Precision time protocol attack strategies and their resistance to existing security extensions

AbstractThe IEEE 1588 precision time protocol (PTP) is very important for many industrial sectors and applications that require time synchronization accuracy between computers down to microsecond and even nanosecond levels. Nevertheless, PTP and its underlying network infrastructure are vulnerable to cyber-attacks, which can stealthily reduce the time synchronization accuracy to unacceptable and even damage-causing levels for individual clocks or an entire network, leading to financial loss or even physical destruction. Existing security protocol extensions only partially address this problem. This paper provides a comprehensive analysis of strategies for advanced persistent threats to PTP infrastructure, possible attacker locations, and the impact on clock and network synchronization in the presence of security protocol extensions, infrastructure redundancy, and protocol redundancy. It distinguishes between attack strategies and attacker types as described in RFC7384, but further distinguishes between the spoofing and time source attack, the simple internal attack, and the advanced internal attack. Some experiments were conducted to demonstrate the impact of PTP attacks. Our analysis shows that a sophisticated attacker has a range of methodologies to compromise a PTP network. Moreover, all PTP infrastructure components can host an attacker, making the comprehensive protection of a PTP network against a malware infiltration, as for example exercised by Stuxnet, a very tedious task.

Download Full-text

Cyber Attacks on Precision Time Protocol Networks—A Case Study

Electronics ◽

10.3390/electronics9091398 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1398

Author(s):

Waleed Alghamdi ◽

Michael Schukat

Keyword(s):

Time Synchronization ◽

Cyber Attacks ◽

Ieee 1588 ◽

Advanced Persistent Threats ◽

Man In The Middle ◽

Attack Patterns ◽

Precision Time ◽

The Impact ◽

Precision Time Protocol

The IEEE 1588 precision time protocol (PTP) is used by many time-sensitive applications and systems, as it achieves sub-microsecond time synchronization between computer clocks. However, a PTP network is vulnerable to cyber-attacks that can reduce the protocol accuracy to unacceptable levels for some or all clocks in a network with potentially devastating consequences. Of particular concern are advanced persistent threats (APT), where an actor infiltrates a network and operates stealthily and over extended periods of time before being discovered. This paper investigates the impact of the most important APT strategies on a PTP network, i.e., the delay attack, packet modification or transparent clock attack, and time reference attack, using a fully programable and customizable man in the middle device, thereby considering the two most popular PTP slave daemons PTPd and PTP4l. In doing so, it determines suitable attack patterns and parameters to compromise the time synchronization covertly.

Download Full-text

An Extension to the Precision Time Protocol (PTP) to Enable the Detection of Cyber Attacks

IEEE Transactions on Industrial Informatics ◽

10.1109/tii.2019.2943913 ◽

2020 ◽

Vol 16 (1) ◽

pp. 18-27 ◽

Cited By ~ 3

Author(s):

Bassam Moussa ◽

Marthe Kassouf ◽

Rachid Hadjidj ◽

Mourad Debbabi ◽

Chadi Assi

Keyword(s):

Cyber Attacks ◽

Precision Time ◽

Precision Time Protocol

Download Full-text

Time Synchronization Technique for Mobile Base Stations over TDM-PON-Based Mobile Backhaul Using Precision Time Protocol

IEICE Transactions on Communications ◽

10.1587/transcom.2017oap0004 ◽

2018 ◽

Vol E101.B (4) ◽

pp. 979-986

Author(s):

Kazuki TANAKA ◽

Naoya NISHI ◽

Ryo INOHARA ◽

Kosuke NISHIMURA

Keyword(s):

Time Synchronization ◽

Base Stations ◽

Precision Time ◽

Mobile Backhaul ◽

Mobile Base ◽

Precision Time Protocol

Download Full-text

Application of Precision Time Protocol on Networked Control Systems

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.203.192 ◽

2012 ◽

Vol 203 ◽

pp. 192-197 ◽

Cited By ~ 1

Author(s):

Chuan Shun Yang ◽

Xiang Ying Kong

Keyword(s):

