This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Secure Deterministic L2/L3 Ethernet Networking for Integrated Architectures
Technical Paper
2017-01-2103
ISSN: 0148-7191, e-ISSN: 2688-3627
This content contains downloadable datasets
Annotation ability available
Sector:
Language:
English
Abstract
Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. This paper investigates the context and use of key security technologies, processes, challenges and use cases for the design of advanced integrated architectures with security, safety, and real-time performance considerations. In such architectures, deterministic Ethernet standards are used as a baseline for system integration in closed embedded systems or open mixed criticality systems.
Security-informed safety development processes for integrated architectures are required to prevent catastrophic failures caused by environmental and cyber threats, due to expanding number of security vulnerabilities in complex and increasingly open systems. State-of-art safety/security processes for integrated systems in cross-industry environments are considered and similarities examined, for different types of integrated architectures.
In integrated systems and IMA which share common resources, multi-level secure systems and composable modular architectures such as MILS based on separation kernels and ARINC653 API are gaining importance for design of safe and secure distributed applications with real-time performance requirements. Network security is a core component of the overall cyber-security and defense-in-depth capability for distributed architectures. Protection mechanism for information, interface and system integrity, communication availability, and data confidentiality are required for design of safe and secure integrated embedded infrastructure. In deterministic Ethernet networks with Time-Triggered Ethernet (SAE AS6802) and ARINC664 services can actively support security measures for mixed-criticality applications.
The network partitioning, dataflow isolation, configuration protection, per-flow traffic policing, link and end-to-end encryptions or authentication, and internal network device partitioned architecture can be useful for design of open networked systems which can also accept previously unknown soft-time or bursty traffic, while hosting highly critical functions with temporal boundaries.
After an overview of security issues in networks within integrated architectures, this paper continues with discussion of MACsec and IPsec mechanisms, packet firewalls, secure shells and Denial-Of-Service (DoS) protection mechanisms for secure and deterministic L2/L3 networking.
Recommended Content
Citation
Hirschler, B. and Jakovljevic, M., "Secure Deterministic L2/L3 Ethernet Networking for Integrated Architectures," SAE Technical Paper 2017-01-2103, 2017, https://doi.org/10.4271/2017-01-2103.Data Sets - Support Documents
Title | Description | Download |
---|---|---|
Unnamed Dataset 1 |
Also In
References
- Kopetz Hermann , Bauer Günther The time-triggered architecture Proceedings of the IEEE (Volume: 91 , Issue 1 Jan 2003 ). IEEE 2003 112 126
- Benveniste A. , Bouillard A. and Caspi P. A unifying view of Loosely Time-Triggered Architectures EMSOFT '10 Proceedings of the tenth ACM international conference on Embedded Software Arizona, USA ACM Networked Local Area Networks in Aircraft: Safety, Security, and Certification Issues, and Initial Acceptance Criteria https://www.faa.gov/aircraft/air_cert/design_approvals/air_software/media/AR-08-31.pdf
- Fleischman Eric , Smith Randall E. , and Multari Nick FAA Report, DOT/FAA/AR-08/31 Networked Local Area Networks in Aircraft: Safety, Security, and Certification Issues, and Initial Acceptance Criteria (Phases 1 and 2) Nov 2008
- Bloomfield Robin , Stroud Robert Security-Informed Safety ”If it’s not secure, it’s not safe”. Marc-Olivier Killijian Safecomp 2013 Sep 2013 Toulouse, France NC 2013
- SESAMO project http://sesamo-project.eu/
- RTCA DO-326A Airworthiness Security Methods And Considerations RTCA Standards 2010 https://www.rtca.org/search/site/do-326a
- Shift2Rail shift2rail.org
- RTCA DO-356A Airworthiness Security Methods And Considerations RTCA Standards 2014 https://www.rtca.org/search/site/do-356
