Introduction to ATN RoutersIntroduction to ATN Routers

Mark A. Brown

Oki Electric Industry Co., Ltd.

© 2003 Oki Electric Industry Co., Ltd.

2

Contents

• Introduction to ATN routers.

• ATN Deployment in the Asia/Pacific Region

• Future Issues

3

1. Introduction to ATN Routers1. Introduction to ATN Routers

4

Routers in the ATN

Air-to-groundsub-network

(radio)Ground sub-network (wide-area network)

A/G ATN RouterA/G ATN Router

End System(CPDLC etc) Console

G/G ATN RouterG/G ATN Router

CM

Air Traffic Control Facility

G/G ATN RouterG/G ATN Router

Console

Airline AOC

ES

Aircraft

End System

Airborne ATN RouterAirborne ATN Router

OperationalApplication

ATN Routers perform data relay and routing functions for ATN CLNP data packets.

ATN Routers perform data relay and routing functions for ATN CLNP data packets.

5

ATN Router functions: Data Relay

ES #2(e.g. AMHS)

APAC ATN Backbone Network

State A Backbone

BIS #2

State CBackbone

BIS #4

State B Backbone

BIS #3

ES #1(e.g. AMHS)

ATS Facility BIS #1

ATS Facility BIS #5

ATN routers relay data packets towards their destinations. ATN routers relay data packets towards their destinations.

The “path” across the network is determined according to least “hops”, ATSC class etc.

“Least hops” route:ES#1→BIS#1 →BIS#2 　→ BIS#3→BIS#5→ES#2

6

ATN Router functions: Multiple A/G sub-networks

Airline Operations Centre

Ground ATN

VDL3

GES

AMSS

RadioRadio RadioRadio

A/G Router A/G Router A/G Router

G/G Router

ATCC app. (e.g. CPDLC)

VDL2

ATS via VDL-3

ATS via VDL-3

AOC via VDL-2

AOC via VDL-2

7

ATN Router functions: Dynamic Routeing

Using dynamic routeing, routers can automatically detect damaged network elements and re-route traffic.

Using dynamic routeing, routers can automatically detect damaged network elements and re-route traffic.

e.g. due to failure of link between BIS#2 and BIS#3, traffic from ES#1 to ES#2 re-routed via BIS#4.

ES #2(e.g. AMHS)

APAC ATN Backbone Network

State A Backbone

BIS #2

State CBackbone

BIS #4

State B Backbone

BIS #3

ES #1(e.g. AMHS)

ATS Facility BIS #1

ATS Facility BIS #5

8

ATN Router functions: Priority Handling

RadioRadio

A/G Router

AOCD-ATIS

ADS, CPDLC

• Multiple applications compete for the “narrow pipe” to the aircraft.

• ATN routers handle CLNP NPDUs according to priority when contention for resources or congestion are occurring:

– Lower transit delay for higher priority messages

– Lower probability of higher priority messages being “dropped”

ATIS

AOC

CPDLC

ATIS

AOC

CPDLC

Normally the router forwards each packet down a link in the

order in which it arrives.

If a link is congested, CLNP NPDUs will start “queueing up”

waiting to be sent,.

CLNP NPDUs can be re-ordered if the link is congested depending

on their priority.

Normally the router forwards each packet down a link in the

order in which it arrives.

If a link is congested, CLNP NPDUs will start “queueing up”

waiting to be sent,.

CLNP NPDUs can be re-ordered if the link is congested depending

on their priority.

9

ATN Router: Protocols

Domain #B

ATN Router(BIS)

ESATN Router(BIS)

ES

ATN or IS Router

ES

IDRP ES-IS

ES-IS

ES-ISIS-IS

Domain #A

The ATN is based on ISO Open System Interconnect (OSI) protocols.The ATN is based on ISO Open System Interconnect (OSI) protocols.

Protocols:-Network layer protocol: CLNP-Routeing protocols:

- ES-IS: between End Systems and routers- IS-IS: within a routeing domain- IDRP: between routeing domains

Protocols:-Network layer protocol: CLNP-Routeing protocols:

- ES-IS: between End Systems and routers- IS-IS: within a routeing domain- IDRP: between routeing domains

ATN router functions are defined in ICAO Doc 9735-AN/956 sub-volume V.• Ground/Ground (Class 4) and Air/Ground (Class 5) ATN routers must implement the IDRP routeing protocol.•All Class 4 and Class 5 routers are Boundary Intermediate Systems (BIS).

