xNET

xNET is an embedded middleware designed specifically to meet the requirements of the Software Defined Vehicle Electronic Architecture requirements.

The xNET middleware adopts a bottom-up design approach to create a modular high-performance and low-latency distributed computing architecture with integrated safety and security.

Key Design Characteristics

The xNET architecture leverages and builds upon mainstream and upcoming communication and security technologies and protocols such as:

  • IPv6, IPsec, and Software Defined Networks (SDN)
  • PKI Certificates
  • environment-adaptable standardised and accredited encryption ciphers (AES, SPECK, etc)
  • abstraction and modularity design concepts (Data and System Modelling)
  • security management components (centralised & decentralised key management modules)
  • information and entity management and validation (certificate and blockchain based)
  • remote system access components for management, monitoring, and upgrading
  • application end-to-end source validation and information assurance
  • multi-path, self-reconfiguration, and self-healing technologies for enhanced resilience

Architecture Design

The xNET architecture defines and standardises how an embedded system communication architecture is designed, which protocols are used, how they are configured, and how they are used by the system applications. All these guidelines ensure the system maintains a high-quality level of operational security, safety, and resilience.

The following technologies have been considered for evaluation and integration:

  • OSI Layers 1 & 2: Ethernet, SDN
  • OSI Layers 3 & 4: IPv4/IPv6, TCP/IP, IPsec
  • OSI Layers 5 & 6: PKI, PKCS, Object-based Data Models
  • OSI Layer 7: Node watchdogs, cryptographic data guards, security monitoring modules, dynamic network/node reconfiguration and multi-path management agents

The technologies in layers 1 to 6 are primarily passive and facilitate the overall sub-system, intra-network, and remote intercommunication. The layer 7 technologies have a more active role within a device and the system as whole, operating within, along-side, and independently of the user applications handling tasks necessary to achieve the xNET concept requirements.

Security

A high level of security is achieved through the use of fully standardised and encrypted network communication (Layers 1-6) with certificate-based authentication, ephemeral or static shared keys, and low-level network monitoring. Layer 7 components provide additional security monitoring and control services, suitable for both local and remote management of encryption and authentication configurations.

Safety & Resilience

The baseline of a security and authenticated communication system enables the consideration of high-level mechanisms to provide resilient and safe inter-application communication, making it possible to use the xNET architecture in safety-related and possibly safety-critical systems. Traditional safety-critical communication via very expensive safety-critical networks could be replaced by non-safety-critical networks with much higher bandwidth, functionality, and supply & support chain. This would make the xNET architecture suitable for advanced automotive, industrial, and military applications (active protection systems, fire-control, autonomous mobility), while being cost-effective enough to be used for secondary non-safety-critical sub-systems communication and increase security and resilience throughout the system architecture.

Developed & Integrated Components

  • Object Oriented Data Model
    • Integrated code-base
    • Integrated data integrity and run-time code coverage validation
    • Integrated operation validation
    • Integrated BIT
    • Integrated data conversions
    • Integrated transparent encryption (communication, storage)
    • Modular Safety Cases friendly
  • Distributed code execution (C++, Python)
  • Distributed database/file-system
  • Asynchronous connectionless low-level communication with automatic delivery assurance and retransmissions
  • PKI Certificate based Node/Resource access authentication


Updated 2024/06/15