Patent Grant
9009839
This invention relates to a method and a device for protecting the integrity of data transmitted over a network. It applies, in particular, to communications over a network using the AFDX (Acronym for Avionics Full DupleX) technology in the aeronautical field. It may be applied, however, to all communication networks, particularly those that rely on the IEEE standard 802.3.
The AFDX technology is the new technology of reference in avionic networks. It is used for exchanging data among different airplane computers. It relies on the transfer of messages with switching of Ethernet frames 802.3 via AFDX switches on the network. The terminal equipment items in charge of the transmission or reception of data are organized around the switches in charge of the transport of these data.
It is thus the switched Ethernet (in full-duplex mode) associated with specific modifications making it possible to take into account the real-time and certification constraints of the aeronautical realm that has been selected for the new avionic networks. AFDX is standardized by part 7 of the ARINC (acronym for “Aeronautical Radio, Incorporated,” trademark) standard 664, a standard that moreover provides for subsequent needs, such as confidentiality or compatibility with the IPv6 protocol.
The AFDX thus is based on open standards and fulfills the purposes of a modular communication system for avionics. It supplies means for sharing of resources, segregation of flows as well as the determinism and availability required for aeronautical certifications. Most of the specific AFDX functions are at the data link level.
In order to meet the need for availability of the network, an AFDX network is physically redundant: each terminal equipment item sends out the messages on two different channels to independent sets of switches both ensuring the same transmission. That makes it possible to reduce the number of transmission failures, and the problems linked to physical breakdowns. This redundancy also allows “dispatch” (departure) of the airplane when one, or even several, switch(es) is/are out of order.
The robust segregation of the data flows relies on pass-band reservation at a communication channel called VL (acronym for “virtual link” or virtual link). These channels are associated with a sender and the data are transmitted there over Ethernet in multicast mode (in English “multicast”). The switches allow segregation of the flows through a mechanism of access control lists (the English acronym for which is “ACL”) filtering the traffic according to addresses (Ethernet or MAC, acronym for “Medium Access Control” for control of access to the medium), in a manner similar to the firewalls used in IP (acronym for “Internet Protocol”).
In order to guarantee observance of the real-time data transmission constraints, the AFDX virtual links are associated with pass-band specifications (or “contracts”). These specifications establish the maximal size of the frames transmitted and the minimum time between two frames. These two parameters make it possible to evaluate the maximal pass band of a given virtual link. The contract therefore is taken on by the switches that manage these virtual links.
Determinism and transmission times are guaranteed by the pass-band contract associated with the switching which avoids collisions and retransmissions.
The virtual link concept allows calculation of the maximal transmission latencies, which makes it possible to achieve aeronautical certification of the system. In practice, the Ethernet network therefore necessarily is underused in order to allow the establishment of these guarantees.
Detection of non-alteration of data is performed via a cyclic redundancy check, or CRC (acronym for “Cyclic Redundancy Check”), which forms part of the AFDX (802.3) frame and which is specified by the standard 802.3.
The CRC mechanism is used in the following manner:
The CRC is calculated before transmission and added to the frame. On reception, it is recalculated, and compared with the one received in order to verify their agreement. The calculation of the CRS is constructed so that errors of certain types, such as those due to interferences in transmissions, are detected with a very great probability.
On a network relying on 802.3 (Ethernet) frames, the guarantee that a message has not been altered thus is based on the use of the CRC which provides a certain probability of non-detection.
This CRC is generated by polynomial division, and relies on the theory of the codes (Cyclic Code with Generator Polynomial, Hamming distance, . . . ).
The quality of coverage by the CRC is based on the following assumptions:
This CRC mechanism provides a certain confidence if these assumptions remain valid and, in particular, if all the elements of the network can alter the messages only randomly.
On the other hand, if it is assumed that equipment items, such as switches, have knowledge of the calculation mechanism of the CRC, that they are intelligent and that they may perform malevolently, it may be assumed that they are able to prepare valid frames, with correct CRC but with altered data. This assumption invalidates the purpose of using the sole CRC 802.3 for critical communications.
At the present time, any airplane function that seeks to guard against this type of problem (corrupt data item not detected), is obliged to use circumvention means consisting in sending the data item by two different paths, then comparison of the two data items received in order to validate the integrity. The two paths may rely on the same network but at no time must the two data items go through the same equipment. Another technique consists in sending one data item over the network and the other data item with another communication technology (ARINC 429, CAN, acronym for Car Area Network for local vehicle network).
