Evaluation of PTP Security Controls on gPTP

Fotouhi, Mahdi; Buscemi, Alessio; Jomrich, Florian; Koebel, Christian; Engel, Thomas

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Evaluation of PTP Security Controls on gPTP

Fotouhi, Mahdi; Buscemi, Alessio; Jomrich, Florian et al.

2023 • In 28th IEEE International Symposium on Computers and Communications (ISCC 2023), Tunis, July 2023

Peer reviewed

Permalink
https://hdl.handle.net/10993/55181

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

Security_Controls_paper-1.pdf

Author preprint (692.27 kB)

Download

Copyright © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. 28th IEEE International Symposium on Computers and Communications (ISCC 2023)

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

PTP; gPTP; Cybersecurity; TSN; ime Synchronization; Security Controls; Authentication

Abstract :

[en] In recent years, the scientific community has been focusing on deterministic Ethernet, which has helped drive the adoption of Time-Sensitive Networking (TSN) standards. Precision Time Protocol (PTP), specified in IEEE1588, is a TSN standard that enables network devices to be synchronized with a degree of precision that is noticeably higher than other Ethernet synchronization protocols. Generic Precision Time Protocol (gPTP), a profile of PTP, is designed to have low latency and jitter, which makes it suitable for industrial applications. However, like PTP, gPTP does not have any built-in security measures. In this work, we assess the efficacy of additional security mechanisms that were suggested for inclusion in IEEE 1588 (PTP) 2019. The analysis consists of implementing these security mechanisms on a physical gPTP-capable testbed and evaluating them on several high-risk attacks against gPTP.

Research center :

University of Luxembourg

Disciplines :

Computer science

Author, co-author :

Fotouhi, Mahdi ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

Buscemi, Alessio; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

Jomrich, Florian; Honda R&D (Germany)

Koebel, Christian; Honda R&D (Germany)

Engel, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

External co-authors :

yes

Language :

English

Title :

Evaluation of PTP Security Controls on gPTP

Publication date :

09 July 2023

Event name :

28th IEEE Symposium on Computers and Communications (ISCC)

Event date :

from 9-07-2023 to 12-07-2023

Audience :

International

Main work title :

28th IEEE International Symposium on Computers and Communications (ISCC 2023), Tunis, July 2023

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

FnR Project :

FNR15381341 - Securing Time Critical Traffic In (Next Gen) Automotive Networks, 2020 (01/06/2021-31/05/2024) - Thomas Engel

Name of the research project :

SETICA

Funders :

FNR - Fonds National de la Recherche [LU]
Honda R&D

Available on ORBilu :

since 18 May 2023

Statistics

Number of views

165 (33 by Unilu)

Number of downloads

182 (10 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

IEEE Std 1588?-2019, "IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, " IEEE SA, Standard, 2019.
L. Deng, G. Xie, H. Liu, Y. Han, R. Li, and K. Li, "A survey of real-Time ethernet modeling and design methodologies: From AVB to TSN, " ACM Computing Surveys (CSUR), vol. 55, no. 2, pp. 1-36, 2022.
"IEEE Draft Standard for Local and Metropolitan Area Networks-Timing and Synchronization for Time-Sensitive Applications in Bridged Local Area Networks, " IEEE Draft Std P802.1AS/D2.0 Feb 2008, 2008.
M. Fotouhi, A. Buscemi, A. Boualouache, F. Jomrich, C. Koebel, and T. Engel, "Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed, " 2023 IEEE Vehicular Networking Conference (VNC), 2023.
N. Finn, "Introduction to time-sensitive networking, " IEEE Communications Standards Magazine, vol. 2, no. 2, pp. 22-28, 2018.
L. L. Bello and W. Steiner, "A perspective on IEEE time-sensitive networking for industrial communication and automation systems, " Proceedings of the IEEE, vol. 107, no. 6, pp. 1094-1120, 2019.
M. Mizrahi, "RFC 7384: Security requirements of time protocols in packet switched networks, " Tools. ietf. org (online) https://tools. ietf. org/html/rfc7384 (accessed 26 Sep 2020), 2014.
"IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, " IEEE Std 1588-2019 (Revision ofIEEE Std 1588-2008), pp. 1-499, 2020.
C. Onal and H. Kirrmann, "Security improvements for IEEE 1588 Annex K: Implementation and comparison of authentication codes, " in 2012 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication Proceedings, IEEE, 2012, pp. 1-6.
E. Itkin and A. Wool, "A security analysis and revised security extension for the precision time protocol, " IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, pp. 22-34, 2020.
W. Alghamdi and M. Schukat, "Advanced methodologies to deter internal attacks in PTP time synchronization networks, " in 2017 28th Irish Signals and Systems Conference (ISSC), IEEE, 2017, pp. 1-6.
N. Moreira, J. Lazaro, J. Jimenez, M. Idirin, and A. Astarloa, "Security mechanisms to protect IEEE 1588 synchronization: State of the art and trends, " in 2015 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS), IEEE, 2015, pp. 115-120.
"IEEE Standard for Local and metropolitan area networks-Media Access Control (MAC) Security, " IEEE Std 802.1AE-2018 (Revision of IEEE Std 802.1AE-2006), pp. 1-239, 2018.
J. Day and H. Zimmermann, "The OSI reference model, " Proceedings of the IEEE, vol. 71, no. 12, pp. 1334-1340, 1983.
S. Kent and R. Atkinson, Security architecture for the internet protocol, 1998.
S. Kent and R. Atkinson, "IP encapsulating security payload (ESP), " 1998.
W. Alghamdi and M. Schukat, "Precision time protocol attack strategies and their resistance to existing security extensions, " Cybersecurity, vol. 4, no. 1, pp. 1-17, 2021.
D. T. Chen, "Secure 1588 in HeNB/Femtocell application, " Time & Sync Telecoms, ITSF, 2013.
I. S. Association, "IEEE Standard for Local and metropolitan area networks-Frame Replication and Elimination for Reliability, " C/LM-LAN/MAN Standards Committee, 2017.
A. Buscemi, M. Ponaka, M. Fotouhi, F. Jomrich, C. Koebel, and T. Engel, "An Intrusion Detection System Against Rogue Master Attacks on gPTP, " 2023 IEEE Vehicular Technology Conference (VTC), 2023.
B. Weis, S. Rowles, and T. Hardjono, "The group domain of interpretation, " Internet Request for Comments, vol. 6407, 2011.
A. Perrig, D. Song, R. Canetti, J. Tygar, and B. Briscoe, "Timed efficient stream loss-Tolerant authentication (TESLA): Multicast source authentication transform introduction, " Request For Comments, vol. 4082, 2005.
E. Shereen, F. Bitard, G. Dan, T. Sel, and S. Fries, "Next steps in security for time synchronization: Experiences from implementing IEEE 1588 v2. 1, " in 2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS), IEEE, 2019, pp. 1-6.
greyware. "https://www.greyware.com/software/domaintime/." (2022).
linuxptp, ptp4l. [Online]. Available: http://linuxptp.sourceforge.net/.
P. Engine, apu2e4, May 2016. [Online]. Available: https://pcengines.ch/apu2e4.htm.
T. Mizrahi, "Security requirements of time protocols in packet switched networks, " in RFC 7384, 2014.