Dependability Analysis of the AFDX Frame Management Design

Abstract

Avionics Full Duplex Switched Ethernet (AFDX) is an implementation of the ARINC 664 specification, which defines the electrical and protocol specifications for data exchange between Computer Systems. AFDX implements extensions on standard Ethernet to achieve a deterministic and fault-tolerant network, which is demonstrated through its frame management design. AFDX, like other emerging time-critical Ethernet-based standards, has potential for use in other critical industries, such as nuclear power plants. This would provide an additional option by which industry players can leverage the speed and ubiquity of Ethernet, with the added benefit of services to support highest safety requirements. However, considering that the nuclear industry continues to be a prime target for advanced security threats, it is imperative to demonstrate what protection AFDX offers, as well as what additional attack surface it may introduce. For this paper, the basic taxonomy of dependable and secure computing is used to conduct a dependability analysis of the AFDX frame management design. An OMNeT++ model simulation of an AFDX network is used to demonstrate potential attacks. Considerations for solutions for a robust AFDX specification are proposed for future research.