4 Routers in the ATN Air-to-ground sub-network (radio) Ground sub-network (wide-area network) A/G ATN Router End System (CPDLC etc) Console G/G ATN Router CM Air Traffic Control Facility G/G ATN Router Console Airline AOC ES Aircraft End System Airborne ATN Router Operational Application ATN Routers perform data relay and routing functions for ATN CLNP data packets.
5 ATN Router functions: Data Relay ES #2 (e.g. AMHS) APAC ATN Backbone Network State A Backbone BIS #2 State C Backbone BIS #4 State B Backbone BIS #3 ES #1 (e.g. AMHS) ATS Facility BIS #1 ATS Facility BIS #5 ATN routers relay data packets towards their destinations. The path across the network is determined according to least hops, ATSC class etc. Least hops route: ES#1BIS#1 BIS#2BIS#3BIS#5ES#2
6 ATN Router functions: Multiple A/G sub-networks Airline Operations Centre Ground ATN VDL3 GES AMSS Radio A/G Router G/G Router ATCC app. (e.g. CPDLC) VDL2 ATS via VDL-3 AOC via VDL-2
7 ATN Router functions: Dynamic Routeing Using dynamic routeing, routers can automatically detect damaged network elements and re-route traffic. e.g. due to failure of link between BIS#2 and BIS#3, traffic from ES#1 to ES#2 re-routed via BIS#4. ES #2 (e.g. AMHS) APAC ATN Backbone Network State A Backbone BIS #2 State C Backbone BIS #4 State B Backbone BIS #3 ES #1 (e.g. AMHS) ATS Facility BIS #1 ATS Facility BIS #5
8 ATN Router functions: Priority Handling Radio A/G Router AOC D-ATIS ADS, CPDLC Multiple applications compete for the narrow pipe to the aircraft. ATN routers handle CLNP NPDUs according to priority when contention for resources or congestion are occurring: –Lower transit delay for higher priority messages –Lower probability of higher priority messages being dropped ATIS AOC CPDLC ATIS AOC CPDLC Normally the router forwards each packet down a link in the order in which it arrives. If a link is congested, CLNP NPDUs will start queueing up waiting to be sent,. CLNP NPDUs can be re-ordered if the link is congested depending on their priority. Normally the router forwards each packet down a link in the order in which it arrives. If a link is congested, CLNP NPDUs will start queueing up waiting to be sent,. CLNP NPDUs can be re-ordered if the link is congested depending on their priority.
9 ATN Router: Protocols Domain #B ATN Router (BIS) ES ATN Router (BIS) ES ATN or IS Router ES IDRP ES-IS IS-IS Domain #A The ATN is based on ISO Open System Interconnect (OSI) protocols. Protocols: -Network layer protocol: CLNP -Routeing protocols: - ES-IS: between End Systems and routers - IS-IS: within a routeing domain - IDRP: between routeing domains Protocols: -Network layer protocol: CLNP -Routeing protocols: - ES-IS: between End Systems and routers - IS-IS: within a routeing domain - IDRP: between routeing domains ATN router functions are defined in ICAO Doc 9735-AN/956 sub-volume V. Ground/Ground (Class 4) and Air/Ground (Class 5) ATN routers must implement the IDRP routeing protocol. All Class 4 and Class 5 routers are Boundary Intermediate Systems (BIS).
10 Addressing within the ATN Addresses are hierarchical, based on nested address domains. All addresses within a domain have the same address prefix. IS O IC D Internati onal Authority Routing Domain Identifier (RDI) Area Identifier System Identifier Selector (1 Octet) Area Address (11 octets)System Identifier (6 octets) ATN NSAP/NET Address 47 002781 81 524A 00 010101 Common Fixed ATSC domain ICAO Asia region Japan 0302 000000000000 System ID 00 00 (router) or 01 (end system) e.g. JCAB ATN router NET ATN Domain 470027+ Fixed ATSC 470027+81 Mobile ATSC 470027+C1 Mobile AINSC 470027+41 Fixed AINSC 470027+01 Asia Japan China NAM USA
11 Addressing and its relationship to routeing Hierarchical addressing and domains greatly simplify routeing: –Reduces routeing information exchanged by allowing routers to advertise aggregate prefixes rather than lists of addresses. –The router only has to inspect the prefix of a CLNP packets address to determine where to send it. Thailand Japan Singapore I can reach Japan I can reach Singapore & Thailand I can reach Thailand I can reach Singapore and Japan IDRP update PDU contents = I can reach = address prefix
12 ATN Router Functions: Sub-network interface CLNP LLC Type 1 MAC CSMA/CD ES ATN Router LLC Type 1 MAC CSMA/CD X.25 VC) Routing Protocols ES-IS,IS-IS,IDRP CLNP Routing Protocols ES-IS, IS-IS,IDRP CLNP LLC Type 1 MAC CSMA/CD X.25 VC) ATN Router AP/ULCS CLNP LLC Type 1 MAC CSMA/CD ES LAN (Ethernet)WAN AP/ULCS LAN X.25 circuit or PSN LAN (Ethernet)
13 2. ATN Deployment in the Asia/Pacific Region
14 The APAC Regional ATN Ground Network Source Fifth ATN Transition Task Force Meeting – WP19 2003.6
15 Use of APAC ATN Network for Air-Ground ATN A/G BIS GES MTSAT G/G BIS AES ES Other StateJapan ATN communication CPDLC,ADS,DFIS
