Mais conteúdo relacionado Semelhante a Best practices in solving PNT threats in critical defense communications infrastructure (20) Best practices in solving PNT threats in critical defense communications infrastructure1. Best practices in
solving PNT threats
in critical defense
communications
infrastructure
3/14/23 | 11:55-11:10a (15 min) | Nino De Falcis, director, sync business development, Americas, Oscilloquartz, Adtran
WSTS, March 13-16, Vancouver, BC
2. 2023 © ADTRAN, INC.
2
• PNT stands for Positioning, Navigation & Timing. Timing enables P & N
• Protect defense/industry critical infrastructure (CI) against PNT services disruption from frequent
GPS & network timing attacks – GPS, commercial or M-Code, is a single point of failure & can no
longer be considered as a sole source for reliable PNT services in CI
• Deploy resilient, multisource and assured PNT systems
• Target critical infrastructure sectors under national security threats
• Use published resilient PNT guidelines & standard in progress
• DHS Resilient PNT Conformance Framework
• NIST Cybersecurity Framework for PNT Profile
• IEEE P1952 Resilient PNT for User Equipment Standard working group
DRIVEN BY US FEDERAL EXECUTIVE ORDER 13905
The new resilient PNT mandate & standard
Power grids Finance Transportation
DoD
Communications
DoD Data centers
3. 2023 © ADTRAN, INC.
3
Why GPS alternatives are a high priority?
Sen. King Urges Top General to Make GPS
Alternatives a “High Priority”
LI post by Dana A. Goward, March 10, 2023
Senator Video
King says:
• “I believe GPS will be one of the first
targets in a conflict”
• “Are we developing alternatives to space-
based resources?”
General James H. Dickenson, Commander
of US Space Command, confirmed:
• “…I know there's efforts underway…
looking to alternative PNT and how we
can develop those types of capabilities.”
4. C5ISR - Command, Control, Communications, Computers,
Cyber, Intelligence, Surveillance & Reconnaissance
DISA/DISN
Army
Air Force
Navy
Space Force
C5ISR
land
sea
air
Data Centers
space
The current C5ISR infrastructure supports the Army’s combat capabilities with reliable & real-time
information for tactical battlefield decisions. Secure, resilient & synchronized datacomms support critical land,
sea, air & space missions
network
Centralized
5. JADC2 - Joint All-Domain Command & Control
DoD/DISN
Army
Air Force
Navy
Space Force
land
sea
air
Neural Data
Centers
space
The next-gen JADC2 is an AI-powered unified network, connecting sensors & weapons from all branches of the
armed forces. Tactical networks will utilize 5G ORAN capabilities for ubiquitous high-speed connectivity, to move
massive data to connect distant sensors into a dense & resilient battlefield network. Low-latency & synchronized
datacomms will enable next-gen connected unmanned/autonomous weapons systems across all domains
network
Decentralized
• National/Core
• Regional
• Local
• Edge & Mobile
C5ISR
JADC2
AI-Powered
5G
5G 5G
5G
5G
5G
6. 2023 © ADTRAN, INC.
6
UNDER REVIEW
What are the PNT threats & GPS vulnerabilities?
jamming
environmental
satellite
attacks
adjacent-band transmitters
spoofing
External GPS/GNSS level
RARE
PNT threats
COMMON
GPS/GNSS
degradation
causes
sat ground
station
space
debris
Figure 4.1 – Known GPS vulnerabilities to telecom (updated)
RARE
Cyberattacks
Internal network level
COMMON
NTP
PTP
/ /
client clock
boundary
clock
network
interference
GPS/GNSS
receiver
7. 2023 © ADTRAN, INC.
7
Are GPS/PNT threats real?
Oct 27, 2022
Jan 21, 2022
Disruption “lasted for 33.5 hours. Wireline and cellular
providers had timing backup systems and were unaffected.
A radio system with no backups suffered, as did a simulcast
radio system that used rubidium backup clocks”
March 19, 2022
Oct 19, 2022
March 1, 2023
8. 2023 © ADTRAN, INC.
