1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

Slides:



Advertisements
Similar presentations
WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Advertisements

Computer networks Fundamentals of Information Technology Session 6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
Module 5: Configuring Access for Remote Clients and Networks.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Lesson 1: Configuring Network Load Balancing
ESA UNCLASSIFIED – For Official Use Deterministic Communication with SpaceWire Martin Suess CCSDS Spring Meeting /03/2015.
Computer Networks IGCSE ICT Section 4.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Network Simulation Internet Technologies and Applications.
Virtual Private Network
Networking Components Chad Benedict – LTEC
Chapter 11: Dial-Up Connectivity in Remote Access Designs
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
Authentication Approaches over Internet Jia Li
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Chapter 7: Using Windows Servers to Share Information.
Slide 1 What is a Computer Network? A computer network is a linked set of computer systems capable of sharing computer power and resources such as printers,
Chapter 9: Novell NetWare
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Chapter 13 – Network Security
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
Enabling Embedded Systems to access Internet Resources.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Chris Taylor TEC-EDS 1 SOIS Prototyping Activities CCSDS SOIS Berlin 2008 C. Taylor ESA- ESTEC.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
Basic Network Gear Created by Alex Schatz. Hub A hub is a very basic internetworking device. Hubs connect multiple machines together and allow them to.
C3 confidentiality classificationIntegrated M2M Terminals Introduction Vodafone MachineLink 3G v1.0 1 Vodafone MachineLink 3G VPN functionality Feature.
SpaceWire Plug-and-Play: A Roadmap Peter Mendham, Albert Ferrer Florit, Steve Parkes Space Technology Centre, University of Dundee 1.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
1 Virtual Private Network (VPN) Course: COSC513 Instructor: Professor M. Anvari Student: Xinguang Wang.
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Cisco S3C3 Virtual LANS. Why VLANs? You can define groupings of workstations even if separated by switches and on different LAN segments –They are one.
Chapter 3 - VLANs. VLANs Logical grouping of devices or users Configuration done at switch via software Not standardized – proprietary software from vendor.
NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.
Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.
Unit 9: Distributing Computing & Networking Kaplan University 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Communicating over the Network Network Fundamentals – Chapter 2.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.
Securing Access to Data Using IPsec Josh Jones Cosc352.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
The Concept of Universal Service
Chapter 7: Using Windows Servers
Deterministic Communication with SpaceWire
CONNECTING TO THE INTERNET
Securing the Network Perimeter with ISA 2004
Chapter 5: Inter-VLAN Routing
Chapter 3: Windows7 Part 4.
Unit 27: Network Operating Systems
IS4680 Security Auditing for Compliance
Protocol Application TCP/IP Layer Model
Network programming Lecture 1 Prepared by: Dr. Osama Mokhtar.
Presentation transcript:

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University of Dundee Raffaele Vitulli ESA, ESTEC

2 Introduction  Spacecraft Integration  The SpaceWire Internet Tunnel  Technical Difficulties and Overcoming Them  The SpaceWire Internet Tunnel Server  The TopNet Pilot Study  Advantages of the Tunnel  Summary and Conclusions

Spacecraft Integration 3

Normal Integration Procedures  Integration Testing performed late in development process –Problems expensive to correct  Problem of geographical separation  Importance of interface specifications  Advantages of standard interfaces –SpaceWire  Problems still possible at higher layers –Application level 4

Virtual Spacecraft Integration  Remote sub-systems connected using the Internet  Integration testing can be performed without bringing components to one physical location  Reduces travel  Problems can be identified in interface specifications and implementations  Integration can be performed earlier in the development process 5

The SpaceWire Internet Tunnel 6

SpaceWire Internet Tunnel  Developed by the University of Dundee under ESA contract  Now a commercial product available from STAR-Dundee  A Tunnel replaces a SpaceWire link with a connection over a network –Such as the Internet  Hardware and software solution  Protocol Analysis software also provided –Monitor the Tunnelled traffic 7

Example Network with Two Sub-Systems 8 Mass Memory Unit Processor Router Camera Instrument 1 Camera Instrument 2 Router SpaceWire Sub-System 1 SpaceWire Sub-System 2

Example Network with Tunnel 9 Internet Mass Memory Unit Processor Router Camera Instrument 1 Camera Instrument 2 Router SpaceWire Sub-System 1 SpaceWire Sub-System 2 SpaceWire IP-Tunnel PC running SpaceWire IP Tunnel Software SpaceWire IP-Tunnel PC running SpaceWire IP Tunnel Software

SpaceWire Internet Tunnel  Transparently replaces a SpaceWire link  Traffic entering the Tunnel will exit in the same order –A time-code will be between the same two data characters  Link start and disconnect are also represented  Only difference is in bandwidth and latency –Limitations of Internet 10

SpaceWire Internet Tunnel Hardware  Connects to a PC using USB  Provides two SpaceWire links –Can create two Tunnels per device 11

SpaceWire Internet Tunnel Software  Runs on Windows and Linux –Java software so doesn’t need recompiled for each platform –Dependant on hardware drivers  Secure connection used to ensure traffic cannot be viewed or modified –A password can also be specified for each Tunnel  Mechanisms provided to cope with bandwidth and latency limitations of the Internet –To avoid timeouts at routers 12

SpaceWire Protocol Analyser Software  Protocol Analysis software built in to the SpaceWire Tunnel Software  Allows traffic crossing the Tunnel to be monitored and recorded  Traffic statistics can be viewed in real time  Higher Layer Protocol Plug-Ins can be added –Allows the properties of any protocol to be monitored and recorded –RMAP packets or an application specific protocol –Can be written by users –Loaded at run-time 13

