. The Data hosted in the cloud infrastructure reaches a wider audience.
In order to fully exploit the potential of these complementary resources we anticipate the need to encourage interoperation amongst the platforms, such that users of one platform may consume the services of another directly platform-to-platform. This leads to an open network of resources, facilitating easier access and more efficient exploitation of the rapidly growing body of EO and other data.
Thus, the goal of the Common Architecture is to define and agree a re-usable exploitation platform architecture using open interfaces to encourage interoperation and federation within this Network of Resources. Interoperability through open standards is a key guiding force for the Common Architecture:
• Platform developers are more likely to invest their efforts in standard implementations that have wide usage
• Off the shelf solutions are more likely to be found for standards-based solutions
The system architecture is designed to meet a set of defined use cases for various levels of user, from expert application developers to consumers. The main system functionalities are organised into high-level domain areas: 'User Management', 'Processing & Chaining' and 'Resource Management'.
We are developing an open source Reference Implementation, to validate and refine the architecture, and to provide an implementation to the community.
Our solution comprises a OGC API Processes engine that uses Kubernetes to provide an auto-scaling compute solution for ad-hoc analytics, systematic and bulk processing - supported by a hosted processor development environment as an assist to expert users.
Data and applications are discovered through a resource catalogue offering STAC, OGC CSW & API Records, and OpenSearch interfaces. A user-centred workspace provides catalogue and data access interfaces through which the user exploits their own added value products.
For platforms to successfully interoperate they must federate user access in order for requests between services to respect the user's authorisation scope and to account for their actions. Access to resources is secured by means of our identity and access management framework, which uses OpenID Connect and User Managed Access standards to enforce all access attempts in accordance with configured policy rules.
This presentation will highlight the generalised architecture, standards, best practice and open source software components available.