16 ATN R&D in Japan Japan has been carrying out ATN development since 1995. –Joint R&D between the Electronic Navigation Research Institute (ENRI) and Oki Electric Industry Co. 1998 1999 2000 2001 2002 2003 2004 1996,7 ATN RouterATN Applications G/G Router development, tests Connection test with Eurocontrol Connection test with Airservices Australia (ASA) A/G Router development Connection test with experimental AMSS ATN security development (A/G router) ATN security tests VDL-3 GNI interface development VDL-3 connection test CPDLC connection test with Eurocontrol ADS test with Eurocontrol CPDLC,ADS tests with ASA CM security development CM security tests D-FIS ATIS development & test D-FIS METAR development & test
17 Experimental architecture Domain #B Japan(Tokyo) G/G Router C Domain #C Eurocontrol(Paris) TRANSPAC VENUS-P INS-P Domain #A Japan(Tokyo) G/G Router A Ground CPDLC G/G Router B Airborne System Simulator Airborne CPDLC ATC W/S ENRI CPDLC Trial with Eurocontrol
18 Japan Civil Aviation Bureau ATN Activities JCAB is implementing an ATN router backbone site and an AMHS service. –US/Japan AMHS service: March 2004 –Hong Kong/Japan AMHS service: September 2004 MTSAT 1 –SBASS service –AMSS service Possibly future ATN communications via MTSAT
20 ATN Security Technical solution specified in SARPs Edition 3 Provides authentication of peer and secures end- to-end communication between applications. –Allows you to know who you are talking to. Ensures that unknown third parties cant intrude and introduce false data, or modify data. –Does not yet include encryption (under development by ACP WG N) Router security –Authentication of peer BIS. –Secures IDRP packets – prevents disruption of the network by injection of fake IDRP packets by masquerading BIS routers.
21 ATN Security: Example ISH-PDU Public key certificate required ISH-PDU Public key certificate not required OPEN-PDU Airborne BIS#1 A/G BIS#2 SessionKey Generation Received certificate Extract Public Key #2 Private Key #1 SessionKey OPEN-PDU Public key certificate required Certificate SessionKey Generation Certificate from CA/RA Extract Public Key #1 SessionKey Tag Generation Generate SessionKey UPDATE-PDU KEEP-ALIVE-PDU IDRP information Tag#A Tag Verification SessionKey Tag Verification SessionKey Tag B Tag Generation Generate SessionKey Certification Authority CA & Registration Authority RA) Certificate & key generation & issue Registration/distribution Public Key #2 Public Key #1 Private Key #2 Tag#A Tag B UPDATE-PDU KEEP-ALIVE-PDU IDRP information Tag#B Tag#A using Source: Electronic Navigation Research Institute Research Results 2003 Registration/distribution Verify using
22 ATN Security: Issues Technical solution is complete, but some implementation issues remain: e.g. –Protocols for certificate retrieval not specified in SARPs. (ATN Directory? LDAP?) Many institutional issues remain to be resolved before security can be deployed: e.g. –Public Key Infrastructure establishment and certification. –Key distribution and management Particularly for avionics.
23 ATN has facilities to allow different sub-network types to be adapted to carry ATN: –e.g. ISO8208 (X.25), Ethernet, mobile sub-networks, etc. ACP Working Group N is developing an SNDCF that will allow use of IP sub-networks for carrying ATN traffic. –CLNP packets are transported over an IP network encapsulated inside IP packets. –The IP SNDCF is applicable to IPv4 and IPv6. IPv6 preferable as an aeronautical communication ground network because of built-in security (IPsec), priority handling, greater address space etc. Support for IP sub-networks User dataCLNP HeaderUser dataCLNP Header encapsulation decapsulation IP Header User dataCLNP Header IP Header User dataCLNP Header IP network CLNP (ATN) level IP (sub-network) level
24 IP Sub-Networks for ATN: Ex. IP between domains IP Router LAN (ATN over Ethernet) ATN RouterIP network IP Router ATN Router LAN (ATN over Ethernet) ATN over IP DSU LAN (ATN over Ethernet) DSU ATN Router ATN over X.25 point- to-point circuit ATN Routers relay CLNP (ATN) data packets between IP, X.25 and LAN sub- networks. A common IP network infrastructure might be used for ATN and other applications: e.g. VoIP etc.
25 IP SNDCF Status Draft SARPs developed, being validated. Due to be discussed by ACP WGN in March 2004 meeting. Publication in SARPs to expected follow (amendment to Edition 3, or in Edition 4 after ACP approval in 2005).
26 For further information, contact: Mark BrownTakefumi Nakamura firstname.lastname@example.org email@example.com Marine & Aeronautical Solutions Division System Solutions Company Oki Electric Industry Co., Ltd. 10-3 Shibaura, 4-chome, Minato-ku, Tokyo 108-8551, Japan Telephone: +81 (3) 3454-2111 Facsimile: +81 (3) 3798-7623 Thank you for your attention!