10

Addressing within the ATN• Addresses are hierarchical, based on nested address domains. All addresses

within a domain have the same address prefix.

ISOICD

International

Authority

Routing Domain Identifier(RDI)

AreaIdentifier

System Identifier

Selector (1 Octet)Area Address (11 octets) System Identifier (6 octets)ATN NSAP/NET AddressATN NSAP/NET Address

47 0027 81 81 524A 00 010101

Common

Fixed ATSC domain

ICAO Asia region

Japan

0302 000000000000

System ID

00

00 (router) or 01 (end system)

e.g. JCAB ATN router NET

ATN Domain 470027+

Fixed ATSC 470027+81

Mobile ATSC

470027+C1

Mobile AINSC

470027+41

Fixed AINSC 470027+01

Asia

Japan

China

NAM

USA

11

Addressing and its relationship to routeing

• Hierarchical addressing and domains greatly simplify routeing:– Reduces routeing information exchanged by allowing routers to advertise aggregate

prefixes rather than lists of addresses.

– The router only has to inspect the prefix of a CLNP packet’s address to determine where to send it.

Thailand

Japan

Singapore

“I can reach Japan”

“I can reach Singapore &

Thailand”“I can reach

Thailand”

“I can reach Singapore and Japan” IDRP update

PDU contents=“I can reach” = address prefix

12

ATN Router Functions: Sub-network interface

CLNP

LLC Type 1 MAC

CSMA/CD

ES

ATN Router

LLC Type 1MAC

CSMA/CD

X.25（ VC)

Routing Protocols（ ES-IS,IS-IS,IDRP ）

CLNPCLNP

Routing Protocols（ ES-IS, IS-IS,IDRP ）

CLNPCLNP

LLC Type 1MAC

CSMA/CD

X.25（ VC)

ATN RouterAP/ULCS

CLNP

LLC Type 1MAC

CSMA/CD

ES

LAN (Ethernet) WAN

AP/ULCS

LAN LAN

X.25 circuit or PSN

LAN (Ethernet)

13

2. ATN Deployment in the Asia/Pacific Region

2. ATN Deployment in the Asia/Pacific Region

14

The APAC Regional ATN Ground Network

Source ： Fifth ATN Transition Task Force Meeting – WP19 （ 2003.6 ）

15

Use of APAC ATN Network for Air-Ground

ATN

A/G BISA/G BIS

GES

MTSAT

G/G BISG/G BIS

AES

ESES

Other State Japan

ATN communication（ CPDLC,ADS,DFIS

）

16

ATN R&D in Japan• Japan has been carrying out ATN development since 1995.

– Joint R&D between the Electronic Navigation Research Institute (ENRI) and Oki Electric Industry Co.

1998

1999

2000

2001

2002

2003

2004

1996,7

ATN Router ATN Applications

G/G Router development, tests

Connection test with Eurocontrol

Connection test with Airservices Australia (ASA)

A/G Router developmentConnection test with experimental AMSS

ATN security development (A/G router)

ATN security tests

VDL-3 GNI interface development

VDL-3 connection test

CPDLC connection test with Eurocontrol

ADS test with EurocontrolCPDLC,ADS tests with ASA

CM security development

CM security testsD-FIS （ ATIS ） development & test

D-FIS （ METAR ） development & test

17

Experimental architecture Experimental architecture

Domain #BJapan(Tokyo)

G/G Router ＃ C

Domain #CEurocontrol(Paris)

TRANSPAC

VENUS-P

INS-P

Domain #AJapan(Tokyo)

G/G Router ＃ A

Ground CPDLC

G/G Router ＃ B

Airborne SystemSimulator

（ Airborne CPDLC ）

ATCW/S

ENRI CPDLC Trial with Eurocontrol

18

Japan Civil Aviation Bureau ATN Activities

• JCAB is implementing an ATN router backbone site and an AMHS service.– US/Japan AMHS service: March 2004

– Hong Kong/Japan AMHS service: September 2004

• MTSAT 1– SBASS service

– AMSS service• Possibly future ATN communications via MTSAT

19

3. Future Router Issues3. Future Router Issues

20

ATN Security

• Technical solution specified in SARPs Edition 3• Provides authentication of peer and secures end-

to-end communication between applications. – Allows you to “know who you are talking to”. Ensures

that unknown third parties can’t intrude and introduce “false” data, or modify data.

