gps security
vPRTC Network Timing Architecture
A vPRTC network enhances the reliability of 5G networks, transportation systems, data centers, and power utilities against the weakness of single-source timing.
Introduction
The virtual Primary Reference Time Clock (vPRTC network) is a highly secure and resilient network-based timing architecture that has been developed to meet the expanding needs of modern critical infrastructures including 5G, transportation, data centers, and power utilities.
The resilient architecture alleviates dependency on satellite-based timing sources such as Global Navigation Satellite Systems (GNSS) by placing autonomous time scale grade atomic clocks in enhanced Primary Reference Time Clock (ePRTC) area timing-hub sites at the core of a fiber-based terrestrial timing distribution network.
Secure core-timing sites and fiber distribution are 100% in control of the network operator, and immune to potential jamming or spoofing cyber-attacks on satellite-based timing solutions.
Five Best Practices for a vPRTC Network
Set Up
The vPRTC network allows chains of up to 15 hops where each hop can be about 150 km each, which allows for over 2000 km distance between ePRTC sites. The larger the distance between the ePRTC sites, the less chance of jamming and spoofing events affecting them both at the same time.
BlueSky™ GNSS Firewall
Install a BlueSky™ GNSS Firewall for anomaly detection and protection. With a small number of sites using GNSS for a very large network, the addition of GNSS firewalls at these sites
provides protection to the entire network.
TimeProvider® Configuration
Design the vPRTC network so that each TimeProvider® 4100 High Performance Boundary Clock receives 2 high accuracy Universal Coordinate Time (UTC) traceable timing feeds.
Redundant Fiber
Use the best and appropriate fiber path between the vPRTC nodes to ensure redundant delivery of timing from east and west directions as well as protected southbound PTP distribution to all end-application timing nodes.
TimePictra®
Assure end-to-end vPRTC network service with TimePictra® management to verify the integrity of the timing accuracy at each vPRTC node.
vPRTC Deployment and Monitoring Best Practices
Best Pratice 1: Setting Up Your Resilient ePRTC Area Timing Hub Sites
The ePRTC performs two vital functions for any critical infrastructure network, the first being to provide a UTC reference of under 30 nanoseconds (ns) to the network with a stable frequency of
5.7 e-14, and the second being to offer a valid holdover source when GNSS is lost. When planning a network, 30 ns should be used for the error budget calculations; however, the actual performance
of the TimeProvider® 4100 ePRTC units is much better, which allows the network a larger margin of error when deployed.
One bonus of the vPRTC timing network is the minimal number of sites that require GNSS. A typical network may only have three to five GNSS sites in total. The antenna installation has the
biggest influence on the ePRTC accuracy and stability. The ePRTC can only be accurate to UTC when the antenna cable delay is known. Antenna cable delay varies depending on its material and
construction. A typical delay for a cable is 3.9 ns per meter. When the ePRTC is trying to provide an accuracy of under 30 ns, a few meters can contribute error in the cable length and can destroy the
hard-won accuracy.
When establishing your ePRTC sites, it’s important to remember that there must be a minimum of two sites for network redundancy and protection. The ePRTC locations not only provide the
accurate time for the entire networks, they also provide the backup in the event of GNSS jamming, spoofing, or failure. Table 1-2 is an ePRTC components list with descriptions on how to implement
best practices.
With the importance of the ePRTC sites, installing the antenna properly requires careful planning, and any errors can cause the ePRTC to be inaccurate. The antenna location itself must be selected
based solely on the ability to reliably receive the GNSS signal. It must be placed so that it has a clear view of as much sky as possible. Any obstructions such as antennas, large metal objects, or buildings
limit the performance of the GNSS signal. This strict requirement for a GNSS antenna for any timing location means that it is very expensive, sometimes very difficult to use GNSS for time in an urban
environment and further shows one of the huge benefits to bringing time to the city from a distant ePRTC area timing hub site.
When the ePRTC is first installed, it will provide a UTC reference, accurate to 30 ns or better within the first 48 hours. As the ePRTC characterizes the cesium frequency standard, the holdover
performance will improve over time up to a maximum of 40 days.
Monitoring your ePRTC locations with the TimePictra® Synchronization Management System is vital to have a high level of confidence in your network, to know the event of a sustained GNSS outage, and that the network will continue to operate.
