[time-nuts] Time security query
Javier Serrano
javier.serrano.pareja at gmail.com
Wed Aug 26 12:02:42 UTC 2009
When something goes wrong in an accelerator, like an unsolicited beam dump,
the timing system broadcasts a Post Mortem event (message) and lots of
equipment push diagnostics data with time tags up to the Post Mortem system
for analysis. These PLCs control things like Cryogenics, and other
industrial-like systems, and are very removed from what we do in the timing
team. I suppose they run a simplified NTP client, because NTP is not
considered critical for their mission and they don't have much memory or
time to devote to this. Your proposal of using a dedicated NTP server to
monitor the PLCs looks interesting, I'll look into it. Tagging PPS could be
risky as you say, maybe tagging something like a 0.1 Hz pulse train would be
better. We could then trigger an alarm as soon as the time tags are off by
one second.
On Wed, Aug 26, 2009 at 12:43 AM, Hal Murray <hmurray at megapathdsl.net>wrote:
>
> javier.serrano.pareja at gmail.com said:
> > There are some exceptions to this, with PLCs and other pieces of
> > hardware getting sync from NTP. We've had problems in our Post Mortem
> > system in the past, with a PLC not receiving NTP traffic because of
> > router misconfiguration and this resulting in incoherent time tags.
>
> Are your PLCs running full NTP or some minimal implementation?
>
> The reference implementation has a lot of monitoring/debugging options.
> Probably the simplest approach is to setup a ntp server and use it to
> monitor
> the systems you are interested in. (I'll say more if anybody wants.)
>
> Speaking of software bugs, many of the minimal implementations have
> "interesting" problems. In case anybody isn't familiar with it, Dave
> Plonka
> has a wonderful writeup of the Netgear/Univ-Wisc mixup. I'd call it
> required
> reading for any computer science program.
> http://pages.cs.wisc.edu/~plonka/netgear-sntp/<http://pages.cs.wisc.edu/%7Eplonka/netgear-sntp/>
> Wikipedia has a page that covers a few more incidents:
> http://en.wikipedia.org/wiki/NTP_server_misuse_and_abuse
>
> Anyway, if you are using ntp, add denial-of-service to the list of
> considerations, either on your servers or the servers you are using. For
> popular servers like the ones run by NIST, there are significant errors
> during the normal daily peak load times.
>
>
> > Our proposed solution for that is to feed a PPS from one of our timing
> > receivers to the critical PLCs and ask them to time-tag it with their
> > internal NTP-derived time base.
>
> Is tagging a PPS enough? How do you know if you are off by several
> seconds?
>
>
>
> --
> These are my opinions, not necessarily my employer's. I hate spam.
>
>
>
>
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to
> https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.
>
More information about the time-nuts
mailing list