Each of these techniques is costly and complex to implement.
This invention seeks to remedy these drawbacks.
To this end, according to a first aspect, this invention applies to a method for transmitting data over a network, from a sending application to a receiving application, characterized in that it comprises:
In this way, each data item is protected from start to finish, the applications implementing the predefined coding and decoding rules, which makes them independent of the communication means used over the network. Another advantage of the implementation of this invention is that the choice of the coding may be adapted to the type of error envisaged and to the confidence level wished to be achieved.
This invention thus makes it possible to obtain an independence of verification of the alteration of a message over the network using the AFDX or 802.3 (Ethernet) technology. By relying on a simple coding, its implementation is made possible on airplane computers having limited operating features.
According to specific characteristics, during the step of coding, during the step of detecting alteration and during the step of restoring, a cyclic redundancy check is implemented.
Preferentially the code is based on a CRC as different as possible from the IEEE 802.3 CRC. It makes it possible to protect against a random alteration of the data and, because it is not known by the active equipment items of the network, or switches, invalidates the assumption of an alteration by these equipment items.
According to specific characteristics, during the step of coding and during the step of detecting alteration, an encryption is implemented.
According to specific characteristics, the said encryption is based on a MAC (acronym for “Message Authentication Codes”) authentication code.
According to specific characteristics, the said encryption implements a cryptographic hash function.
By virtue of each of these provisions, there is a greater resistance to a “malevolence”-type corruption (shifting of the data, concatenation of two messages, XOR between two messages, etc.).
According to specific characteristics, the method comprises a step of linear K transforming.
According to specific characteristics, the step of linear K transforming implements an “or exclusive” function.
According to specific characteristics, the result of the linear K function is cut up into a plurality of blocks that are inverted individually.
According to specific characteristics, the method that is the object of this invention, such as briefly set forth above, implements an expansion box that processes the inverted blocks by a cyclic redundancy check.
According to a second aspect, this invention applies to a device for data transmission over a network, from a sending application to a receiving application, characterized in that it comprises:
Since the specific advantages, purposes and characteristics of this device are similar to those of the method, such as briefly set forth above, they are not repeated here.
Other specific advantages, purposes and characteristics of this invention will become apparent from the description that is going to follow, provided in an explanatory and in no way limitative intent, with reference to the attached drawings, in which:
On
AFDX interface 130 is in charge of further adding a protocol header 155, called “UDP/IP” to this applicative data item 150 and encapsulating the result in a frame 160 in accordance with the standard 802.3. This frame 160 is made up of a header 165, data made up of UDP/IP header 155 and applicative data item 150 and a cyclic redundancy check CRC 170. Header 165 is used to identify the sender and the addressee of the message, while CRC 170 makes it possible to verify the integrity of the frame.
At the time of reception of frame 160 by terminal 110, its AFDX interface 135 verifies the integrity of frame 160 by implementing CRC 170. After acceptance of frame 160, interface 135 uses protocol header 155 to extract applicative data item 150 which is transmitted to receiving application 125.
In the remainder of the description, in particular
In this embodiment, two types of technology are used: an AFDX network 315 and an “ARINC 429” bus 345. Terminal 305 sends the same message over the virtual link of AFDX network 315, and over “ARINC 429” bus 345. Receiving application 325 of terminal 310 receives the two messages and is able to compare them. If they are identical, receiving application 325 uses one of them, otherwise it destroys them.
This frame 460 is made up of 802.3 header 465, protocol UDP/IP header 455, coded applicative data item 450 and CRC 470. 802.3 header 465 is used to identify the sender and the addressee of the message, while CRC 470 makes it possible to verify the integrity of the frame.
In reception, terminal 410 receives this frame and its AFDX interface 435 verifies the integrity of the frame via CRC 470. After acceptance of the frame as honest, AFDX interface 435 uses protocol header 455 to extract coded applicative data item 450, and to transmit it to receiving application 425. Receiving application 425 implements its decoding function 445 to recover applicative data item 450 prior to use thereof.
Two embodiments as well as the associated codings are described in the following. In a first embodiment, illustrated on
In transmission, the CRC 540 function calculates the value of CRC (32 bits) 575 (see
In reception, the CRC 545 function recalculates CRC 575 and compares it with the CRC received in frame 560. If they are identical, the data item is said to be “honest” and CRC 575 is removed so as to obtain applicative data item 550.
