Security-aware Routing And Scheduling For Time-sensitive Networking

With the development of digital technology,the business system has higher and higher requirements for data transmission,and the traditional network architecture has been difficult to meet the various personalized and refined needs of data transmission.As a new type of network,Time-Sensitive Networking(TSN)provides highly reliable,low-delay and deterministic data transmission.It is the evolution direction of next-generation industrial networks and mobile network,and will play an important role in Industrial Internet,5G and automotive systems,etc.In these systems,the data transmitted by safety-critical applications usually have high-security requirements,in addition to real-time requirements,which require the system to apply security authentication mechanism to protect the authenticity of data.However,the introduction of security mechanism in TSN needs to combine the characteristics and requirements of TSN itself,otherwise its schedulability and real-time performance will be seriously affected.Firstly,some end systems of TSN have limited resources,the security authentication mechanism adopted must be lightweight.Secondly,TSN systems usually have high real-time and deterministic requirements,so the scheduling of tasks and traffic needs to be planned in advance.However,the addition of security mechanism will change the original scheduling plan,affect the real-time and deterministic performance of TSN,and may even lead to unschedulable results.The investigation of existing studies shows that there are still few studies related to the security mechanism in TSN,and there are few applicable scenarios and high resource consumption.Aiming at the above problems,this thesis proposes a security-aware routing and scheduling method for TSN.In this method,a time-efficient one-time signature mechanism is used for lightweight multicast source authentication,and the mechanism is modified for TSN traffic characteristics.This authentication mechanism has the characteristics of fast authentication,no-cache,and short signature,and is more suitable for the real application scenarios of TSN.On this basis,this thesis defines the network model,application model,and security model for the security mechanism to describe the impact of security mechanism on tasks and traffic.To determine routing and scheduling schemes,this thesis proposes a method based on constraint programming to solve routing and scheduling problems respectively.In routing problem,the definition of constraints and optimization objectives ensure the correct routing of the traffic,and the traffic can reach the destination node as soon as possible.In scheduling problems,based on the traditional TSN scheduling,constraints take into account the influence of security mechanism,and ensure that flows and tasks are transmitted or executed in sequence to avoid contention resulting in uncertain results.In order to minimize the impact of security mechanism and ensure the real-time performance of the system,this thesis takes endto-end delay minimization as the optimization goal of scheduling.In order to verify the feasibility of the proposed method and analyze the impact of the introduction of security mechanism on the system,experiments are carried out on the proposed method.The experimental results show that the security mechanism has little influence on the system original scheduling under the premise of ensuring the system security.In several test cases of different scales generated based on industrial scenarios the proposed scheme results in an average increase of 13% in end-to-end delay and 5.8% in bandwidth utilization.Compared with other similar schemes,the proposed scheme has lower bandwidth consumption,and is more suitable for TSN networks with strict bandwidth limits.Therefore,the method proposed in this thesis can meet the requirements of real-time application in vehicle-mounted network and industrial control scenarios under the premise of ensuring security.