Combining unidirectional and bidirectional time synchronisation methods in critical defence networks
5 minute facts on defence synchronisation methods
Network timing is often a small but critical part of a military network. Covering many aspects across the defence industry, from simple data entry for repair works to secure communications channels, defence operators need to depend on highly accurate and reliable network timing solutions. Personnel not only rely on clear and secure voice communications, but they also now depend on shared data services, creating an information network in which all elements have access to vital intelligence for smooth and safe operations.
It is therefore crucial that timing is implemented and configured to the specific use cases required; this is particularly important in high-security environments where sensitive information is processed.
Time synchronisation technology is slowly moving away from dedicated point-to-point synchronisation methods, such as 1PPS (Pulse-Per-Second), 10MHz and IRIG (Inter-Range Instrumentation Group timecodes). Replacing these methods are ethernet-based solutions such as NTP (Network Time Protocol) and PTPv2 (Precision Time Protocol v2).
However, in the timing world, ethernet solutions available for the defence industry have often been deemed limited or not as accurate as existing methods. This is particularly so in high-security environments and critical networks.
While this may appear to be the case on the surface, the reality is a lot more complicated when factoring in ease of installation and the ability to scale network deployments over time.
The fundamental differences between unidirectional and bidirectional communication
Timing solutions for defence are split into two separate categories: unidirectional communication and bidirectional communication. Both methods share the same primary synchronisation source, GNSS (Global Navigation Satellite System)but there are some key differences between them.
Unidirectional communication
Unidirectional methods refer to synchronisation sources that only require one-way communication from the master time source to the client. Such synchronisation methods include 1PPS, 10MHz and IRIG B signals, and older synchronisation forms like serial time strings.
Unidirectional signals do offer some advantages in a security-conscious environment:
- 1PPS and 10MHz are highly accurate signals, providing a stable reference to the second
- Easily generatable over fibre optic
- No communication needs to come back to the source to establish time synchronisation, ensuring no data leaves the secure area
However, this method also has its drawbacks.
- There is no time-of-day information supplied with 1PPS and 10MHz signals; if the time is out by over a second to start with, it cannot be corrected.
- Whilst an IRIG time code does contain time of day information (alongside month and year), the accuracy of IRIG depends on the timecode used. Standard IRIG B timecode is only accurate within a few milliseconds - to get to a microsecond range, IRIG G would need to be used, which requires a specialist IRIG generator.
- A unidirectional method requires one generator port per client port, which, if you are distributing time for multiple pieces of equipment, requires multiple outputs from the master generator.
Whilst it is possible to use a diplexer to distribute a unidirectional signal from one input to multiple outputs, care needs to be taken when choosing the diplexer so as not to introduce too much signal noise. This itself is a factor which can affect the end synchronisation result. In addition, considerations regarding a single point of failure also need to be taken, in that a single cable input is responsible for synchronising the entire infrastructure.
Bidirectional communication
Bidirectional methods are limited to two types of ethernet-based synchronisation: Network Time Protocol (NTP) and Precision Time Protocol v2 (PTPv2). NTP is a network protocol that provides timing information from a dedicated NTP time server to end clients, synchronising all equipment with a common reference source. It is the world’s most common ethernet-based timing source, and nearly every internet-connected device can utilise an NTP packet to gain its time.
NTP can be distributed over an existing network infrastructure with little to no modification, and one-time server can process up to 20,000 requests a second. In addition, most NTP devices are set to poll for their time once every 64 seconds, so a single server can serve time to potentially hundreds of thousands of devices. NTP is also equipped with multiple security features like MD5 authentication or symmetric key to secure packets across the network and prevent malicious interception.
Experts in bespoke time synchronisation systems
Meinberg, a global leader in time synchronisation solutions, offer a comprehensive range of NTP solutions. LANTIME is Meinberg’s family of ready-to-run Network Time Protocol (NTP) server appliances, ideal for synchronising networks of any size. Users are able to choose between several different external reference sources such as GNSS sources or a highly stable, free running clock can be deployed on your network to keep your synchronisation.
NTP is not without its drawbacks, however. NTP is only accurate within the millisecond range on a standard network, and the performance is often a lot worse than this, depending on the network load. NTP uses a straightforward process to calculate its time, as per the formula to the right.
This simple method does not consider variances in delay across the network. For example, if the delay from the server to the client is 20ms and the client to the server is 100ms, then it would assume the delay is 60ms in both directions, creating a 40ms skew on the client. For most applications that only require rough timing, like general use PCs, this isn’t too much of a concern, but for control systems and data logging systems, this jumping of time is not acceptable. Compared to the accuracy and stability from 1PPS or 10MHz, NTP is quite inaccurate and variable for time synchronisation.
Using PTPv2 to distribute to multiple clients
Like NTP, PTPv2 can be distributed to many clients (up to 2048 per card from a Meinberg system); however, unlike NTP, PTPv2 can handle asymmetric delays much more accurately than NTP. In addition, PTPv2 can synchronise down to microsecond and even nanosecond resolutions if the network is configured correctly.
Configuring the network for PTPv2 isn't, without its own drawbacks. For PTPv2 to function optimally, users need to install specialist network equipment that handles the PTPv2 packets correctly, allowing PTPv2 to calculate the delays when going through the equipment and the delays in network hops to ascertain an exact delay correction figure to apply to the end devices.
The lack of an in-built security method like MD5 authentication is a cause for concern with this method. As a result, the only secure way of transporting PTPv2 is via direct fibre optic communication, which adds another layer of complexity to the configuration of the network.
Unfortunately, the equipment necessary for this can be expensive to implement and usually needs to be run as a separate dedicated network to prevent interference from regular network traffic spikes and floods.
The best of both worlds
There is always the option of using the best features of both unidirectional and bidirectional synchronisation methods.
One method of doing this is by using the flexibility of bidirectional ethernet-based synchronisation (PTPv2 in this case) for the network’s backbone, then translating the bidirectional synchronisation to unidirectional signal-based synchronisation for secure areas or for legacy equipment which would be too expensive to replace.
Rob Skinner is one of APC’s dedicated time synchronisation experts. With nearly a decade of experience at APC, Rob is well versed in designing and building bespoke Meinberg systems and has extensive knowledge of complementary timing technologies and systems. APC is the exclusive distributor for Meinberg in the UK and Ireland, working closely with Meinberg's own team of experts to deliver solutions to customers.
To discuss your time synchronisation requirements, or to find out more about our full portfolio of precision timing technologies, request a technical discussion with Rob and our team of experts: