|
|
Design of selected IEEE 802.1Q standard parts
Kliment, Filip ; Pristach, Marián (referee) ; Fujcik, Lukáš (advisor)
This thesis deals with network substandards from the TSN group (IEEE 802.1Q), which deal with prioritization of network traffic in TSN networks. These sub-standards include 802.1QBV and 802.1QBU, which have been described in more detail and compared in terms of network permeability and latency. Substandard 802.1QBU was chosen for the design implementation in FPGA. The design was described in VHDL. The designed design was verified by simulations, using self-tests. The work includes synthesis and time analysis.
|
|
|
Tester for chosen sub-standard of the IEEE 802.1Q
Avramović, Nikola ; Dvořák, Vojtěch (referee) ; Fujcik, Lukáš (advisor)
Tato práce se zabývá analyzováním IEEE 802.1Q standardu TSN skupiny a návrhem testovacího modulu. Testovací modul je napsán v jazyku VHDL a je možné jej implementovat do Intel Stratix® V GX FPGA (5SGXEA7N2F45C2) vývojové desky. Standard IEEE 802.1Q (TSN) definuje deterministickou komunikace přes Ethernet sít, v reálném čase, požíváním globálního času a správným rozvrhem vysíláním a příjmem zpráv. Hlavní funkce tohoto standardu jsou: časová synchronizace, plánování provozu a konfigurace sítě. Každá z těchto funkcí je definovaná pomocí více různých podskupin tohoto standardu. Podle definice IEEE 802.1Q standardu je možno tyto podskupiny vzájemně libovolně kombinovat. Některé podskupiny standardu nemohou fungovat nezávisle, musí využívat funkce jiných podskupin standardu. Realizace funkce podskupin standardu je možná softwarově, hardwarově, nebo jejich kombinací. Na základě výše uvedených fakt, implementace podskupin standardu, které jsou softwarově související, byly vyloučené. Taky byly vyloučené podskupiny standardů, které jsou závislé na jiných podskupinách. IEEE 802.1Qbu byl vybrán jako vhodná část pro realizaci hardwarového testu. Různé způsoby testování byly vysvětleny jako DFT, BIST, ATPG a další jiné techniky. Pro hardwarové testování byla vybrána „Protocol Aware (PA)“technika, protože tato technika zrychluje testování, dovoluje opakovanou použitelnost a taky zkracuje dobu uvedení na trh. Testovací modul se skládá ze dvou objektů (generátor a monitor), které mají implementovanou IEEE 802.1Qbu podskupinu standardu. Funkce generátoru je vygenerovat náhodné nebo nenáhodné impulzy a potom je poslat do testovaného zařízeni ve správném definovaném protokolu. Funkce monitoru je přijat ethernet rámce a ověřit jejich správnost. Objekty jsou navrhnuty stejným způsobem na „TOP“úrovni a skládají se ze čtyř modulů: Avalon MM rozhraní, dvou šablon a jednoho portu. Avalon MM rozhraní bylo vytvořeno pro komunikaci softwaru s hardwarem. Tento modul přijme pakety ze softwaru a potom je dekóduje podle definovaného protokolu a „pod-protokolu “. „Pod-protokol“se skládá z příkazu a hodnoty daného příkazu. Podle dekódovaného příkazu a hodnot daných příkazem je kontrolovaný celý objekt. Šablona se používá na generování nebo ověřování náhodných nebo nenáhodných dat. Dvě šablony byly implementovány pro expresní ověřování nebo preempční transakce, definované IEEE 802.1Qbu. Porty byly vytvořené pro komunikaci mezi testovaným zařízením a šablonou podle daného standardu. Port „generátor“má za úkol vybrat a vyslat rámce podle priority a času vysílaní. Port „monitor“přijme rámce do „content-addressable memory”, která ověřuje priority rámce a podle toho je posílá do správné šablony. Výsledky prokázaly, že tato testovací technika dosahuje vysoké rychlosti a rychlé implementace.
|
|
|
Modern access control system
Vomáčka, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
The thesis describes the design of scheme for access system with user authentication via smart cards. The first chapter explains various types of identification items used for authentication of users and different types of readers and terminals, followed by chapter 2 with a deeper insight on smart cards with focus on their types, what internal structure and principle of communication with card readers are used, etc. with primary focus on Java cards. The third chapter describes Java Card cryptography - especially elliptic curve cryptography used on this platform. The fourth part focuses on PACE protocol with subsections dedicated to the individual parts of the protocol and its applicability to smart cards environment. Chapter 5 explains the proposed design of the authentication scheme elaborated in the thesis, including a detailed description of specific parts, their funcionality and exemplary usage in the created applications.