– Does not yet include encryption (under development by ACP WG N)

• Router security– Authentication of peer BIS.– “Secures” IDRP packets – prevents disruption of the

network by injection of “fake” IDRP packets by masquerading BIS routers.

21

ATN Security: ExampleISH-PDU

Public key certificate required

ISH-PDUPublic key certificate not required

Public key certificate not requiredOPEN-PDU

Airborne BIS#1 A/G BIS#2

SessionKey Generation

Received certificate Extract

Public Key #2

PrivateKey #1

＋ ＝

SessionKeyOPEN-PDU

Public key certificate required

CertificateSessionKey Generation

Certificate fromCA/RA Extract

Public Key #1

＋ ＝

SessionKey

Tag Generation

Generate

SessionKeyUPDATE-PDUKEEP-ALIVE-PDUIDRP information

Tag#A

Tag Verification

SessionKey

Tag Verification

SessionKey

Tag ＃ B

Tag Generation

Generate

SessionKey

Certification Authority （ CA ） &Registration Authority （ RA)

Certificate & key generation & issue

Registration/distribution

PublicKey #2

PublicKey #1

PrivateKey #2

Tag#A

Tag ＃ B

UPDATE-PDUKEEP-ALIVE-PDUIDRP information

Tag#B

Tag#A

using

Source: Electronic Navigation Research Institute Research Results 2003

Registration/distribution

Verify

Verify using

22

ATN Security: Issues

• Technical solution is complete, but some “implementation issues” remain: e.g.– Protocols for certificate retrieval not specified in

SARPs. (ATN Directory? LDAP?)

• Many institutional issues remain to be resolved before security can be deployed: e.g.– Public Key Infrastructure establishment and

certification.

– Key distribution and management• Particularly for avionics.

23

• ATN has facilities to allow different sub-network types to be adapted to carry ATN:– e.g. ISO8208 (X.25), Ethernet, mobile sub-networks, etc.

• ACP Working Group “N” is developing an SNDCF that will allow use of IP sub-networks for carrying ATN traffic.– CLNP packets are transported over an IP network “encapsulated” inside

IP packets.

– The IP SNDCF is applicable to IPv4 and IPv6.• IPv6 preferable as an aeronautical communication ground network because of

built-in security (IPsec), priority handling, greater address space etc.

Support for IP sub-networks

User dataCLNP Header User dataCLNP Header

encapsulation

decapsulation

IP Header User dataCLNP Header IP Header User dataCLNP Header

IP network

CLNP (ATN) levelCLNP (ATN) level

IP (sub-network) levelIP (sub-network) level

24

IP Sub-Networks for ATN: Ex. IP between domains

IP Router

LAN (ATN over Ethernet)

ATN Router IP networkIP Router

ATN Router

LAN (ATN over Ethernet)

ATN over IP

DSU

LAN (ATN over Ethernet)

DSU

ATN Router

ATN over X.25 point-to-point circuit

ATN Routers relay CLNP (ATN) data packets between IP, X.25 and LAN sub-

networks.

ATN Routers relay CLNP (ATN) data packets between IP, X.25 and LAN sub-

networks.

A common IP network infrastructure might be used for ATN and other applications: e.g.

VoIP etc.

A common IP network infrastructure might be used for ATN and other applications: e.g.

VoIP etc.

25

IP SNDCF Status

• Draft SARPs developed, being validated.

• Due to be discussed by ACP WGN in March 2004 meeting.

• Publication in SARPs to expected follow (amendment to Edition 3, or in Edition 4 after ACP approval in 2005).

26

For further information, contact:

Mark Brown Takefumi Nakamuramark667@oki.com nakamura491@oki.com

Marine & Aeronautical Solutions DivisionSystem Solutions Company

Oki Electric Industry Co., Ltd.

10-3 Shibaura, 4-chome,Minato-ku, Tokyo 108-8551, Japan

Telephone: +81 (3) 3454-2111Facsimile: +81 (3) 3798-7623

Thank you for your attention!

Thank you for your attention!