Control Systems ◽

Networked Control Systems ◽

Clock Synchronization ◽

Networked Control ◽

Detection Methods ◽

Test Results ◽

Precision Time ◽

Application Requirements ◽

Synchronization Accuracy ◽

Precision Time Protocol

In order to overcome the problem of the clock synchronization accuracy between scattered nodes was not high on traditional networked control systems, proposed a new method of using the IEEE 1588 standard for precision time protocol. First studied the principle and algorithm of precision time protocol, the best master clock algorithm and timestamp detection methods. Then presented the timestamp detection method with the use of software and hardware on networked control systems to improve clock synchronization accuracy, and analyzed the feasibility of the method in theory. Finally, tested accuracy of the clock synchronization, and the test results showed that synchronization accuracy can reach nanosecond, can meet the application requirements of the networked control systems.

Download Full-text

A Multi-Layer Security Scheme for Mitigating Smart Grid Vulnerability against Faults and Cyber-Attacks

Applied Sciences ◽

10.3390/app11219972 ◽

2021 ◽

Vol 11 (21) ◽

pp. 9972

Author(s):

Jian Chen ◽

Mohamed A. Mohamed ◽

Udaya Dampage ◽

Mostafa Rezaei ◽

Saleh H. Salmen ◽

...

Keyword(s):

Smart Grid ◽

Cyber Security ◽

Power Grid ◽

Cyber Attacks ◽

Security Protocol ◽

Comprehensive Approach ◽

Transform Method ◽

General Role ◽

Uncertainty Parameters ◽

The Impact

To comply with electric power grid automation strategies, new cyber-security protocols and protection are required. What we now experience is a new type of protection against new disturbances namely cyber-attacks. In the same vein, the impact of disturbances arising from faults or cyber-attacks should be surveyed by network vulnerability criteria alone. It is clear that the diagnosis of vulnerable points protects the power grid against disturbances that would inhibit outages such as blackouts. So, the first step is determining the network vulnerable points, and then proposing a support method to deal with these outages. This research proposes a comprehensive approach to deal with outages by determining network vulnerable points due to physical faults and cyber-attacks. The first point, the network vulnerable points against network faults are covered by microgrids. As the second one, a new cyber-security protocol named multi-layer security is proposed in order to prevent targeted cyber-attacks. The first layer is a cyber-security-based blockchain method that plays a general role. The second layer is a cyber-security-based reinforcement-learning method, which supports the vulnerable points by monitoring data. On the other hand, the trend of solving problems becomes routine when no ambiguity arises in different sections of the smart grid, while it is far from a big network’s realities. Hence, the impact of uncertainty parameters on the proposed framework needs to be considered. Accordingly, the unscented transform method is modeled in this research. The simulation results illustrate that applying such a comprehensive approach can greatly pull down the probability of blackouts.

Download Full-text

Evaluation of the impact of the time synchronization accuracy of multistatic radar positions on errors in determining the spatial coordinates of aerial objects

Radioelectronics and Communications Systems ◽

10.3103/s073527271304002x ◽

2013 ◽

Vol 56 (4) ◽

pp. 178-185

Author(s):

Yu. N. Sedyshev ◽

A. S. Dudush

Keyword(s):

Time Synchronization ◽

Spatial Coordinates ◽

Multistatic Radar ◽

The Impact ◽

Synchronization Accuracy

Download Full-text

Sysplex time synchronization using IEEE 1588 Precision Time Protocol (PTP)

IBM Journal of Research and Development ◽

10.1147/jrd.2020.3008108 ◽

2020 ◽

Vol 64 (5/6) ◽

pp. 12:1-12:9

Author(s):

S. R. Guendert ◽

J. S. Houston ◽

P. A. Wojciak ◽

S Cherniak ◽

D. L. Massey

Keyword(s):

Time Synchronization ◽

Ieee 1588 ◽

Precision Time ◽

Precision Time Protocol

Download Full-text

Performance of clock sources and their influence on time synchronization in wireless sensor networks

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719879372 ◽

2019 ◽

Vol 15 (9) ◽

pp. 155014771987937 ◽

Cited By ~ 2

Author(s):