|
|
|
Application for Demonstration of Hash Algorithms SHA-1 and SHA-2
Siska, Josef ; Petrlík, Jiří (referee) ; Novotňák, Jiří (advisor)
In this thesis, the theory related to the hash algorithms SHA-1 and SHA-2 is presented, along with a description of possible implementation of an application that demonstrates how these algorithms work. The first part of this thesis describes the principles of construction of hash functions, their use and history of selected hash functions. The two following chapters present conventions and algorithms of the SHA-1 and SHA-2. The next chapter describes the general concepts related to the attacks on the hash functions and selected attacks are presented in more detail. The last two chapters outline the design and implementation of an application that was created as part of this work. In the end the evaluation of results of this thesis and proposals for its possible continuation are presented.
|
|
|
Implementation of 10 Gb Ethernet Interface for Arria 10 SoC
Novák, David ; Košař, Vlastimil (referee) ; Kořenek, Jan (advisor)
This thesis addresses design, implementation and testing of 10 Gb Ethernet interface for chip Arria 10 SoC (combination of FPGA and ARM Cortex-A9). Composition of the interface, its parts and communication between them is described with main focus being on MAC layer, which was designed and implemented in the course of this work. Secondary aspect of this thesis is increasing CPU performance demands for processing of packets and problems it brings. The performance of common CPUs is seriously lacking with network speeds over 10 Gb/s and alternative solutions has to be considered - namely acceleration of some tasks using FPGA and utilization of new ways of packet processing. Therefore, the description of DPDK (library for fast packet processing) as well as implementation of DPDK interface for newly created MAC module, are part of this thesis.
|
|
|
Mandatory access control policies of operating system
Novotný, Filip ; Lattenberg, Ivo (referee) ; Pelka, Tomáš (advisor)
The subject of this paper is data protection by means access control. It compares the difference between DAC and MAC access control and describes the progress of MAC due to user requierements. Next part is dedicated to SELinux, what offers more system safeness. SELinux is based on mandatory access control. Making own policy is dedicated to SELinux editor, which is composed of Simplified Policy and is easy to use for ordinary user.
|
|
|
An Analysis of Selected Layer 2 Network Attacks
Lomnický, Marek ; Ráb, Jaroslav (referee) ; Ryšavý, Ondřej (advisor)
This MSc Thesis focuses on principles, practical performability and security against four attacks used in contemporary local-area networks: CAM Table Overflow capable of capturing traffic in switched networks, ARP Man-in-the-Middle, whose target is to redirect or modify traffic and against two variants of VLAN Hopping attack allowing a hacker to send and capture data from VLANs he has no access to.
|
|
|
Integration of SELinux Audit Logs into ABRT Tool
Vrabec, Lukáš ; Kačic, Matej (referee) ; Barabas, Maroš (advisor)
The main aim of the thesis is to introduce the security of Linux operating systems and the access control list mechanism. The thesis focuses on processing security messages produced by the security mechanism into logging services and on displaying those messages. In addition, the thesis includes a concept solution and its implementation, which integrates security messages into a centralized system, keeps them and reports bugs in the Linux community distribution Fedora and in the Linux commercial distribution Red Hat Enterprise Linux.
|
|
|
Communication scheme of WSN in Omnet simulator
Mikauš, Jiří ; Šimek, Milan (referee) ; Holešinský, Pavel (advisor)
In the introduction of this semestral thesis there is an theory about wireless sensor networks which are still more used. Wireless sensor networks contains thousands nodes which communicate with each other due to wireless channel and so they create together a structure of the network. The nodes are low-energy and transfer information about measured medium to the base station which processes them and further provides to user. In the work are described protocols for medium access control and routing described. They place emphasis on as high reduction of consumption of energy as possible and thus they help to extend a network lifetime. Further the simulations in simulation program Castalia were performed where the energetic requirement for individual protocols of medium access are compared. As next there were also compared two communication units used in real application.
|
|
|
Benchmarking Performance of WiFi Networks
Hrabčak, Miroslav ; Kašpárek, Tomáš (referee) ; Čejka, Rudolf (advisor)
This bachelor project discusses throughput problems of the WIFI networks. Project analyzes typical problems and factors, that affect decrease of their capacity and concentrates on typical problems of their signal path. Describes techniques of monitoring, detection and debugging causes, which affects decrease of network throughput. The project also includes the experimental testing and analyzes of standards 802.11b/g and 802.11n on the labs WiFi network.
|
guest ::
