PTP; gPTP; Cybersecurity; TSN; ime Synchronization; Security Controls; Authentication
Abstract :
[en] In recent years, the scientific community has been focusing on deterministic Ethernet, which has helped drive the adoption of Time-Sensitive Networking (TSN) standards. Precision Time Protocol (PTP), specified in IEEE1588, is a TSN standard that enables network devices to be synchronized with a degree of precision that is noticeably higher than other Ethernet synchronization protocols. Generic Precision Time Protocol (gPTP), a profile of PTP, is designed to have low latency and jitter, which makes it suitable for industrial applications. However, like PTP, gPTP does not have any built-in security measures. In this work, we assess the efficacy of additional security mechanisms that were suggested for inclusion in IEEE 1588 (PTP) 2019. The analysis consists of implementing these security mechanisms on a physical gPTP-capable testbed and evaluating them on several high-risk attacks against gPTP.
Research center :
University of Luxembourg
Disciplines :
Computer science
Author, co-author :
Fotouhi, Mahdi ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Buscemi, Alessio; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Jomrich, Florian; Honda R&D (Germany)
Koebel, Christian; Honda R&D (Germany)
Engel, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
External co-authors :
yes
Language :
English
Title :
Evaluation of PTP Security Controls on gPTP
Publication date :
09 July 2023
Event name :
28th IEEE Symposium on Computers and Communications (ISCC)
Event date :
from 9-07-2023 to 12-07-2023
Audience :
International
Main work title :
28th IEEE International Symposium on Computers and Communications (ISCC 2023), Tunis, July 2023
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR15381341 - Securing Time Critical Traffic In (Next Gen) Automotive Networks, 2020 (01/06/2021-31/05/2024) - Thomas Engel
Name of the research project :
SETICA
Funders :
FNR - Fonds National de la Recherche [LU] Honda R&D
IEEE Std 1588?-2019, "IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, " IEEE SA, Standard, 2019.
L. Deng, G. Xie, H. Liu, Y. Han, R. Li, and K. Li, "A survey of real-Time ethernet modeling and design methodologies: From AVB to TSN, " ACM Computing Surveys (CSUR), vol. 55, no. 2, pp. 1-36, 2022.
"IEEE Draft Standard for Local and Metropolitan Area Networks-Timing and Synchronization for Time-Sensitive Applications in Bridged Local Area Networks, " IEEE Draft Std P802.1AS/D2.0 Feb 2008, 2008.
M. Fotouhi, A. Buscemi, A. Boualouache, F. Jomrich, C. Koebel, and T. Engel, "Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed, " 2023 IEEE Vehicular Networking Conference (VNC), 2023.
N. Finn, "Introduction to time-sensitive networking, " IEEE Communications Standards Magazine, vol. 2, no. 2, pp. 22-28, 2018.
L. L. Bello and W. Steiner, "A perspective on IEEE time-sensitive networking for industrial communication and automation systems, " Proceedings of the IEEE, vol. 107, no. 6, pp. 1094-1120, 2019.
M. Mizrahi, "RFC 7384: Security requirements of time protocols in packet switched networks, " Tools. ietf. org (online) https://tools. ietf. org/html/rfc7384 (accessed 26 Sep 2020), 2014.
"IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, " IEEE Std 1588-2019 (Revision ofIEEE Std 1588-2008), pp. 1-499, 2020.
C. Onal and H. Kirrmann, "Security improvements for IEEE 1588 Annex K: Implementation and comparison of authentication codes, " in 2012 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication Proceedings, IEEE, 2012, pp. 1-6.
E. Itkin and A. Wool, "A security analysis and revised security extension for the precision time protocol, " IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, pp. 22-34, 2020.
W. Alghamdi and M. Schukat, "Advanced methodologies to deter internal attacks in PTP time synchronization networks, " in 2017 28th Irish Signals and Systems Conference (ISSC), IEEE, 2017, pp. 1-6.
N. Moreira, J. Lazaro, J. Jimenez, M. Idirin, and A. Astarloa, "Security mechanisms to protect IEEE 1588 synchronization: State of the art and trends, " in 2015 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS), IEEE, 2015, pp. 115-120.
"IEEE Standard for Local and metropolitan area networks-Media Access Control (MAC) Security, " IEEE Std 802.1AE-2018 (Revision of IEEE Std 802.1AE-2006), pp. 1-239, 2018.
J. Day and H. Zimmermann, "The OSI reference model, " Proceedings of the IEEE, vol. 71, no. 12, pp. 1334-1340, 1983.
S. Kent and R. Atkinson, Security architecture for the internet protocol, 1998.
S. Kent and R. Atkinson, "IP encapsulating security payload (ESP), " 1998.
W. Alghamdi and M. Schukat, "Precision time protocol attack strategies and their resistance to existing security extensions, " Cybersecurity, vol. 4, no. 1, pp. 1-17, 2021.
D. T. Chen, "Secure 1588 in HeNB/Femtocell application, " Time & Sync Telecoms, ITSF, 2013.
I. S. Association, "IEEE Standard for Local and metropolitan area networks-Frame Replication and Elimination for Reliability, " C/LM-LAN/MAN Standards Committee, 2017.
A. Buscemi, M. Ponaka, M. Fotouhi, F. Jomrich, C. Koebel, and T. Engel, "An Intrusion Detection System Against Rogue Master Attacks on gPTP, " 2023 IEEE Vehicular Technology Conference (VTC), 2023.
B. Weis, S. Rowles, and T. Hardjono, "The group domain of interpretation, " Internet Request for Comments, vol. 6407, 2011.
A. Perrig, D. Song, R. Canetti, J. Tygar, and B. Briscoe, "Timed efficient stream loss-Tolerant authentication (TESLA): Multicast source authentication transform introduction, " Request For Comments, vol. 4082, 2005.
E. Shereen, F. Bitard, G. Dan, T. Sel, and S. Fries, "Next steps in security for time synchronization: Experiences from implementing IEEE 1588 v2. 1, " in 2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS), IEEE, 2019, pp. 1-6.