CN109714366B - Bidirectional communication system and method between avionic network domain and information network domain - Google Patents
Bidirectional communication system and method between avionic network domain and information network domain Download PDFInfo
- Publication number
- CN109714366B CN109714366B CN201910135922.6A CN201910135922A CN109714366B CN 109714366 B CN109714366 B CN 109714366B CN 201910135922 A CN201910135922 A CN 201910135922A CN 109714366 B CN109714366 B CN 109714366B
- Authority
- CN
- China
- Prior art keywords
- access control
- communication
- avionic
- data message
- network access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a bidirectional communication system and method between an avionic network domain and an information network domain, which aims to effectively solve the problems of safety isolation and flow direction protection of bidirectional communication between the avionic network domain and the information network domain in an airborne environment. According to the invention, the avionics network access control unit, the information network access control unit and the communication control management unit are arranged in the network domain boundary control device of the airborne information network, the avionics network access control unit is provided with a module for communicating with high-security-level application, the information network access control unit is provided with a module for communicating with low-security-level application, and all the modules are operated in an isolated manner, so that the problems of security isolation and flow direction protection of bidirectional communication between the avionics network domain and the information network domain in an airborne environment can be effectively solved, and a solution is provided for bidirectional secure communication between the civil airborne information network and the avionics network.
Description
Technical Field
The invention relates to a two-way communication system and a method between an avionic network domain and an information network domain.
Background
In the field of aviation, the high-safety application of operation in an avionics system provides guarantee for the normal operation of the whole aircraft. In a traditional electronic system of an airplane, avionic data is transmitted in a closed airborne environment through an avionic network (such as an avionic full-duplex switched Ethernet), so that the avionic data is not attacked by external information security, and the security of the avionic data is ensured. With the large number of applications of information technology in civil avionics systems, in order to provide more and more convenient services to aircraft operators, aircraft designers introduced an ethernet-based on-board information service system, implementing diverse information services by hosting and running low-security-level applications.
The novel civil aircraft avionics system network domain is divided into a high-safety avionics network domain and a low-safety information network domain, applications with higher safety level (safety level A-C) reside in the avionics network domain and applications with lower safety level (safety level D-E) reside in the information network domain and operate the avionics network domain. To fulfill the service function requirements, a large amount of data needs to be exchanged in real time between the high security level application and the low security level application. Therefore, the avionic network domain faces network information security threats from the information network domain, and further has adverse effects on the security of the avionic network domain and the airplane operation security.
Disclosure of Invention
The invention provides a bidirectional communication system and method between an avionic network domain and an information network domain, which aims to effectively solve the problems of safety isolation and flow direction protection of bidirectional communication between the avionic network domain and the information network domain in an airborne environment.
The technical scheme of the invention is as follows:
the two-way communication system between the avionic network domain and the information network domain is characterized in that: the bidirectional communication system is arranged in a network domain boundary control device of an onboard information network and comprises the following unit modules:
avionics network access control unit: the system is in charge of communicating with the node hardware of the avionic network and communicating with the information network access control unit through the communication control management unit;
an information network access control unit: the system is in charge of communicating with the information network end node hardware and communicating with the avionic network access control unit through the communication control management unit;
a communication control management unit: and the system is responsible for communication control between the avionic network access control unit and the information network access control unit.
And the system further comprises an operation state monitoring unit which is used for monitoring the operation states of the avionic network access control unit and the information network access control unit and recording and storing logs.
The invention also provides a bidirectional communication method between the avionic network domain and the information network domain, which is characterized in that:
the data transmission process from the information network domain to the avionics network domain comprises the following steps:
1.1) the information network access control unit receives a data message sent by a low-security level application in an information network domain, checks whether the data message is credible according to an information network access control rule, sends a response message to the low-security level application if the data message is credible, and then goes to step 1.2); if the data message is not credible, discarding the data message and terminating the transmission process;
1.2) sending the credible data message to a communication control management unit through a communication pipeline;
1.3) the communication control management unit checks the compliance of a sender and a receiver of the received data message according to the avionic network access control rule, if the sender and the receiver are both compliant, the data message is sent to the avionic network access control unit through a communication pipeline, and the step 1.4 is carried out); if any party of the sender and the receiver is not qualified, discarding the data message and terminating the transmission process;
1.4) the avionic network access control unit checks the compliance of the received data message according to the avionic network communication rule, if the data message is compliant, the data message is encapsulated into an avionic network communication frame according to network configuration, and then the data message is sent to a high-security level application located in an avionic network domain; if the data message is not qualified, discarding the data message and terminating the transmission process;
the data transmission process from the avionics network domain to the information network domain comprises the following steps:
2.1) the avionic network access control unit receives an avionic network communication frame sent by a high-security-level application in an avionic network domain according to network configuration;
2.2) the avionic network access control unit unpacks the avionic network communication frames and sends the avionic network communication frames to the communication control management unit through a communication pipeline;
2.3) the communication control management unit checks the compliance of the sender and the receiver of the received data message according to the avionic network access control rule, if the sender and the receiver are both compliant, the data message is sent to the information network access control unit through a communication pipeline, and the step 2.4 is carried out); if any party of the sender and the receiver is not compliant, discarding the data message and terminating the transmission process;
and 2.4) the information network access control unit sends the avionics data received by the information network access control unit to a low-security-level application in the information network domain according to the rule.
