Private Island Networks Inc.

Private Island: Open Source FPGA-Based Network Processor for Privacy, Security, IoT, and Control

Overview of the Private Island project for networking including highlights, goals, and a brief description of the development board.

Overview

Private Island ® is an open source FPGA-based project for Ethernet networking. It's primary purpose is for building an open, trustworthy, and extensible foundation for packet processing, IoT, test & measurement, and control (e.g., sensors, motors, etc.) applications.

When the FPGA filters or detects specific addresses, ports, protocols, and data, we are able to confirm at the hardware layer that this has been accomplished. This is in stark contrast to off-the-shelf SoC implementations, which require developers & users to make assumptions of multiple layers (typically opaque) being free of bugs, back doors, and resident spies / spyware. This is a form of zero-trust networking.

The open FPGA-based architecture supports numerous, highly parallel functions implemented at 1G and 10G Ethernet line rates.

The source code is hosted here.

Project documentation is here.

Private Island ® Conceptual Block Diagram
Private Island System Concept

Project Highlights

Soft Ethernet switching

Real-time packet detection, filtering, inspection, and mirroring

Soft Ethernet MAC and internal controller / CPU (optional)

Customizable metrics. Stream them to the host of your choice.

Expansion I/O

It's an FPGA and open source, so the applications are endless.

The figure below shows a block diagram of the FPGA Verilog modules comprising a typical Private Island instantiation. Note that the SERDES/PCS may be provided by a hard macrocell inside an FPGA. The receive (rx) path is into the soft Ethernet switch, and the transmit path is out of the switch.

An alternative implementation is using RGMII for the PHY interface (not shown).

development block diagram
Private Island ® FPGA Modular Architecture

Project Goals

Strive for modularity and simplicity

Extensible: add new generators, receivers, and packet forwarding

Limited number of dependencies and only when necessary

Enable connecting new modules for new applications

Deterministic packet visibility from inside and outside the FPGA

The figure below shows the Lattice Diamond IDE with the Physical Viewer window enabled. This viewer shows the routing of an instantiation of Private Island ® with one of the wires of the Ethernet rx_data bus highlighted.

Diamond IDE showing Physical Viewer
Lattice Diamond IDE showing Physical Viewer

The next figure shows the Lattice Diamond Reveal Analyzer active with a trace of the Ethernet receive path. This gives new meaning to the concept of packet inspection and enables developers to see packets within their FPGA as it traverses their device.

Diamond IDE showing Physical Viewer
Lattice Diamond Reveal Logic Analyzer

Submitting Patches

Please submit all Git patches to opensource@privateisland.tech. An acceptable flow is defined below:

  1. Unless the patch is trivial or documentation related, make sure the changes are tested and describe the tests within your commit.
  2. Install git-email. See git-scm.com reference
  3. Set up necessary Git config records for user (e.g., name) and sendemail (e.g., smtpserver)
  4. Create your commit in your local clone against the most recent commit of the master branch.
  5. Within your commit, clearly state what has been changed, why it was necessary, and how it was tested. Follow best Git practices (references to be added).
  6. The first line of commit should provide a clear summary using the following template: "<module>: changes to <module>" (e.g., switch: optimize tx prioritization)
  7. On the command line, execute: git format-patch -1 --subject-prefix='private-island][PATCH'. The prefix will add the following to the commit subject line: [private-island][PATCH]
  8. email patch using "git send-email" as shown in the example below.
$ git send-email --to opensource@privateisland.tech --suppress-cc=all <commit subject>.patch 

If you have questions about the process on patching the Private Island repo, please email us at opensource@privateisland.tech and prefix the subject with "[private-island][Question]"

Didn't find an answer to your question? Post your issue below or in our new FORUM, and we'll try our best to help you find a solution.

And please note that we update our site daily with new content related to our open source approach to network security and system design. If you would like to be notified about these changes, then please join our mailing list.

Related articles on this site:

share
subscribe to mailing list:

Date: Jan. 24, 2020

Author: Michael

Comment:

Dear mindchasers, is the schematic for the Darsena board available? Is it open source? Thank you, Michael

Date: Feb. 4, 2020

Author: Mind Chasers

Comment:

Not yet, but we're moving in this direction. We still need to adopt an open source hardware license that we believe will protect us against any and all claims, especially in the domain of power circuits and PCB layout. It's our understanding that there is still work to be done in this area.

Date: Aug. 14, 2020

Author: Adi

Comment:

Your documentation for Private Island is great. As an aside, is there any work by Mind Chasers on neural nets/networks?

Add a new comment here or reply to one above:

your email address will be kept private
authenticate with a 3rd party for enhanced features, such as image upload
previous month
next month
Su
Mo
Tu
Wd
Th
Fr
Sa
loading