Dr. Mohamed El-Hadedy • RSCL @ Cal Poly Pomona
mealy@cpp.edu | 909-869-2594
NASA MINDS 2019 NASA MINDS 2020 NASA MINDS 2021 NASA MINDS 2022 NASA MINDS 2023 NASA MINDS 2024 NASA MINDS 2025
The Ptah project is an innovative curriculum and reference implementation designed for the emerging field of secure edge-AI in space and terrestrial applications. Combining hardware diversity—RISC-V accelerators, Raspberry Pi clusters, and NVIDIA edge GPUs—with state-of-the-art cryptography (post-quantum lattice schemes and lightweight AEAD), Ptah demonstrates how to architect resilient, future-proof systems under stringent power, weight, and environmental constraints. Participants will learn to deploy containerized microservices across heterogeneous clusters, orchestrate workloads with K3s, instrument telemetry pipelines with PQC signatures, and perform real-time monitoring using Prometheus and Grafana. Over a 15-week course, students engage in hands-on labs, benchmarking, and system integration, culminating in a comprehensive final quiz covering cryptography, orchestration, hardware design, and performance evaluation.
Imagine a future where quantum computers render today’s encryption obsolete in minutes. To safeguard critical spacecraft and edge-computing nodes against that threat, we turn to Post-Quantum Cryptography (PQC). Algorithms like CRYSTALS-Dilithium and CRYSTALS-Kyber are built on mathematically rigorous lattice problems—challenges so complex that even a million-qubit quantum computer would take centuries to solve them.
In the harsh environment of space, where remote satellites and deep-space probes cannot be patched on the fly, PQC ensures that firmware updates remain authentic and unforgeable for decades. On terrestrial edge systems—drones, unmanned rovers, and IoT sensors—“harvest-now, decrypt-later” attacks become futile because every telemetry packet, command stream, and key exchange is secured against future quantum decryption.
Why Lattices? Lattice-based schemes provide compact keys and fast operations without sacrificing security. - Dilithium delivers robust digital signatures, so every software bundle, sensor reading, or inter-device handshake bears an unbreakable quantum-resistant stamp. - Kyber enables ultra-secure key-exchange, allowing ground stations to establish shared secrets with spacecraft or edge nodes in a way that remains confidential even under quantum attack.
By integrating PQC into our Ptah framework, we not only future-proof critical systems but do so with performance tuned for power-and-weight-constrained platforms. The result is a security foundation that remains unshakable in the quantum era—because in space, tomorrow’s threats demand today’s unbreakable cryptography.
While traditional ciphers like AES excel in data centers, they’re too heavy for tiny, battery-powered edge nodes. Lightweight cryptography fills that gap by delivering strong security with minimal footprint—CPU cycles, RAM, and power.
| Feature | AEAD (e.g., Ascon) | Block Cipher + MAC (e.g., AES-GCM) |
|---|---|---|
| Encryption + Authentication | Single pass (atomic) | Two steps (encrypt, then tag) |
| Code Size | ≈ 2 – 5 kB | ≈ 10 – 20 kB |
| RAM Usage | ≈ 200 – 500 bytes | ≈ 1 – 2 kB |
| Throughput (cycles/byte) | 2 – 5 | 10 – 15 |
| Security Goal | Confidentiality & Authenticity | Confidentiality & Authenticity |
| Property | Value |
|---|---|
| Permutation Size | 320 bits (5 × 64-bit lanes) |
| Rate | 64 bits / 8 bytes per absorption/squeeze |
| Initialization Rounds | 12 |
| Intermediate Rounds | 6 |
| Finalization Rounds | 12 |
| Key Size | 128 bits (optional 256 bits) |
| Nonce Size | 128 bits |
| Tag Size | 128 bits |
| Performance (Cortex-M4) | ≈ 1 MB/s |
ASCON’s design is built around a sponge construction, where data and keys are absorbed into an internal state that is repeatedly permuted. This single-pass approach (absorb-permute-squeeze) gives both encryption and authentication in one go, cutting code size and RAM needs by up to 50% compared with AES-GCM on the same hardware.
| Security Aspect | ASCON (128-bit key) | AES-128 (GCM) |
|---|---|---|
| Bit-security | ≥ 128 bits | 128 bits |
| Integrity Bound | 2⁶⁴ forgery bound | 2⁶⁴ forgery bound |
| Side-Channel Resistance | Simple permutation – easier to mask | Complex S-boxes – harder to mask |
By choosing ASCON for Ptah’s edge modules, we ensure each micro-controller—or even a small FPGA slice—can authenticate and encrypt telemetry with minimal overhead, leaving headroom for sensor processing and control loops.
