Featured image

XMC-SSR / XMC-10SSR series

L2/L3 Secure Switch Router XMC Mezzanine

Overview

The XMC-SSR and XMC-10SSR series are military-certified secure switch routers that take full advantage of SOC-E’s advanced and well-known networking technology to ensure secure, reliable and high-available communications in the most demanding battlefield environments for land, air and sea platforms. 

 The switching electronics are implemented in a high-performance FPGA, allowing the devices to be fully customized to each customer’s specific requirements. This MOTS approach, based on a field-proven COTS solution to minimize project risk, results in an all-in-one device, that combines switching, routing, firewall and edge computing capabilities in single hardware platform.

Fully compliant with VITA 42/61 standards and SOSA aligned, the XMC-SSR/XMC-10SSR series can adapt to almost any situation and meet the requirements of the harshest military programmes.

Key Features

  1. Up to 17 configurable Ethernet 10/100/1000BASE-T and 1GbE/10GbE ports
  2. Full in-house design (including networking and synchronization IP Cores) based on a reconfigurable MPSoC platform with edge computing capabilities
  3. Firewall and VPN capabilities, combined with advanced security means including IEEE 802.1X and MACsec, among others
  4. Optional “Zero-Packet Loss” redundancy based on HSR/PRP protocols for high-availability communications
  5. Simplified management and monitoring via a user-friendly HTTPS web interface or a flexible console port
  6. Compliant with VITA 42.0, VITA 61.0, VITA 42.3 and SOSA aligned

Technical Specifications

  • Communication Interfaces

    • P15 connector:
      • 1x 1G/10G PCIe port for attachment to a second source on the carrier
    • P16 connector:
      • 4x 1000BASE-T ports
      • Up to 8x 1000BASE-(K)X or 10GBASE-(K)R ports
      • 1x 1000BASE-(K)X Service port 
      • 1x UART serial line
      • 1x PPS output
      • 1x PPS input
      • 1x optional IRIG-B output 
      • 1x optional IRIG-B input
      • 1x optional 10MHz oscillator input
    • Frontal I/O interfaces (only in Air-Cooled version):
      • 4x 1G/10G SFP+ ports
  • Layer 2 Features

    • IEEE 802.3-2008 (Ethernet)
    • Automatic MAC address learning and aging
    • Static MAC Table
    • Port-Based Virtual LANs (VLANs):
      • Logical segmentation of network for optimal use of bandwidth
      • IEEE 802.1Q for VLAN tagging (up to 4K VLAN groups)
      • IEEE 802.1p for Class of Service (CoS) / Quality of Service (QoS)
    • IEEE 802.1AB for Link Layer Discovery Protocol (LLDP)
    • Port rate limiting
    • Storm control for flooded broadcast, multicast and unicast
    • Layer 2 multicast filtering
    • IGMP Snooping (up to 1024 multicast filters)
    • Flexible Link Aggregation (up to 4 groups with 8 members each) (Expected 2025)
  • Redundancy

    • Spanning Tree Protocol:
      • IEEE 802.1D (STP)
      • IEEE 802.1w (RSTP)
      • IEEE 802.1s (MSTP)
    • Zero-Recovery Time redundancy (optional):
      • High-availability Seamless Redundancy (HSR) – IEC 62439-3 Clause 5
      • Parallel Redundancy Protocol (PRP) – IEC 62439-3 Clause 4
  • Layer 3 Features

    • IPv4/IPv6 unicast and multicast routing
    • Static routing
    • Dynamic routing:
      • OSPFv2, OSPFv3
      • RIPv1, RIPv2, RIPng
      • BGPv4
      • EIGRP
      • PIM-SM (IPv4 and IPv6)
    • Virtual Router Redundancy Protocol (VRRP)
    • DSCP ToS / QoS (optional)
    • Source / Destination NAT (optional)
  • Security

    • IEEE 802.1X for port-based network access control
    • MAC port binding & authentication for login security
    • RADIUS authentication
    • LDAP (Lightweight Directory Access Protocol)
    • RBAC (Role Based Access Control)
    • Selective ports disabling capability
    • Unsecure protocols disabling capability
    • Per port ingress and egress port mirroring including 10G mirroring
    • Mirroring per VLAN and per content awareness match
    • HTTPS for web interface
    • Secure Shell (SSH) Protocol v2 for command line interface
    • TPM 2.0 IC for identity authentication
    • Encryption/authentication & signature for firmware and bitstream
    • Secure-boot capability
    • IEEE 802.1AE – MACsec (Media Access Control Security) support
    • Custom ACLs (optional)
    • Virtual Private Network (VPN):
      • Site to site and remote VPN support
      • IPsec VPN tunnels
      • L2TP VPN tunnels
      • PPTP VPN tunnels
      • Gretap VPN tunnels
      • SSL-based OpenVPN (optional)
      • IPsec aggregate performance: 75Mbps / 250Mbps (optional) with AES256-SHA256, 1500 bytes packet size.
    • Stateful inspection firewall:
      • Firewall performance: 600Mbps (with std. configuration)
      • Unlimited concurrent connections
      • IPv6 firewalling (optional)
      • Stateful failover (optional)
    • Other optional security features:
      • Intrusion Prevention System / Intrusion Detection System
      • Antivirus Scanning
      • DoS Protection
      • Botnet blocking (IP reputation)
      • Web content filtering
      • Application visibility and control

