Weitere ähnliche Inhalte Ähnlich wie Achieving resilient and assured PNT in secure information networks (20) Kürzlich hochgeladen (20) Achieving resilient and assured PNT in secure information networks1. Achieving resilient and assured PNT in secure information networks
June 8, 2022 (9:15-9:35a) | JNC, San Diego, CA | Chuck Perry, Sync Business Development Manager NA, Oscilloquartz
Resilient PNT mandate | Ideal PNT architecture | Best PNT practices for defense-in-depth security
2. PNT* cyber threats are at an all-time high everywhere and are
growing in sophistication
*Positioning, Navigation & Timing | T enables P & N | aPNT+ (assured PNT)
Pentagon
Army
Space Force
Air Force
Navy
PNT
assurance
3. © 2022 ADVA. All rights reserved.
3
Driven by US Federal Executive Order 13905 and UK and Euro Commissions
• PNT stands for Positioning, Navigation & Timing, and T is essential to enable P & N
• Protect government/industry critical infrastructure against PNT disruptions from GPS
jamming/spoofing and network timing cyberattacks
• Deploy resilient, assured and self-survivable PNT systems with defense-in-depth capability
• Target critical infrastructure under national security threats
• Use published resilient PNT guidelines and standard in progress
• DHS Resilient PNT Conformance Framework
• NIST Cybersecurity Framework for PNT Profile
• IEEE P1952 Resilient PNT for User Equipment Standard working group
What is the resilient PNT?
Power grids Finance Transportation Communications Data centers
resiliency levels
clock sources
1
2
3
N
multisource
1 2 3 4
next-gen
system
4. © 2022 ADVA. All rights reserved.
4
Critical infrastructure under warfighting and homeland security threats
If GPS is disrupted or compromised
Finance
Communications
Power grids
Transportation Data centers
All supported by
PNT cyber
threats
GPS
5. © 2022 ADVA. All rights reserved.
5
What are the PNT cyberthreats and GNSS vulnerabilities?
RARE
Cyberattacks
GPS/GNSS
receiver
Jamming
RARE
GPS/GNSS
degradation
causes
Environmental
GPS/GNSS ground
segment errors
Adjacent-band
transmitters
Spoofing
External GPS/GNSS level Internal network level
COMMON
NTP
PTP
More frequent
PNT cyber
threats
/ /
Network
interference
Client clock
Boundary
clock
6. © 2022 ADVA. All rights reserved.
6
Networkwide
Sync Mgmt
WAN network
packet LAN network
Redundant timing architecture with a single GPS source
Data comm Center 1
(DC 1)
GM-A
(GNSS NTP/PTP
grandmaster time server)
Data comm Center 2
(DC 2)
PTP failover backup
cross reference monitoring
1
2
3
GPS/GNSS
GM-B
PTP
Client machine/server/VM
running critical command and
control applications
PTP
4
NTP 4 4
Client software sync
monitor
PNT
assurance
Networkwide sync
management
7. © 2022 ADVA. All rights reserved.
7
WAN network
packet LAN network
“Zero-trust multisource backup” timing architecture
DC 1
ePRTC*
DC 2
PTP failover backup
Cross reference monitoring
1
3
GM-B
2
PNT backup
sources
PNT
assurance
Cesium, NIST, WR,
eLORAN, LEO, etc.
National time
standard like NIST
*Enhanced Primary
reference time clock
(GM-A + backup
sources)
1
Networkwide
Sync Mgmt
Networkwide sync
management
PTP
Client machine/server/VM
running critical command and
control applications
PTP
5
NTP 5 5
Client software sync
monitor
4
8. © 2022 ADVA. All rights reserved.
8
WAN network
packet LAN network
“Zero-trust multi-source backup” timing architecture
DC 1
ePRTC*
DC 2
PTP failover backup
Cross reference monitoring
1
3
GM-B
2
PNT backup
sources
PNT
assurance
Cesium, NIST, WR,
eLORAN, LEO, etc.
National time
standard like NIST
*Enhanced primary
reference time clock
(GM-A + backup
sources)
1
Networkwide
Sync Mgmt
Networkwide sync
management
PTP
Client machine/server/VM
running critical command and
control applications
PTP
5
NTP 5 5
Client software sync
monitor
4
Worst
case
scenario:
GPS sats
shot down
9. © 2022 ADVA. All rights reserved.
9
PPS/PPS+ToD
10MHz
BITS
SyncE
PTP
How ePRTC cesium backup timing works
GNSS MB
receiver Time/phase holdover if GPS/GNSS goes down
ePRTC+ solution: 100ns over 100 days
Anti-jam
antenna
14 days
coreSync
Optical cesium atomic clock
Multi-source
clock combiner
Grandmaster
clock
Next-Gen Optical
Cesium clock
GPS Time error
100ns
30ns
edgeSync
grandmaster
ePRTC+ solution
(functional diagram)
✓
Other sources
GPS
GPS + combiner integrated into the grandmaster
10. © 2022 ADVA. All rights reserved.
10
Secure network-wide sync management
Neural AI/ML intelligence for self-survivability, end-to-end control,
visibility, resilient and assured PNT
Geolocation DCs 1 and 2 alert
PTP backup assurance to DC 2
Timing chain alert with ePRTC/
PTP backup rearrangements
DC 1 GM-A alert with ePRTC/PTP backup to DC 2
Timing topology with
ePRTC/PTP backup
Vendor-agnostic GNSS
analytics/assurance
PTP backup
ePRTC backup DC 2
DC 1
DC 2
DC 1
DC 2
DC 1 DC 2
PTP backup
ePRTC backup
DC 1
DC 2
8
6
5
3
2
1
DC 2 GM-B alert with PTP
backup from DC 1 ePRTC
4
Client sync monitor
7
Interoperability with
other command and
control systems
API
Open
interface
9
Networkwide
Sync Mgmt
Networkwide sync
management
9
• Secure communications
• MIL 5G PNT systems (land, air, sea)
• Command and control centers
• Radar event tagging system
• SATCOM ground stations
• SATCOM network operations centers
11. Thank you
IMPORTANT NOTICE
ADVA is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited.
The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA shall not be responsible for and disclaims any liability for any loss or damages, including without limitation,
direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation.
Copyright © for the entire content of this presentation: ADVA.
info@adva.com