A SECURITY-CENTRIC APPLICATION OF PRECISION TIME PROTOCOL WITHIN ICS/SCADA SYSTEMS

Industrial Control System and Supervisory Control and Data Acquisition (ICS/SCADA) systems are key pieces of larger infrastructure that are responsible for safely operating transportation, industrial operations, and military equipment, among many other applications. ICS/SCADA systems rely on precise timing and clear communication paths between control elements and sensors. Because ICS/SCADA system designs place a premium on timeliness and availability of data, security ended up as an afterthought, stacked on top of existing (insecure) protocols. As precise timing is already resident and inherent in most ICS/SCADA systems, a unique opportunity is presented to leverage existing technology to potentially enhance the security of these systems. This research seeks to evaluate the utility of timing as a mechanism to mitigate certain types of malicious cyber-based operations such as a man-on-the-side (MotS) attack. By building a functioning ICS/SCADA system and communication loop that incorporates precise timing strategies in the reporting and control loop, specifically the precision time protocol (PTP), it was shown that certain kinds of MotS attacks can be mitigated by leveraging precise timing.Navy Cyber Warfare Development Group, Suitland, MDLieutenant, United States NavyApproved for public release. Distribution is unlimited

System-on-chip architecture for secure sub-microsecond synchronization systems

213 p.En esta tesis, se pretende abordar los problemas que conlleva la protección cibernética del Precision Time Protocol (PTP). Éste es uno de los protocolos de comunicación más sensibles de entre los considerados por los organismos de estandarización para su aplicación en las futuras Smart Grids o redes eléctricas inteligentes. PTP tiene como misión distribuir una referencia de tiempo desde un dispositivo maestro al resto de dispositivos esclavos, situados dentro de una misma red, de forma muy precisa. El protocolo es altamente vulnerable, ya que introduciendo tan sólo un error de tiempo de un microsegundo, pueden causarse graves problemas en las funciones de protección del equipamiento eléctrico, o incluso detener su funcionamiento. Para ello, se propone una nueva arquitectura System-on-Chip basada en dispositivos reconfigurables, con el objetivo de integrar el protocolo PTP y el conocido estándar de seguridad MACsec para redes Ethernet. La flexibilidad que los modernos dispositivos reconfigurables proporcionan, ha sido aprovechada para el diseño de una arquitectura en la que coexisten procesamiento hardware y software. Los resultados experimentales avalan la viabilidad de utilizar MACsec para proteger la sincronización en entornos industriales, sin degradar la precisión del protocolo

Conventional And Cognitive Radio Based Disaster Response Networks, A Comparative Study

The need for the deployment of reliable and efficient telecommunication systems in extreme emergency scenarios such as disaster response networks imposes a set of emerging unusual communication and routing challenges and obstacles that questions the performance of existing traditional and commercial telecommunication systems and networks in such scenarios, the revolution of telecommunication and networks industry witnessed the development of enormous telecommunication and networking services and systems that shaped their implementations in various domains of applications , in this paper, we study most of these communication standards in terms of their pros and cons, we also analyze the potentials of these standards in for Disaster Response networks in comparison with Cognitive Radio technology that has distinct capabilities and functionalities that enabled such a technology to be highly applicable for such harsh and unexpected scenario

Study and Design of Inter-Range Instrumentation Group Time Code B Synchronization of IEC 61850 Sampled Values

Distribution substations are an important part of a chain which delivers energy from power production to customers. They transform the voltage level from transmission levels, usually 35kV and up, to distribution levels ranging between 600 and 35000 V. Recent developments in the instrument transformer field have been toward low-power solutions which use digital measurement values called sampled values in place of analog voltages and currents in substations. The IEC 61850-9-2 standard and its implementation guideline 9-2 LE by the UCA international users group define an interface for sampled values. This interface is used between an IED and LPIT. The main requirement of using sampled values is accurate time synchronization in order to prevent phase misalignment resulting in unnecessary protection function tripping. 9-2 LE defines two methods for synchronization: 1PPS and PTP. Today, PTP is widely used in the western markets, but due to costs associated with PTP-capable GPS clocks and Ethernet switches as well as vendor inoperability problems, some markets are hesitant to take into use. The purpose of this thesis is to propose a solution to this problem: use IRIG-B as a synchronization method in a PTP grandmaster. This paper discusses the differences between these two time synchronization topologies, associated costs, disturbance handling, accuracy and it also discusses the design of IRIG-B to PTP conversion done in a bay-level device. The device acts as a PTP grandmaster but the source comes from an IRIG-B clock instead of a GPS PTP grandmaster clock. The results shown in this thesis demonstrate that using IRIG-B as a main or redundant source in synchronization of sampled values is a more cost-effective option, especially if the station is to be retrofitted with sampled values configuration. The proposed bay level device also maintains the desired accuracy levels of ±1 µs set by IEC 61850-5.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

CLOCK SYNCHRONIZATION AND TARGET LOCATION DETERMINATION IN WIRELESS NETWORKS

In a distributed system most nodes maintain a local oscillator to derive time information for synchronization with other nodes. A number of clock synchronization techniques have been presented in the literature (e.g. NTP, PTP) which rely on the exchange of messages among nodes to share timing information and to adjust the oset or skew of the clocks. We present an approach which does not require any adjustments to the local clocks, but relies on achieving synchronization through clock mapping functions which map the time at one node to the time at another node. We further show how closed paths in a graph of nodes can be used to estimate the synchronization tolerance. Through experimental results using piecewise linear functions, we demonstrate the feasibility of this approach and show how clock synchronization of better than 100 ps can be achieved in Wi-Fi environments. Using the techniques and relying on the hardware of SMiLE3 board, we also demonstrate the ability to measure distance with accuracy of a few inches and thereby the localization to accuracy better than one foot. Results of experiments conducted for localization are also presented

An integrated monitoring and communication device for use on 11 kV overhead lines

In this thesis, an integrated monitoring device for use on 11 kV overhead lines has been developed. Uniquely, the devices use an optimised form of Power Line Communication to enable a low latency communication network. It is shown that such a network is able to facilitate new and improved applications and offer tangible benefits to the network operator

System-on-chip architecture for secure sub-microsecond synchronization systems

213 p.En esta tesis, se pretende abordar los problemas que conlleva la protección cibernética del Precision Time Protocol (PTP). Éste es uno de los protocolos de comunicación más sensibles de entre los considerados por los organismos de estandarización para su aplicación en las futuras Smart Grids o redes eléctricas inteligentes. PTP tiene como misión distribuir una referencia de tiempo desde un dispositivo maestro al resto de dispositivos esclavos, situados dentro de una misma red, de forma muy precisa. El protocolo es altamente vulnerable, ya que introduciendo tan sólo un error de tiempo de un microsegundo, pueden causarse graves problemas en las funciones de protección del equipamiento eléctrico, o incluso detener su funcionamiento. Para ello, se propone una nueva arquitectura System-on-Chip basada en dispositivos reconfigurables, con el objetivo de integrar el protocolo PTP y el conocido estándar de seguridad MACsec para redes Ethernet. La flexibilidad que los modernos dispositivos reconfigurables proporcionan, ha sido aprovechada para el diseño de una arquitectura en la que coexisten procesamiento hardware y software. Los resultados experimentales avalan la viabilidad de utilizar MACsec para proteger la sincronización en entornos industriales, sin degradar la precisión del protocolo