Avionics Secured Ethernet Switch
As the complexity of avionics systems has grown, for both flight-critical items and passenger entertainment, so has the need for increased bandwidth of on-board data buses. The desire for rapid deployment with minimal development and implementation costs, such as wiring, has driven the industry to explore existing off-the-shelf technologies.
Avionics Switched Ethernet is a data network for safety-critical applications that utilizes dedicated bandwidth while providing deterministic Quality of Service ( QoS). Avionics Switch is a specific implementation of ARINC Specification 664 Part7, a profiled version of IEEE 802.3 network per parts 1 & 2, which defines how commercial off-the-shelf networking components will be used for future generation of Aircraft Data Network (ADN). Avionics Secured Switch features include full duplex, redundancy, deterministic, high speed performance, switched and profiled network.
Ethernity Optimizes FPGA End System and Switch SoC for Avionics
Since Avionics Switch utilizes Ethernet protocol at MAC layer, it is possible to use high performance COTS switches with Layer 2 routing for testing purposes as a cost-cutting measure. However some features of a real Secured Avionics Switch may be missing including traffic policing (BAG), redundancy functions, frame format and optimized latency and jitter.
To support added technology and features on top pure Ethernet solution, Ethernity Networks has adapted its ENET Fabric Flow Processor to support the ARINC standard version, now ready for implementation by SW application.
With FPGA based solution customer can easily perform all the Avionics approvals, by examining the FPGA code. Various options of FPGAs for industrial, aerospace or military solution allow customers to choose FPGA relevant for the application.
Avionics Secured Switch adopted concepts (token bucket) from the telecom standard, to fix the shortcomings of IEEE 802.3 Ethernet. By adding key elements from Pseudowire over Ethernet (PWE) to those already found in Ethernet, and constraining the specification of various options, a highly reliable full-duplex deterministic network is created providing guaranteed bandwidth and quality of service. The use of full-duplex Ethernet eliminates the possibility of transmission collisions. However, though bandwidth and minimal end-to-end latency and jitter are guaranteed, there is no guarantee of packet delivery. A highly intelligent switch, common to Aircraft Data Network, is able to buffer transmission and reception packets. Twisted pairs or fiber optic cables serve for full-duplex Ethernet transmission and receiving data in two separate pairs or strands. Avionics Secured Switch extends standard Ethernet to provide high data integrity and deterministic timing. Further a redundant pair of networks is used to improve the system integrity.
The central feature of Avionics Switch Network are its Virtual Links (VL). It is possible to visualize VLs as an ARINC 429 style network each with one source and one or more destinations. Virtual Links are unidirectional logic paths from a source end-system to all destination end-systems. Unlike a traditional Ethernet switch that routes frames based on Ethernet destination or MAC address, Avionics Switch routes packets using Virtual Link IDs. Virtual Link ID is a 16-bit unsigned integer value that follows the constant 32-bit field. Avionics Switches are designed to route the incoming frame from one, and only one, End System to the predetermined set of End Systems. There can be one or more receiving End Systems connected within each Virtual Link. Each Virtual Link has allocated dedicated bandwidth [sum of all VL Bandwidth Allocation Gap (BAG) rates x MTU] with the total bandwidth defined by the system integrator. However the total bandwidth cannot exceed the maximal available bandwidth on the network. Bidirectional communications must therefore require the specification of a complimentary VL. Each VL is fixed in the specification to ensure that the network has the designed maximum traffic, hence determinism. Also the switch with a loaded VL configuration table can reject any erroneous data transmission that may otherwise swamp other branches of the network. Additionally, there can be sub-virtual links (sub-VLs) that are designed to carry less critical data. Sub-virtual links are assigned to a particular VL. Round Robin sequence is applied to VLs with data to transmit. Sub-virtual links do not provide guaranteed bandwidth or latency due to the buffering, however ARINC specifies that latency is measured from the traffic regulator function anyway.
Ethernity’s ENET provides the fragmentation inherent feature to enable transmission of shorter packets, which results in less overall latency and jitter. Hierarchical queuing and hierarchical shaping supports scheduling requirements of VLs.
BAG stands for Bandwidth Allocation Gap, this is one of the main features of the switch. This is the maximum rate data can be sent, and it is guaranteed to be sent at that interval. When setting the BAG rate for each VL, care must be taken so there will be enough bandwidth for other VL’s and the total speed cannot exceed 100Mbitps. Ethernity’s ENET now supports BAG rate feature. Maintaining data unit size is a part of ENET architecture, and the use of Metro Ethernet compliance policer is available on ENET.
Switching of Virtual Links
Every Avionics Switch has filtering, policing, and forwarding functions that should be able to process at least 4096 VLs. Therefore, in a network with multiple switches (cascaded star topology), the total number of VLs is nearly limitless. There is no specified limit to the number of Virtual Links that can be handled by each End System, although this will be determined by BAG rates and max frame size specified for each VL versus Ethernet data rate. However, the number of sub-VLs that may be created in a single Virtual Link is limited to four. The switch must also be non-blocking at data rates that are specified by the system integrator, and in practice this may mean that the switch shall have a switching capacity that is the sum of all of its physical ports.
End System (ES) may introduce jitter when transmitting frames for a given VL. This jitter is defined as the interval from the beginning of BAG to the first sent bit of the frame being transmitted at the VL’s maximal allocated bandwidth . This jitter may be introduced by the transmitting technology and traffic-shaping function. A given ES may have to transmit data for multiple VLs, so a frame from one VL can be delayed up to the maximal allowed jitter value to limit the instantaneous ES frame rate and thus accommodate frames from other VLs.
Jitter buffer functionality in ENET allows the user to gain end-to- end control of jitter in the entire ADN.
Although ARINC 664 Part 7 does not specify a maximal system latency, any supplier is required to specify the upper limit of latency for any system delivered. The specification does set down limits for some aspects of system latency. To reduce latency ENET can employ its Fragmentation option that reduces latency between packet in scheduling scenario.
The destination and source addresses lists contain MAC addresses for the End Systems. Actual IP address information is contained in the IP structure block. The UDP structure identifies an appropriate application port. The payload ranges from 1 to 1471 bytes.
Payload sizes less than 17 bytes must be padded to maintain a minimum length of 17 bytes.
An aircraft data network is constructed so there are two independent paths (including MACs, PHYs, and cabling) between each ES, as well as redundant switches to protect the network from a failure at the MAC level or below. The default mode is to transmit the same frame (with identical frame sequence numbers) across both networks. The receiving ES then accepts the first valid frame and passes it to the application. Once a valid frame is received, any other frame with the same sequence number is discarded. The redundancy option must be configurable—frames for a given VL may be sent along either or both of the networks.