Communications Service
The Communications Service manages the communications hardware associated with the SoC and includes:
• Ethernet
• CAN
• CAN over Ethernet when connected to a device such as AURIX
Our focus here is on Ethernet communication which operates in the platform with a behavior similar to a simulated multi-port enterprise class switch. Where each virtual machine is provided a port into the emulated switch environment that is then connected to the physical ethernet environment.
The Foundation Communication Service:
• Enforces the traffic bandwidth and latency guarantees similar to a physical Ethernet switch.
• Operates on traffic at L1 - L2. L3 is for NAT security purposes, and L1 - L4 is used to inspect traffic for firewall security purposes.
Multiple Virtual Machine Support
Multiple VMs provide the ability to:
• Submit and receive fully formed Ethernet frames, formed by the upper layers, to the backbone.
• Enforce bandwidth and latency guarantees required by the upper level protocols at the virtual machines.
• Submit Ethernet frames from a virtualized Ethernet driver.
Network Perimeter Security
The intrusion detection and prevention functions include these defenses:
• DDOS resistance
• Traffic filtering
• Stateless firewall
• Restricted cone connection management
Infrastructure Programming
The supported infrastructure programming includes:
• Switch configuration
• Traffic shaping
• Traffic class arbiter programming
• VLAN filtering
The Communications Service adheres to these standards:
• 802.1as initialization and path measurement
• 802.1x authorization database
• 802.1q VLAN enforcement for inbound and outbound traffic
• 802.1q traffic classification enforcement
• 802.1ae enforcement at chip boundary and platform boundaries