    Not all the features may be supported in all the product models. 

  • Gateway

    • Edge-computing capabilities for user defined applications
    • Support for DDS standard and MQTT protocol in KVM Virtual Machine for user application
  • Synchronization

    • IEEE 1588-2008 v2 (PTPv2)
    • IEEE 1588 Stateless Transparent Clock (TC)
    • IEEE 1588 Ordinary Clock (Master-Slave)
    • Time Bridge operation: NTP <-> PTP
    • NTP (Server/Client)
    • Optional IRIG-B – Time Code Formats (distributed as DCLS pulse-width coded signal)
  • Configuration & Management

    • HTTPS web interface
    • SSHv2 command line interface (CLI)
    • SNMP V1/V2c/V3 protocol support
    • SNMP V3 encrypted authentication and access security
    • SNMP over TLS support (optional)
    • Netconf protocol support (optional)
    • Encrypted and digitally signed firmware/bitstream upgrades
    • Saving and restoring configuration
    • Graphic representation of Network status (only in HSR/PRP networks)
    • Statistics independent per port
    • Internal status monitoring and logging
    • Event notification through Syslog
    • DHCP/DHCPv6 server and relay (optional)
    • Built-in-Test capability including:
      • PBIT (Power-on BIT)
      • CBIT (Continuous BIT)
      • IBIT (Initiated BIT)
    • In-band management via any Ethernet switch port or out-of-band via Ethernet (service port)
    • UART serial console
  • Processing

    • Xilinx Ultrascale+ MPSoC device:
      • 4x 64bit CPU ARM-Cortex-A53
      • 2x 32bit CPU ARM-Cortex-R5F
      • 1x GPU ARM-Mali 400MHz
      • 1x 16nm UltraScale+ FPGA
    • Up to 4GB DDR4 RAM memory
    • 32GB eMMC Flash memory
    • 512Mb QSPI Flash memory
  • Physical & Electrical Characteristics

    • Dimensions (mm): 
      • Air-Cooled version (with SFP+ ports): 167.5(W) | 74(D) | 9.5(H-TOP)
      • Conduction-Cooled version (w/o SFP+ ports): 143.75(W) | 74(D) | 4.7(H-TOP) 
    • Weight (g): 
      • Air-Cooled version: 128
      • Conduction-Cooled version: 118
    • Power input as defined in VITA 42.0 standard:
      • VPWR: +5VDC or +12VDC
      • +3V3: required
      • +3V3_aux: required
      • +/-12V: not required
    • Power consumption: 15-25W (depends on the FPGA design)
  • Environmental

    • Design to meet the following environmental specifications:

    Specifications per VITA 47

    Air-Cooled

    Conduction-Cooled

    Operating Temperature

    AC3 (-40 to +70ºC)

    CC4 (-40 to +85ºC)

    Non-Operating Temperature

    C3 (-50 to +100ºC)

    C4 (-55 to +105ºC)

    Vibration

    V2 (0.04g2/Hz; 5 to 2000Hz)

    V3 (0.1g/Hz; 5 to 2000Hz)

    Operating Shock

    OS1 (20g, 11ms)

    OS2 (40g, 11ms)

    Relative Humidity

    0-95%

    0-95%

     

    With enhanced cooling system in the equipment

  • MTBF

    • 2,054,951 hours GB@25
    • MTTR = 0.5 hour
  • Warranty

    • 2 years
  • Export Control

    • ITAR Free
  • Standards

    • VITA 42.0
    • VITA 61.0
    • VITA 42.3
    • P16 mapping optimised for the following VITA 46.9 profiles:
      • X32s+X8+X12d
      • X24s+X8d+X12d (only 2x 1000BASE-T)
    • Developed in alignment with the following SOSA profiles: 
      • X16s+X8d+X12d (only 2x 1000BASE-T) 

    For more information, please contact your sales representative.

Downloads

BR_XMC_SSR&XMC_10SSR-w
pdf