Overview
Private Island is an open source FPGA-based project for Gigabit Ethernet networking. It's primary purpose is for building an open, trustworthy, and extensible foundation for packet processing, IoT, and control (e.g., sensors, motors, etc.).
When the FPGA filters certain addresses, ports, and / or protocols, we are able to confirm at the hardware layer that this has been accomplished. This is in stark contrast to off-the-shelf SoC implementations, which require developers & users to make assumptions of multiple layers (typically opaque) being free of bugs, back doors, and resident spies / spyware.
The open FPGA-based architecture supports numerous, highly parallel functions implemented at Ethernet line rate (125 MHz x 8-bit). Our Darsena development board, which is Arduino form factor and pin out compatible, supports Ethernet connectivity via two on-board Gigabit Ethernet PHYs and integrates an ARM micro controller, debuggers, and offers expansion via Arduino-style connectors.
Note: shown with optional third Ethernet port
Project Highlights
Soft Gigabit / 100 Mbit Ethernet switch
Real-time packet filtering, inspection, and mirroring
Gigabit Ethernet MAC controller for external micro controller
Customizable metrics. Stream them to the host of your choice.
Dozens of expansion I/O
It's an FPGA and open source, so the applications are endless.
The figure below shows a block diagram of the FPGA Verilog modules comprising a typical Private Island instantiation. Note that the SERDES/PCS functionality is provided by a hard macrocell inside the Lattice ECP5UM. The receive (rx) path is into the soft Ethernet switch, and the transmit path is out of the switch.
The source code, which had been hosted on Github, is moving here on mindchasers.com using CGit. We plan to have it back on line during the month of April, 2019.
Project Goals
Strive for modularity and simplicity
Extensible: add new generators, receivers, and packet forwarding
Limited number of dependencies and only when necessary
Enable connecting new modules for new applications
Deterministic packet visibility from inside and outside the FPGA
Our Development Board: Darsena
- Arduino form-factor compatible with dozens of I/O for expansion and shield support
- Lattice ECP5UM FPGA (45K LUTs with integrated PCS/SERDES)
- Two Texas Instruments DP83867 Gigabit PHYs
- NXP Kinetis K02 Microcontroller with ARM Cortex M4 core
- Micron SPI ROM
The figure below shows the Lattice Diamond IDE with the Physical Viewer window enabled. This viewer shows the routing of an instantiation of Private Island with one of the wires of the Ethernet rx_data bus highlighted.
The next figure shows the Lattice Diamond Reveal Analyzer active with a trace of the Ethernet receive path. This gives new meaning to the concept of packet inspection and enables developers to see packets within their FPGA as it traverses their device.
