In order to achieve good efficiency in the services and avoid complications, the synchronization of all network components plays a prominent role. There are several synchronization mechanisms, the most common ones are the Simple Network Time Protocol (SNTP), Network Time Protocol (NTP) and Precision Time Protocol (PTP). The PTP protocol is the most accurate, in the nanosecond range, while the SNTP and NTP protocols are less accurate, in the microsecond range, but are sufficient for certain industrial and commercial needs.
The error in time measurement or in the protocols used, whether caused by an attacker or not, could mean:
- An error in an industrial procedure due to mechanical disruption.
- Update failures, by setting a clock back and never reaching the target date.
- Expiration in certain programs by moving up the internal clock’s date.
Description and latest versions of protocols
In both the NTP and SNTP protocols the communication begins with a request message by the client. Furthermore, they send and receive the same message format with the server. The main difference between both is the synchronization process that they carry out. The NTP protocol can use various servers and takes into account the tripping speed of the component that requests the time. As it uses several devices, the NTP method can distinguish the time of those that move away from the others. This gives the NTP protocol more reliability than SNTP, which only uses one server or master clock.
Both protocols are interoperable, in other words, a device that operates with SNTP can connect to another that uses NTP and vice versa. This is possible thanks to the fact that, as previously stated, the message format exchanged by both algorithms is the same. Another shared feature of these protocols is the use of UTC (Coordinated Universal Time). This time is the same for everyone and remains constant throughout the year.
NTP is implemented in the majority of Linux and Windows based operating systems, widely used in the control systems.
- Figure 1: Exchange of messages in the NTP protocol -
The process carried out by the NTP protocol is as follows:
- A first message is sent (synchronization request) at the T0 instant on the client’s side that checks if the time lag between the server and the requester is greater than 17 minutes.
- The message arrives to the server in the T1 instant:
- If the time delay is greater than 17 minutes, the process will not continue, and will end without synchronization.
- However, if the time is less than 17 minutes, the synchronization continues. The server sends a message with its time in the instant T2.
- The packet is received in the client in the instant T3. A gradual time adjustment is made every minute until it approaches 128 ms of server time. The delay (θ) between both clocks is calculated as:
- Starting from 128 ms the lag time is adjusting every 17 minutes.
- Figure 2: Flow of NTP messages -
When two devices are synchronized with each other a time lag is generated between them, as the accuracy is established at about 128 ms. Multi-device chain synchronization is inaccurate after the sixteenth time due to the cumulative time lag of about two seconds (16 x 0.128 = 2.048 sec).
One advantage of this protocol is the ability to implement encryption between server and client for a secure connection in order to ensure the authenticity of the source.
Currently, the latest version is NTPv4, which supports both IPv4 and IPv6 and is compatible with the previous NTPv3 version. This new version contains a key authentication system, increasing its security.
The SNTP method is much simpler than the NTP, given that it bypasses various steps and only periodically adjusts the time, obtaining less accuracy. The contents of the packet through which it communicates with the server omit many of the functionalities of the NTP procedure. The use of the SNTP protocol as a main source or clock is not recommended. The latest version of this protocol is SNTPv4. The main problem of this protocol is its low security. As it lacks an encryption method, it is vulnerable to attacks in which the time can be modified.
The use of the SNTP protocol is interesting in the following cases:
- Simple devices, such as microcontrollers and small computers, with little memory.
- Equipment in which the time synchronization is not decisive.
- Control devices like PLC, remote units and embedded devices.
Unlike NTP and SNTP, in the PTP protocol the connection begins with a server request. This protocol is meant to be used in local networks and industrial devices. Another difference compared to the other two protocols is that, in order to use this algorithm, specific hardware is required. Furthermore, at this time there are no free PTP servers, therefore it is necessary to either pay to use this source or have a main server within the installation. It uses two UDP ports: 319 for events messages and 320 for general messages.
PTP is mainly used in:
- Energy control and generation.
- Control of parts manufacturing systems.
- Bank transactions.
- Correlation of values in the measures testing.
- Robotic control.
This protocol works as follows:
- Figure 3: PTP operation -
- The master clock sends a “synchronization message” and saves the time of dispatch of the message “t1”. The client saves the time it arrives in its local memory: “t2”.
- The master clock again sends a “follow-up message” that contains the value “t1”. The client's clock performs t2-t1 and adds it to the time in its own clock, obtaining the time corresponding to the server's time without taking the delay caused by the sending speed and internal requests into account.
- Later, the device sends a “request delay message”, saving the instant in which it was sent: “t3”. The arrival time of this message to the server is saved on the server as “t4”.
- Lastly, the master clock returns a “response delay message” that has “t4”. The client’s clock calculates the time delay as (t3+t2-t1-t4)/2.
As can be seen, the PTP protocol assumes a symmetry in the delay. The time that the server takes to process the message packets is the same time that the client takes to do the same. For most networks this assumption is reasonable; the problem arises when the path taken by the client's packets is different. In this case, an asymmetry is created that will cause a lag in the connections. PTP is unable to detect this asymmetry. Therefore, in general, networks should try to be configured so that the path of the packets to and from the network is the same.
- Table 1: Characteristics of the synchronization protocols -
In large networks there may be numerous clients that the server cannot serve simultaneously. In these type of scenarios, the clients and servers are organized hierarchically based on levels called layers.
In 2006 the University of British Columbia in Canada made a report listing a series of failures that the PTP protocol had. The main conclusion is that the PTP protocol was weak when it came to guaranteeing the integrity and authenticity of the messages that are transmitted. Five possible attacks are described: modification of the packet sent by the master clock, impersonation of a master clock, delay of message arrival between the master clock and client, forwarding old messages to the client, and denial of service. Currently, these errors have been resolved with the latest version IEEE 1588 PTP v2 that has, among other improvements, a symmetric secret key, making PTP a more secure protocol.
The recommended solutions are:
- Message encryption. This measure has the disadvantage of the delay that is generated by the encryption process itself. This is detrimental in industrial processes where high accuracy is required.
- The implementation of port security so that there are only a few certain master clocks.
Due to the transition the electricity sector is undergoing towards a smart grid, the need concerning synchronization on devices has evolved towards greater accuracy in order to meet the IEC 61850-9-2 or IEEE C37 standards. This has led to the replacement of the previous methods by the IEEE 1588 PTP v2 protocol in electrical substations.
It is of the utmost importance to ensure the synchronization of the devices in industrial procedures. The main threat is linked to the use of Internet servers. Organizations should use servers with a GPS mechanism as a zero layer synchronization method and implement firewalls that prevent the entry of commands that can make time variations in case of the using of NTP and SNTP methods.
We need to specify the concrete needs of our equipment in order for them to properly function. The more complex and exact the equipment’s work needs to be, the greater the time precision will need to be. The implementation of the PTP algorithm will be more suitable in this situation.
If our devices do not need high accuracy, the use of NTP and SNTP protocols is appropriate. The choice of one of these two methods will depend on the position of the device in the network, the memory capacity and need for accuracy.