Furthermore, in the process of data transmission between the avionics network domain and the information network domain, the running states of the avionics network access control unit and the information network access control unit are monitored in real time, and meanwhile, logs are recorded and saved.
Further, the information network access control rule in step 1.1) is composed of a sender IP address, a sender communication port number, a signature algorithm and an algorithm key.
Further, the avionic network access control rule in step 1.3) and step 2.3) is composed of a sender IP address, a sender data message name, a receiver avionic network address, a receiver communication port number, a message unique value and a message length.
Further, the avionic network communication rule in step 1.4) is composed of an avionic network hardware number, a communication type, a communication port number and a communication direction.
The invention has the advantages that:
1. according to the invention, the avionic network access control unit, the information network access control unit and the communication control management unit are arranged in the network domain boundary control device of the airborne information network, the avionic network access control unit is provided with a module for communicating with high-security-level application, the information network access control unit is provided with a module for communicating with low-security-level application, and all units (program modules) are operated in an isolated manner, so that the problems of security isolation and flow direction protection of bidirectional communication between the avionic network domain and the information network domain in an airborne environment can be effectively solved, and a solution is provided for bidirectional security communication between the civil airborne information network and the avionic network.
2. The invention realizes multistage safe fine-grained control by configuring an avionic network communication rule in the avionic network access control unit, configuring an information network access control rule in the information network access control unit and configuring an avionic network access control rule in the communication control management unit.
Drawings
FIG. 1 is a schematic diagram of the overall architecture of the present invention.
FIG. 2 is a data flow model of an information network domain to an avionics network domain according to the present invention.
FIG. 3 is a data flow model of an avionics network domain to an information network domain in accordance with the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
The invention realizes the two-way communication safety between the avionic network domain and the information network domain.
1. Framework assembly
The architecture composition of the invention is shown in fig. 1, and comprises the following unit modules arranged in the network domain boundary control device:
avionics network access control unit 101: is responsible for communicating with the avionic network end node hardware and with the information network access control unit 102 through the communication control management unit 103.
Information network access control unit 102: and is responsible for hardware communication with the information network end node and communication with the avionic network access control unit 101 through the communication control management unit 103.
Communication control management section 103: is responsible for communication control between the avionic network access control unit 101 and the information network access control unit 102.
The operating state monitoring unit 104: and monitoring the running states of the avionics network access control unit 101 and the information network access control unit 102, and recording and storing logs.
2. Data flow control model
The invention realizes the separation control of the communication flow direction by the flow direction control of the functional module isolation and the communication message, and the data flow model is shown in figure 2 and figure 3.
As shown in fig. 2, the data transmission process from the information network domain to the avionics network domain is as follows:
step 1: the low security level application in the information network domain sends a data message to the information network access control unit 102, the information network access control unit 102 checks whether the data message is credible according to the information network access control rule after receiving the data message, if the data message is credible, a response message is sent to the low security level application, and the step 2 is switched to; otherwise, the data message is discarded, and the transmission process is terminated. The information network access control rule consists of a sender IP address, a sender communication port number, a signature algorithm and an algorithm key.
Step 2: the information network access control unit 102 sends a data message to the communication control management unit 103 through a communication pipe.
And step 3: after receiving the data message, the communication control management unit 103 checks the compliance of the sender and the receiver of the data message according to the avionic network access control rule, if the sender and the receiver are both compliant, the data message is sent to the avionic network access control unit 101 through a communication pipeline, and the step 4 is carried out; otherwise, the message is discarded and the transmission process is terminated. The avionic network access control rule consists of a sender IP address, a sender data message name, a receiver avionic network address, a receiver communication port number, a message unique value and a message length.
