Overview
The XMC-SSR and XMC-10SSR series are military-certified secure switch routers that take full advantage of SOC-E’s advanced and well-known networking technology to ensure secure, reliable and high-available communications in the most demanding battlefield environments for land, air and sea platforms.
The switching electronics are implemented in a high-performance FPGA, allowing the devices to be fully customized to each customer’s specific requirements. This MOTS approach, based on a field-proven COTS solution to minimize project risk, results in an all-in-one device, that combines switching, routing, firewall and edge computing capabilities in single hardware platform.
Fully compliant with VITA 42/61 standards and SOSA aligned, the XMC-SSR/XMC-10SSR series can adapt to almost any situation and meet the requirements of the harshest military programmes.
Key Features
- Up to 17 configurable Ethernet 10/100/1000BASE-T and 1GbE/10GbE ports
- Full in-house design (including networking and synchronization IP Cores) based on a reconfigurable MPSoC platform with edge computing capabilities
- Firewall and VPN capabilities, combined with advanced security means including IEEE 802.1X and MACsec, among others
- Optional “Zero-Packet Loss” redundancy based on HSR/PRP protocols for high-availability communications
- Simplified management and monitoring via a user-friendly HTTPS web interface or a flexible console port
- Compliant with VITA 42.0, VITA 61.0, VITA 42.3 and SOSA aligned
Technical Specifications
Communication Interfaces
- P15 connector:
- 1x 1G/10G PCIe port for attachment to a second source on the carrier
- P16 connector:
- 4x 1000BASE-T ports
- Up to 8x 1000BASE-(K)X or 10GBASE-(K)R ports
- 1x 1000BASE-(K)X Service port
- 1x UART serial line
- 1x PPS output
- 1x PPS input
- 1x optional IRIG-B output
- 1x optional IRIG-B input
- 1x optional 10MHz oscillator input
- Frontal I/O interfaces (only in Air-Cooled version):
- 4x 1G/10G SFP+ ports
Layer 2 Features
- IEEE 802.3-2008 (Ethernet)
- Automatic MAC address learning and aging
- Static MAC Table
- Port-Based Virtual LANs (VLANs):
- Logical segmentation of network for optimal use of bandwidth
- IEEE 802.1Q for VLAN tagging (up to 4K VLAN groups)
- IEEE 802.1p for Class of Service (CoS) / Quality of Service (QoS)
- IEEE 802.1AB for Link Layer Discovery Protocol (LLDP)
- Port rate limiting
- Storm control for flooded broadcast, multicast and unicast
- Layer 2 multicast filtering
- IGMP Snooping (up to 1024 multicast filters)
- Flexible Link Aggregation (up to 4 groups with 8 members each) (Expected 2025)
Redundancy
- Spanning Tree Protocol:
- IEEE 802.1D (STP)
- IEEE 802.1w (RSTP)
- IEEE 802.1s (MSTP)
- Zero-Recovery Time redundancy (optional):
- High-availability Seamless Redundancy (HSR) – IEC 62439-3 Clause 5
- Parallel Redundancy Protocol (PRP) – IEC 62439-3 Clause 4
Layer 3 Features
- IPv4/IPv6 unicast and multicast routing
- Static routing
- Dynamic routing:
- OSPFv2, OSPFv3
- RIPv1, RIPv2, RIPng
- BGPv4
- EIGRP
- PIM-SM (IPv4 and IPv6)
- Virtual Router Redundancy Protocol (VRRP)
- DSCP ToS / QoS (optional)
- Source / Destination NAT (optional)
Security
- IEEE 802.1X for port-based network access control
- MAC port binding & authentication for login security
- RADIUS authentication
- LDAP (Lightweight Directory Access Protocol)
- RBAC (Role Based Access Control)
- Selective ports disabling capability
- Unsecure protocols disabling capability
- Per port ingress and egress port mirroring including 10G mirroring
- Mirroring per VLAN and per content awareness match
- HTTPS for web interface
- Secure Shell (SSH) Protocol v2 for command line interface
- TPM 2.0 IC for identity authentication
- Encryption/authentication & signature for firmware and bitstream
- Secure-boot capability
- IEEE 802.1AE – MACsec (Media Access Control Security) support
- Custom ACLs (optional)
- Virtual Private Network (VPN):
- Site to site and remote VPN support
- IPsec VPN tunnels
- L2TP VPN tunnels
- PPTP VPN tunnels
- Gretap VPN tunnels
- SSL-based OpenVPN (optional)
- IPsec aggregate performance: 75Mbps / 250Mbps (optional) with AES256-SHA256, 1500 bytes packet size.
