Advertisement

Dependability Analysis of the AFDX Frame Management Design

  • Venesa WatsonEmail author
  • Mahlet Bejiga
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11093)

Abstract

Avionics Full Duplex Switched Ethernet (AFDX) is an implementation of the ARINC 664 specification, which defines the electrical and protocol specifications for data exchange between Computer Systems. AFDX implements extensions on standard Ethernet to achieve a deterministic and fault-tolerant network, which is demonstrated through its frame management design. AFDX, like other emerging time-critical Ethernet-based standards, has potential for use in other critical industries, such as nuclear power plants. This would provide an additional option by which industry players can leverage the speed and ubiquity of Ethernet, with the added benefit of services to support highest safety requirements. However, considering that the nuclear industry continues to be a prime target for advanced security threats, it is imperative to demonstrate what protection AFDX offers, as well as what additional attack surface it may introduce. For this paper, the basic taxonomy of dependable and secure computing is used to conduct a dependability analysis of the AFDX frame management design. An OMNeT++ model simulation of an AFDX network is used to demonstrate potential attacks. Considerations for solutions for a robust AFDX specification are proposed for future research.

Keywords

AFDX Deterministic Critical industries Dependable and secure computing 

Notes

Acknowledgements

Some of the addressed topics are being elaborated as part of AREVA GmbH’s participation in the “SMARTEST” R&D (2015–2018) with German University partners, partially funded by German Ministry BMWi.

References

  1. 1.
    Aeronautical Radio Inc. (ARINC). Specification 664: aircraft data network, part 7 – deterministic networks, 23 September 2009Google Scholar
  2. 2.
    Thirumeni, P., Ghoshhajra, M., Ananda C.M.: Lessons learned in software implementation of ARINC 664 protocol stack in Linux. In: Proceedings of International Conference on Circuits, Communication, Control and Computing (I4C) (2014)Google Scholar
  3. 3.
    AIM GmbH. AFDX training: AFDX workshop, October 2010. http://www.afdx.com/pdf/AFDX_Training_October_2010_Full.pdf. Accessed 25 Feb 2018
  4. 4.
    GE Fanuc. Embedded systems AFDX/ARINC 664 protocol tutorial, January 2011. http://www.cems.uwe.ac.uk/~a2-lenz/n-gunton/worksheets/AFDX_Tutorial_WP.pdf. Accessed 25 Feb 2018
  5. 5.
    IEEE. IEEE Std 1722-2016: (revision of IEEE Std 1722-2011) - IEEE standard for a transport protocol for time-sensitive applications in bridged local area networks, 16 December 2016Google Scholar
  6. 6.
    TTTech. TTEthernet theory and concepts, 27 August 2015. http://etr2015.irisa.fr/images/presentations/TTEthernet_ETR_2015_Rennes.pdf. Accessed 22 Feb 2018
  7. 7.
    Avizienis, A., Laprie, J., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Comput. 1(1), 11–33 (2004). http://ieeexplore.ieee.org/document/1335465/. Accessed 01 Mar 2018
  8. 8.
    Anand, M., Dajani-Brown, S., Vestal, S., Lee, I.: Formal modeling and analysis of the AFDX frame management design. In: Proceedings of 9th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC 2006), pp. 393–399 (2006)Google Scholar
  9. 9.
    Saha, I., Roy, S.: A finite state modeling of AFDX frame management using spin. In: Brim, L., Haverkort, B., Leucker, M., van de Pol, J. (eds.) FMICS 2006. LNCS, vol. 4346, pp. 227–243. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-70952-7_15CrossRefGoogle Scholar
  10. 10.
    Song, D., Zeng, X., Ding, L., Hu, Q.: The design and implementation of the AFDX network simulation system. In: Proceedings of International Conference on Multimedia Technology (ICMT) (2010)Google Scholar
  11. 11.
    Tripwire: Insider threats as the main security threat in 2017. https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/. Accessed 22 Feb 2018
  12. 12.
    Dury, S: Employees still the biggest threat to enterprise security. https://www.digicert.com/blog/employees-still-the-biggest-threat-to-enterprise-security/. Accessed 22 Feb 2018
  13. 13.
    van Zadelhoff, M.: The biggest cybersecurity threats are inside your company. https://hbr.org/2016/09/the-biggest-cybersecurity-threats-are-inside-your-company. Accessed 22 Feb 2018
  14. 14.
    Saglietti, F., Meitner, M., von Wardenburg, L., Richthammer, V.: Analysis of informed attacks and appropriate countermeasures for cyber-physical systems. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 222–233. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-45480-1_18CrossRefGoogle Scholar
  15. 15.
    Rejeb, N., Ben Salem, A.K., Ben Saoud, B.: AFDX simulation based on TTEthernet model under OMNeT++. In: Proceedings of 2017 International Conference on Advanced Systems and Electric Technologies (IC ASET), pp. 423–429 (2017)Google Scholar
  16. 16.
    Varga, A., Hornig, R.: Avionics full-duplex switched Ethernet model for OMNeT++, 20 February 2012. https://github.com/omnetpp/afdx. Accessed 05 Mar 2018
  17. 17.
    Simulcraft, Inc.: OMNEST - OMNeT++ comparison. https://omnest.com/comparison.php. Accessed 05 Mar 2018
  18. 18.
    Simulcraft, Inc. Performance modeling library. https://omnest.com/queueinglib.php. Accessed 05 Mar 2018
  19. 19.
    Parekh, M., Gao, Y., Gupta, D., Luschmann, C.: OPANSec – security integrity monitoring for controllers. In: Proceedings of 46, Jahrestagung der Gesellschaft für Informatik, pp. 547–557 (2016)Google Scholar
  20. 20.
    Khemissa, H., Tandjaouiy, D.: A lightweight authentication scheme for e-health applications in the context of Internet of Things. In: Proceedings of 9th International Conference on Next Generation Mobile Applications, Services and Technologies, pp. 90–95 (2015)Google Scholar
  21. 21.
    Fouda, M.M, Fadlullah, Z.M., Kao, N., Lu, R., Shen, X.: Towards a light-weight message authentication mechanism tailored for smart grid communications. In: Proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 1018–1023 (2011)Google Scholar
  22. 22.
    Mundhenk, P., Steinhorst, S., Lukasiewycz, M., Fahmy, S., Suhaib, A., Chakraborty, S.: Lightweight authentication for secure automotive networks. In: Proceedings of the Conference on Design, Automation and Test in Europe, pp. 1–4 (2015)Google Scholar
  23. 23.
    Paar, C., Pelzl, J.: Understanding Cryptography: A Textbook for Students and Practitioners, pp. 319–330. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-04101-3CrossRefzbMATHGoogle Scholar
  24. 24.
    Charara, H., Scharbarg, J.-L., Ermont, J., Fraboul, C.: Methods for bounding end-to-end delays on an AFDX network. In: Proceedings of the 18th Euromicro Conference on Real-Time Systems, Washington, D.C., USA, pp. 193–202 (2006)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Framatome GmbHErlangenGermany
  2. 2.University of SiegenSiegenGermany
  3. 3.Friedrich-Alexander University Erlangen-NürnbergErlangenGermany

Personalised recommendations