Four Reasons to Use Cipher for Avionics Testing

Wireshark is the de facto industry standard packet analyzer for network analysis, troubleshooting, and communications protocol development. It’s open source, and best of all, it’s free for anyone to download and use.

So why should an avionics software designer or a flight test engineer want to pay to license CIPHER, AIT’s Ethernet, Fibre Channel, and Fire-Wire Analyzer software? The answer is that the reality of avionics network data packet testing exceeds Wireshark’s capabilities.

Cipher Main Application Window

Jack hits the Wireshark wall

Let’s look in on Jack, a flight test engineer responsible for on-board testing of avionics networks that employ military protocols, including Ethernet, FC-AE-1553 (MilStd 1553 over Fibre Channel), ASM (Asynchronous Subscriber Messaging), and AS5643 (MilStd 1394b Firewire). He’s set up to stream Fibre Channel and Ethernet data onto Ethernet links into a flight data recorder on a test flight that will take several hours. Needless to say, at typical Ethernet data rates, the resulting data file size will be enormous, occupying many gigabytes of memory and disk space.

Even though the data is captured in the Wireshark-compatible PCAPNG format, Jack finds the files are so large that he cannot even open and view the raw data—much less decode secure and proprietary payloads using Wireshark.

Jack writes down the problems he’s facing:

  1. The flight test data files are too big to open in Wireshark.
  2. Even if he could open the file, Wireshark can’t adequately handle Fibre Channel data since it can’t decode upper layer protocols like FC-AE-1553 or ASM.
  3. He can’t write a ‘dissector’ in any reasonable time that would decode such complex data payloads.

Clearly, Jack requires a more robust data analysis solution.

CIPHER: A Packet Analyzer Designed for Avionics Networks

AIT has designed CIPHER to address Wireshark’s shortcomings with respect to common avionics applications, providing avionics and flight test engineers the tools required for thorough packet analysis of Ethernet, FC-AE-1553 (MilStd 1553 over Fibre Channel), ASM (Asynchronous Subscriber Messaging), and AS5643 (MilStd 1394b Firewire).

Jack reviewed CIPHER’s features and discovered four good reasons why buying a CIPHER license is a smart investment. Not only does it save time and effort over trying to accomplish the same tasks using Wireshark, its host of advanced features address the special requirements inherent in testing avionics and military networks.

Cipher Protocol Decode

Reason 1: CIPHER can handle huge amounts of data.

It doesn’t take advanced math to calculate just how much data streaming at 10 gigabytes/second is captured during a multi-hour test flight. Host memory limitations won’t even allow these files be opened in Wireshark. CIPHER’s database architecture eliminates the file size bottleneck. Allowing more efficient operations with large files. CIPHER users can also specify exactly which pieces of data to display via the Column Layout Builder dialog box, saving time finding exactly what you’re looking for.

Reason 2: CIPHER eliminates the need to develop “homebrew” protocol decoders.

There are few, if any, available downloadable decoders for avionics protocols such as FC-AE-1553 or AS5643. Even C/C++ programming experts will find that writing a decoder for complex proprietary protocols are a big time and effort sink. CIPHER’s Protocol Decoder eliminates C/C++ programming for avionics-specific protocols by using an XML file as the basis to decode the contents of a given frame into fields that can be referenced internally by the analyzer. When it comes to military avionics testing, CIPHER’s XML structure makes it straightforward for engineers like Jack to develop decoders for proprietary and/or secret/protected data payloads.

Cipher MIL-Firewire Topology Display

Reason 3: CIPER works right alongside Wireshark

For the flight test, Jack used AIT’s Avionics Network Data Aggregator (ANDA) to aggregate Fibre Channel and Ethernet data and then forward to the onboard flight data recorder. ANDA streamed the captured data in the popular PCAPNG file format. Knowing that the three-hour flight test resulted in a gigantic file that couldn’t be opened in Wireshark. He wanted to make sure he had captured valid data during the test flight, so he took advantage of CIPHER’s database structure and its ability to import PCAPNG files to open and view the file.

Jack’s colleague Sandra did not have a CIPHER license but she needed to check particular data extracts from the same flight test. All Jack had to do was to use CIPHER to export only the data she needed in PCAPNG format. Since this was a much smaller file, she was able to open and examine it in Wireshark.

Reason 4: CIPHER has built-in flexibility to simplify packet analysis

Similarly to Wireshark, capture data is displayed simultaneously in three ways within CIPHER: In a tabular (“spreadsheet”) view, a decoded Tree View, and also as raw HEX/ASCII. CIPHER additionally provides a  Trace View Builder that allows the user to edit and create customized filtered “Trace Views” by specifying the filter conditions to be used, the time interval to include, as well other variables. And CIPHER capabilities can be extended easily by either AIT or the user to import other Fibre Channel, Firewire, or Ethernet capture and log file formats using the public file import API provided with CIPHER.

Simplify and improve your data analysis with CIPHER

You can enjoy the same time savings and detailed analysis as Jack did by using CIPHER—Wireshark’s avionics network partner. Contact AIT today to find out how CIPHER can increase your productivity while also increasing your test and data analysis capabilities.

Learn More about CIPHER