Enhancing IEEE 1588 PTP security for IIoT networks: A lightweight attack detection and mitigation framework

Highly precise clock synchronization is an important aspect of the Industrial Internet of Things (IIoT) network because desynchronized clocks among nodes in IIoT can degrade system performance and even lead to system failure. IEEE 1588 Precision Time Protocol (PTP) is widely used in such time-sensitive networks. Resource efficiency and security have become the most important concerns in designing PTP for IIoT applications. PTP provides unified and high-precision time, whereas it is resource inefficient and insecure in its current form, particularly for resource-constrained IoT devices, such as battery powered sensing nodes. To this end, this paper aims to advance the existing PTP to improve security for IIoT networks without involving complex and power-consuming cryptographic algorithms. We study and analyze the potential cyber-attacks that can affect the security and synchronization of the PTP network. Considering the limitations of the PTP security defined by IEEE 1588 in its Annex K, we propose a security extension to the PTP algorithm. This security model covers the full PTP attack surface and allows the detection of attacks on all the PTP nodes in a timely manner. Along with the attack detection, we establish an attack mitigation model to mitigate the attack effects on Master PTP nodes. The proposed secure PTP model was evaluated under different network conditions and with varying important parameters. It was observed that newly introduced functions do not compromise synchronization accuracy. All the experimental evaluations demonstrate that the proposed approach is more secure and robust to cyber-attacks and does not affect the operation of PTP devices in all considered network configurations.