The PMD-Mesh is a network between the software instances of PMD participants. Through the use of modern security technologies, the PMD-Mesh allows secure, direct yet performant communication between instances.

How does the PMD-Mesh work?

The PMD-Mesh is based on WireGuard, a modern, performant VPN technology. In PMD, direct WireGuard tunnels are set up between the individual PMD instances, creating an overlay network. IPv6 is used within this WireGuard network. The basic network services in the overlay network such as DHCP, DNS and routing are provided by PMD and are largely transparent to users. Individual services from PMD participants can thus be addressed via unique DNS names that can only be resolved within the PMD-Mesh.

Our decentralized approach

PMD is not trying to create another data repository. A service for centrally collecting materials science data does not do justice to the differentiated requirements for handling such data. In particular, users of different categories (industry, science) have sometimes strongly divergent requirements for sharing data, which can hardly be met by central data storage.

PMD therefore prioritizes the sovereignty of PMD users over their own data. Each data provider should be able to make differentiated decisions about who can access the offered data and how. The data therefore remains with the providers.

PMD-S Server

PMD satellites (PMD-S) consist of several software packages. Some of these are mandatory for participation in PMD, others are optional and enable the provision or use of additional services. When this software is set up at an institution and supplied with valid PMD identity data (keys, certificates), a PMD-S instance is created that is a participant in the PMD-Mesh. Through this PMD-S instance, the services and data of PMD, i.e. also of all other PMD-S, can be used and own services and data can also be offered.

Container-based architecture

PMD instances consist of a combination of different software packages. To make these packages as easy as possible to set up, PMD relies on containers. Containers minimize the software requirements for the execution environment. The central PMD functions (such as the PMD-Mesh or the connection to SSO) are encapsulated in individual containers. The combination and networking of these containers with each other makes up a PMD instance.

There are also optional containers that are only used when needed. These are, for example, special execution environments for materials science applications that are not used on every instance. The operator of the respective instance decides which of these optional containers are present.

Mandatory components of PMD-S instances: - PMD-Mesh - DNS

Optional components: - OntoDocker - Keycloak - SimStack - pyiron/jupyter

Part of the intended functionality of PMD can be implemented most effectively with the help of a central directory service. The search for offered services and data is the most prominent example here. Therefore, there is an instance of PMD that provides these central services. This instance is called PMD-Central (PMD-C).

PMD-C differs from PMD-S only in the provision of central services. PMD can function without these central services, but offers far less added value.

Central services of PMD-C: - Directory service for search queries - App and workflow store backend - Authoritative DNS server for PMD

Data security

The protection of data in transit is ensured by the PMD-Mesh. The protection of data is the responsibility of the provider. The PMD instance offers the possibility to control access to data via PMD based on access permissions.

Setting up a PMD Satellite

The PMD-S Deployment Guide describes all steps required for successful instantiation and integration of a "Platform Material Digital" (PMD) service.

The Deployment Guide covers: - System requirements and preparation - Installation and configuration of containers - Connection to the PMD-Mesh - Configuration of authentication and authorization - Best practices for operation

Offers and added values

DataPortal: The PMD DataPortal is a central access point for searching and retrieving materials science data within PMD. It demonstrates the functionality of the decentralized architecture.

Demonstrator: Experience the PMD infrastructure in action and understand how the various components work together.

Why should you participate?

Participation in PMD offers: - Data sovereignty: You retain full control over your data - Interoperability: Use tools and data from other participants seamlessly - Security: Benefit from modern, tested security infrastructure - Community: Become part of a growing network of materials scientists - Efficiency: Avoid data silos and redundant developments

How can I participate?

1. Inform yourself in the Deployment Guide
2. Contact the PMD team for support with setup
3. Participate in community meetings
4. Share your experiences and contribute to further development

Contact us to learn more about participating in the PMD infrastructure!