PTP and security: Understanding risks and best practices
While PTP is proven to meet tight time-sync requirements, it was not originally designed with security in mind. This issue has become more important as industries such as utilities, telecoms, and the financial markets adopt PTP for mission-critical tasks. Insider and outsider attacks on PTP networks pose a significant risk to many time-sensitive application areas. After summarising PTP-related work from the OSNA research group at NUI Galway, Michael will describe the relevant threat models for time-sync protocols (e.g., as defined in RFC7384) and outline short- and medium-term best practices with state-of-the-art PTP security mechanisms, as well as highlighting areas where further work is required.