- Descriptions of Aircraft Domains AERONAUTICAL COMMUNICATIONS PANEL (ACP), 6th MAY WEBMEETING OF THE WORKING GROUP S (SURFACE)”, International Civil Aviation Organization, WORKING PAPER, ACP-WG S Web Meeting-5 / WP-02 2 05 14
- ISO ISO/IEC 15408-1. Information technology - security techniques - evaluation criteria for it security - part 1: Introduction and general model
- DIN DIN VDE V 0831-104. Electric signaling systems for railways - part 104: It security guideline based on IEC 62443, draft. October, 2015 2015
- IEC IEC TS 62443-1-1:2009. Industrial communication networks - network and system security - part 1-1: Terminology, concepts and models 2009
- EN 50129
- EN 50159
- DIN DIN VDE V 0831-102. Electric signaling systems for railways - part 102: Protection profile for technical functions in railway signaling, draft. December, 2013 2013
- Puetzschler Uwe LTE and Car2x:Connected cars on the way to 5G Mobile Broadband SIG 6 April 2016 Cambridge
- McAfee Automotive Security Best Practices https://www.mcafee.com/it/resources/white-papers/wp-automotive-security.pdf
- SAE International Surface Vehicle Recommended Practice Cybersecurity Guidebook for Cyber-Physical Vehicle Systems SAE Standard J3061 ™ Jan. 2016
- EVITA Eu Project https://www.evita-project.org/
- HEAVENS https://www.sp.se/en/index/research/dependable_systems/heavens/Sidor/default.aspx
- Day John Protecting Automotive ECUs https://blogs.mentor.com/johnday/blog/tag/secure-hardware-extension-she/
- Netkachova Kateryna , Müller Kevin , Paulitsch Michael , Bloomfield Robin Security-informed safety case approach to Analysing MILS Systems International Workshop on MILS:Architecture and Assurance for Secure System 20 January 2015 Amsterdam
- Shimko Spencer , Brindle Joshua Securing Inter-process Communications in SELinux SELinux Symposium http://selinuxsymposium.org/2007/papers/11-SecureIPC.pdf
- Separation Kernel Protection Profile (SKPP)
- Parkinson P. Applying MILS to multicore avionics systems 2nd International Workshop on MILS: Architecture and Assurance for Secure Systems, HiPEAC 2016 Prague, Czech Republic
- Pitchford Mark Applying MILS principles to design connected embedded devices supporting the cloud, multi-tenancy and App Stores 8th European Congress on Embedded Real Time Software and Systems (ERTS 2016) Jan 2016 TOULOUSE, France Proceedings of the 8th European Congress on Embedded Real Time Software and Systems (ERTS 2016)
- River Wind Vxworks Mils Platform 3.0 https://www.windriver.com/products/platforms/vxworks-mils/MILS-3_PN.pdf
- EU D-MILS Project Distributed MILS, Proj.No. 318772, Report, D1.3 Requirements for distributed MILS technology Aug 2013
- Adam D. , Tverdyshev S. , Rolfes C. , Sandmann T. Two Architecture Approaches for MILS Systems in Mobility Domains (Automotive, Railway, Avionics) MILS Workshop 2015 Amsterdam, The Netherlands Jan 2015
- ARINC Inc. ARINC664-P5: AIRCRAFT DATA NETWORKS - “NETWORK INTERNCONNECTION DEVICES” PART 5 2003
- Automotive domain architectures
- ARINC Inc. ARINC664-P7: AIRCRAFT DATA NETWORK - PART 7: “AVIONICS FULL-DUPLEX SWITCHED ETHERNET NETWORK 2009
- SAE International Aerospace Standard Time-Triggered Ethernet SAE Standard AS6802 ™ Nov. 2016
- IEEE TSN Working Group http://www.ieee802.org/1/pages/tsn.html
- Jakovljevic M. , Gatard J. Heterogenous All-Ethernet Networking for Aircraft Systems Proceedings of Aircraft System Technologies AST Feb 2017 Hamburg
- Steiner W Candidate security solutions for TTEthernet Digital Avionics Systems Conference (DASC), 2013 IEEE/AIAA 32nd Sept 2013 Syracuse, NY
- 802.1AE - Media Access Control (MAC) Security http://www.ieee802.org/1/pages/802.1ae.html
- IETF RFC https://www.ietf.org/rfc.html
- Treytl , A. ; Hirschler , B. ; Sauter , T. 2010 Secure tunneling of high-precision clock synchronization protocols and other time-stamped data IEEE, IEE World Conference on Factory Communication Systems (WFCS) 1 8 IEEE
- Hirschler , B. ; Sauter , T. 2016 Performance impact of IPsec in resource-limited smart grid communication IEEE, IEEE World Conference on Factory Communication Systems (WFCS) 1 8 IEEE
- Guardtime Use of a globally distributed blockchain to secure SDN Company Brochure 2016 https://www.ciosummits.com/Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepaper_1602.pdf
- Greene Tim New protocol from Guardtime hopes to unseat RSA for authentication, digital signatures Network World May 20, 2015