Aircraft Data Network_v1
-
Upload
suhail-ahmed -
Category
Documents
-
view
276 -
download
0
Transcript of Aircraft Data Network_v1
Network Function Virtualization (NFV) in
Aircraft Data Networks (ADN)Suhail Ahmed
Emirates [email protected]
Introduction
Aircraft Data Network (ADN) is a concept used in aircraft for internal networking between various
avionics components. There are various specifications for aircraft internal networking however
standard introduced by the ARINC Airline Electronics Engineering Committee (AEEC) in the
ARINC(Aeronautical Radio Incorporated) 664 Specification is prominent and adapted by leading
aircraft manufacturers . The specification provides a means to adapt COTS networking standards
to an aircraft environment. It defines protocol stack, message structure and contents , message
flow, interoperability with relevant ARINC standards[1] . This specifications is also referred as
Avionics Full Duplex Switched Ethernet Network (AFDX). It describes a “more deterministic”
switched Ethernet/IP network, that is, a switched network where a few constraints are applied. On
the transmitting end, called “End-System”, a data transmission rate is associated to one virtual
multicast unidirectional communication channel called “Virtual Link”.
Since a switched network implies the use of a switch, this piece of hardware became crucial to the
design of the network. An AFDX Switch does not only perform packet forwarding as usual, but also
enforces Traffic Policing at its input ports. This feature is based on the “Token Bucket” algorithm
and discards packets that arrive in a pace faster than “Jswitch” milliseconds. This “Jswitch” quantity
is programmed in the AFDX switch and is defined per VL. With Traffic Policing, the AFDX switch
protects the network from what is usually called “babbling idiot”, a misbehaved node that transmits
more that than it is designed to.
The AFDX data frame uses a suffix (lower 16 bits) in its multicast MAC Destination Address to
define a VL. The remainder of the frame takes its model from UDP/IP with one difference: the last
byte is reserved for count frames from 1 to 255, a quantity used in AFDX’es “Redundancy
Management”. The AFDX network uses two physically separated channels, so each AFDX “End-
System” transmits the same data frame in these two channels at the same time. In the receiving
“End- System”, the “Sequence Number” is used by the “Redundancy Manager” to discard frame
copies that arrive too late. Designers of an AFDX network need to take into account several
potential sources of transmission jitter. On the transmitting “EndSystem”, frames are queued before
reaching the physical medium. Inside the AFDX switch, forwarded frames are queued in the output
port before they depart to their destination node. The measure of jitter is relevant to the AFDX
network design, for the “Jswitch” quantity must be correctly estimated and programmed in the
switch for each VL [5].
AFDX Network Architecture
AFDX network consists of three main parts End system (ES), switches and communication links as shown in figure below.
Figure 1 : AFDX Network Architecture
•End system is the interface between the subsystems which transmit data and the network.
•AFDX switch is the central element of the AFDX network that interconnects source End System to destination End system. Links between AFDX network in twisted pair cables but they are divided to virtual links.
•Virtual Link defines a logical unidirectional connection from one source end-system to one or more destination endsystems.
Each Virtual Link has a dedicated maximum bandwidth. This bandwidth is allocated by the System Integrator
Physical topology
As shown in figure 2 below, AFDX network is a star topology network. Each ES has two AFDX ports
connected to 2 redundant networks. Packets are transmitted and received over two redundant
channels to ensure the reliability and availability of the AFDX standard. AFDX ensures a
deterministic behavior through traffic control. Bandwidth is guaranteeing for each Virtual Link
(VL), thereby limiting the jitter and transmits latency.
Figure 2 : AFDX Physical Topology
Virtual Link (VL)
The communication between End System takes place over a single physical communication link.
However, it is possible to establish many logical communication links. AFDX implements transmit
VLs as well as receive VLs. Each transmit VL can only be assigned to one ES. Receive VLs can be
assigned to several ES[3].
Virtual Link Parameters
Bandwidth Allocation Gap (BAG), a timeslot confining the VL's bandwidth by defining the
minimum gap time between two consecutive frames. The BAG value must be in the range 1 -
128ms and must be a power of 2.
Lmax, the largest Ethernet frame, in bytes, that can be transmitted on the virtual link.
Jitter is an upper bounded transmit latency appearing as a frame time offset within the BAG.
Limitations and scope for improvement
With reference to above architecture, we can observe that system is static and neatly defined
where small changes or updates to system involves core component changes , addition of new value
added services and security features leads to heavy aircraft maintenance cycles. There is constant
change in customer perceptions on ROI and constantly evaluating possibility integrate value
addition components complying to regulatory certifications. Hence there is high demand to have
dynamically configured network which can accommodate add on components and provide value
added services in secure and regulated environment. Being successful in commercial
implementations, Software Defined and Virtualization technologies can have positive impact on
aircraft networks.
