This page contains a Flash digital edition of a book.
Safety-critical and Redundant CompactPCI® and VMEbus


Figure 1 | The increase in sensitive information traveling across mobile networks is helping drive demand for enhanced LTE security.


and IP connections, occasionally lever- aging commercial broadband links. The direct route from cell sites to the core net- work brought about by flat LTE topology creates the possibility for Denial-of- Service (DoS) attacks and interception of user communications.


The LTE network architecture pushes more mobility function out to the cell sites, enabling hackers to potentially disrupt service and bring down larger portions of the network. LTE networks also have more small, distributed cell sites, which are difficult and costly to physically protect and might be vulner- able to criminal activity. Furthermore, operators are increasingly sharing cell sites and integrating femtocells and WiFi architectures alongside traditional macro cell sites.


These challenges are further compounded because the technology is complex and engineers with relevant experience are scarce and expensive. Combined with the increase in mobile devices and the growing volume of sensitive data being transmitted, these factors are driving new security requirements for LTE.


The increase in sensitive information being transmitted across mobile networks is helping drive demand for enhanced LTE security.


Security gateways The 3GPP Network Domain Security (NDS) standard requires that LTE net- works protect elements over “untrusted”


www.embedded-computing.com


communications links. Links may be deemed untrusted either because they are owned by different operators, therefore residing in different security domains, or because they are owned by the same operator but are connected in a way that may increase the likelihood of security breaches. The primary requirement of NDS is to use Internet Protocol Security (IPsec), where data is processed between the network elements in secure “tunnels” using Encapsulating Security Payload (ESP). ESP includes subscriber authenti- cation, content integrity, and data encryp- tion. These secure tunnels are set using Internet Key Exchange (IKE), enabling elements to identify each other using Security Association (SA).


An LTE Security Gateway, or LTE SEG, is a security gateway that is compliant with the 3GPP NDS standards. An LTE SEG should provide the following:


f Adherence to the 3GPP packet gateway (P-G) standards


f Scalable, high-performance IPsec capabilities with carrier grade reliability


f Support for key Internet Engineering Task Force (IETF) Request for Comments (RFCs) for ESP, IKE and Certified Management Protocol (CMP) as required by 3GPP LTE Specifications 33.210 and 33.310


f Ability to process at least multi- Gbps of encrypted IPsec traffic and scale to support large amounts of IP data from many LTE cell sites


Certifiable up to SIL 4 or DAL-A with safe operating system


■ Safe and reliable through triple redundancy


■ Simple software integration through lockstep architecture


■ Voter implemented as IP core in safe FPGA


■ Conductive-cooling options for harsh environments


■ Meets environmental standards DO-160 and EN 50155


■ Developed according to DO-254 and EN 50129


■ Guaranteed quality based on ISO 9001, EN 9100 and IRIS


MEN delivers redundant computers on board and system level (COTS or customized) for safety- critical control systems for railway, avionics and industrial.


MEN Micro, Inc. 24 North Main Street Ambler, PA 19002 Tel: 215.542.9575


E-mail: sales@menmicro.com www.men.de/safe


Embedded Computing Design April 2011 | 13


www.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safewww.men.de/safe


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54