Monitoring of Clock Synchronization in Cyber-Physical Systems : A Sensitivity Analysis

Clock synchronization is a core asset to protect when securing cyber-physical systems with a time-triggered architecture. One of the most challenging attacks to protect against is a delay attack, where an adversary delays one of the synchronization messages, making node offset calculations incorrect for keeping clocks synchronized. One way to detect a breach of clock synchronization is by monitoring the offsets calculated in a node according to the clock synchronization algorithm. The analysis in this work assumes that the distributed nodes need to share the same notion of time and for this reason, uses the IEEE 1588 standard. Using this approach, a monitor needs to make a decision about if and when a node is under attack, in which case rules and methods for decision making should be put in place. There are many aspects to consider when setting thresholds for the monitored values in order to make such a decision. In this work we conduct an analysis of monitor indicators and an investigation of their applicability. Further, we identify dependencies within the proposed monitoring approach and conduct a sensitivity analysis of the parameters needed to make a decision about a system being under attack. The analysis outcomes allow to identify important parameters to consider while thresholding indicators and enables a greater generality in their applicability.READY - Research Environment for Advancing Low Latency InternetSafeCOP - Safe Cooperating Cyber-Physical Systems using Wireless Communicatio