- Stateful inspection firewall:
- Firewall performance: 600Mbps (with std. configuration)
- Unlimited concurrent connections
- IPv6 firewalling (optional)
- Stateful failover (optional)
- Other optional security features:
- Intrusion Prevention System / Intrusion Detection System
- Antivirus Scanning
- DoS Protection
- Botnet blocking (IP reputation)
- Web content filtering
- Application visibility and control
Not all the features may be supported in all the product models.
Gateway
- Edge-computing capabilities for user defined applications
- Support for DDS standard and MQTT protocol in KVM Virtual Machine for user application
Synchronization
- IEEE 1588-2008 v2 (PTPv2)
- IEEE 1588 Stateless Transparent Clock (TC)
- IEEE 1588 Ordinary Clock (Master-Slave)
- Time Bridge operation: NTP <-> PTP
- NTP (Server/Client)
- Optional IRIG-B – Time Code Formats (distributed as DCLS pulse-width coded signal)
Configuration & Management
- HTTPS web interface
- SSHv2 command line interface (CLI)
- SNMP V1/V2c/V3 protocol support
- SNMP V3 encrypted authentication and access security
- SNMP over TLS support (optional)
- Netconf protocol support (optional)
- Encrypted and digitally signed firmware/bitstream upgrades
- Saving and restoring configuration
- Graphic representation of Network status (only in HSR/PRP networks)
- Statistics independent per port
- Internal status monitoring and logging
- Event notification through Syslog
- DHCP/DHCPv6 server and relay (optional)
- Built-in-Test capability including:
- PBIT (Power-on BIT)
- CBIT (Continuous BIT)
- IBIT (Initiated BIT)
- In-band management via any Ethernet switch port or out-of-band via Ethernet (service port)
- UART serial console
Processing
- Xilinx Ultrascale+ MPSoC device:
- 4x 64bit CPU ARM-Cortex-A53
- 2x 32bit CPU ARM-Cortex-R5F
- 1x GPU ARM-Mali 400MHz
- 1x 16nm UltraScale+ FPGA
- Up to 4GB DDR4 RAM memory
- 32GB eMMC Flash memory
- 512Mb QSPI Flash memory
Physical & Electrical Characteristics
- Dimensions (mm):
- Air-Cooled version (with SFP+ ports): 167.5(W) | 74(D) | 9.5(H-TOP)
- Conduction-Cooled version (w/o SFP+ ports): 143.75(W) | 74(D) | 4.7(H-TOP)
- Weight (g):
- Air-Cooled version: 128
- Conduction-Cooled version: 118
- Power input as defined in VITA 42.0 standard:
- VPWR: +5VDC or +12VDC
- +3V3: required
- +3V3_aux: required
- +/-12V: not required
- Power consumption: 15-25W (depends on the FPGA design)
Environmental
- Design to meet the following environmental specifications:
Specifications per VITA 47
Air-Cooled
Conduction-Cooled
Operating Temperature
AC3 (-40 to +70ºC)
CC4 (-40 to +85ºC)
Non-Operating Temperature
C3 (-50 to +100ºC)
C4 (-55 to +105ºC)
Vibration
V2 (0.04g2/Hz; 5 to 2000Hz)
V3 (0.1g/Hz; 5 to 2000Hz)
Operating Shock
OS1 (20g, 11ms)
OS2 (40g, 11ms)
Relative Humidity
0-95%
0-95%
With enhanced cooling system in the equipment
MTBF
- 2,054,951 hours GB@25
- MTTR = 0.5 hour
Warranty
- 2 years
Export Control
- ITAR Free
Standards
- VITA 42.0
- VITA 61.0
- VITA 42.3
- P16 mapping optimised for the following VITA 46.9 profiles:
- X32s+X8+X12d
- X24s+X8d+X12d (only 2x 1000BASE-T)
- Developed in alignment with the following SOSA profiles:
- X16s+X8d+X12d (only 2x 1000BASE-T)
For more information, please contact your sales representative.