TY - GEN
T1 - PTP Security Measures and their Impact on Synchronization Accuracy
AU - Rezabek, Filip
AU - Helm, Max
AU - Leonhardt, Tizian
AU - Carle, Georg
N1 - Publisher Copyright:
© 2022 IFIP.
PY - 2022
Y1 - 2022
N2 - The Precision Time Protocol (PTP) synchronizes clocks in a network with high precision. The protocol finds use in many areas, such as smart manufacturing, intra-vehicular networks, and critical infrastructure. It becomes clear that striving for security is an important goal. If an attacker succeeds in disturbing the network synchronization, the impact can result in a cascading set of failures. Unfortunately, neither the previous two IEEE standards for PTP, nor the popular implementation linuxptp, feature or implement sufficient security options.This work focuses on implementing the security extensions for PTP based on the latest PTP standard IEEE 1588-2019 to minimize the threat of attacks and their possible impact. We provide a detailed analysis on PTP synchronicity and security. Based on that, we design and implement software-only tooling to quantify the PTP performance using commercial off-The-shelf hardware and open-source solutions on a linear topology with four to nine hops.The measurements compare the End-To-End (E2E) and Peer-To-Peer (P2P) delay calculation modes and the usage of Transparent Clocks (TC) in parts of the network. Both E2E and P2P show visible degradation of clock synchronization with each hop and standard deviations of 118.6 to 571 ns. The TCs perform better, demonstrating a standard deviation between 90 to 140 ns on four to nine hops. We evaluate different logSyncInterval values corresponding to different PTP profiles and do not observe a major impact on the clock behavior caused by the extensions. The measurement precision of the system is within ±40 ns.Our evaluation of the newly implemented security extensions to linuxptp shows that the security extensions do not have a significant impact on the clock synchronization and our approach is a feasible addition to PTP. Besides, our contributions can aid network managers in assessing their PTP synchronicity systematically.
AB - The Precision Time Protocol (PTP) synchronizes clocks in a network with high precision. The protocol finds use in many areas, such as smart manufacturing, intra-vehicular networks, and critical infrastructure. It becomes clear that striving for security is an important goal. If an attacker succeeds in disturbing the network synchronization, the impact can result in a cascading set of failures. Unfortunately, neither the previous two IEEE standards for PTP, nor the popular implementation linuxptp, feature or implement sufficient security options.This work focuses on implementing the security extensions for PTP based on the latest PTP standard IEEE 1588-2019 to minimize the threat of attacks and their possible impact. We provide a detailed analysis on PTP synchronicity and security. Based on that, we design and implement software-only tooling to quantify the PTP performance using commercial off-The-shelf hardware and open-source solutions on a linear topology with four to nine hops.The measurements compare the End-To-End (E2E) and Peer-To-Peer (P2P) delay calculation modes and the usage of Transparent Clocks (TC) in parts of the network. Both E2E and P2P show visible degradation of clock synchronization with each hop and standard deviations of 118.6 to 571 ns. The TCs perform better, demonstrating a standard deviation between 90 to 140 ns on four to nine hops. We evaluate different logSyncInterval values corresponding to different PTP profiles and do not observe a major impact on the clock behavior caused by the extensions. The measurement precision of the system is within ±40 ns.Our evaluation of the newly implemented security extensions to linuxptp shows that the security extensions do not have a significant impact on the clock synchronization and our approach is a feasible addition to PTP. Besides, our contributions can aid network managers in assessing their PTP synchronicity systematically.
KW - PTP
KW - TSN
KW - clocks
KW - security
KW - synchronicity
UR - http://www.scopus.com/inward/record.url?scp=85143913970&partnerID=8YFLogxK
U2 - 10.23919/CNSM55787.2022.9964658
DO - 10.23919/CNSM55787.2022.9964658
M3 - Conference contribution
AN - SCOPUS:85143913970
T3 - Proceedings of the 2022 18th International Conference of Network and Service Management: Intelligent Management of Disruptive Network Technologies and Services, CNSM 2022
SP - 109
EP - 117
BT - Proceedings of the 2022 18th International Conference of Network and Service Management
A2 - Charalambides, Marinos
A2 - Papadimitriou, Panagiotis
A2 - Cerroni, Walter
A2 - Kanhere, Salil
A2 - Mamatas, Lefteris
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 18th International Conference of Network and Service Management, CNSM 2022
Y2 - 31 October 2022 through 4 November 2022
ER -