Francisco Tirado-Andrés ◽

Alvaro Araujo

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Time Synchronization ◽

Complementary Metal Oxide Semiconductor ◽

Oxide Semiconductor ◽

Wireless Sensor ◽

Require Time ◽

High Dependency ◽

Crystal Oscillators ◽

The Impact

Wireless sensor networks require time synchronization, which is the coordination of events or actions to make a system operate in unison. In this work, real experiments and a theoretical analysis of the behavior of the clock sources, most used in wireless sensor networks, have been carried out. The experiments have been performed on two real platforms from two different manufacturers in real environments with sudden changes in temperature. Complementary metal-oxide-semiconductor oscillators have a low accuracy, bigger than 500 ppm, and a high dependency with temperature. External crystal oscillators have good accuracy, around 20 ppm, and are stable with temperature. Temperature-compensated crystal oscillators are very accurate, around 5 ppm, and the temperature has no influence in their drift. The use of phase-locked loop circuits minimizes the impact of temperature and stabilizes oscillators. We highlight and demonstrate the importance of the early stages of design, especially the selection of the clock source, because that decision has a great impact on the performance of the time synchronization in wireless sensor networks.

Download Full-text

Network Attack Path Selection and Evaluation Based on Q-Learning

Applied Sciences ◽

10.3390/app11010285 ◽

2020 ◽

Vol 11 (1) ◽

pp. 285

Author(s):

Runze Wu ◽

Jinxin Gong ◽

Weiyue Tong ◽

Bing Fan

Keyword(s):

Distribution System ◽

Path Selection ◽

Cyber Attacks ◽

Power Distribution System ◽

Q Learning ◽

Attack Model ◽

Cross Domain ◽

Time Operation ◽

Attack Path ◽

The Impact

As the coupling relationship between information systems and physical power grids is getting closer, various types of cyber attacks have increased the operational risks of a power cyber-physical System (CPS). In order to effectively evaluate this risk, this paper proposed a method of cross-domain propagation analysis of a power CPS risk based on reinforcement learning. First, the Fuzzy Petri Net (FPN) was used to establish an attack model, and Q-Learning was improved through FPN. The attack gain was defined from the attacker’s point of view to obtain the best attack path. On this basis, a quantitative indicator of information-physical cross-domain spreading risk was put forward to analyze the impact of cyber attacks on the real-time operation of the power grid. Finally, the simulation based on Institute of Electrical and Electronics Engineers (IEEE) 14 power distribution system verifies the effectiveness of the proposed risk assessment method.

Download Full-text

Connectivity as a Design Feature for Industry 4.0 Production Equipment: Application for the Development of an In-Line Metrology System

Applied Sciences ◽

10.3390/app11031312 ◽

2021 ◽

Vol 11 (3) ◽

pp. 1312

Author(s):

Ana Pamela Castro-Martin ◽

Horacio Ahuett-Garza ◽

Darío Guamán-Lozada ◽

Maria F. Márquez-Alderete ◽

Pedro D. Urbina Coronado ◽

...

Keyword(s):

Industry 4.0 ◽

Design Feature ◽

Production Equipment ◽

Smart Manufacturing ◽

Process Data ◽

Industrial Sectors ◽

Advanced Manufacturing Technologies ◽

Manufacturing Technologies ◽

Equipment Application ◽

The Impact

Industry 4.0 (I4.0) is built upon the capabilities of Internet of Things technologies that facilitate the recollection and processing of data. Originally conceived to improve the performance of manufacturing facilities, the field of application for I4.0 has expanded to reach most industrial sectors. To make the best use of the capabilities of I4.0, machine architectures and design paradigms have had to evolve. This is particularly important as the development of certain advanced manufacturing technologies has been passed from large companies to their subsidiaries and suppliers from around the world. This work discusses how design methodologies, such as those based on functional analysis, can incorporate new functions to enhance the architecture of machines. In particular, the article discusses how connectivity facilitates the development of smart manufacturing capabilities through the incorporation of I4.0 principles and resources that in turn improve the computing capacity available to machine controls and edge devices. These concepts are applied to the development of an in-line metrology station for automotive components. The impact on the design of the machine, particularly on the conception of the control, is analyzed. The resulting machine architecture allows for measurement of critical features of all parts as they are processed at the manufacturing floor, a critical operation in smart factories. Finally, this article discusses how the I4.0 infrastructure can be used to collect and process data to obtain useful information about the process.

Download Full-text