CRIS Current Research Information System

Time Sensitive Networking (TSN) will be an integral component of industrial networking. Time synchronization in TSN is provided by the IEEE-1588, Precision Time Protocol (PTP) protocol. The standard, dating back to 2008, marginally addresses security aspects, notably not encompassing the frames designed for management purposes (Type Length Values or TLVs). In this work we show that the TLVs can be abused by an attacker to reconfigure, manipulate, or shut down time synchronization. The effects of such an attack can be serious, ranging from interruption of operations to actual unintended behavior of industrial devices, possibly resulting in physical damages or even harm to operators. The paper analyzes the root causes of this vulnerability, and provides concrete examples of attacks leveraging it to de-synchronize the clocks, showing that they can succeed with limited resources, realistically available to a malicious actor.

Berardi, D., Tippenhauer, N.O., Melis, A., Prandini, M., Callegati, F. (2023). Time sensitive networking security: issues of precision time protocol and its implementation. CYBERSECURITY, 6(8), 1-13 [10.1186/s42400-023-00140-5].

Time sensitive networking security: issues of precision time protocol and its implementation

Berardi, Davide
Conceptualization
;Melis, Andrea
Investigation
;Prandini, Marco
Writing – Review & Editing
;Callegati, Franco
Funding Acquisition
2023

Abstract

Time Sensitive Networking (TSN) will be an integral component of industrial networking. Time synchronization in TSN is provided by the IEEE-1588, Precision Time Protocol (PTP) protocol. The standard, dating back to 2008, marginally addresses security aspects, notably not encompassing the frames designed for management purposes (Type Length Values or TLVs). In this work we show that the TLVs can be abused by an attacker to reconfigure, manipulate, or shut down time synchronization. The effects of such an attack can be serious, ranging from interruption of operations to actual unintended behavior of industrial devices, possibly resulting in physical damages or even harm to operators. The paper analyzes the root causes of this vulnerability, and provides concrete examples of attacks leveraging it to de-synchronize the clocks, showing that they can succeed with limited resources, realistically available to a malicious actor.
2023
CYBERSECURITY
Berardi, D., Tippenhauer, N.O., Melis, A., Prandini, M., Callegati, F. (2023). Time sensitive networking security: issues of precision time protocol and its implementation. CYBERSECURITY, 6(8), 1-13 [10.1186/s42400-023-00140-5].
Berardi, Davide; Tippenhauer, Nils O.; Melis, Andrea; Prandini, Marco; Callegati, Franco
1.01 Articolo in rivista
File in questo prodotto:
File Dimensione Formato  
s42400-023-00140-5.pdf

accesso aperto

Tipo: Versione (PDF) editoriale
Licenza: Licenza per Accesso Aperto. Creative Commons Attribuzione (CCBY)
Dimensione 2.27 MB
Formato Adobe PDF
Visualizza/Apri
2.27 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/922353
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact