Extensible FRER Security Testbed in a Box

Time-Sensitive Networking (TSN) is expected to provide reliable, low-latency communication for critical systems. Leveraging the Frame Replication and Elimination for Reliability (FRER) protocol, it protects against packet loss by replicating individual packets and delivering them on disjoint forwarding paths. FRER does not contain any in-built security solutions, and several FRER-related security vulnerabilities have recently been identified that could undermine TSN's ultimate goal of providing extreme reliability. In this paper, we introduce a comprehensive security-focused testbed for analyzing FRER vulnerabilities. Our self-contained setup employs open and adaptable components, runnable on a single server, ensuring flexibility and accessibility. Leveraging eBPF/XDP, it efficiently implements FRER's data plane functionalities, accommodating both fast-path and slow-path attacks. Parameters like delay, jitter, loss rate, and bandwidth are easily customizable. We validate the testbed's effectiveness with various attack scenarios.