The IEEE 1588 standard known as Precision Time Protocol (PTP) was developed to provide highly accurate and synchronized clocks for a wide range of applications. In particular, it is critical for latency-sensitive applications, such as enterprise-class financial transactions. In this paper, we analyze some of the security risks associated with this protocol, in particular, cyberattacks that disrupt the synchronization between multiple PTP devices or the synchronization between system clock and PTP hardware. We construct an experimental PTP test bed and perform the baseline measurements of synchronization between multiple clocks. We then demonstrate successful attacks that disrupt PTP synchronization, including vulnerabilities based on the lack of message authentication between master and slave clocks. Proposed mitigations of these vulnerabilities are discussed, in an effort to improve the next-generation implementations of this timing protocol or recommend additional external authentication devices in the network architecture.

中文翻译：

---

网络攻击对精确时间协议的影响

IEEE 1588 标准被称为精确时间协议 (PTP)，旨在为各种应用提供高度准确和同步的时钟。特别是，它对于延迟敏感的应用程序至关重要，例如企业级金融交易。在本文中，我们分析了与该协议相关的一些安全风险，特别是破坏多个 PTP 设备之间的同步或系统时钟和 PTP 硬件之间的同步的网络攻击。我们构建了一个实验性 PTP 测试台并执行多个时钟之间同步的基线测量。然后，我们展示了破坏 PTP 同步的成功攻击，包括基于主时钟和从时钟之间缺乏消息身份验证的漏洞。