Masterarbeiten

As automotive architectures transition from legacy bus systems to high-speed Automotive Ethernet, the Audio Video Transport Protocol (AVTP) has become the standard for transporting time-sensitive data, including ADAS camera feeds, infotainment streams, and critical control traffic. However, this transition opens new attack vectors: malicious frames can be injected to freeze the camera or spoof control messages within the AVTP stream, potentially leading to catastrophic failures.

The current detection methods exploit the consistency of the Ethernet Frame header. They can detect malicious packets with abnormal sequence numbers in their headers. However, if the anomalies happen before the Ethernet transaction (on the broadcaster or in the real world) or the intrusion is well designed to have a normal header, the current detection systems are at a loss.

To address this scenario, we want to develop an unsupervised Anomaly Detection System to detect abnormal behavior in AVTP packets. More specifically, we want to detect deviations across several consecutive image frames to assess the normality of each image at the packet level. The idea is that the Ethernet packets are supposed to contain the data in the same manner. For example, the first packet should always contain the first chunk of the Intra Frames. So the image to compare the content is equivalent to comparing a small part of the image.

Our research targets three different circumstances:

• An anomaly in the real world, e.g., a damaged camera or obstacles in front of the camera.
• Intrusion on the broadcast, memory replacement, leading to a sequence of AVTP frames with normal headers.

• Injection during transmission. The malicious attacker sends replayed frames with abnormal headers.

Since the AVTP protocol is commonly used to transmit video footage, we can transfer the concept of Abrupt Detection of Image into our system.

The work can be separated into the following parts.

• Literature review for image cut detection (feature extraction)
• Implement a lightweight, unsupervised anomaly detection system for the image sequence.
• Transfer it to the AVTP Ethernet Frames
• If possible, expand the model to the general Ethernet protocols.

Voraussetzungen

Overview

Packet-based FEC enables lower latency over packet erasure channels by reducing retransmissions. This is performed by generating repair symbols, which are linear combinations of a set of source packets, and transmitting them along with the original source packets. As long as enough packets are received, any lost or dropped packet may be recovered by the receiver. A challenge of performing FEC in hardware is handling the buffering of packets. 

The objective of this thesis is to implement a packet buffer for packet-based FEC on an FPGA-based SmartNIC. Once implemented, the packet buffer should be tested and evaluated under different, realistic traffic scenarios. 

Challenges and Objectives 

Packets have to be stored until the repair packets can be generated. When the required number of packets (one block) have been buffered, they are fed to the FEC encoder. The packets must furthermore be output in the sequence of arrival, and therefore this sequence must also be stored. Once the packets have been processed, the buffer space can be freed again. 

FEC encoding must be done on a per-flow basis, which makes memory management challenging. Firstly, as packets of different flows may arrive in an interleaved manner, packets belonging to different flows must be managed via per-flow virtual buffers. This has the consequence that packets belonging to the same flows will often not reside in continuous blocks of memory, which leads to memory fragmentation. Secondly, the length of packets is variable (64B to 1500B) and is not known in advance, so it must be handled on-the-fly. To address these issues and to make efficient use of available memory, an intelligent management scheme should therefore be implemented.  

Another point is that, as the FEC is transparent to the application layer, the buffer must be preconfigured to support the desired number of flows and their FEC configuration. The number of flows should be a design time configuration whereas the FEC configuration (block size, redundancy factor, etc.) should be configurable at runtime.  

Finally, if time permits, the buffer should be expanded to also serve the RX path, by buffering packets received by the network before they can be decoded by the FEC decoder.

To improve the performance and energy efficiency of a
modern server, SmartNICs can be used to preprocess
incoming packets and gather characteristics on traffic
and processing requirements, as well as offer the possibility
to offload and accelerate specific functionalities. In the
context of Data Distribution in Vehicular Networks for
Automated Driving, an existing protocol and software
solution [1] offers the potential for SmartNIC-acceleration.
This state-of-the-art solution relies on selective data
distribution in a ROS2-environment to reduce the amount of
data transferred and thereby improve latency and efficiency.
While the offered software implementation already shows significant improvements, offloading certain protocol and packet processing to the SmartNIC promises much greater gains by avoiding expensive software loops and enabling hardware-accelerated processing. 

The goal of this work is to implement the network protocol developed in [1] in FPGA-hardware, preferably using the P4 framework [2]. An existing implementation of the AMD Vitis Net P4 IP core can be used as a starting point. Further, the image processing can be offloaded to the SmartNIC and accelerated using parallel hardware and the onboard HBM on the SmartNIC's FPGA. This requires a custom RTL implementation of image format transformation and caching logic. The existing software implementation shall be used as a design reference and comparison in terms of performance evaluation.

[1] N. Sperling and R. Ernst, "Reducing Communication Cost and Latency in Autonomous Vehicles with Subscriber-centric Selective Data Distribution," 2024 IEEE 99th Vehicular Technology Conference (VTC2024-Spring), Singapore, Singapore, 2024, pp. 1-7

Voraussetzungen

About the Project
Modern vehicles rely on complex distributed systems and generate extensive runtime data from ECUs and in-vehicle networks. These data streams must be analyzed effectively to detect sporadic anomalies. The Diagnosis Unit (DU) currently has no integration with the cloud, which limits the possibility of remote configuration and coordination of local DU during runtime. In highly automated vehicles, real-time anomaly diagnosis is essential for safety, reliability, and early intervention. The current Diagnosis Unit (DU) architecture detects anomalies via Ethernet snooping and trace monitoring but lacks embedded intelligence to autonomously categorize anomalies.

Project Description
This thesis aims to bridge that gap by developing and deploying a lightweight Machine Learning classifier capable of locally identifying the type of anomaly based on metadata (e.g., message rates, ID sequences) and trace-level indicators (e.g., control flow deviations, instruction durations, executed functions). The classifier must be tailored for low-power, runtime embedded systems like the ZCU102 board, ensuring it meets latency, memory, and CPU constraints.

The key tasks for this internship include:

• Build an anomaly classification dataset using real and synthetic traces. 
• Design a minimal-overhead classifier suitable for embedded edge platforms. 
• Compare classification techniques (e.g., decision trees, TinyML NNs, rule-based logic). 
• Optimize the model for execution speed and memory footprint. 
• Integrate and validate the classifier within the DU software stack. 
• Quantitatively evaluate accuracy, timing, and resource utilization under realistic conditions

Key Responsibilities: 

•  Dataset Generation: Create labeled datasets using synthetic trace injections and logged anomaly traces from Aurix boards. 
• Model Development: ? Design candidate classifiers using scikit-learn and/or TensorFlow Lite for Microcontrollers. ? Evaluate trade-offs: accuracy vs. latency vs. Footprint.
• Embedded Integration: ? Port the final model to C/C++ for execution on the DU Processing System (Linux). ? Interface classifier with DU anomaly metadata and trace analyzer. 
• Evaluation: ? Test classifier on live or replayed data. ? Measure detection latency, false positives/negatives, inference time, and CPU/RAM usage. 
• Reporting & Documentation: ? Document training pipeline, performance evaluation, and embedded integration. ? Prepare thesis manuscript and possibly a conference/poster paper.

Voraussetzungen