Welcome!

Blog Feed Post

Hope, FPGA’s, High Frequency Trading and the New Market Access Rules

I recently became aware of an emerging practice most likely being implemented by clearing companies at the low end of the capitalization sprectrum offering a unique solution to the recent Market Access Rules.

NO UN-FILTERED DIRECT ACCESS

What the SEC is trying to do is remove, or reduce the opportunity for either crooks, idiots, or algo’s gone wild from doing bad things to the market. Under the new rules, order flow needs to be monitored. This is not something that the HFT crowd like to hear, because it slows them down. So a couple of innovative idiots got together and came up with the solution that I’m going to describe here.

HOPE IS NOT A STRATEGY

Let alone a comprehensive compliance or surveillance strategy. What the idiots are doing is putting a ‘black box’ between the HFT firms FIX engines and the execution venues. The box, most likely powered by an FPGA device, scans the outbound order flow, and if it finds something it doesn’t like, it messes up the payload of the FIX order so that the execution venue (hopefully) rejects the message. Why is this done this way? Because the ‘black box’ is both out of process – both the source of orders and resulting executions, etc. are behind FIX engines, and because the ‘black box’ isn’t actually maintaining connections between the HFT firm’s order generators and execution venue.

A PICTURE IS WORTH A MILLION REJECTS

This is a little complicated, so let’s look at this picture:

In the diagram above, the ‘black box’ isn’t maintaining FIX connections to either the HFT’s order generators or the execution venue.  So, the ‘black box’ can’t just reject the order if it’s out of bounds back to the order generator because then the FIX sequence #’s get all mixed up.  There’s a little more to this, but you get the general idea.

YES, THIS IS REAL, AND I’M NOT KIDDING

So, this whole thing is designed so that an examiner can come into the Olde Thyme Highe Frequency Trading Shoppey and be escorted into the back room and shown the shiny box.  Wow.  Are you serious.  ”Look, we’re making sure that this firm isn’t doing anything wrong – we’re actively monitoring the flow and if they do something we don’t like, we shut them down.”  Right, they shut down the order flow attached to the box.  What about the order generators that the examiner doesn’t see. There’s a host of issues here, but we’re going to focus on one – and it’s a doozy.

DENIAL OF SERVICE ATTACKS

So, we’ve installed the OMICRON 5000 monitoring device and our HFT/algo team is ready to do business.  And everything is fine.  They’re trustworthy chaps and have no intention of gaming the system.  (cough cough).  But their first algo goes completely nuts.  And get’s shut down by the clearing firm.  But it doesn’t really get shut down.  Instead, it’s sending 1000′s of malformed FIX messages to an execution venue per second.  Or maybe 10,000′s of malformed FIX messages to many execution venues.  Wow.  In the internet world, we call this a denial of service attack – flood a destination with more traffic that it can handle.  And while the execution venues can handle normal traffic, what about rejecting every message? Is every execution venue out there ready for this?  I don’t think so.  I’ve been involved with FIX longer than I’ll admit to in public, and I’ve seen a lot of testing  - “Yeah, reject worked.  It worked fine.  I mean, we never thought they’d be sending 1,000′s of orders a second that would all reject…”

I DON’T KNOW

What should be done about this.   I have lots of ideas about surveillance and how it should be done.  But I don’t have any thoughts about this.  Mostly because I never thought anyone would be so stupid as to ever actually deploy this type of ‘solution.’  Where’s the SEC when you need them?

THANKS FOR READING

PrintFriendly

Read the original blog entry...

More Stories By Colin Clark

Colin Clark is the CTO for Cloud Event Processing, Inc. and is widely regarded as a thought leader and pioneer in both Complex Event Processing and its application within Capital Markets.

Follow Colin on Twitter at http:\\twitter.com\EventCloudPro to learn more about cloud based event processing using map/reduce, complex event processing, and event driven pattern matching agents. You can also send topic suggestions or questions to [email protected]

Latest Stories
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
"NetApp is known as a data management leader but we do a lot more than just data management on-prem with the data centers of our customers. We're also big in the hybrid cloud," explained Wes Talbert, Principal Architect at NetApp, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, provided a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to oper...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"Infoblox does DNS, DHCP and IP address management for not only enterprise networks but cloud networks as well. Customers are looking for a single platform that can extend not only in their private enterprise environment but private cloud, public cloud, tracking all the IP space and everything that is going on in that environment," explained Steve Salo, Principal Systems Engineer at Infoblox, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventio...
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"We're focused on how to get some of the attributes that you would expect from an Amazon, Azure, Google, and doing that on-prem. We believe today that you can actually get those types of things done with certain architectures available in the market today," explained Steve Conner, VP of Sales at Cloudistics, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Data scientists must access high-performance computing resources across a wide-area network. To achieve cloud-based HPC visualization, researchers must transfer datasets and visualization results efficiently. HPC clusters now compute GPU-accelerated visualization in the cloud cluster. To efficiently display results remotely, a high-performance, low-latency protocol transfers the display from the cluster to a remote desktop. Further, tools to easily mount remote datasets and efficiently transfer...
"CA has been doing a lot of things in the area of DevOps. Now we have a complete set of tool sets in order to enable customers to go all the way from planning to development to testing down to release into the operations," explained Aruna Ravichandran, Vice President of Global Marketing and Strategy at CA Technologies, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.