Is it your time?

This article is also inspired by a man - Tomasz Widomski who has just graduated Cybersecurity Management MBA postgraduate studies at Wojskowa Akademia Techniczna w Warszawie (Military University of Technology in Warsaw, Poland) and shared his work with me just 2 days ago.

I know Tomasz (Tom) more than 20 years since I decided to implement two geo-spread NTP servers delivering GPS-sourced time to computer network of telco company I was working for. Tomasz has been always dedicated to time and time synchronization matter, as long as I know him. We had many talks and discussions on that - as a network engineer and cybersecurity guy, I have always considered time to be an important element in the operation of computer systems, but perhaps not entirely crucial. I guess I treated it a bit like DNS - a kind of side service that helps us operate, but in essence, almost no one notices it - after all, time is always there. Over time, just like with DNS, I began to recognize the growing importance of time and its synchronization. First, in terms of log correlation in SIEM systems, then the unambiguity of timestamps, and most recently in the context of disruptions or jamming of GPS signals.

Tomasz's work titled: "Analysis of the phenomenon of desynchronization as a new cyber weapon destabilizing national infrastructures" excellently expands the theme of time and time synchronization in the context of cybersecurity.

So, in short, why time and its synchronization are important - it is because there exist attacks on time domain:

• Time Synchronization Attack (TSA - attack on time)
• Time Delay Attack (TDA - attack on network delays)
• Time Spoofing / Manipulation

These attacks could result in many various direct on indirect disruptions destabilizing work of IT, OT or Maritime systems. Why is that? It is because every modern and advanced electronic system is a computer now and it relies on time and very often on time sync. Every manipulation, disruption could result in malfunctioning of the entire system. Let's enumerate some examples:

• Disruption of network operations: Many network protocols, such as Kerberos or SSL/TLS, use timestamps to verify the validity of certificates and tokens. Time manipulation can cause the rejection of valid certificates or the acceptance of expired ones.
• Data replication issues: Database systems and file systems often rely on timestamps for data synchronization and replication. Incorrect time can lead to data loss or replication conflicts.
• Disruption of industrial systems' operation: In Maritime and OT, such as SCADA (Supervisory Control and Data Acquisition), precise timing is crucial for sequencing events and operations. Time manipulation can cause machine failures, improper functioning of safety systems, and other serious disruptions.
• Event logging issues: IT security systems, such as SIEM (Security Information and Event Management), depend on accurate timestamps to track events and detect anomalies. Time manipulation can hinder the identification and response to security incidents.
• Disruption of financial trading: In algorithmic trading, where milliseconds can determine profits or losses, time manipulation can lead to unfair advantages or financial losses.
• Disruption of navigational systems: Systems like GNSS (Global navigation satellite system, e.g. GPS - Global Positioning System) base on time to accurately determine positions. Time manipulation can lead to dramatic navigational errors.

And here we are coming full circle - time synchronization in a very basic form was used in maritime since 1731 when a sextant was developed and implemented by John Hadley and Thomas Godfrey. To get geo position you needed to have not only a sextant device but also exact time (and a nautical almanac with ABC tables and a map of course). And the correct time was crucial to find yourself on the map. And the other way - you could use a sextant to correct your clock time. That's why maritime can be considered a precursor to time synchronization.

Nowadays, time synchronization is done seamlessly and we rely heavily on it (Another matter is whether it is performed correctly and securely). Our immense reliance on this has been recognized, and current recommendations are to move away from the widespread use of time synchronization relative to GPS as well as unknown public NTP time servers. One of sign of this is Executive Order 13905 by US President titled: "Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing Services (PNT)" and the citation: "Because of the widespread adoption of PNT services, the disruption or manipulation of these services has the potential to adversely affect the national and economic security of the United States. To strengthen national resilience, the Federal Government must foster the responsible use of PNT services by critical infrastructure owners and operators". What does it mean? You, an economy, a company relying on time, time distribution and its synchronization, should take care of it. To have your verified and reliable sources of time. To verify your time and your own time distribution network. My experience is that almost no one does it... Is it your time?

And in the end there are some good projects in the world that are building separate sources and time distribution networks not dependent on satellites and the Internet. In Poland half year ago it has just started the e-Czas (e-Time) project led by G?ówny Urz?d Miar (https://e-czas.gum.gov.pl) and consists of:

• e-CzasPL - an innovative time distribution system applicable within the territory of the Republic of Poland, consisting of:
• e-Czas Radio - used for distributing time signals via long-wave radio frequencies;
• e-Czas PTP - a time distribution service in fiber optics for professional applications;
• e-Czas Monitor - used for additional confirmation of synchronization compliance and for time source authentication;
• e-Czas Online - a free mobile application that provides unrestricted access to a reliable time source.

The e-Czas Radio 225kHz radio signal covers half of Europe - the other half could be covered by German DCF77 signal.

And the classic for the end of the article, somewhat connected with the subject.

No man is an Island, intire of it selfe; every man is a peece of the Continent, a part of the maine; if a Clod bee washed away by the Sea, Europe is the lesse, as well as if a Promontorie were, as well as if a Mannor of thy friends or of thine own were; any mans death diminishes me, because I am involved in Mankinde; And therefore never send to know for whom the bell tolls; It tolls for thee.

by John Donne, known also from E. Hemingway book titled "For Whom the Bell Tolls".

So - is it your time?

I know that some of my colleagues Tomasz Brol Grzegorz Kaczmarek are involved in time & frequency domain too. Here are my kudos for them.

And once again thank you Tomasz Widomski for sharing your work with me. I hope that people interested in your work may contact you.