Fijosat - The development of a satellite enabled secure access device for remotely located equipment

Objectives

There was a number of key objectives that are provided by the Fijosat project. These objectives are as follows, 

  • Security: - The solution will meet the highest standards in terms of its encrypted connectivity over satellite. 
  • Adaptability: - The solution is product-agnostic and it can access any client IP equipment regardless of manufacturer.  
  • Cost Effectiveness: - The solution can reduce remote access and support costs by up to 85% by clearing faults remotely thus leaving engineers to deal with issues that require on-site presence only. 
  • To deliver secure remote services where there is No dedicated digital line required: The solution does not require a dedicated line or dedicated VPN setup which represents an enormous saving to our clients and their customers’ year-on-year.

Challenges

The product uses new BGAN radio modules. IP device management demands a reasonably high data rate consistent with traditional ISDN-type services. This can be provided with BGAN services. 

This development will integrate the various network access technologies, including satellite, in a single product solution providing business continuity for our customers.

Benefits

The Fijosat development allows us deliver a more versatile product into the market, thereby disrupting the incumbent companies by,

  • Reduction in installation costs
  • Securing communications management (using our patented connectivity solution)
  • Providing operational oversight and reduced cost of ownership

Features

  • It eliminates unnecessary call-outs
  • It is simple to install
  • It is totally secure
  • It requires NO CUSTOMER intervention
  • All control decisions are made by the Fijowave Portal Appliance, which can only be interacted with through specific, secured interfaces 
  • Secure communications
    • TLS, SSH2, AES encryption
    • No requirements for custom firewall settings
  • Authentication and Authorization
    • Each Fijosat will have a unique public key fingerprint used to authenticate it with the Portal server
    • Pre-shared public key authorizes the Portal server connection to Fijosat.
  • User account monitoring and continuous auditing
  • Session audit trailing
  • Scaling - Portal server can be horizontally scaled across multiple physical servers and managed internally by a private, un-routed, network, providing redundancy and geographic resilience.

System Architecture

The on-premises product consists of a hybrid satellite/cellular device. The main components of the product are, 

  • BGAN Radio module (INMARSAT BRM)
  • Cellular radio module (2G, 3G, LTE)
  • GNSS receiver
  • Wi-Fi transceiver (up to 802.11 ac)
  • 2 x Gigabit Ethernet ports one with PoE
  • Linux core on ARM 

This device connects to the Fijowave Portal which securely manages access to the IP based equipment on the remote customer site 

Plan

  • Baseline Design Review (BDR) – November 16th 2017
  • Critical Design Review (CDR) – July 5th 2018
  • Factory Acceptance Test (FAT) – 25th January 2019
  • System Deployment Acceptance (SDA) – 8th March 2019
  • Final Report Meeting (FR) – June 4th 2019 

Current status

The project has completed its initial requirements capture process, 

  • 3rd Party BGAN terminals have been validated on the Fijoport System
  • Preliminary connectivity has been verified using the Inmarsat BRM developer kit
  • The BDR milestone meeting has been successfully completed with ESA on 16th November 2017.
  • Antenna and front-end module designs have been initially assessed
  • Compliance requirements have been reviewed face to face with Inmarsat and the associated scope of work and compliance requirements discussed.

Contacts

ESA Contacts

Status date

Tuesday, November 28, 2017 - 11:06