Name
Strategies for Securing SMPTE ST 2059-2 PTP Networks
Date & Time
Tuesday, October 22, 2019, 9:00 AM - 9:30 AM
Location Name
San Francisco Room
Speakers
Description
As the SMPTE ST 2059-2 standard for accurate time transfer gains further traction in real-world All-IP Studio deployments, it is important for broadcasters and system integrators alike to understand how time transfer using the IEEE 1588 Precision Time Protocol (PTP) profile as defined in the SMPTE standard could be affected by unintentional or malicious tampering of the different system parts that guarantee both stable and accurate delivery of time for all media essence based on standardized IP transports such as those defined in the SMPTE ST 2110 series or AES67 standards.
Given the mission-critical nature of broadcast infrastructure, securing time distribution is rapidly becoming a mandatory requirement. Whilst SMPTE ST 2059-2 defines PTP profile capabilities and PTP parameter values that can be used, it doesn’t address how to secure the various parts that define the timing system as a whole.
The IEEE1588 standard provides a certain level of fault tolerance by autonomously activating an auxiliary reference in case of loss of the primary time source. Yet, the overall synchronization performance is not sufficiently well protected by the protocol to withstand either deliberate attacks or cope with misconfigured or malfunctioning devices. Consequently, both scenarios have to be investigated in detail. This entails a thorough analysis of all the relevant threats ranging from spoofing or jamming attacks on GNSS receivers to misaligned message rates or corrupted messages to name but a few.
This paper addresses possible ways how to secure different components of the timing system, ranging from the origination point of the reference clock(s) used as the primary time source(s), across the IP network infrastructure and finally the media nodes generating or receiving SMPTE ST 2110 flows.
Beyond securing the timing system, special care should be taken to immediately identify any degradation and/or failures using multiple approaches that provide efficient means to correlate events. This is covered by a series of recommendations and best practices to ensure operational stability and reliability.
Given the mission-critical nature of broadcast infrastructure, securing time distribution is rapidly becoming a mandatory requirement. Whilst SMPTE ST 2059-2 defines PTP profile capabilities and PTP parameter values that can be used, it doesn’t address how to secure the various parts that define the timing system as a whole.
The IEEE1588 standard provides a certain level of fault tolerance by autonomously activating an auxiliary reference in case of loss of the primary time source. Yet, the overall synchronization performance is not sufficiently well protected by the protocol to withstand either deliberate attacks or cope with misconfigured or malfunctioning devices. Consequently, both scenarios have to be investigated in detail. This entails a thorough analysis of all the relevant threats ranging from spoofing or jamming attacks on GNSS receivers to misaligned message rates or corrupted messages to name but a few.
This paper addresses possible ways how to secure different components of the timing system, ranging from the origination point of the reference clock(s) used as the primary time source(s), across the IP network infrastructure and finally the media nodes generating or receiving SMPTE ST 2110 flows.
Beyond securing the timing system, special care should be taken to immediately identify any degradation and/or failures using multiple approaches that provide efficient means to correlate events. This is covered by a series of recommendations and best practices to ensure operational stability and reliability.
Technical Depth of Presentation
intermediate to advanced
What Attendees will Benefit Most from this Presentation
The content is well suited for both IT-Engineers and (Senior) Managers because securing time transfer will become a mandatory requirement.
Take-Aways from this Presentation
Both theoretical aspects, as well as practical guidelines on how to best secure time transfer in the ALL-IP Studio, will be covered. Attendees can directly benefit from this for their respective existing infrastructures, deployments, and/or new projects