pSHIELD<strong>System</strong> <strong>Architecture</strong> <strong>Design</strong>PU5 SPD Requirements<strong>Architecture</strong> is one of the structural characteristics of pSHIELD. The process for the definition of aconceptual formalized architectural framework demands as inputs a set of requirements, which are ofseveral types or simply express different system needs and priorities. We assign the term “<strong>System</strong>Requirements” in the collection concerning the overall design. This can be further decomposed inattributes independent of the application or reflecting the specific scenario needs. We aim at defining theSPD functionalities, which will be potentially possessed by a pSHIELD implementation, in order to serveits objective, being for example, the protection of asset and material in the railway transportation usecase. These requirements pave the way for the design and development of pSHIELD <strong>Architecture</strong>,synthesized by the four pSHIELD layers of node, network, middleware and overlay.Out of the broad list of D2.1, “<strong>System</strong> requirements and specifications”, we refer here to theserequirements, which relate, to a bigger or lesser extent, with the impact of specific SPD desired attributes,metrics and functionalities, in the formulation of the system architecture. Before that, an epigrammaticreminder of the three components comprising SPD concept and their meaning in the technologicalframework in pSHIELD follows.Security in the context of telecommunications and ESs is the resultant of three properties: confidentiality,integrity and availability. Their synthesis represents the discipline of protecting software and hardwareagainst attacks conducted by unauthorized interceptors.Apart from the apparent, colloquial meaning, Privacy, expanded respectively in communication theory, isthe seclusion or selective revelation of wire, oral or electronic communication while in transmission.Usually privacy is a notion broader than security. In pSHIELD, in expectation of an improved specificationof the term (probably through the application scenario use case), privacy can be a complementary andinterrelated term to security and more specifically, confidentiality.Even broader and multi-faceted is Dependability, a notion arriving in telecommunications from systemengineering and encompassing the reliability and trustworthiness of a system or network. As mentioned inD2.1, in pSHIELD, Dependability embraces the meaning of availability, reliability, safety, integrity andmaintainability.The description of each requirement is accompanied by the code with which it can be found (itself or a setof similar phrased ones) in D2.1. Either these requirements are tightly connected to architecturalcharacteristics or they imply features and functionalities dependent on the development of the architectureproposal.5.1 <strong>System</strong> <strong>Architecture</strong> Security RequirementsAvailabilityThe attribute concerns availability of information, node, network and system, for authorized users (0301,01003, 01014).IntegrityOf data (network layer), against unauthorized access, mechanisms based on hardware “hooks” andsecure key installation, protection of the TPM, integrity at node layer (0302, 06004, 01002, 01004, 01012,01015).PUD2.3.2Issue 5 Page 62 of 122
pSHIELD<strong>System</strong> <strong>Architecture</strong> <strong>Design</strong>PUCentral control unitThe system should have a central control unit and the respective monitoring applications should havereliable communication links between the peripheral nodes and this unit (20003, 06001).Confidentiality aware information deliveryIn the network layer, data confidentiality to protect and encrypt the transmitted information should besupported (06005, 20035).Audit functionalitiespSHIELD system should guarantee audit functionalities (06006).EncryptionpSHIELD system should guarantee encryption functionalities, TPM cryptographic protocols andimprovement, cryptography on node layer, encryption algorithms on network layer (06007, 01008, 01011,09002, 01031, 20036).Non-repudiationpSHIELD system should provide non-repudiation functionalities (06008).Access controlpSHIELD system should establish access control functionalities among users, assets and operations onsystem and node level (06009, 01003, 01030).Identification and authenticationThe pSHIELD system should guarantee identification and authentication functionalities, including nodeand network layers (06010, 01031, 20038).Tamper ResistanceThere should be anti-tampering functionalities for physical attacks on nodes (06012).TimestampsThe pSHIELD system should be able to provide reliable timestamps (06013).Trusted channelThe pSHIELD system should provide trusted channel for SPD functionalities (06015).Secure service discoveryMiddleware should support secure service discovery (20029).Management of security functionalitiesThere should be efficient management of the above listed security functionalities (06011).Network securityOn network layer, security protocols should be implemented, including the protection of IP or upper layerspayload and protocols (20031, 20032).Denial of servicePUD2.3.2Issue 5 Page 63 of 122