Devices (apparatuses) send/receive data each other through a communication network. Sending/receiving data through a communication network is generally implemented with various types of communication protocols in each layer of the OSI (Open System Interconnection) 7 Layer Model.
For example, an apparatus creates a TCP/UDP packet of a transport layer and then an IP (Internet Protocol) packet including the created packet of the transport layer to send/receive data to/from another apparatus through the Internet. Subsequently, the apparatus creates and then sends a packet of a data link layer including the IP packet to a wired or wireless transmission media through a physical layer (for example, a PHY chip). A receiving apparatus creates by reversing the order and then sends it to an application layer.
The OSI 7 Layer Model is processed generally by software because of its complicated architecture and various requirements in each layer. That is, apparatuses are equipped with a processor which extracts packets of the data link layer, (re) constructs the IP packet, and (re) constructs the TCP or UDP packet through the kernel program for processing the communication layer.
Layer packet processing by software enables an apparatus on one side to implement flexible layer packet processing and allows easy adaptation to various types or communication protocols and easy design change.
However, packet processing by software is exposed to various external attacks on communication. For example, it is essential that an apparatus may receive and process packets from external apparatuses through its equipped processor. Because hierarchical packet processing through layers is carried out by software, the concerned apparatus may fail to normally function due to various risks included in the packet. For example, the PC (Program Counter) of the processor may be changed by specific risk data included in the packet, causing processor to malfunction.
In addition, the apparatus may receive a plurality of packets sent from external random apparatuses. For example, a plurality of apparatuses may continue to send a plurality of packets to one target apparatus to make the target apparatus fail to normally function. The apparatus receiving the aforementioned packets has to process all of the packets continuously sent by software. This increases the load on the processor to make it fail to normally function.
On the contrary, an assumption is that the packets may be processed via hardware logic. As known from the registered patent which is filed and registered by the Applicant of the present invention (Registration No. 10-0530856, entitled “HIGH SPEED DATA PROCESSING COMMUNICATION METHOD AND APPARATUS FOR EMBEDDED SYSTEM,” published for registration on Nov. 23, 2005 at KIPO), a specific communication protocol in a specific layer in the OSI 7 Layer Model may be processed via a hardware logic.
Communication packet processing via hardware logic may reduce the load on the processor equipped in an apparatus, and does not need an additional configuration of OS (Operating System) for the communication layer in the processor. As described above, communication packet processing via hardware logic provides some useful features.
It is also necessary that communication packet processing via hardware logic is prepared against external attacks through a communication network. Although hardware logics in each layer process packets without control by a processor and construct TCP packets, it is essential that the processor processes higher application data of a concerned TCP packet. As described above, packet processing via hardware logic may also be exposed to external attacks, and TCP packet processing consumes power.
Therefore, there is a need for a communication chipset and an apparatus for filtering out packets not required to process by a processor to make them secure from external attacks and reduce power consumption even at processing communication packets via hardware logic.
In addition, the architecture of a packet processing module with hardware logic is generally complex and it is thus not easy to insert a new processing module in a specific layer. In particular, if a new processing module is inserted in a data link layer, it is not easy to construct settings between the processing module in a lower layer and the processing module in a higher layer to make a hierarchical communication connection to other apparatuses. For example, if there is a plurality of data link layer processing modules, it is never easy to determine which data link layer is used or adapted in the process of establishing a socket.
Therefore, if there is a plurality of processing modules in a specific layer, there is a need for a communication chipset and an apparatus for establishing a communication connection to other apparatuses by linking the processing module of a higher layer to a plurality of processing modules in this specific layer.