The ePRTC system includes sophisticated artificial intelligence algorithms to predict the level of performance based on measured stability and stabilization time. Figure 1-1 shows the holdover
in days and protection availability monitoring graphs. The holdover meter provides a view of the number of days that the ePRTC system can maintain 100 ns traceability to UTC if the GNSS signal
is lost. The protection availability meter shows that the system is fully stabilized and able to meet the ePRTC specification for holdover. The ePRTC standard specifies that the system must be able to
hold 100 ns for 14 days after the required stabilization period. The system will provide 14 days of holdover after 14 days of stabilization and will maintain 100 ns holdover for 40 days after a 40-day stabilization period.
GNSS outages tend to be quite short, but at times they can last for several days. The protection availability gauge shows the percentage of holdover availability which is vital to know exactly how
severely some GNSS outages have affected the network reserve. Figure 1-1 shows ePRTC holdover performance monitoring from the TimePictra Synchronization Management. (Download the paper to see Tables and Figures)
Best Practice 2: BlueSky™ GNSS Firewall Anomaly Detection and Protection
The ePRTC site uses clocks that are calibrated with UTC traceable timing and GNSS as the timing reference. However, these clocks run autonomously from the calibrated cesium frequency standard. Threats in the form of GNSS spoofing or jamming attacks are continuously monitored using advanced firewall technologies to assure only valid signals from the sky are passed to the central clock. The central clocking system employs industry proven cesium atomic frequency standards to establish 30 ns guaranteed accuracy traceable to UTC. If GNSS is detected to be not valid, the vPRTC source maintains 100 ns traceability to UTC for a minimum of 14 days. There are two options for how to deploy the BlueSky™ GNSS Firewall for GNSS anomaly detection and protection.
Option 1: Deploy the BlueSky™ GNSS Firewall in-line between the antenna and the TimeProvider® 4100
system.
1. Connect the GNSS antenna to the BlueSky GNSS Firewall.
2. Connect the validated output from the BlueSky GNSS Firewall to the GNSS input on the TimeProvider 4100 ePRTC system.
3. Configure anomaly detection thresholds on the BlueSky GNSS Firewall.
4. If anomalies are detected and thresholds are exceeded, the firewall will generate alarms, and disable the validated output so that the ePRTC system will immediately enter holdover
protection.
Option 2: Deploy the BlueSky™ GNSS Firewall as a separate monitoring system.
1. Connect the BlueSky GNSS Firewall to a separate GNSS antenna or to a splitter on the main antenna line.
2. Configure anomaly detection thresholds on the BlueSky GNSS Firewall.
3. If anomalies are detected and thresholds are exceeded, the firewall will generate alarms to notify the system operations center to analyze and to take appropriate actions.
Best Practice 3: Configuring the TimeProvider® 4100 High Performance Boundary Clocks (HPBC) at Each vPRTC Node
The TimeProvider® 4100 system is a sophisticated network clocking element with the ability to transfer timing with extraordinary levels of precision and can be configured in different operational modes: ePRTC, PRTC-A, PRTC-B, Gateway Clock, and as a HPBC designed for the optical layer. In HPBC mode, it can meet or exceed ITU-T G.8273.2 Class D specifications with a typical error budget of 2 ns per HPBC hop.
When making a comparison between traditional boundary clocks and the vPRTC HPBCs, traditional boundary clocks are unidirectional, have a single clock domain, and a very basic de-jitter function.
They are designed to have a single input and no ability to make measurements between multiple references. Whereas the HPBC clocking element has multiple PTP input clients and dual clock domains per port. With full bi-directional functionality, the system accepts PTP input from different directions (“East Site” and “West Site”) simultaneously. HPBCs monitor the incoming clocks and can select the most stable highest quality input. HPBCs also run a global Best Master Clock Algorithm (BMCA) function that enables fast switchover between PTP inputs as necessary. Figure 1-3 shows the West Site, East Site, and HPBC Hop configuration. Table 1-3 explains factors that contribute to configuring the TimeProvider 4100 HPBC at each vPRTC node. (Download the entire paper for Tables and Figures)
Best Practice 4: Redundant Fiber Interconnect Network Considerations
The optical transmission network for the vPRTC architecture is broken into two sections.