Network Function Virtualization (NFV) :
Network Function Virtualization in simple terms is implementation of network functions in
software which should be able to run as virtual machine on any industry standard commodity
hardware. Network functions being virtualized can be routing, switching, deep packet inspection,
firewall etc. In a traditional network, each distinct function was typically implemented as a
specialized appliance based on proprietary hardware[2]. Such appliances invariably include a
substantial amount of software, but the software and hardware can’t be separated – they are highly
dependent on one another. Examples of traditional proprietary hardware-based network elements
include routers of various kinds, deep packet inspection devices, content delivery network
appliances, firewalls, load balancers, network address translators, session border controllers,
mobile base station controllers, mobile packet gateways and so on. Whether maintained by the
enterprise, or deployed by the network operator as part of a managed service offering, this
“appliance-centric” practice leads to high initial and ongoing costs, as well as lengthy setup times.
NFV leverages IT virtualization to change this paradigm by providing networking functions as
software-based appliances, referred to as Virtual Network Functions (VNFs), that run on standard
servers instead of dedicated hardware. When utilized by network operators, NFV significantly
reduces the time required to operationalize and activate new service features[4].
Benefits of NFV :
NFV overcomes the constraints of hardware-based appliances by applying standard IT
virtualization technologies to networking
virtualised network provides all the features of a physical network but with greater automation,
agility and flexibility
Reduced CAPEX and OPEX through being able to run network functions on general purpose off the
shelf platforms and being able to run multiple virtual network functions (VNF) on a single
hardware platform
Reduced time to deploy new applications and turn-up new network services
Greater flexibility to scale up, scale down and introduce new applications / services
Easier, cheaper and less risky to trial and deploy new innovative applications / services
In AFDX network architecture Ethernet network controller can be virtualized in addition to
switching functions such as Learning Addresses, packet forwarding and avoiding loops.
Virtualization of communication links is inherent to ADFX architecture which can complimented
with Deep packet inspection and firewalls for enabling security and integrity in the network, which
can provide the flexibility to extend or integrate with internet or other networks (proprietary or
open). It provides a flexibility to add on components dynamically and impose regulatory and safety
constraints on the fly without significant cost or heavy maintenance cycles. With NFV, its
straightforward to implement network management and configuration functions.
Figure depicts 2 virtual links connecting end systems passing through NFV enabled switch which
implements 4 virtual network functions namely switching, Deep packet inspection, Firewall and
Encryption. Virtual links can be routed dynamically through relevant VNF’s based on traffic
requirement, end system constraints etc. system integrators can dynamically configure network for
additional LRU as and when required.
Figure 3 : NFV in AFDX
End System
End System
End System
Hardware Hardware
VNF (Switch)
VNF (DPI)
VNF (FireWall)
VNF (Encryption)0
Conclusion:
We have demonstrated one particular use case and benefits of NFV relevant to Aircraft Data
Networks. NFV can also have profound influence in integrating Cockpit, Passenger, Ground and
Satellite network subsystem. Major contribution of NFV would be implementing and updating
security policies and profiles dynamically on fly which is key for aircraft networks. PKI solutions
can be readily implemented using NFV solutions.
Software Defined Networking (SDN) is another promising concept for programming networks and
network agility. SDN deals with separating control plan from data plane enabling innovation,
testing on production networks with impacting network functionality. NFV is separate from, but
closely related to software defined networking (SDN). While NFV is concerned with converting
appliances to software, SDN is being used to deconstruct today’s network elements into control and
data functions, and then further separating them by the addition of protocols or APIs. This
separation allows the creation of centralized control and a programmable network
References
[1] Amarnath Jasti, Surya Mohapatra, Bhargav Potluri and Dr Ravi Pendse,,”Cloud Computing In Aircraft Data Networks”,IntegratedCommunications Navigation and Surveillance Conference ,May 2011
[2] Stan Hubbard, Heavy reading , “Automating Carrier Ethernet 2,0 Service Delivery & Preparing for SDN-Enabled Services”, WhitePaper, September , 2013
[3] M.S Ali, R Bhagavathula and R Pendse, Department of Electrical andComputer Engineering, “Airplane Data Networks And Security Issues”,Wichita State University,USA,2004.
[4] M. Cohn, “NFV, An Insider’s Perspective: Part 1: Goals, History, andPromise,” Sep 2013, http://www.sdncentral.com/education/nfv-insidersperspective-part-1-goals-history-promise/2013/09/
[5] J.B. Itier, “A380 Integrated Modular Avionics”, http://www.artist-embedded.org/docs/Events/2007/IMA/Slides/ARTIST2_IMA_Itier.pdf, ARTIST2 meeting on Integrated Modular Avionics, 2007.