Hirschler, B. and Jakovljevic, M., "Secure Deterministic L2/L3 Ethernet Networking for Integrated Architectures," SAE Technical Paper 2017-01-2103, 2017.
Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. This paper investigates the context and use of key security technologies, processes, challenges and use cases for the design of advanced integrated architectures with security, safety, and real-time performance considerations. In such architectures, deterministic Ethernet standards are used as a baseline for system integration in closed embedded systems or open mixed criticality systems.Security-informed safety development processes for integrated architectures are required to prevent catastrophic failures caused by environmental and cyber threats, due to expanding number of security vulnerabilities in complex and increasingly open systems. State-of-art safety/security processes for integrated systems in cross-industry environments are considered and similarities examined, for different types of integrated architectures.In integrated systems and IMA which share common resources, multi-level secure systems and composable modular architectures such as MILS based on separation kernels and ARINC653 API are gaining importance for design of safe and secure distributed applications with real-time performance requirements. Network security is a core component of the overall cyber-security and defense-in-depth capability for distributed architectures. Protection mechanism for information, interface and system integrity, communication availability, and data confidentiality are required for design of safe and secure integrated embedded infrastructure. In deterministic Ethernet networks with Time-Triggered Ethernet (SAE AS6802) and ARINC664 services can actively support security measures for mixed-criticality applications.The network partitioning, dataflow isolation, configuration protection, per-flow traffic policing, link and end-to-end encryptions or authentication, and internal network device partitioned architecture can be useful for design of open networked systems which can also accept previously unknown soft-time or bursty traffic, while hosting highly critical functions with temporal boundaries.After an overview of security issues in networks within integrated architectures, this paper continues with discussion of MACsec and IPsec mechanisms, packet firewalls, secure shells and Denial-Of-Service (DoS) protection mechanisms for secure and deterministic L2/L3 networking.