1. Field of the Invention
This invention provides connectivity and power for different aircraft sub-systems varying in levels of criticality and intended purposes while using a single partitioned Airborne Local Area Network (ALAN).
2. Prior Art
Aircraft systems require different levels of critically as defined in DO-254/DO-178 based on the consequence of the system not meeting its intended functions. Typically each type of system is partitioned based on its criticality into individual physical networks. This type of aircraft system design provides for a robust and deterministic control of each level of critically. At same time sub-systems of the same criticality level are partitioned based on the intended functional purpose. Each network implementation requires unique hardware and wiring, which increases the weight, and cost of each of aircraft sub-system. This invention provides a means to meet the requirements of DO-254/DO-178 by partitioning a single physical network into robust and deterministic network domains that are functionally separate while using a single physical ALAN.
While DO-254/DO-178 define methods of compliance to meet aircraft certification requirements for systems and sub-system, they do not address network security aspect required by an ALAN when attached to a Wide Area Network (WAN). Due to the constant introduction of new means to infect networks thru software and hardware, it is highly unlikely that any WAN connection can rely on a pure OSI layer 3 implementation to provide the heightened level of security required by an aircraft ALAN. The same method of network control to meet DO-254/DO-178 can be extended to meet the security requirements based on deterministic non-modifiable means to restrict access to the aircraft systems. Usage of preprogrammed hardware that is not user modifiable provides a level of security that is unachieved thru any other means. Simultaneously, this preprogrammed hardware can do a package payload encryption on both insertion and extraction points of network to provide a means that no external network snooping is able to determine packet contents.
Unlike Avionics Full-Duplex Switched Ethernet (AFDX), used for flight critical applications today, this invention provides a deterministic means to make data available to each aircraft sub-system at all times, without the need to create specific aircraft sub-system bandwidth requirements. Further, AFDX is a one to many type of data datagram, while this invention provides a many to many datagram allowing network nodes to join multiple multicast sessions. The key different between the AFDX method of network control and this invention is how the clients are able to join sessions. In this invention network clients are preprogrammed, based on their hardware coding, to be able to join a specific LVAN, or LVANs in accordance with their predetermined functions.
This invention places Ethernet packets onto the network in a measured, spaced out in the time domain pseudo-randomly, thus greatly reducing the possibility of switch buffer over flows causing loss of data. Further, this invention supports functions on a non-interference basis. Furthermore, this invention has a deterministic means to place all non-required functionality into a low priority to assure that all required data functions sets are not dropped.