Managing a distributed Edge-AI/PQC cluster requires a lightweight yet powerful orchestrator. Below we compare three leading container orchestration platforms on footprint, feature set, and resource utilization—then dive deeper into how GPU scheduling and CPU allocation work in K3s for drones and UGVs.
| Framework | Binary Size | Memory Overhead1 | Supported APIs | Ideal Use Case |
|---|---|---|---|---|
| Docker Swarm | ~200 MB | ~150 MB | Core Swarm, Stacks | Simple clusters & rapid prototyping |
| K3s | ~50 MB | ~70 MB | Kubernetes v1.x (core) | Edge/IoT & power-constrained nodes |
| Kubernetes | ~1 GB+ | ~1 GB+ | Full k8s API | Enterprise datacenters |
1 Memory measured as RSS of control-plane components on a baseline Pi 4.
In K3s, you can label nodes with cpu and gpu capacity, then request them in your Pod specs. Below is an example of how a PQC service and an AI inference service would request resources:
# PQC signature service (runs on any CPU node)
resources:
requests:
cpu: "0.5"
memory: "256Mi"
limits:
cpu: "1"
memory: "512Mi"
# AI inference service (runs on GPU-enabled node)
resources:
limits:
nvidia.com/gpu: 1
memory: "1Gi"
| Node Type | CPU Cores | Clock (GHz) | GPU Cores | Approx. Throughput |
|---|---|---|---|---|
| Raspberry Pi CM4 | 4 | 1.50 | – | ~200 Dilithium ops/sec |
| TRK1 (Rockchip RK3588) | 8 | 2.40 | – | ~1 200 Dilithium ops/sec |
| Jetson Nano | 4 | 1.43 | 128 (Maxwell) |
• GPU: ~500 ASCON ops/sec • CPU: ~400 Dilithium ops/sec |
| Jetson Orin NX | 6 | 2.20 | 1024 (Ampere) |
• GPU: ~5 000 ASCON ops/sec • CPU: ~800 Dilithium ops/sec |
cpu: "0.1") with Ascon AEAD for telemetry, preserving battery life.
nodeSelector and affinity to ensure heavy workloads land on TRK1/Orin, and lightweight tasks run on Pi-class nodes.
By using K3s with fine-grained resource requests and node labels, you can orchestrate a heterogeneous cluster that maximizes both performance and power-efficiency—crucial attributes for computer architects designing next-generation edge-AI & space systems.
Robust, low-latency telemetry and precise positioning are critical for autonomous drones, rovers, and space systems. In Ptah, each node—whether a Pi Zero W, CM4, TRK1, or Orin NX—connects to a GNSS receiver (GPS+GLONASS+Beidou) via UART or USB. A dedicated telemetry pod under K3s executes this pipeline:
| Metric | Pi Zero W | Compute Module 4 | TRK1 / Orin NX |
|---|---|---|---|
| GNSS Fix Rate (Hz) | 1 | 5 | 10 |
| Dilithium Sign Latency (ms) | 8.0 | 2.1 | <0.5 |
| Kyber KEM Latency (ms) | 6.3 | 1.2 | 0.3 |
| End-to-End Delay (ms) | 20.5 | 8.4 | 3.2 |
In Ptah, every core function—post-quantum signing/encryption, telemetry acquisition, and monitoring—is packaged as a self-contained Docker image and deployed as a pod under K3s. This approach yields:
replicaCount in your Helm chart to scale a POD from 1 to N instances (e.g., running multiple Dilithium signers in parallel).
resources.requests and resources.limits to reserve CPU/RAM exactly—for example, 0.5 CPU and 256Mi for a PQC service on CM4.nodeSelector or affinity rules to pin GPU-intensive pods to Jetson Orin NX (requesting nvidia.com/gpu: 1), while lightweight ASCON pods run on Pi Zero nodes.strategy.type: RollingUpdate so PQC libraries can be patched without downtime—K3s will bring up new pods with the updated container image and gracefully retire old ones.maxSurge and maxUnavailable to control the pace of updates, crucial when running on mission-critical UGVs or drone networks.apiVersion: v1
kind: Pod
metadata:
name: pqc-signer
labels:
app: pqc
spec:
initContainers:
- name: wait-for-gps
image: busybox
command: ["sh", "-c", "until test -e /dev/ttyUSB0; do sleep 1; done"]
volumeMounts:
- mountPath: /dev/ttyUSB0
name: gps-device
containers:
- name: signer
image: rscl/pqc-signer:latest
resources:
requests:
cpu: "0.5"
memory: "256Mi"
limits:
cpu: "1"
memory: "512Mi"
volumeMounts:
- mountPath: /dev/ttyUSB0
name: gps-device
livenessProbe:
exec:
command: ["pgrep", "signer"]
initialDelaySeconds: 10
periodSeconds: 30
volumes:
- name: gps-device
hostPath:
path: /dev/ttyUSB0
nodeSelector:
kubernetes.io/hostname: cm4-node-01
This spec ensures the signer pod only runs on a CM4 node, waits for its GPS device, reserves half a CPU core, and restarts if the process dies—demonstrating the full power of K3s pod orchestration in Ptah’s heterogeneous cluster.
To maintain operational excellence across a heterogeneous Ptah cluster, we employ a best-in-class monitoring stack:
# CPU usage on CM4 nodes
avg(rate(node_cpu_seconds_total{instance=~"cm4-.*",mode!="idle"}[1m])) by (instance)
# PQC ops per second
rate(pqc_signatures_total[30s])
# Telemetry packet latency
histogram_quantile(0.95, rate(telemetry_latency_seconds_bucket[5m]))
This comprehensive monitoring framework not only provides real-time visibility into resource usage and cryptographic performance but also enables automated alerting and long-term trend analysis—ensuring that Ptah deployments remain robust, performant, and mission-ready.
For deeper insights and demonstrations, explore our curated video playlist. Each link includes an overview of Ptah concepts, hands-on labs, and system walkthroughs:
When you’re ready, dive into the comprehensive 40-question quiz covering every module. You’ll get instant feedback on each answer—all on one page.
Special thanks to all our partners for hardware, funding, and expertise that made this course possible.