Authors: Filip Rezabek, Max Helm, Tizian Leonhardt, Georg Carle

Authors: Patrick Sattler, Juliane Aulbach, Johannes Zirngibl, Georg Carle

Authors: Johannes Zirngibl, Lion Steger, Patrick Sattler, Oliver Gasser, Georg Carle

Authors: Max Helm, Florian Wiedner, Georg Carle

Time-Sensitive Networking (TSN) is a set of standards offering bounded latency and jitter, low packet loss, and reliability for Ethernet-based systems and allowing best-effort and real-time traffic to coexist. Domains that use TSN include intra-vehicular networks (IVNs), aerospace, professional audio-video solutions, and smart manufacturing. All these areas shift towards Ethernet due to its scalability, throughput, easy to develop applications, and affordability to produce in a large scale. In this work, we devise a methodology that introduces a workflow comprising several steps to assess TSN in various domains. The first step defines requirements and assesses which real-time traffic is present within a given domain. The second step focuses on configuration of a representative TSN-based network. The third step then evaluates the performance of different TSN standards in the chosen configuration(s). The final - optional - step supports optimizing the system to fulfill the identified requirements. The methodology is generalized by assessing the various TSN domains, finding their commonalities. As a result, we see the methodology can be applied to other TSN solutions. We provide a detailed case study for the domain of IVNs, from which the methodology is derived. We summarize the key requirements, systematically analyze IVNs traffic patterns for real-time and best effort traffic, and evaluate the performance of crucial TSN standards recommended by the 802.1DG Automotive Profile. The methodology builds on top of infrastructure framework, EnGINE, that offers an environment for reproducible and scalable TSN experiments and relies on commercial off the shelf hardware and open-source solutions. The framework allows to evaluate various standards and identify suitable topologies with focus on Layer 2 solutions. Using EnGINE, we evaluated the various traffic patterns and their corresponding TSN configurations and identified if and how the IVN requirements can be fulfilled.

Authors: Marcin Bosk*, Filip Rezabek*, Kilian Holzinger, Angela G. Marino, Francesc Fons, Abdoul A. Kane, Jörg Ott, Georg Carle

Self-driving and multimedia systems have common implications: increased demand on network bandwidth and computation nodes. To cope with the current and future challenges, intra-vehicular networks (IVNs) change their layout. They are built around powerful central nodes connected to the rest of the vehicle via Ethernet. The usage of Ethernet presents a challenge, as it by design lacks support for deterministic behavior, which is crucial for real-time systems. Therefore, the IEEE Time-Sensitive Networking (TSN) task group offers standards introducing low-latency and deterministic communication into Ethernet based networks allowing coexistence of best-effort and real-time traffic. To understand the coexistence challenges, these new networked systems need to be thoroughly evaluated with IVN requirements in mind. To assess various topologies, configurations, and data traffic types in IVN setups, we introduce Environment for Generic In-vehicular Networking Experiments—EnGINE. It allows, among many others, repeatable, reproducible, and replicable TSN experiments with high precision and flexibility. EnGINE is based on commercial off-the-shelf hardware and uses the flexible Ansible framework for experiment orchestration. This allows us to configure various topologies emulating realistic behavior of IVNs or other time sensitive systems used, e.g., in industrial automation. Obtaining such realism is challenging using simulations. Based on available related work, we further address the challenges found in those networks, especially IVNs. We derive TSN domain framework requirements, provide details on design decisions for the EnGINE, and present results to show its capabilities. The results present relevant network metrics based on collected data. A key focus is on the experiment campaigns realism achieved by real IVNs’ data footage and the OS optimizations to offer real-time behavior. We believe that EnGINE provides the ideal environment for TSN experiments from different domains.

Authors: Filip Rezabek*, Marcin Bosk*, Thomas Paul, Kilian Holzinger, Sebastian Gallenmüller, Angela Gonzalez, Abdoul Kane, Francesc Fons, Zhang Haigang, Georg Carle, Jörg Ott

Authors: Eric Hauser, Manuel Simon, Henning Stubbe, Sebastian Gallenmüller, Georg Carle

Authors: Florian Wiedner, Jonas Andre, Paulo Mendes, Georg Carle

Authors: Sebastian Gallenmüller, Dominik Scholz, Henning Stubbe, Eric Hauser, Georg Carle

Active measurements can be used to collect server characteristics on a large scale. This kind of metadata can help discovering hidden relations and commonalities among server deployments offering new possibilities to cluster and classify them. As an example, identifying a previously-unknown cybercriminal infrastructures can be a valuable source for cyber-threat intelligence. We propose herein an active measurement-based methodology for acquiring Transport Layer Security (TLS) metadata from servers and leverage it for their fingerprinting. Our fingerprints capture the characteristic behavior of the TLS stack primarily caused by the implementation, configuration, and hardware support of the underlying server. Using an empirical optimization strategy that maximizes information gain from every handshake to minimize measurement costs, we generated 10 general-purpose Client Hellos used as scanning probes to create a large database of TLS configurations used for classifying servers. We fingerprinted 28 million servers from the Alexa and Majestic toplists and two Command and Control (C2) blocklists over a period of 30 weeks with weekly snapshots as foundation for two long-term case studies: classification of Content Delivery Network and C2 servers. The proposed methodology shows a precision of more than 99 % and enables a stable identification of new servers over time. This study describes a new opportunity for active measurements to provide valuable insights into the Internet that can be used in security-relevant use cases.

Authors: Markus Sosnowski, Johannes Zirngibl, Patrick Sattler, Georg Carle, Claas Grohnfeldt, Michele Russo, Daniele Sgandurra