noisedestroyers/StreamLens
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
StreamLens/Glossary.md
noisedestroyers 4dd632012f pretty good
2025-07-28 08:14:15 -04:00

6.7 KiB
Raw Permalink Blame History

StreamLens Ethernet Traffic Analyzer - Glossary

Core Networking Terms

Flow

A logical grouping of network packets between two endpoints (source IP:port → destination IP:port). In StreamLens, a flow represents all packets traveling in one direction between specific network addresses, allowing analysis of communication patterns, timing characteristics, and protocol behavior.

Socket

A network endpoint combining an IP address and port number (e.g., 192.168.1.100:4001). Sockets define the communication endpoints for network flows.

Packet

An individual unit of data transmitted over a network, containing headers (IP, UDP/TCP) and payload data. StreamLens analyzes packet timing, size, and content to understand traffic patterns.

Frame

In the context of specialized protocols like Chapter 10, a frame refers to a structured data unit within the packet payload that contains telemetry, timing, or measurement data.

Protocol Analysis Terms

Protocol

A standardized set of rules for data communication. StreamLens categorizes protocols into:

  • Transport Protocols: UDP, TCP, ICMP, IGMP
  • Application Protocols: HTTP, DNS, NTP, DHCP
  • Specialized Protocols: Chapter 10 (IRIG 106), PTP (Precision Time Protocol), IENA

Decoder

A software component that interprets and extracts structured information from packet payloads according to specific protocol specifications. StreamLens uses:

  • Basic Decoders: Identify protocol types and extract header information
  • Enhanced Decoders: Perform deep packet inspection with field-level extraction

Encoding

The method used to structure and format data within packets. Common encodings include:

  • Chapter 10: Telemetry data encoding standard (IRIG 106)
  • PTP: Precision Time Protocol for network synchronization
  • IENA: Enhanced Network Access protocol for flight test

Dissector

A protocol-specific analyzer that breaks down packet contents into constituent fields and interprets their meaning. Similar to decoders but focused on protocol structure analysis.

Timing and Quality Analysis

Inter-arrival Time

The time interval between consecutive packets in a flow. Critical for analyzing:

  • Network jitter and latency
  • Data streaming consistency
  • Protocol timing compliance

Outlier

A packet whose inter-arrival time deviates significantly from the expected pattern (typically >3 standard deviations). Outliers indicate:

  • Network congestion
  • Timing violations
  • Equipment malfunctions

Clock Drift

The gradual divergence between different timing sources, measured in parts per million (PPM). Important for synchronized systems and telemetry applications.

Jitter

Variation in packet arrival times, indicating network instability or inconsistent data generation.

Telemetry and Specialized Data

Chapter 10 (CH10)

IRIG 106 Chapter 10 standard for flight test telemetry data recording and transmission. Contains:

  • Time stamps: Internal timing information
  • Channel data: Multi-channel analog and digital measurements
  • Quality indicators: Signal quality and synchronization status

TMATS (Telemetry Metadata Transfer Standard)

Configuration and setup information transmitted alongside telemetry data, describing data formats, channel assignments, and measurement parameters.

PTP (Precision Time Protocol)

IEEE 1588 standard for high-precision clock synchronization across networks, essential for distributed measurement systems.

IENA (Integrated Enhanced Network Access)

Protocol for real-time telemetry data transmission over Ethernet networks, commonly used in flight test and aerospace applications.

Data Analysis Terms

Flow Statistics

Quantitative measures describing flow characteristics:

  • Frame Count: Total packets in flow
  • Total Bytes: Cumulative data volume
  • Average Inter-arrival: Mean time between packets
  • Standard Deviation: Measure of timing variability

Frame Type

Classification of packets within a flow based on content or protocol structure (e.g., "Ch10-Data", "Ch10-TMATS", "PTP-Sync").

Traffic Classification

Categorization of network traffic by destination address:

  • Unicast: Point-to-point communication
  • Multicast: One-to-many distribution. IPv4 multicast addresses are defined by the most-significant bit pattern of 1110.
  • Broadcast: One-to-all transmission

Enhanced Analysis

Deep inspection and field-level extraction from specialized protocols, providing:

  • Decoded frame fields
  • Quality metrics
  • Timing analysis
  • Protocol compliance checking

User Interface Terms

TUI (Text User Interface)

Command-line interface using curses library for interactive navigation and real-time data display.

Flow List Panel

Left panel showing all detected flows with summary statistics, timing information, and enhanced analysis indicators.

Detail Panel

Right panel with tabbed interface:

  • Info Tab: Flow statistics, frame types, timing analysis
  • Decode Tab: Hierarchical display of decoded protocol fields

Frame Type Breakdown

Sub-classification of packets within a flow showing distribution of different data types and their individual timing characteristics.

Technical Implementation

Confidence Score

Numerical indicator (0.0-1.0) representing decoder certainty in protocol identification and field extraction accuracy.

Field Extraction

Process of parsing packet payloads to extract individual data elements according to protocol specifications.

Real-time Statistics

Live calculation and display of flow metrics during active packet capture, enabling immediate analysis of ongoing network activity.

Outlier Detection

Statistical analysis using sigma thresholds to identify packets with anomalous timing characteristics.

Use Cases and Applications

Flight Test Telemetry

Primary application for analyzing real-time telemetry data streams from aircraft and test equipment, ensuring data integrity and timing compliance.

Network Performance Analysis

General-purpose tool for identifying network issues, bandwidth utilization, and communication patterns.

Protocol Development

Development and debugging tool for custom network protocols, providing detailed inspection capabilities.

Quality Assurance

Verification of network equipment and protocol implementations against timing and performance specifications.

This glossary provides the foundation for understanding StreamLens capabilities and serves as reference for both users and developers working with network traffic analysis and telemetry systems.