# StreamLens Ethernet Traffic Analyzer - Glossary

## Core Networking Terms

### **Flow**
A logical grouping of network packets between two endpoints (source IP:port → destination IP:port). In StreamLens, a flow represents all packets traveling in one direction between specific network addresses, allowing analysis of communication patterns, timing characteristics, and protocol behavior.

### **Socket** 
A network endpoint combining an IP address and port number (e.g., 192.168.1.100:4001). Sockets define the communication endpoints for network flows.

### **Packet**
An individual unit of data transmitted over a network, containing headers (IP, UDP/TCP) and payload data. StreamLens analyzes packet timing, size, and content to understand traffic patterns.

### **Frame**
In the context of specialized protocols like Chapter 10, a frame refers to a structured data unit within the packet payload that contains telemetry, timing, or measurement data.

## Protocol Analysis Terms

### **Protocol**
A standardized set of rules for data communication. StreamLens categorizes protocols into:
- **Transport Protocols**: UDP, TCP, ICMP, IGMP
- **Application Protocols**: HTTP, DNS, NTP, DHCP
- **Specialized Protocols**: Chapter 10 (IRIG 106), PTP (Precision Time Protocol), IENA

### **Decoder**
A software component that interprets and extracts structured information from packet payloads according to specific protocol specifications. StreamLens uses:
- **Basic Decoders**: Identify protocol types and extract header information
- **Enhanced Decoders**: Perform deep packet inspection with field-level extraction

### **Encoding**
The method used to structure and format data within packets. Common encodings include:
- **Chapter 10**: Telemetry data encoding standard (IRIG 106)
- **PTP**: Precision Time Protocol for network synchronization
- **IENA**: Enhanced Network Access protocol for flight test

### **Dissector**
A protocol-specific analyzer that breaks down packet contents into constituent fields and interprets their meaning. Similar to decoders but focused on protocol structure analysis.

## Timing and Quality Analysis

### **Inter-arrival Time**
The time interval between consecutive packets in a flow. Critical for analyzing:
- Network jitter and latency
- Data streaming consistency
- Protocol timing compliance

### **Outlier**
A packet whose inter-arrival time deviates significantly from the expected pattern (typically >3 standard deviations). Outliers indicate:
- Network congestion
- Timing violations
- Equipment malfunctions

### **Clock Drift**
The gradual divergence between different timing sources, measured in parts per million (PPM). Important for synchronized systems and telemetry applications.

### **Jitter**
Variation in packet arrival times, indicating network instability or inconsistent data generation.

## Telemetry and Specialized Data

### **Chapter 10 (CH10)**
IRIG 106 Chapter 10 standard for flight test telemetry data recording and transmission. Contains:
- **Time stamps**: Internal timing information
- **Channel data**: Multi-channel analog and digital measurements  
- **Quality indicators**: Signal quality and synchronization status

### **TMATS (Telemetry Metadata Transfer Standard)**
Configuration and setup information transmitted alongside telemetry data, describing data formats, channel assignments, and measurement parameters.

### **PTP (Precision Time Protocol)**
IEEE 1588 standard for high-precision clock synchronization across networks, essential for distributed measurement systems.

### **IENA (Integrated Enhanced Network Access)**
Protocol for real-time telemetry data transmission over Ethernet networks, commonly used in flight test and aerospace applications.

## Data Analysis Terms

### **Flow Statistics**
Quantitative measures describing flow characteristics:
- **Frame Count**: Total packets in flow
- **Total Bytes**: Cumulative data volume
- **Average Inter-arrival**: Mean time between packets
- **Standard Deviation**: Measure of timing variability

### **Frame Type**
Classification of packets within a flow based on content or protocol structure (e.g., "CH10-Data", "TMATS", "PTP-Sync").

### **Traffic Classification**
Categorization of network traffic by destination address:
- **Unicast**: Point-to-point communication
- **Multicast**: One-to-many distribution
- **Broadcast**: One-to-all transmission

### **Enhanced Analysis**
Deep inspection and field-level extraction from specialized protocols, providing:
- Decoded frame fields
- Quality metrics
- Timing analysis
- Protocol compliance checking

## User Interface Terms

### **TUI (Text User Interface)**
Command-line interface using curses library for interactive navigation and real-time data display.

### **Flow List Panel**
Left panel showing all detected flows with summary statistics, timing information, and enhanced analysis indicators.

### **Detail Panel**
Right panel with tabbed interface:
- **Info Tab**: Flow statistics, frame types, timing analysis
- **Decode Tab**: Hierarchical display of decoded protocol fields

### **Frame Type Breakdown**
Sub-classification of packets within a flow showing distribution of different data types and their individual timing characteristics.

## Technical Implementation

### **Confidence Score**
Numerical indicator (0.0-1.0) representing decoder certainty in protocol identification and field extraction accuracy.

### **Field Extraction**
Process of parsing packet payloads to extract individual data elements according to protocol specifications.

### **Real-time Statistics**
Live calculation and display of flow metrics during active packet capture, enabling immediate analysis of ongoing network activity.

### **Outlier Detection**
Statistical analysis using sigma thresholds to identify packets with anomalous timing characteristics.

## Use Cases and Applications

### **Flight Test Telemetry**
Primary application for analyzing real-time telemetry data streams from aircraft and test equipment, ensuring data integrity and timing compliance.

### **Network Performance Analysis**
General-purpose tool for identifying network issues, bandwidth utilization, and communication patterns.

### **Protocol Development**
Development and debugging tool for custom network protocols, providing detailed inspection capabilities.

### **Quality Assurance**
Verification of network equipment and protocol implementations against timing and performance specifications.

---

*This glossary provides the foundation for understanding StreamLens capabilities and serves as reference for both users and developers working with network traffic analysis and telemetry systems.*