Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bruno Saba DCT/TV/IN 26/04/2010

Published byAndra Gaines Modified over 6 years ago

Similar presentations

Presentation on theme: "Bruno Saba DCT/TV/IN 26/04/2010"— Presentation transcript:

1 Bruno Saba DCT/TV/IN 26/04/2010
Space Data Link Secure Protocol Interoperability Testing Interfaces Definition Proposal Bruno Saba DCT/TV/IN 26/04/2010

2 Interfaces between two distant simulators
Data Interfaces Connecting one or more « useful » data stream TC or Forward link(s) TM or Return link(s) Control Interfaces Used for exchange of data relative to the simulators’ management « Synchronisation » data Simulation starting time Others Simulator results Files for comparison SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

3 CNES’ Proposals 1st step of Interoperability Testing
Main goal : KEEP IT SIMPLE ! The objective is to validate the protocol, not to build a complex network system Use UDP/IP for data streams TC or Forward Link TM or Return Link UDP/IP is a well defined and well known protocol No need for special hardware or software Easy to implement No flow control, some packets can be lost (like in the « real life » of the protocol) Can be used on-line between two distant simulators, or off-line on localhost Already used in CNES’ simulator SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

4 CNES’ Proposals 1st step of Interoperability Testing (cont’d)
On-line or Off-line simulations On-line : direct communication via UDP/IP Off-line : exchange of files Use s or telephone for control data Simulations Starting time / Ending time scheduled by s File exchange by Transfer of data files for comparison purposes Transfer of simulation results Use of phone if needed… Use of TCP/IP for synchronisation purposes only on the 2nd step, only if needed SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

5 What do we need to agree on ?
Interfaces between simulators (easy…) UDP/IP for data s or phone for control First implementation of the SDLS protocol ! (not so easy…) SDLS protocol baseline Secure services (authentication, encryption, authenticated encryption) Algorithm(s) and modes of operation Security Association / Security Context convergence… DONE Position of Security Layer (TC Link) DONE Security header definition DONE Security header position DONE SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

6 First implementation of the SDLS protocol
Services provided Clear mode Authentication only (AO) (TC,TM) Authenticated Encryption (AE) (TC,TM) Encryption Only (EO) (TM Only) No switching management between services Algorithms and modes of operation (same algorithms for TC and TM) AES GMAC (for AO) AES GCM (for AE) AES CTR (for EO) No special Key Management Exchange of Keys between two simulators before simulation session No Security Association Dynamic Management Agreement on the content of the SA to be used before simulation SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

7 First implementation of the SDLS protocol
TC link (or Forward link) Transmission of the complete CLTU ? Including Start Sequence (EB90) and Tail Sequence This would allow future testing of hardware implementation of the protocol COP-1 Implementation ? May be useful to see possible interaction between COP-1 and SDLSP… Position of Security Header Just after the Transfer Frame Primary Header (as defined in W1 Nov 2009) SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

8 First implementation of the SDLS protocol
TC link (cont’d) Security Header Definition Sequence Number : not needed, Initialization Vector and Authentication service providing anti-replay protection Initialization Vector : 4 Bytes Key Index : not needed for TC link PAD length : not needed Security Header total length : 6 Bytes Trailer (Message Authentication Code) length : 16 Bytes SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

9 First implementation of the SDLS protocol
TC link (cont’d) Security Association Definition Each Security Association must contain Global MAPID(s) to which it is assigned Service provided (Clear, AO, AE) Key Initialisation Vector Management 4 byte counter Generated by the ground segment On-board control mecanism : new received IV must be greater than the previous one Guarantees IV uniqueness Also provides anti-replay service SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

10 First implementation of the SDLS protocol
TM link (or Return link) Transmission of the complete CADU ? Including Start Sequence (1ACFFC1D) and Tail Sequence This would allow future testing of hardware implementation of the protocol Position of Security Header Just after Frame Secondary Header (if present) (as defined in W1 Nov 2009) SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

