ENABLING TECHNOLOGIESThe <strong>CSIR</strong>’s Denan Kuni,Kobus Roux <strong>and</strong> Kagiso Mnisi of the MNCC Office.| 60 |Future challenges see <strong>industry</strong> finding itsway to high per<strong>for</strong>mance computingSouth Africa’s Centre <strong>for</strong>High Per<strong>for</strong>mance Computing(CHPC) now has over 500users from across the science<strong>and</strong> engineering domains.Traditional users of the centrehave been higher educationinstitutions <strong>and</strong> researchcouncils. However, evermountingpressures on <strong>industry</strong>to grow their business <strong>and</strong> tobecome more competitive,have led a number ofcompanies to the CHPC.The <strong>CSIR</strong>’s strategy <strong>for</strong> theadvanced manufacturing<strong>industry</strong> seeks to achievesignificant impact through the<strong>development</strong> <strong>and</strong> transfer ofmanufacturing technologies thatimprove the competitivenessof existing South African<strong>industry</strong> while also creating newmanufacturing opportunities.CHPC <strong>industry</strong> partners suchas Sasol, Hatch <strong>and</strong> others areusing the facility to conductcomputationally intensiveresearch that seeks to advancetheir products <strong>and</strong> increase theircompetitive edge. They haveaccess to the facilities withoutlong-term commitment, whichtranslates to cost-effective access.Some of the functionality <strong>and</strong>services that South African<strong>industry</strong> has access to, include:• Cluster usage resources• Training on cluster plat<strong>for</strong>ms<strong>and</strong> related services• Storage resources• Backup <strong>and</strong> archiving solutions• Technical support <strong>and</strong> services.There are three ways in which<strong>industry</strong> can access CHPCfacilities. The first is throughComputer Processing Unit (CPU)rental on a cost-recovery basis.This option is specifically designed<strong>for</strong> <strong>industry</strong> with establishedresearch <strong>and</strong> <strong>development</strong> (R&D)functions. The second optionis <strong>for</strong> <strong>industry</strong> without an R&Dfunction, where the CHPC canprovide consultancy on simulation<strong>and</strong> expertise. The third option isa combination of CPU rental <strong>and</strong>consultancy.To improve service to <strong>industry</strong>,the CHPC 2011 national meetingestablished an Industrial AdvisoryCouncil. The council, made up ofCHPC users from <strong>industry</strong>, meetstwice annually <strong>and</strong> is a plat<strong>for</strong>m<strong>for</strong> South African companies toprovide advice on CHPC policy,strategy <strong>and</strong> implementation asthese pertains to <strong>industry</strong>. It isa <strong>for</strong>um to identify <strong>and</strong> discusscompetitive issues around HPCadoption, use, <strong>and</strong> more generallyindustrial computing <strong>for</strong> design,manufacturing, <strong>and</strong> services thatare important to the South Africaneconomy.“The nature of the researchobjectives of CHPC’s newer usersfrom <strong>industry</strong> falls into the prioritythemes identified by the <strong>CSIR</strong>in its strategies <strong>for</strong> advancedmanufacturing, <strong>for</strong> exampleadvanced production <strong>and</strong>processes, knowledge-intensivemanufacturing <strong>and</strong> smart products<strong>and</strong> systems. This makes the CHPCa partner <strong>for</strong> <strong>development</strong> that isgeared towards developing strategicpartnerships with key <strong>industry</strong> roleplayerswho are eager to explore<strong>and</strong> adopt new technologies,” saysDr Happy Sithole, CHPC director.Enquiries:Dr Happy Sitholehsithole@csir.co.zaDr Happy Sithole, CHPC director, left, <strong>and</strong> Giullio Capuzzimati, Industrial Minerals Director,Hatch, signing the service level agreement between the CHPC <strong>and</strong> Hatch. Hatch is aninternational company with services in mining, energy, infrastructure <strong>and</strong> technologies.Within the context ofthe National <strong>Research</strong> <strong>and</strong>Development Strategy (NRDS),the DST leads the <strong>development</strong><strong>and</strong> implementation ofthe national ICT research,<strong>development</strong> <strong>and</strong> innovation(RDI) strategy. Its goal is tocreate an enabling environmentin South Africa <strong>for</strong> ICT RDI toflourish to the benefit of differentsectors, <strong>and</strong> ultimately to helpthe growth of the South Africaneconomy.The <strong>CSIR</strong>’s MNCC office providesthe vehicle <strong>for</strong> collaborationwith relevant stakeholders <strong>and</strong>assists in the <strong>for</strong>mulation <strong>and</strong>management of joint initiatives.Overall, it <strong>for</strong>ms part of a newdrive by the DST to partner withthe private sector in furtheringSouth Africa’s ICT RDI objectives,which support priorities suchas enterprise <strong>development</strong> <strong>and</strong>advanced manufacturing.This new drive is in<strong>for</strong>med bythe DST’s ICT ImplementationRoadmap. The activities in theICT RDI programme will be basedon six thematic clusters namely,broadb<strong>and</strong> infrastructure <strong>and</strong>services, ICT <strong>for</strong> <strong>development</strong>,sustainability <strong>and</strong> environment,<strong>industry</strong> applications (includingadvanced manufacturing), gr<strong>and</strong>science, <strong>and</strong> the service economy.<strong>CSIR</strong> hosts the MultinationalCompanies Cooperation officeHarnessing the power of private-public ICT partnershipsThe <strong>CSIR</strong> has been appointed by the Department of Science <strong>and</strong> Technology (DST)to host the Multinational Companies Cooperation (MNCC) office. Its primary role is toassist the DST in structuring, guiding <strong>and</strong> monitoring engagements with multinationalsin the in<strong>for</strong>mation <strong>and</strong> communications technology (ICT) sector.Operating within a frameworkIn 2011, the ICT RDI roadmapconfirmed the importanceof effective collaborativepartnerships between sciencecouncils, higher educationinstitutions, government <strong>and</strong> theprivate sector, in enabling ICT <strong>and</strong>the knowledge economy.The DST’s MNCC frameworkprovides a structured, streamlined<strong>and</strong> effective process <strong>for</strong> fosteringpartnerships with multinationalICT companies. The <strong>CSIR</strong>’sKobus Roux who heads theMNCC office, explains, “At the<strong>CSIR</strong> Meraka Institute, we havethe technological <strong>and</strong> scientificknow-how <strong>and</strong> the interest toassist in realising benefits <strong>for</strong> allpartners through the MNCC’sactivities. The framework is aplat<strong>for</strong>m <strong>for</strong> the <strong>development</strong> ofmutually beneficial programmes<strong>and</strong> projects <strong>for</strong> both the DST<strong>and</strong> government on one h<strong>and</strong>,<strong>and</strong> the concerned MNC on theother h<strong>and</strong>. By solidifying <strong>and</strong>implementing DST partnershipswith MNCs, we envisageimportant outcomes such ashuman capital <strong>development</strong>,<strong>and</strong> <strong>development</strong> of new localintellectual property (IP).”The partnership with SAP<strong>Research</strong> Internet Application<strong>and</strong> Services Africa, hasbeen productive in terms ofpostgraduate students: Over thepast five years the collaborationhas seen the enrolment of 16undergraduate interns <strong>and</strong>postgraduate students, notably14 Master’s <strong>and</strong> 17 PhDs. Sevendegrees have been completed.These includes six Master’s <strong>and</strong>one PhD. The work has alsoresulted in the <strong>development</strong> ofa new South African mobiletechnology that will be exploitedglobally.The partnership with Microsofthosted the national finals of theImagine Cup, a competition toencourage