Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [kanto-dev] Kanto Request for Industry-specific Extensions
  • From: Carlton Bale <carlton.bale@xxxxxxxxxxx>
  • Date: Wed, 27 Sep 2023 15:12:16 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cummins.com; dmarc=pass action=none header.from=cummins.com; dkim=pass header.d=cummins.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ac1ZxdQFGNNt7flQtslK25D3QPgtAtm+sJLYscGosn4=; b=faGJPhYz9WNX43AI7A1jzHAEwg9C0TnuS81KT1IXKnbXmoc8hc0zkPt6nYoWlCAX3jb22/J4wNkNT5KsZggqRAr06FzIoYVYocwLZ+9KkwH4BYEGS14Vi3oPMJ4Kc3qnVfty6pACFOkCxVu0ZXnTMlvSrcpfgvv8LjPm2+KWlFHBondZngtPbFYOvZa+XbLt5ujo3lGNdpv52ZXAJ3fuGG8MhATsr+kL4/UOvZW3DbBs5ESGgtfDGss7oB04XDJvU6AhB20ondI0yQDAu7ztS3EQUpMt9B+ahPYD3HUkqRMAyGOiRzMTgZjFmFAq7PmmWbZ9GLoJuKgiImuEkJlnYg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UC4q8caQHic1fK5t8FlhtLskqCb0ZpTnLi89u4qRmTQCge5GK8fCYOCXOt00Z9ljGri+B5kDUEsCQwlX9RPzw68MMOR32bQrKyei5Tm+CXnCgnj27JCGvkNX9ShXtdyhvmce/MuB2uHvc7vmvtuM7ceNAIO4xBO1FhJUtnsX9Qv0mQ4E2OZyW6eUGpC1e3RWW0/LxQF9+qg/A1CD2B12rIh3RzTvKyAcm+Fl3oDaRUwQskJm2lTehLgBPSkmaHLlZHdC5Y3x9/52B5q44yx7aWHvBXv2eO8TO+pDfAaGKauJIWZNS+HOpbyJ+Tyf2jnlnvGbGA00920RWMtjf1RK7Q==
  • Delivered-to: kanto-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/kanto-dev/>
  • List-help: <mailto:kanto-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/kanto-dev>, <mailto:kanto-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/kanto-dev>, <mailto:kanto-dev-request@eclipse.org?subject=unsubscribe>
  • Thread-index: AQHZ3QKat0rjZSYGwk+uWRwaMgq3nbAMWHsAgAAAVeiAAAEhr4AilU4+
  • Thread-topic: [kanto-dev] Kanto Request for Industry-specific Extensions
  • X_proofpointscan: true

For anyone not following this discussion on github, here’s the latest post:

 

https://github.com/eclipse-kanto/kanto/discussions/277

As I think more about the capabilities that must be addressed to achieve industry adoption, I believe one of the current gaps is CAN Datalink Abstraction and Standardization. We need a component that enables secure access to embedded controllers, across the numerous different CAN protocols that are present on a single vehicle and across industries. The problem is that these CAN protocols, such as SAEj J1939, have proprietary licenses that cannot be implemented in Open Source. Instead, proprietary commercial libraries must be employed, and these numerous commercial offerings all have different interfaces and no standardized security and access control components. This current state drives a high amount of variation and customization into the applications running on a Edge device, despite the standardizing on an OCI-based environment.

Our proposed addition to Kanto is a Datalink Abstraction and Standardization component along with complimentary CAN Datalink Access Security capabilities. This framework would be extensible across all CAN protocols as well as DOIP, allowing portability of containerized software across different hardware/provider implementations. This component would provide interface specifications for Commercial CAN Libraries to implement, as well as an SDK for implementing this agnostic interface within containerized applications. The open source component would handle the linking of these two components across an MQTT broker or other similar technology, which would be transparent for both the Commercial Library and Containerized Application.

In addition, the open source component would provide Security and Access Control for the CAN/IP datalink, including certificate-based authentication of approved applications and throttling/prioritization of traffic in order to prevent CAN datalink over-saturation.

Use cases for this functionality include being able to run the Kuksa Val data broker. This would enable creation of VSS data elements without having to customize the implementation for each specific CAN Library Implementation. The Data Broker could even be implemented without needing to specify the exact CAN protocol being used in the vehicle, enabling the Commercial CAN Library to negotiate the CAN interface.

Another use case is a Tier 1 ECU software update container, working within the Kanto Software Update Manager framework, being able to establish a secure UDS session with a powertrain ECU to perform a software update. This application would not need to be tailored for the numerous different telematics and OEM configurations. The Security and Access Control component would authenticate the Tier 1 Software Update Container, provide access to only the target CAN device, and make sure that the application does not consume too much CAN bandwidth.

 

 

-- 
Best Regards,

-Carlton

 

Carlton Bale

Director – Digital Strategy and Product Planning

Cummins Digital Organization

 



 

Back to the top