Developer Guide
5.1.15 Release

Communications Service
Multiple Virtual Machine Support
Network Perimeter Security
Infrastructure Programming
The Communications Service manages the communications hardware associated with the SoC and includes:
CAN over Ethernet when connected to a device such as AURIX
Our focus here is on Ethernet communication which operates in the platform with a behavior similar to a simulated multi-port enterprise class switch. Where each virtual machine is provided a port into the emulated switch environment that is then connected to the physical ethernet environment.
The Foundation Communication Service:
Enforces the traffic bandwidth and latency guarantees similar to a physical Ethernet switch.
Operates on traffic at L1 - L2. L3 is for NAT security purposes, and L1 - L4 is used to inspect traffic for firewall security purposes.
Multiple Virtual Machine Support
Multiple VMs provide the ability to:
Submit and receive fully formed Ethernet frames, formed by the upper layers, to the backbone.
Enforce bandwidth and latency guarantees required by the upper level protocols at the virtual machines.
Submit Ethernet frames from a virtualized Ethernet driver.
Network Perimeter Security
The intrusion detection and prevention functions include these defenses:
DDOS resistance
Traffic filtering
Stateless firewall
Restricted cone connection management
Infrastructure Programming
The supported infrastructure programming includes:
Switch configuration
Traffic shaping
Traffic class arbiter programming
VLAN filtering
The Communications Service adheres to these standards:
802.1as initialization and path measurement
802.1x authorization database
802.1q VLAN enforcement for inbound and outbound traffic
802.1q traffic classification enforcement
802.1ae enforcement at chip boundary and platform boundaries