11 First implementation of the SDLS protocol
TM link (cont’d) Security Header Definition Sequence Number : Not needed if Encryption Only mode is not used, Initialization Vector and Authentication service providing anti-replay protection When using EO mode, counter on IV provides anti replay protection Initialization Vector : 6 Bytes ? Key Index : 2 Bytes PAD length : not needed Security Header total length : 10 Bytes Message Authentication Code (trailer) : 16 Bytes SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

12 First implementation of the SDLS protocol
TM link (cont’d) Security Association Definition Each Security Association must contain Global Virtual Channel(s) to which it is assigned Service provided (Clear, AO, AE, EO) Key set (key selection by key index) Initialisation Vector Management 6 byte counter Generated on-board On-board generation guarantees no regression : new IV sent is greater than the previous one (+1) Guarantees IV uniqueness Also provides anti-replay service SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

13 Conclusion Development of the simulators can start as soon as everybody agrees on the first implementation of the SDLS Protocol Interoperability Testing would then begin step by step TM Link TC Link (no COP-1) TM Link and TC Link TM Link and TC Link with COP-1 SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

14 Thank you for your attention
SDLS - Interoperability Testing - Interfaces Definition Proposal CNES B. Saba

Download ppt "Bruno Saba DCT/TV/IN 26/04/2010"

Similar presentations

Why to learn OSI reference Model? The answer is too simple that It tells us that how communication takes place between computers on internet but how??

Why to learn OSI reference Model? The answer is too simple that It tells us that how communication takes place between computers on internet but how??
CCNA – Network Fundamentals

CCNA – Network Fundamentals
Space Data Link Security Protocol Compatibility with other standards Bruno Saba DCT/TV/IN 26/10/2010.

Space Data Link Security Protocol Compatibility with other standards Bruno Saba DCT/TV/IN 26/10/2010.
A General Purpose CCSDS Link layer Protocol Next Generation Data Link Protocol (NGDLP) Ed Greenberg Greg Kazz 10/17/2012 1.

A General Purpose CCSDS Link layer Protocol Next Generation Data Link Protocol (NGDLP) Ed Greenberg Greg Kazz 10/17/
Chapter 2 Network Models.

Chapter 2 Network Models.
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
Chapter 2 Network Models.

Chapter 2 Network Models.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Presentation on Osi & TCP/IP MODEL

Presentation on Osi & TCP/IP MODEL
Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.

Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.

Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.
1 Network Layer Security: Run over non-IP Protocol? Howie Weiss (NASA/JPL/Parsons) San Antonio, TX October 2013.

1 Network Layer Security: Run over non-IP Protocol? Howie Weiss (NASA/JPL/Parsons) San Antonio, TX October 2013.
Network Protocol Hierarchies

Network Protocol Hierarchies
Security Association / Security Context Bruno Saba DCT/TV/IN 03/05/2010.

Security Association / Security Context Bruno Saba DCT/TV/IN 03/05/2010.
TCP/IP Protocols Contains Five Layers

TCP/IP Protocols Contains Five Layers
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
1 Kyung Hee University Chapter 2 Network Models. 2 Kyung Hee University 2.1 LAYERED TASKS We use the concept of layers in our daily life. As an example,

1 Kyung Hee University Chapter 2 Network Models. 2 Kyung Hee University 2.1 LAYERED TASKS We use the concept of layers in our daily life. As an example,
March 7, 2008Security Proposal 1 CCSDS Link Security Proposal Ed Greenberg Greg Kazz Howard Weiss March 7, 2008.

March 7, 2008Security Proposal 1 CCSDS Link Security Proposal Ed Greenberg Greg Kazz Howard Weiss March 7, 2008.
CCSDS march 2008 meeting – Crystal City 1 TC/TM space links security SEA / SLS cross area meeting.

CCSDS march 2008 meeting – Crystal City 1 TC/TM space links security SEA / SLS cross area meeting.

Similar presentations

Ads by Google