Biblio

The Precision Time Protocol is essential for many time-sensitive and time-aware applications. However, it was never designed for security, and despite various approaches to harden this protocol against manipulation, it is still prone to cyber-attacks. Here Advanced Persistent Threats (APT) are of particular concern, as they may stealthily and over extended periods of time manipulate computer clocks that rely on the accurate functioning of this protocol. Simulating such attacks is difficult, as it requires firmware manipulation of network and PTP infrastructure components. Therefore, this paper proposes and demonstrates a programmable Man-in-the-Middle (pMitM) and a programmable injector (pInj) device that allow the implementation of a variety of attacks, enabling security researchers to quantify the impact of APTs on time synchronisation.

High accurate time synchronization is very important for many applications and industrial environments. In a computer network, synchronization of time for connected devices is provided by the Precision Time Protocol (PTP), which in principal allows for device time synchronization down to microsecond level. However, PTP and network infrastructures are vulnerable to cyber-attacks, which can de-synchronize an entire network, leading to potentially devastating consequences. This paper will focus on the issue of internal attacks on time synchronization networks and discuss how counter-measures based on public key infrastructures, trusted platform modules, network intrusion detection systems and time synchronization supervisors can be adopted to defeat or at least detect such internal attacks.