SRDI About - Research - Development - Contact SRDI
Experience-Projects

xNET

Objective: Design a cost-effective low-latency modular pub/sub middleware for local networks, with focus on safety/resilience and security.
Challenge: Solve the dynamic pub/sub system encryption conundrum, achieve ultra low-latency communication, and provide cost-effective safety certification.
Applications: IoT, industrial automation, automotive, defence, deterministic and safety-related/critical systems, high-frequency trading.

xNET is a bottom-up approach in designing a high-performance low-latency distributed communication architecture and application middleware with integrated safety and security.

The primary architecture design requirement of xNET is to leverage existing core and low-level networking and communication technologies (both hardware and software) in order to assemble and create the most cost-effective, efficient, and reliable solution possible with the available resources.

Typical capability-driven middleware designs tend to require the creation of complex component architectures, the development of copious amounts of software components, and the coordination of complex synchronous and asynchronous internal component and external node interactions. Such top-down approaches can be very time consuming, costly, and have a high risk of accumulating technical debt.

Technical Characteristics

The xNET architecture utilises and builds on widely used existing and upcoming communication and security technologies and protocols such as:

  • IPv6, IPsec, and Software Defined Networks (SDN)
  • PKI Certificates
  • standardised and accredited encryption ciphers (AES, SPECK, etc)
  • abstraction and modularity design concepts (Data and System Modelling)
  • security management components (centralised & decentralised key management modules)
  • information and entity management and validation (certificate and blockchain based)
  • remote system access components for management, monitoring, and upgrading
  • application end-to-end source validation and information assurance
  • multi-path, self-reconfiguration, and self-healing technologies for enhanced resilience

Architecture Design

The xNET architecture defines and standardises how an embedded system communication architecture is designed, which protocols are used, how they are configured, and how they are used by the system applications. All these guidelines ensure the system maintains a high-quality level of operational security, safety, and resilience.

The following technologies have been considered for evaluation and integration:

  • OSI Layers 1 & 2: Ethernet, SDN
  • OSI Layers 3 & 4: IPv4/IPv6, TCP/IP, IPsec
  • OSI Layers 5 & 6: PKI, PKCS, Object-based Data Models
  • OSI Layer 7: Node watchdogs, cryptographic data guards, security monitoring modules, dynamic network/node reconfiguration and multi-path management agents

The technologies in layers 1 to 6 are primarily passive and facilitate the overall sub-system, intra-network, and remote intercommunication. The layer 7 technologies have a more active role within a device and the system as whole, operating within, along-side, and independently of the user applications handling tasks necessary to achieve the xNET concept requirements.

Security

A high level of security is achieved through the use of fully standardised and encrypted network communication (Layers 1-6) with certificate-based authentication, ephemeral or static shared keys, and low-level network monitoring. Layer 7 components provide additional security monitoring and control services, suitable for both local and remote management of encryption and authentication configurations.

Safety / Resilience

The baseline of a security and authenticated communication system enables the consideration of high-level mechanisms to provide resilient and safe inter-application communication, making it possible to use the xNET architecture in safety-related and possibly safety-critical systems. Traditional safety-critical communication via very expensive safety-critical networks could be replaced by non-safety-critical networks with much higher bandwidth, functionality, and supply & support chain. This would make the xNET architecture suitable for advanced automotive, industrial, and military applications (active protection systems, fire-control, autonomous mobility), while being cost-effective enough to be used for secondary non-safety-critical sub-systems communication and increase security and resilience throughout the system architecture.

Copyright © SRDI 2024