And 4, step 4: after receiving the data message, the avionic network access control unit 101 checks the compliance of the data message according to the avionic network communication rules, and if the data message is compliant, the data message is encapsulated into an avionic network communication frame according to network configuration and then sent to a high-security-level application located in an avionic network domain through avionic network end-node hardware; otherwise, the data message is discarded. The avionics network communication rule comprises an avionics network hardware number, a communication type, a communication port number and a communication direction.
As shown in fig. 3, the transmission process from the avionics network domain to the information network domain is:
step 1: the high security level application located in the avionics network domain sends an avionics network communication frame over the avionics network to the avionics network access control unit 101 in the network domain border control.
Step 2: the avionics network access control unit 101 unpacks the avionics network communication frames and sends the avionics network communication frames to the communication control management unit 103 through a communication pipeline.
And step 3: after receiving the data message, the communication control management unit 103 checks the compliance of the sender and the receiver of the data message according to the avionic network access control rule, and if the sender and the receiver are both compliant, sends the data message to the information network access control unit 102 through a communication pipeline, and then goes to step 4; otherwise, the data message is discarded and the transmission process is terminated.
And 4, step 4: after receiving the data message, the information network access control unit 102 sends the data message to the low security level application located in the information network domain according to the information network access control rule.
In the process of transmitting data between the avionic network domain and the information network domain, the operation state monitoring unit 104 monitors the operation states of the avionic network access control unit 101 and the information network access control unit 102 in real time, records a fault log when detecting that operation has a fault, and restores the avionic network access control unit 101 and the information network access control unit 102 to a normal operation state; if 3 consecutive recoveries fail, the recovery operation is stopped and a fault log is recorded.
Claims (2)
1. The two-way communication method between the avionic network domain and the information network domain is characterized in that:
the data transmission process from the information network domain to the avionics network domain comprises the following steps:
1.1) an information network access control unit (102) receives a data message sent by a low-security level application in an information network domain, checks whether the data message is credible according to an information network access control rule, sends a response message to the low-security level application if the data message is credible, and then goes to step 1.2); if the data message is not credible, discarding the data message and terminating the transmission process;
1.2) sending the credible data message to a communication control management unit (103) through a communication pipeline;
1.3) the communication control management unit (103) checks the compliance of a sender and a receiver of the received data message according to the avionic network access control rule, and if the sender and the receiver are both compliant, the data message is sent to the avionic network access control unit (101) through a communication pipeline, and the step 1.4 is carried out; if any party of the sender and the receiver is not qualified, discarding the data message and terminating the transmission process;
1.4) the avionic network access control unit (101) checks the compliance of the received data message according to the avionic network communication rule, if the data message is compliant, the data message is encapsulated into an avionic network communication frame according to network configuration, and then the data message is sent to a high-security level application located in an avionic network domain; if the data message is not qualified, discarding the data message and terminating the transmission process;
the data transmission process from the avionics network domain to the information network domain comprises the following steps:
2.1) receiving an avionics network communication frame sent by a high-security-level application in an avionics network domain according to network configuration by an avionics network access control unit (101);
2.2) the avionic network access control unit (101) unpacks the avionic network communication frames and sends the avionic network communication frames to the communication control management unit (103) through a communication pipeline;
2.3) the communication control management unit (103) checks the compliance of the sender and the receiver of the received data message according to the avionic network access control rule, if the sender and the receiver are both compliant, the data message is sent to the information network access control unit (102) through a communication pipeline, and the step 2.4 is carried out; if any party of the sender and the receiver is not compliant, discarding the data message and terminating the transmission process;
2.4) the information network access control unit (102) sends the avionics data received by the information network access control unit to a low-security level application in an information network domain according to rules;
the information network access control rule in the step 1.1) consists of a sender IP address, a sender communication port number, a signature algorithm and an algorithm key;
the avionic network access control rule in the step 1.3) and the step 2.3) consists of a sender IP address, a sender data message name, a receiver avionic network address, a receiver communication port number, a message unique value and a message length;
the avionic network communication rule in the step 1.4) consists of an avionic network hardware number, a communication type, a communication port number and a communication direction.
