Evaluation of PTP Security Controls on gPTP

in 28th IEEE International Symposium on Computers and Communications (ISCC 2023), Tunis, July 2023 (2023, July 09)

In recent years, the scientific community has been focusing on deterministic Ethernet, which has helped drive the adoption of Time-Sensitive Networking (TSN) standards. Precision Time Protocol (PTP ... [more ▼]

In recent years, the scientific community has been focusing on deterministic Ethernet, which has helped drive the adoption of Time-Sensitive Networking (TSN) standards. Precision Time Protocol (PTP), specified in IEEE1588, is a TSN standard that enables network devices to be synchronized with a degree of precision that is noticeably higher than other Ethernet synchronization protocols. Generic Precision Time Protocol (gPTP), a profile of PTP, is designed to have low latency and jitter, which makes it suitable for industrial applications. However, like PTP, gPTP does not have any built-in security measures. In this work, we assess the efficacy of additional security mechanisms that were suggested for inclusion in IEEE 1588 (PTP) 2019. The analysis consists of implementing these security mechanisms on a physical gPTP-capable testbed and evaluating them on several high-risk attacks against gPTP. [less ▲]

Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed

in Fotouhi, Mahdi; Buscemi, Alessio; Boualouache, Abdelwahab (Eds.) et al 2023 IEEE Vehicular Networking Conference (VNC), Istanbul 26-28 April 2023 (2023, April)

Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among ... [more ▼]

Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among these standards, Generalized Precision Time Protocol (gPTP) - IEEE 802.1AS - allows network devices to be synchronized with a precision far higher than other synchronization standards, such as Network Time Protocol (NTP). gPTP is a profile of Precision Time Protocol (PTP) which, due to its robustness to delay variations, has been designated for automotive applications. Nonetheless, gPTP was designed without security controls, which makes it vulnerable to a number of attacks. This work reveals a critical vulnerability caused by a common implementation practice that opens the door to spoofing attacks on gPTP. To assess the impact of this vulnerability, we built two real gPTP-capable testbeds. Our results show high risks of this vulnerability destabilizing the system functionality. [less ▲]