SpaceWire Internet Tunnel Software 14

Technical Difficulties and Overcoming Them 15

Potential Limitations Identified  Issues relating to bandwidth and latency restrictions of the Internet  Security concerns related to sending data across the Internet  Problems establishing connections over the Internet 16

Bandwidth and Latency Restrictions  Gaps in packets can cause SpaceWire routers to timeout  Mechanisms provided in Tunnel to avoid these timeouts –Present in both the Tunnel entrance and exit  Still some systems where a Tunnel is not appropriate –Packets expected within a restricted time period –High bandwidth 17

Security Concerns  All traffic sent using Transport Layer Security (TLS)‏ –Same mechanism used by secure websites –All traffic encrypted –Cannot be viewed or modified  Password used to ensure the other end is who they claim to be –Also sent encrypted using TLS 18

Problems Establishing Connections  Proxy server issues  Firewall restrictions  Client-server limitations –Firewall restrictions need to be relaxed at the server side of a Tunnel connection  Support for proxy servers added to software  Software allows any TCP port to be used –Using the port assigned for TLS web traffic can get Tunnel traffic through intelligent firewalls  Tunnel Server Software developed… 19

The SpaceWire Internet Tunnel Server 20

SpaceWire Tunnel Server  Internet communication uses a client-server model  This requires one end to act as a server –Normally requires special firewall permissions –Many organisations will not allow this  Some users can only act as the client in a Tunnel connection –Can only connect to users in organisations which have the necessary firewall permissions to act as the server 21

SpaceWire Tunnel Server  Allows two PCs running the SpaceWire Internet Tunnel Software to connect  Neither PC must act as a server –Both are clients  Routes data from one client to the other  Avoids firewall restrictions –Any PC can operate as a client –Only the Tunnel Server PC has to have special firewall permissions  Makes testing of multiple sub-systems simpler –Users do not have to know the address of each client they are connecting to, only the server’s address 22

SpaceWire Tunnel Server  Capable of managing multiple client pairs  A single Tunnel Server could manage connections from multiple organisations  Alternatively an organisation could run their own Tunnel Server to manage all their connections 23

SpaceWire Tunnel Server  Restrictions can be applied to connecting clients based on –IP address –TCP port –Password  Uses same secure connections as SpaceWire Tunnel Software (TLS)‏  Completely transparent to the clients running the Tunnel Software –Has no effect on the mechanisms used to cope with bandwidth and latency restrictions 24

SpaceWire Tunnel Server Software  Runs on all platforms which support Java –Java software so doesn’t need recompiled for each platform –Doesn’t use any hardware, so not dependant on hardware drivers  Distributed with the Tunnel software and hardware 25

The TopNet Pilot Study 26

TopNet Pilot Study  ESA pilot study to investigate benefits and limitations of virtual spacecraft integration and the SpaceWire Internet Tunnel  A number of organisations in several countries involved  Performed experiments, integrated components virtually using the Tunnel  Reported back on their results and experiences 27

TopNet Pilot Study  Summary of findings: –Virtual spacecraft integration and the SpaceWire Internet Tunnel can be very useful for integration testing –Still improvements that can be made  Feedback from pilot contractors has lead to improvements to the Tunnel software and hardware –Some improvements made during study –Others have been made following final presentations 28

Advantages of the Tunnel 29

Advantages of Virtual Spacecraft Integration  Earlier integration –Identify and correct problems earlier –Saves time and money as easier to correct problems identified at an earlier stage  Less travel –With associated financial and environmental savings  Improved flexibility –Integration testing can be performed at any time –Sub-systems can easily be replaced by simulations  Improved cooperation –Allows multiple organisations (or a single organisation with multiple sites) to work on the same system 30

Potential Limitations of Virtual Spacecraft Integration  Potential limitations identified earlier: –Bandwidth and latency restrictions of the Internet –Security concerns –Connection establishment problems 31

Advantages of the SpaceWire Tunnel  Provides all the benefits of virtual spacecraft integration  Addresses most of the limitations 32

Features of the SpaceWire Tunnel  Bandwidth and Latency Restrictions –Software provides mechanisms to cope with poorer and varying bandwidth and latency –But still some SpaceWire systems where the Tunnel is not suitable  E.g. a camera which expects to continually send images at a high rate and expects the SpaceWire link to never be blocked –Pilot users found that it was often possible to perform limited integration testing for such systems –Some suggested the addition of specific software and hardware modes to a system under test to allow virtual integration testing  E.g. with relaxed timing requirements 33

Features of the SpaceWire Tunnel  Security –All traffic sent over a Tunnel is encrypted using TLS/SSL –A password for the Tunnel can be specified –A password can also be specified for the Tunnel Server  Connection Establishment Issues –Software allows any TCP port to be used  Using an appropriate port, a firewall will see the traffic as no different to a secure web page –Use of a Tunnel Server avoids the client-server limitations on the end users 34

Features of the SpaceWire Tunnel  Other issues from the Pilot Study –Many improvements suggested to the Protocol Analysis software  Highlighted the importance of analysis tools when performing integration testing  Additional advantages identified –Virtual integration testing can take a fraction of the time of full integration testing –Not necessary to transport EGSE to an integration site –Some users now use the Protocol Analyser software to monitor SpaceWire traffic  Without actually Tunnelling 35

Summary and Conclusions 36

 Tunnel has been successfully demonstrated across Europe  The benefits of virtual spacecraft integration and the SpaceWire Internet Tunnel are clear  Recent improvements to the SpaceWire Tunnel and the addition of the SpaceWire Tunnel Server increase these benefits  Feedback from Pilot activity –Validated concept and implementation –Allowed improvements to be made 37

Summary and Conclusions  TopNet Pilot Study has shown that virtual spacecraft integration can be used in real projects  Although physical integration testing is still essential, virtual integration testing can be an important and beneficial stage in future projects 38

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.