xNET
Objective: Design a cost-effective low-latency modular pub/sub middleware
for local networks, with focus on safety/resilience and security.
Challenge: Solve the dynamic pub/sub system encryption conundrum,
achieve ultra low-latency communication, and provide cost-effective safety
certification.
Applications: IoT, industrial automation, automotive, defence, deterministic and
safety-related/critical systems, high-frequency trading.
xNET is a bottom-up approach in designing a high-performance low-latency
distributed communication architecture and application middleware with
integrated safety and security.
The primary architecture design requirement of xNET is to leverage existing core
and low-level networking and communication technologies (both hardware and
software) in order to assemble and create the most cost-effective, efficient,
and reliable solution possible with the available resources.
Typical capability-driven middleware designs tend to require the creation of
complex component architectures, the development of copious amounts of software
components, and the coordination of complex synchronous and asynchronous
internal component and external node interactions. Such top-down approaches can
be very time consuming, costly, and have a high risk of accumulating technical
debt.
Technical Characteristics
The xNET architecture utilises and builds on widely used existing and upcoming
communication and security technologies and protocols such as:
- IPv6, IPsec, and Software Defined Networks (SDN)
- PKI Certificates
- standardised and accredited encryption ciphers (AES, SPECK,
etc)
- abstraction and modularity design concepts (Data and System
Modelling)
- security management components (centralised & decentralised key
management modules)
- information and entity management and validation (certificate and
blockchain based)
- remote system access components for management, monitoring, and
upgrading
- application end-to-end source validation and information
assurance
- multi-path, self-reconfiguration, and self-healing technologies for
enhanced resilience
Architecture Design
The xNET architecture defines and standardises how an embedded system
communication architecture is designed, which protocols are used, how they are
configured, and how they are used by the system applications. All these
guidelines ensure the system maintains a high-quality level of operational
security, safety, and resilience.
The following technologies have been considered for evaluation and integration:
- OSI Layers 1 & 2: Ethernet, SDN
- OSI Layers 3 & 4: IPv4/IPv6, TCP/IP, IPsec
- OSI Layers 5 & 6: PKI, PKCS, Object-based Data Models
- OSI Layer 7: Node watchdogs, cryptographic data guards, security
monitoring modules, dynamic network/node reconfiguration and multi-path
management agents
The technologies in layers 1 to 6 are primarily passive and facilitate the
overall sub-system, intra-network, and remote intercommunication. The layer 7
technologies have a more active role within a device and the system as whole,
operating within, along-side, and independently of the user applications
handling tasks necessary to achieve the xNET concept requirements.
Security
A high level of security is achieved through the use of fully standardised and
encrypted network communication (Layers 1-6) with certificate-based
authentication, ephemeral or static shared keys, and low-level network
monitoring. Layer 7 components provide additional security monitoring and
control services, suitable for both local and remote management of encryption
and authentication configurations.
Safety / Resilience
The baseline of a security and authenticated communication system enables the
consideration of high-level mechanisms to provide resilient and safe
inter-application communication, making it possible to use the xNET architecture
in safety-related and possibly safety-critical systems. Traditional
safety-critical communication via very expensive safety-critical networks could
be replaced by non-safety-critical networks with much higher bandwidth,
functionality, and supply & support chain. This would make the xNET architecture
suitable for advanced automotive, industrial, and military applications (active
protection systems, fire-control, autonomous mobility), while being
cost-effective enough to be used for secondary non-safety-critical sub-systems
communication and increase security and resilience throughout the system
architecture.
|