Strategies to Protect Time Transfer in ST 2059-2 PTP Networks

Abstract

As the SMPTE ST 2059 standards for accurate synchronization and time labeling gain traction, it is important for users and system integrators alike to understand how time transfer, using the IEEE 1588 Precision Time Protocol (PTP), could be affected by unintentional malfunctioning or misconfigured devices as well as by malicious attacks. Given the mission-critical nature of broadcast infrastructure, secured time distribution is rapidly becoming a mandatory requirement. Although ST 2059-2 defines a PTP profile, it does not address how to secure all parts that define the timing system. The IEEE 1588 standard provides a certain level of fault tolerance by autonomously activating an auxiliary reference in the case of loss of the primary time source. Yet, PTP time transfer is not sufficiently well protected to either withstand deliberate attacks or cope with misconfigured or malfunctioning devices. Consequently, both scenarios must be investigated in detail. This entails a thorough analysis of all the relevant attacks on Global Navigation Satellite System (GNSS) receivers to misaligned message rates or corrupted messages, to name but a few. This article addresses ways to secure different components of the timing system, ranging from the Master clock(s) across the IP network and finally to the media nodes generating or receiving ST 2110 flows. Beyond securing the timing system, special care should be taken to immediately identify potentially harmful degradations and/or failures using multiple approaches that provide efficient means to correlate events. This is covered by a series of recommendations and best practices to ensure operational stability.