1. The core fiber interconnect for the connection between the ePRTC area timing hub sites and the east to west chain of TimeProvider 4100 HPBC clocks.
2. The southbound PTP distribution network from the individual TimeProvider HPBC clocks down to the end PTP client clocks in the operator’s network.
There are many benefits to using dedicated timing paths with the vPRTC network. Not only do timing paths bring deterministic timing performance to the single-ns level, but also to the total separation of the traffic and the timing networks. This separation means any planned or unplanned updates or changes to the traffic network, such as firmware, line cards, or adding new equipment from existing or new vendor, cannot have any effect on the timing network.
The fiber interconnect for a resilient vPRTC east/west network using a single path design is made with one of the following three options:
1. DWDM using the Optical Timing Channel (OTC) or Optical Supervisory Channel (OSC)
a. The OTCs often use SFPs at Fast Ethernet speed, which does allow for longer distances. It should be considered that Fast Ethernet timing channels prohibit the use of protocols like
WhiteRabbit, which is why vPRTC is so widely deployed for timing over a wide area.
b. OTCs will typically use an external filter, which means that the 2 lambdas used are very close to each other and in most cases reduce the static asymmetry to almost nothing.
2. Single fiber with bidirectional SFPs
a. Commonly used for medium distances (approximately 100 km).
b. Bidirectional SFPs have the advantage of using a single fiber, which saves money, but also means there are no problems with mismatched fiber pairs.
c. The one drawback is to know the length of the fiber, so that the correct offset from the chromatic dispersion can be calculated.
3. Fiber pairs (least common)
a. Using a pair of fibers can lead to issues; if the pair is not matched in length, any significant mismatch will create an offset.
The vPRTC timing architecture is very flexible and supports either the Optical Timing Channel (OTC) approach with a dedicated lambda, or the Optical Supervisory Channel (OSC) approach where timing is flowing with the management traffic. This flexibility allows the vPRTC architecture to operate with a wide range of optical vendor equipment and operator architectural timing transport preferences.
The southbound PTP timing distribution from the TimeProvider® 4100 HPBC sites is very flexible to suit the operator’s end application PTP timing needs and transport options. The key benefit of the vPRTC architecture is that the TimeProvider® 4100 HPBC clock nodes all meet the PRTC-A 100 ns accuracy to UTC without depending on a local GNSS connection. The vPRTC is a much more resilient timing architecture with redundant paths back to operator-controlled area timing hub sites with cesium atomic frequency standard protected ePRTC systems. Table 1-4 shows best practices for
southbound PTP distribution from the resilient TimeProvider® 4100 HPBC nodes.
Best Practice 5: End to End vPRTC Service Assurance and Monitoring with TimePictra®
The vPRTC architecture has several unique features that are mandatory to deliver deterministic and accurate timing within a network.
These features are:
• Use of PTP between nodes, so that any path can be used, at whatever speed is appropriate.
• Use of PTP between nodes, so that an East and West timing solution can be used on the same path, while maintaining the complete independence of these timing directions.
• Comparison measurement between the East and West timing directions at every node along the sync chain.
• The vPRTC network not only delivers precise time, but the vPRTC network is self-monitoring and self-diagnosing.
The combination of these features means that TimePictra® can monitor every timing chain in a customer’s network and confirm that each HPBC is aligned with both ePRTC nodes.
When a vPRTC chain is established, the measurements taken by TimePictra® will show 3 components:
• The difference between the UTC sources at each end of the vPRTC timing chain.
• Static asymmetries that exist along the vPRTC chain.
• Sudden changes in static asymmetries that show there has been a change in fiber or configuration.
In some networks, the customer may only use one ePRTC, choosing to use a standard PRTC-B for the other reference. Figure 1-4 shows East timing coming from the PRTC-B. (Download the paper to see Figures and Tables)
The blue line shows the noise associated with GNSS over the 18 hours of the graph. The differences show that there is 5 ns difference between the East and West, which is within the limits required.
Conclusion
The virtual Primary Reference Timing Clock is a new concept for a highly secure and protected
network-based timing architecture developed to meet the expanding needs of modern critical
infrastructures.
All content on this page and links is ©2023 Microchip Technology, Inc. and its subsidiaries. Syncworks is a Microchip Diamond Partner for the USA and the Carribean.
All content © Microchip