2. The method of claim 1, wherein the method comprises: and in the process of transmitting data between the avionic network domain and the information network domain, monitoring the running states of the avionic network access control unit (101) and the information network access control unit (102) in real time, and recording and storing logs.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910135922.6A CN109714366B (en) | 2019-02-19 | 2019-02-19 | Bidirectional communication system and method between avionic network domain and information network domain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910135922.6A CN109714366B (en) | 2019-02-19 | 2019-02-19 | Bidirectional communication system and method between avionic network domain and information network domain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109714366A CN109714366A (en) | 2019-05-03 |
| CN109714366B true CN109714366B (en) | 2021-06-04 |
Family
ID=66264846
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910135922.6A Active CN109714366B (en) | 2019-02-19 | 2019-02-19 | Bidirectional communication system and method between avionic network domain and information network domain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109714366B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104601544A (en) * | 2014-12-05 | 2015-05-06 | 中国航空工业集团公司第六三一研究所 | Aviation data service communication method for airborne network service system |
| US9300645B1 (en) * | 2013-03-14 | 2016-03-29 | Ip Holdings, Inc. | Mobile IO input and output for smartphones, tablet, and wireless devices including touch screen, voice, pen, and gestures |
| CN107888599A (en) * | 2017-11-17 | 2018-04-06 | 中国航空工业集团公司西安航空计算技术研究所 | Intercommunication system and method between a kind of avionics height secure network domain |
| CN107920116A (en) * | 2017-11-17 | 2018-04-17 | 中国航空工业集团公司西安航空计算技术研究所 | A kind of onboard networks service data communications method of dynamic extending |
-
2019
- 2019-02-19 CN CN201910135922.6A patent/CN109714366B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9300645B1 (en) * | 2013-03-14 | 2016-03-29 | Ip Holdings, Inc. | Mobile IO input and output for smartphones, tablet, and wireless devices including touch screen, voice, pen, and gestures |
| CN104601544A (en) * | 2014-12-05 | 2015-05-06 | 中国航空工业集团公司第六三一研究所 | Aviation data service communication method for airborne network service system |
| CN107888599A (en) * | 2017-11-17 | 2018-04-06 | 中国航空工业集团公司西安航空计算技术研究所 | Intercommunication system and method between a kind of avionics height secure network domain |
| CN107920116A (en) * | 2017-11-17 | 2018-04-17 | 中国航空工业集团公司西安航空计算技术研究所 | A kind of onboard networks service data communications method of dynamic extending |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109714366A (en) | 2019-05-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107888599B (en) | Two-way communication system and method between high-low security network domains of avionics | |
| EP3244577A1 (en) | Broadband communication network architecture for train control and service common network, and communication method | |
| CN108881302B (en) | Industrial Ethernet and BLVDS bus interconnection communication device and industrial control system | |
| CN101764768A (en) | Data security transmission system | |
| EP3611899B1 (en) | A secure network system and method for automatic security response using one-way links | |
| US10966004B2 (en) | Hardware-enforced one-way information flow control device | |
| CN112468592A (en) | Terminal online state detection method and system based on electric power information acquisition | |
| CN109714366B (en) | Bidirectional communication system and method between avionic network domain and information network domain | |
| CN103051482B (en) | Based on a kind of port isolation of FC switch and the implementation method of recovery | |
| CN109831438B (en) | Two-way communication system and method between avionic network domain and information network domain based on virtualization | |
| CN113612762A (en) | Safe one-way data transmission device for industrial internet | |
| CN108551400B (en) | Portable fortune dimension fort machine system | |
| CN114615082B (en) | System and method for simulating TCP duplex safety communication by using forward and reverse gatekeepers | |
| CN112532603B (en) | Cross-domain file exchange leading-in device and method based on exchange authorization file | |
| CN106953778A (en) | A kind of long-distance management system | |
| RU186862U1 (en) | Subscriber network device with virtualized network functions | |
| CN107306248B (en) | Optical quantum switch and communication method thereof | |
| CN210112051U (en) | Multi-information-source communication management device based on security isolation network gate | |
| CN109547457B (en) | Network isolation system with 'micro-interaction' function | |
| CN111526124A (en) | Isolated communication system and method based on internal and external networks | |
| CN212009372U (en) | Industrial control data fusion acquisition system | |
| Manoj | Cyber Security | |
| CN102136935A (en) | Maintenance port and safety protection method thereof | |
| CN201893795U (en) | Video matrix remote monitoring management system based on simple network management protocol (SNMP) | |
| CN112083710A (en) | Vehicle-mounted network CAN bus node monitoring system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |