HERMES

HERMES

Hardened Edge Relay & Machine-intelligent Encrypted Speech

HERMES is the unified communications platform for GVA military vehicle systems. It delivers secure encrypted voice, rich media messaging, and AI-powered human-to-machine interfacing across tactical networks — from high-bandwidth LAN to degraded RF links.

Designed for DEF STAN 23-009 compliance, HERMES provides everything from crew intercom to vehicle-to-command post communications, all protected by military-grade encryption.

Core Capabilities

🔒

Encrypted Voice

End-to-end encrypted voice using SRTP (AES-256-CM) with military-grade codecs including MELPe and STANAG 4591. Supports crew intercom, vehicle-to-vehicle, and vehicle-to-command post.

📡

Rich Media Delivery

Encrypted text messaging, file transfer, presence indicators, group notifications, and searchable call logs — all over the same secure SIP infrastructure as voice.

System Architecture

graph TB subgraph "HERMES Services" SRV[VoIP Server
SIP Registrar/Proxy] AGT[VoIP Agent
AI Assistant] MCP[MCP Tool Server
Vehicle Tools] end subgraph "Clients" CLI1[VoIP Client 1
Crew Station] CLI2[VoIP Client 2
Commander] CLI3[VoIP Client 3
Driver] end subgraph "External Networks" EXT[External SIP
Gateway/Trunk] AI[Ollama LLM
Local Inference] end CLI1 <-->|SIP/RTP| SRV CLI2 <-->|SIP/RTP| SRV CLI3 <-->|SIP/RTP| SRV AGT <-->|SIP/RTP| SRV SRV <-->|SIP Trunk| EXT AGT <-->|HTTP| AI AGT <-->|MCP| MCP style SRV fill:#4CAF50 style AGT fill:#9C27B0 style MCP fill:#FF9800 style CLI1 fill:#2196F3 style CLI2 fill:#2196F3 style CLI3 fill:#2196F3

Components

VoIP Server

The VoIP Server acts as a SIP registrar and proxy, managing call routing between clients within the vehicle network and to external networks.

  • SIP user registration and authentication
  • Call routing and proxying
  • CDR (Call Detail Records) logging
  • DSCP EF (Expedited Forwarding) QoS marking
  • Military codec support (MELPe, STANAG 4591)
  • Multiple simultaneous call handling
  • Call forwarding and forking

VoIP Client

Available as both a standalone desktop application and a GVA External App integrated into the VivoeX HMI COM screen (F7).

  • SIP registration and encrypted calling
  • Multiple codec support (G.711, G.729, MELPe, Opus)
  • SRTP encryption (RFC 3711)
  • Address book management
  • Headless mode for intercom/relay
  • Auto-answer with WAV playback
  • DDS registration via GVA Registry Service

VoIP Agent (AI Assistant)

An AI-powered voice assistant providing the human-to-machine interface. Operates entirely offline with no cloud connectivity required.

  • Ollama/Gemma LLM integration (local inference)
  • Piper TTS (offline text-to-speech)
  • Vosk STT (offline speech recognition)
  • MCP (Model Context Protocol) tool support
  • Military coordinate tools (MGRS, bearing, distance)
  • Multi-turn conversational context
  • Standalone mode (local mic/speaker)

MCP Tool Server

Exposes vehicle system tools to the AI agent via the Model Context Protocol, enabling natural language access to platform capabilities.

  • MGRS coordinate conversion
  • Bearing and distance calculations
  • Vehicle system status queries
  • Date-Time Group (DTG) formatting
  • Extensible tool plugin architecture
  • Custom MCP server chaining

Audio Codecs

CodecBitrateSample RateDescription
G.711 μ-law64 kbps8 kHzStandard telephony, highest quality
G.711 A-law64 kbps8 kHzEuropean telephony standard
G.7298 kbps8 kHzLow bandwidth, good quality
MELPe2.4 kbps8 kHzMilitary standard (MIL-STD-3005)
STANAG 45911.2–2.4 kbps8 kHzNATO interoperability (TSVCIS)
Opus6–510 kbps48 kHzModern, adaptive bitrate

Security & Standards

SRTP Encryption

All voice communications are encrypted using SRTP (Secure Real-time Transport Protocol) per RFC 3711 with AES-256-CM-HMAC-SHA1-80 cipher suite. Key exchange is performed via SDP during call setup.

Encryption is always enabled and cannot be disabled — suitable for OFFICIAL-SENSITIVE classification.

Network QoS

VoIP traffic is marked with DSCP EF (Expedited Forwarding, 46) for priority handling on managed networks. This ensures voice packets receive preferential treatment over data traffic.

Integrates with DiffServ-aware tactical network equipment and military-grade switches.

Standards Compliance

SIP Signaling

RFCTitleUsage
RFC 3261SIP: Session Initiation ProtocolCore call signaling
RFC 3264Offer/Answer Model with SDPCodec negotiation
RFC 3265SIP-Specific Event NotificationPresence and subscriptions
RFC 3428SIP Extension for Instant MessagingText messaging (MESSAGE)
RFC 3515SIP REFER MethodCall transfer

Media & Transport

RFCTitleUsage
RFC 3550RTP: Real-Time Transport ProtocolAudio media delivery
RFC 3711SRTP: Secure Real-time Transport ProtocolMedia encryption (AES-256-CM)
RFC 4568SDP Security DescriptionsSRTP key exchange via SDP
RFC 4733DTMF Relay via RTPIn-band DTMF tones

Military Standards

StandardDescription
MIL-STD-3005MELPe voice codec (2.4 kbps tactical voice)
STANAG 4591NATO narrowband & wideband voice coding
DEF STAN 23-009UK GVA Land Data Model (DDS integration)
RFC 2474 / RFC 3246DiffServ QoS (DSCP EF marking)

Platform Support

PlatformArchitectureStatus
Ubuntu 22.04 LTSx86_64 (AMD64)✅ Full Support
Ubuntu 24.04 LTSx86_64 (AMD64)✅ Full Support
Embedded LinuxARM64 (AArch64)✅ Full Support
Real-time OSx86_64 / ARM64✅ Available

Dependencies: Qt 6.2+, OpenSSL 3.0, CMake 3.20+, Ollama (for AI agent), Vosk, Piper

Key Differentiators

🛡️

Fully Offline AI

LLM inference, speech recognition, and speech synthesis all execute locally on the vehicle compute platform. No cloud. No latency. No data exfiltration risk.

GVA Integrated

Native integration with VivoeX HMI, DDS Registry Service, and the full GVA software stack. Registered as a communication service via DEF STAN 23-009.

Get Started with HERMES

HERMES is included as part of the VivoeX SDK and is available to licensed customers. Contact us for a demonstration of secure military communications in action.

Contact Sales
View Documentation