8
TaaS+GBaaS solution for DoD’s zero-trust PNT strategy for all-domain branches
New PNT requirements
• DoD zero-trust strategy “never
trust, always verify”
• GPS cannot be a single point of
failure in critical PNT services
• Secure, resilient & assured PNT
with six 9’s reliability
• DHS Resilient PNT guideline
specifies the use of multiple
sources vs. user’s risk profile
• PNT capability with end-to-end
defense-in-depth
resiliency
Next-gen PNT applications
• Resilient & assured PNT for all combat domains (land, sea, air, space)
• Secure & synchronized multidomain tactical datacomms network
• Accurate timing for real-time DISN/C5ISR information network
• Synchronized JADC2 network powered with AI, 5G & neural DCs
• Precise timing for connected weapons/radars (event trigger/timestamp)
Resilient & assured PNT solution
• GPS TaaS+GBaaS (Time-as-a-Service + GPS-Backup-as-a-Service)
MIL network timing requirements, applications and solutions
• GPS/M-Code
• LEO PNT
• Sat surveillance
Next-gen JADC2 unified battlefield network
9. 2023 © ADTRAN, INC.
9
ITU-T standard-based GPS TaaS+GBaaS solutions
PRTC (G.8272 A/B)
frequency + phase
GPS (or Mcode)
Grandmaster time server
PRTC A accuracy: 100ns | PRTC B: 40ns
ePRTC* (G.8272.1)
frequency + phase
Zero-trust multisource
validator + combiner
Grandmaster time server
sync
network
ePRTC accuracy: 30ns
sync
network
NTP PTP NTP PTP
PTP PTP
Cesium (Cs) backup
TaaS
GPS
Other backup sources
GBaaS
*enhanced
Primary
Reference
Time Clock
PTP / NIST/ eLoran / LEO PNT
Cs
backup
1 2
10. 2023 © ADTRAN, INC.
10
BITS
10 MHz
SyncE
PTP/NTP
IRIG
PPS
PPS+TOD
ePRTC solution configuration and performance
GPS/M-code
receiver
GPS
antenna
Zero-trust
multisource validator
+ combiner
GPS receiver and Zero-trust multisource validator + combiner
are integrated into the Grandmaster
Other backup sources
Time/Phase holdover if GPS goes down
SePRTC*: 100ns over typ. 55 days
1µs over typ. 4 months
14 days
Time error
100ns
30ns
Short-term GPS backup holdover performance
Long-term GPS backup holdover performance
35ns
Masks
Optical Cesium
clock backup
Grandmaster
time server
65ns
45ns
ePRTC
ePRTC+
SePRTC
*Super ePRTC solution
GPS/
Mcode
GBaaS
TaaS
PTP / NIST/ eLoran / LEO PNT
ePRTC (G.8272.1)
(functional diagram)
11. 2023 © ADTRAN, INC.
11
WAN network
Networkwide
Sync Mgmt
packet LAN network
GPS TaaS+GBaaS architecture in Hi-Rel MIL networks
MIL Network Node
Site-1
PTP failover backup
cross reference monitoring
2
5
GM-2*
NTP
(ms accuracy)
*GPS/Mcode NTP/PTP
Grandmaster Time Server with
“zero-trust multisource validator
+ combiner” solution
GM-1*
Cesium, PTP, NIST,
eLoran, LEO PNT, etc.
GPS/
Mcode
7
PTP PTP
(sub-µs accuracy)
PNT backup
sources
Servers/VMs running critical JADC2 battlefield applications supported by zero-trust PNT services
AI-based timing
management system
3
4
PTP
1
2
MIL Data Center
Site-2
6
Receiver
12. 2023 © ADTRAN, INC.
12
Managing GPS TaaS+GBaaS architecture in Hi-Rel MIL networks
AI-based timing management system with multilevel fault-tolerance for
end-to-end control, visibility and six 9’s reliability
geolocation Site-1 & Site-2
PTP backup monitoring
from GM-2 to GM-1
timing chain alert with Cesium/
PTP backup rearrangements
GM-1 alert with Cesium backup
timing topology with
Cesium/PTP backup
GPS attack
vendor-agnostic
analytics for GPS
assurance
GM-2 alert with PTP backup
from GM-1
Site-2
Site-1
Site-2
Site-1
GM-2
GM-2 GM-1
PTP
ePRTC
Site-1
Site-2
7
6
5
4
3
2
1
Networkwide
Sync Mgmt
PTP
PTP
backup
Cesium
backup