young talent to developICT solutions <strong>for</strong> relevant localchallenges, in domains as diverseas manufacturing <strong>and</strong> health.The Centre <strong>for</strong> High Per<strong>for</strong>manceComputing <strong>and</strong> climate scientistsat the <strong>CSIR</strong> are collaborating withMicrosoft’s Cambridge facilitieson climate change modelling.The <strong>CSIR</strong> Meraka Institute is alsodeveloping, with Microsoft, newmodels <strong>for</strong> the use of ICTs in small<strong>and</strong> rural enterprise <strong>development</strong>.Through the collaboration withNokia, mobile learning <strong>for</strong> maths<strong>and</strong> the Open Innovation AfricaSummit (OIAS) have beenimplemented; the collaborationis also aiming to bring a numberof programmes to South Africa,including the Universal Accessto Mobile Technologies <strong>and</strong>Services Programme, <strong>and</strong>the <strong>Research</strong> AmbassadorsProgramme. In another relatedactivity, Laurens Cloete,Executive Director: <strong>CSIR</strong> MerakaInstitute, joined a group of invitedSouth African participants at aroundtable in February 2012 withNokia CEO, Stephen Elop, heldat Vodaworld in Midr<strong>and</strong>. Thediscussion topic was the SouthAfrican mobile applications <strong>and</strong>services ecosystem.Over the course of 2012, the DST<strong>and</strong> the <strong>CSIR</strong> plan to partnerwith other ICT MNCs such asIBM, Cisco <strong>and</strong> others, as well asestablishing <strong>and</strong> growing a local<strong>industry</strong> partnerships frameworkaimed at strengthening theNRDS <strong>and</strong> the ICT RDI objectives.“The MNCC is poised to fulfil itsm<strong>and</strong>ate as an implementationagency <strong>for</strong> the DST <strong>and</strong> st<strong>and</strong>sready to support <strong>industry</strong>through private-public ICTpartnerships,” concludes Roux.– Biffy van RooyenEnquiries:Kobus Rouxkroux@csir.co.za| 61 |
ENABLING TECHNOLOGIESA risk <strong>and</strong> control framework<strong>for</strong> cloud computing <strong>and</strong> virtualisationThe evolution of manufacturing has given rise to computer-aided manufacturing, reconfigurable manufacturing systems <strong>and</strong>technology-intensive manufacturing. This in turn requires that new options <strong>for</strong> computing capability are investigated.Organisations have toadapt quickly to changes toretain a competitive advantage<strong>and</strong> meet targets. Reduced costs,scalability, flexibility, capacityutilisation, higher efficiencies,<strong>and</strong> mobility can be achievedthrough technologies such as cloudcomputing <strong>and</strong> virtualisation.To assist organisations withcompliance <strong>and</strong> governancerelating to these technologies,the <strong>CSIR</strong>’s Enterprise KnowledgeEngineering <strong>and</strong> Managementgroup has developed a risk <strong>and</strong>control framework <strong>for</strong> cloudcomputing <strong>and</strong> virtualisation,named the Cloud-V Framework.Cloud-V FrameworkCloud computing <strong>and</strong>virtualisation have gained clearacceptance in the in<strong>for</strong>mationtechnology (IT) <strong>industry</strong>, withstrong indications of a significantfuture. Yet threats fromcentralised <strong>and</strong> shared resourcesnow exceed the adoption of thesetechnologies. Why is this so?The reality is that althoughvirtualisation allows users toaccess power beyond their ownphysical IT environment; thisis associated with many risks.Within the cloud environment,data are no longer under thecontrol of management, <strong>and</strong>uncontrolled or un<strong>for</strong>eseenrisks <strong>and</strong> threats can lead to acompany’s in<strong>for</strong>mation beingcompromised.The Cloud-V Frameworkprovides a governancestructure <strong>and</strong> guidelines<strong>for</strong> the identification <strong>and</strong>assessment of cloudcomputing <strong>and</strong> virtualisationrisks, <strong>and</strong> controls to