CRC 575 is, as much as possible, different from CRC 802.3 which is based on the following generator polynomial:
x32+x26+x23+x22+x16+x12+x11+x10+x8+x7+x5+x4+x2+x+1
The choice of CRC 575 itself is based on a degree 32 polynomial, different from that of CRC 802.3 given above, but which guarantees a CRC code with Hamming distance of at least 6. The theory on corrective codes makes it possible to work out four CRC usable over the AFDX network and based on polynomials.
Thus, CRC 575 used has as specifications:
In the second embodiment, illustrated on
It is assumed that the switches of network 615 may perform as enemies. The integrity check at the applicative level must be independent, in the method sense, of the integrity check of the network. To this end, cryptographic techniques and, preferentially, message authentication codes (MAC) are implemented. In this way there is created an authentication block (the certificate) 675 (see
On transmission, data item m is transformed into a message M that is made up of a concatenation of data item 650 and certificate c=h(m) 675. Network 615 is unable to calculate the function h(m) because it does not know the secret key. Frame 660 illustrated on
Receiving terminal 610 performs the same calculation on data item 650 and compares the MAC obtained in this way with the MAC received. In the event of difference, the message is rejected. Otherwise, applicative data item 650 is used by receiving application 625. As a variant, in reception of message M, a decryption function extracts applicative data item m 650, knowing the secret key used. In this way the integrity of the received message is verified.
Two embodiment variants are detailed below. In the first, one is working with a 32-bit certificate and, in the second, with a 64-bit certificate, which has as an advantage, in comparison with the first, that:
In the first embodiment variant, the h function is made up of several tasks illustrated on
with t(x)=x8+x4+x3+x+1
The S-box representing this function may be implemented either by an algorithm, or by the use of a predefined table.
In the second embodiment variant, the h function is made up of several tasks illustrated on
Starting from the obtaining of this new value, instead of using only S-boxes, as in the first embodiment variant, an expansion box 820 “EXP” follows S-boxes 815. This expansion is obtained by a cyclic redundancy check CRC the non-linearities of which are maximal. In this way a CRC on 32 bits is obtained, which is shortened to obtain a code of 16-bit length.
Preferentially, these two boxes are merged and in this way there is obtained a single box that may be implemented either by an algorithm, or by the use of a predefined table.
In each of the embodiments, when an alteration of the applicative data item is detected, restoration thereof is undertaken. According to the embodiments, this restoration may be accomplished by a retransmission of the altered data item, from the sending application to the receiving application, after request from the latter, that is, by use of the cyclic redundancy checks common to the sending and receiving applications, when they are provided in order to allow correction of transmission errors.
It is seen that the implementation of two paths, as illustrated on
| Number | Date | Country | Kind |
|---|---|---|---|
| 08 54500 | Jul 2008 | FR | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/FR2009/000664 | 6/5/2009 | WO | 00 | 2/25/2011 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO2010/000965 | 1/7/2010 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 6047391 | Younis et al. | Apr 2000 | A |
| 6157635 | Wang et al. | Dec 2000 | A |
| 6894994 | Grob et al. | May 2005 | B1 |
| 6925088 | Moreaux | Aug 2005 | B1 |
| 7339901 | Saint Etienne et al. | Mar 2008 | B2 |
| 7362755 | Saint Etienne et al. | Apr 2008 | B2 |
| 7643993 | Heiman | Jan 2010 | B2 |
| 8352809 | Kabulepa et al. | Jan 2013 | B2 |
| 8432849 | Krishnasawamy et al. | Apr 2013 | B2 |
| 20050262351 | Levy | Nov 2005 | A1 |
| 20060171532 | Iketani et al. | Aug 2006 | A1 |
| 20070140259 | Mouffron et al. | Jun 2007 | A1 |
| 20080112561 | Kim et al. | May 2008 | A1 |
| 20080205416 | DeChiara | Aug 2008 | A1 |
| 20090003589 | Mathew et al. | Jan 2009 | A1 |
| 20090213848 | Jeon et al. | Aug 2009 | A1 |
| 20090259925 | Balasubramanian et al. | Oct 2009 | A1 |
| 20100131817 | Kong et al. | May 2010 | A1 |
| Number | Date | Country |
|---|---|---|
| 1 881 638 | Jan 2008 | EP |
| 2 864 387 | Jun 2005 | FR |
| Entry |
|---|
| International Search Report Issued Feb. 22, 2010 in PCT/FR09/000664 filed Jun. 5, 2009. |
| Number | Date | Country | |
|---|---|---|---|
| 20110162081 A1 | Jun 2011 | US |
