The IEEE 1588 precision time protocol (PTP) is very important for many industrial sectors and applications that require time synchronization accuracy between computers down to microsecond and even nanosecond levels. Nevertheless, PTP and its underlying network infrastructure are vulnerable to cyber-attacks, which can stealthily reduce the time synchronization accuracy to unacceptable and even damage-causing levels for individual clocks or an entire network, leading to financial loss or even physical destruction. Existing security protocol extensions only partially address this problem. This paper provides a comprehensive analysis of strategies for advanced persistent threats to PTP infrastructure, possible attacker locations, and the impact on clock and network synchronization in the presence of security protocol extensions, infrastructure redundancy, and protocol redundancy. It distinguishes between attack strategies and attacker types as described in RFC7384, but further distinguishes between the spoofing and time source attack, the simple internal attack, and the advanced internal attack. Some experiments were conducted to demonstrate the impact of PTP attacks. Our analysis shows that a sophisticated attacker has a range of methodologies to compromise a PTP network. Moreover, all PTP infrastructure components can host an attacker, making the comprehensive protection of a PTP network against a malware infiltration, as for example exercised by Stuxnet, a very tedious task.

IEEE 1588精确时间协议（PTP）对于许多工业领域和应用而言非常重要，这些领域和应用要求计算机之间的时间同步精度必须低至微秒甚至十亿分之一秒。但是，PTP及其底层网络基础架构很容易受到网络攻击，这会秘密地将时间同步精度降低到单个时钟或整个网络无法接受的甚至造成破坏的水平，从而导致财务损失甚至物理破坏。现有的安全协议扩展只能部分解决此问题。本文提供了针对PTP基础架构的高级持续威胁，可能的攻击者位置以及在存在安全协议扩展的情况下对时钟和网络同步的影响的策略的全面分析，基础架构冗余和协议冗余。它按RFC7384中所述区分攻击策略和攻击者类型，但进一步区分欺骗和时间源攻击，简单内部攻击和高级内部攻击。进行了一些实验来证明PTP攻击的影响。我们的分析表明，老练的攻击者可以采用多种方法来破坏PTP网络。此外，所有PTP基础结构组件都可以托管攻击者，从而全面保护PTP网络免受恶意软件入侵，例如由Stuxnet进行的一项繁琐的任务。简单的内部攻击和高级的内部攻击。进行了一些实验来证明PTP攻击的影响。我们的分析表明，老练的攻击者可以采用多种方法来破坏PTP网络。此外，所有PTP基础结构组件都可以托管攻击者，从而全面保护PTP网络免受恶意软件入侵，例如由Stuxnet进行的一项繁琐的任务。简单的内部攻击和高级的内部攻击。进行了一些实验来证明PTP攻击的影响。我们的分析表明，老练的攻击者可以采用多种方法来破坏PTP网络。此外，所有PTP基础结构组件都可以托管攻击者，从而全面保护PTP网络免受恶意软件入侵，例如由Stuxnet进行的一项繁琐的任务。