mitigatethe identified risks. It wasdeveloped by MarianaCarroll, a <strong>CSIR</strong> PhD student.Professors Paula Kotzé <strong>and</strong>Alta van der Merwe areCarroll’s PhD supervisors.The Cloud-V Frameworkprovides guidance todetermine an organisation’sreadiness <strong>for</strong> the deploymentof assets into the cloud.It also offers a detailedset of methods to guidethe underst<strong>and</strong>ing <strong>and</strong>identification of risks <strong>and</strong>controls to maximise thevalue of cloud computing<strong>and</strong> virtualisation. Guidelinesto assist in protecting <strong>and</strong>safeguarding applications <strong>and</strong>data, <strong>and</strong> meeting regulatoryrequirements pertainingto the cloud <strong>and</strong> virtualenvironments, are included.The risk <strong>and</strong> controlframework aims to servea diverse audience basedon their distinct needs,including businessleaders, management,<strong>and</strong> in<strong>for</strong>mationsystems professionals;those charged with ITgovernance <strong>and</strong> providingcloud computing <strong>and</strong>virtualisation services;<strong>and</strong> IT assurance <strong>and</strong>compliance auditors orconsultants.– Mariana Carroll, Prof Paula Kotzé<strong>and</strong> Prof Alta van der MerweEnquiries:Prof Paula Kotzépkotze1@csir.co.zaThe Cloud-V Framework was recently used in anassessment of access <strong>and</strong> authentication to a largeenterprise resource planning application runningin a private/community cloud at a prominentinternational beverage company where the cloud<strong>and</strong> virtualised environment is provided by amajor IT company.Feedback from the Line of Business manager included:“The cloud assessment is a must-have <strong>for</strong> anyorganisation considering a cloud-based solution ofany kind. The value derived from the assessment givesclear guidance around the potential pitfalls <strong>and</strong> hasbroadened our thinking around cloud. My hope is thatthis assessment becomes an <strong>industry</strong> st<strong>and</strong>ard <strong>for</strong> allorganisations to measure their cloud readiness against.”What is cloudcomputing?Cloud computing is the deliveryof computing as a servicerather than a product. Sharedresources, software <strong>and</strong>in<strong>for</strong>mation are provided tocomputers <strong>and</strong> other deviceswith access via a web browser ora desktop or mobile application,as a metered service over anetwork (typically the Internet).Cloud users do not need to knowthe location <strong>and</strong> other details ofthe computing infrastructure.| 62 |Consider the risk impact throughout the entire processCloud readiness assessmentStrategyIdentification <strong>and</strong> valuationArchitecture <strong>and</strong> technologyGovernance <strong>and</strong> compliancePeople <strong>and</strong> changesBusiness caseCloud-V FrameworkCloud <strong>and</strong> virtualisation risk <strong>and</strong> control assessmentUnderst<strong>and</strong>ing of thecloud <strong>and</strong>/or virtualenvironment(s)Identify controlsAssess controlsCONTROL IDENTIFICATION& VALUATIONESTABLISH CONTEXTREPORTINGMONITORING&REVIEWINGDefine scope <strong>and</strong>objectivesIdentify risksAssessrisksRISK IDENTIFICATION& VALUATIONProf Paula Kotzé (back) <strong>and</strong> Mariana CarrollCloud computing is a model <strong>for</strong>enabling convenient, on-dem<strong>and</strong>network access to a sharedpool of configurable computerresources that can be rapidlyprovisioned <strong>and</strong> released withminimal management ef<strong>for</strong>t orservice provider interaction.The market <strong>for</strong> cloud technology<strong>and</strong> integrated services iscurrently trans<strong>for</strong>ming from thehype cycle to testing, piloting,<strong>and</strong> implementation by largerenterprises. Given the potential<strong>for</strong> significant cost savings,smaller <strong>and</strong> medium-sizedorganisations are alsobecoming early adoptersof this technology.| 63 |