Time-Sensitive Networking (TSN) extends IEEE 802.1 Ethernet for safety-critical and real-time applications in several areas, e.g., automotive, aerospace or industrial automation. However, many of these systems also have stringent security requirements, and security attacks may impair safety. Given a TSN-based distributed architecture, a set of applications with tasks and messages, as well as a set of security and redundancy requirements, we are interested to synthesize a system configuration such that the real-time, safety and security requirements are upheld. We use the Timed Efficient Stream Loss-Tolerant Authentication (TESLA) low-resource multicast authentication protocol to guarantee the security requirements, and redundant disjunct message routes to tolerate link failures. We consider that tasks are dispatched using a static cyclic schedule table and that the messages use the time-sensitive traffic class in TSN, which relies on schedule tables (called Gate Control Lists, GCLs) in the network switches. A configuration consists of the schedule tables for tasks as well as the disjoint routes and GCLs for messages. We propose a Constraint Programming-based formulation which can be used to find an optimal solution with respect to our cost function. Additionally, we propose a Simulated Annealing based metaheuristic, which can find good solution for large test cases. We evaluate both approaches on several test cases.
翻译:具有时间敏感性的联网(TSN)扩展了IEEE 802.1 Ethernet,用于若干领域的安全和实时应用,例如汽车、航空航天或工业自动化,然而,其中许多系统也有严格的安全要求,安全攻击可能损害安全。鉴于基于STN的分布式结构,一套带有任务和信息的应用程序,以及一套安全和冗余要求,我们有兴趣综合一个系统配置,以便实时、安全和安保要求得到维持。我们使用时间高效流流失耐性低频多用途认证协议(TESLA)来保证安全要求,以及多余的断线信息路径来容忍连接失败。我们认为,任务是使用静态周期表发送的,而电文则使用具有时间敏感性的交通舱,而该系统依靠的是网络交换器中的时间表表(称为门控列表、GCLs),一个配置包括任务时间表表,以及找到互不连接的线路和电文的GCLs。我们建议一种基于压缩程序化选项的最佳解决方案,我们用这个模式来评估一个基于大规模测试案例。我们提出了一种基于模型的模型的解决方案,我们用一个测试案例来评估。
相关内容
微信扫码咨询专知VIP会员