System Architecture Design

More documents

Recommendations

Info

pSHIELDSystem Architecture DesignAnti-replay protection should protect against denial of service attacks (20034).PUIPSecThere should be applicability of IPSec at network layer (20039).WS-SecurityThere should be applicability of Web Services security at Middleware layer (20045).Security AgentThe formulation and function of Security Agent encapsulates pSHIELD platform and scope. It is a modulethoroughly described throughout pSHIELD study (2302).Miscellaneous/Secure functionalitiesFunctionalities should be performed in a secure way: firmware upgrade, boot (01005, 01006).5.2 System Architecture Privacy RequirementsPrivacyData should be accessed only by authorized users (0303).Privacy at Power NodeThe FPGA engine should include a core logic that encrypts any sensitive data prior to transmitting itacross the network or storing it on the embedded storage. Also, in the privacy chain BIOS passwordprotection should be included (09009, 09010).Asymmetric cryptographyA node should have a HW implementation of asymmetric cryptography (01033).5.3 System Architecture Dependability RequirementsIntegrityThe system should be able to prevent improper alterations (20043).ESs integration/expansionIn case of addition of new ESs in the system, it should be possible to easily evaluate the impact of themodification on the overall system dependability (0305).Mechanism for failure mitigationThe pSHIELD system should provide robust mechanisms to mitigate the effects on the system of thefollowing logical threats: software failures, hardware failures, transmission failures (0307, 0308).Trusted and dependable connectivityThe pSHIELD system shall allow trusted and dependable connectivity (20014).Usability of ESs devicesMiddleware of the pSHIELD system should enable any embedded device to be usable from a pSHIELDapplication (20025).AvailabilityA pSHIELD node should be designed with mechanisms that improve system availability (e.g. middlewareservice discovery functionality should list node and network services) (01014, 0703).PUD2.3.2Issue 5 Page 64 of 122
pSHIELDSystem Architecture DesignPUSafetyNode design should comply with safety standards. Also, the node should have a safe state, in which theharmful consequences of a failure are minor (01016, 01020).Operational states of a nodeThey should be ACTIVE, LOW-POWER STANDBY and TEST (01021).Self test of nodesNodes of all types should be able to execute self test functionalities (01022, 09015, 06014).PowerNodes should present the following attributes regarding Power: uninterruptible supply, supply monitoring,supply fault tolerance, remote powering, protected supply (01023→01026, 09006).Fault toleranceReaction of nodes in case of a fault should include: fault identification, substitution of defective node, selfre-configuration (power node), error recovery, firmware redundancy and upgrade (09004, 09005, 09007,01027, 09008, 01029, 20046).Controlled failureA power node should fail in a controlled way, meaning that node failures are halting and signalled(01028).Miscellaneous/Reliable communicationsDependability requirements can be also reflected to a set of attributes concerning the establishment of atrustworthy network. These properties are more communication prerequisites than strict dependabilityrequirements and cover aspects like the following: system and network homogeneity/heterogeneity,gateway node, satellite positioning antenna, heterogeneous communication support, networkinteroperability, robust and reliable communication links, SPD transmission, protocol conversion, proxyrunning on a dedicated gateway, TPM, SNMP interface (20001, 20002, 20006, 20007, 20008, 20009,06001, 06002, 20013, 20023, 20024, 01041).PUD2.3.2Issue 5 Page 65 of 122
Page 1 and 2:
Project no: 100204pSHIELDpilot embe
Page 3 and 4:
Contents1 Executive Summary .......
Page 5 and 6:
FiguresFigure 1 - A generic embedde
Page 7 and 8:
Figure 45 - pSHIELD Security Agent
Page 9 and 10:
MGFMIPSMLNeLNFMRFPNMPNMPSNoLNVMOLOS
Page 11 and 12:
Issue 5Page xi
Page 13 and 14: pSHIELDSystem Architecture DesignPU
Page 19 and 20: pSHIELDSystem Architecture Design3.
Page 31 and 32: pSHIELDSystem Architecture Design
Page 39 and 40: pSHIELDSystem Architecture Design
Page 47 and 48: pSHIELDSystem Architecture Designen
Page 63: pSHIELDSystem Architecture DesignPU
Page 115 and 116:
pSHIELDSystem Architecture DesignPU
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
show all

System Architecture Design

Create successful ePaper yourself

Delete template?

Save as template?