Safran SecureSync: A Vital Tool for Ensuring Public Safety in a Connected World

In today’s interconnected world, public safety depends on reliable and secure communication, coordination, and operational precision. From emergency response teams to critical infrastructure operators, organizations must rely on systems that are both secure and accurate. Safran’s SecureSync is a powerful solution designed to meet these needs, offering a blend of precise time synchronization, reliable security, and unparalleled reliability. Here’s why the SecureSync GPS/GNSS -based Network Time Server is a vital tool for enhancing public safety.

The Importance of Time Synchronization

Accurate timing is crucial in various scenarios to maintain synchronization, improve decision-making, and enhance overall effectiveness. SecureSync’s precise timing capabilities ensure that all connected systems and devices operate in harmony, minimizing errors and enhancing situational awareness across public safety operations.

1. Emergency Response Coordination
During large-scale emergencies, first responders—including police, fire, and medical teams—must work in seamless coordination. Precise time-stamping of communications and data logs ensures synchronization across all parties, enabling faster and more effective decision-making during critical situations.

2. Critical Infrastructure Protection
Utilities such as power grids, water supplies, and transportation systems depend on synchronized operations to remain functional and resilient. Timing discrepancies can result in outages, inefficiencies, or vulnerabilities that jeopardize public safety.

3. Event Reconstruction
Following an incident, accurate time-stamped data plays a vital role in forensic analysis, determining the sequence of events, and implementing preventative measures to avoid future occurrences.

SecureSync’s precise timing capabilities ensure that all connected systems and devices operate in harmony, minimizing errors and enhancing situational awareness across public safety operations.

Regulatory Compliance

Many public safety organizations must meet strict timing and security standards. SecureSync is designed to ensure compliance and reliability, helping agencies avoid penalties, maintain operational integrity, and build public trust while supporting long-term system performance.

NERC CIP Standards
For power utilities, SecureSync supports compliance with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection standards, safeguarding the reliability of essential services.

Canadian Data Security Requirements
For organizations handling sensitive information, including law enforcement agencies, systems must align with applicable federal and provincial regulations, such as the Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial privacy laws. These requirements ensure the secure handling, storage, and access of sensitive information.

Alignment with Global Standards:

While Canadian-specific regulations apply, many organizations also align with global frameworks such as ISO/IEC 27001 (Information Security Management Systems) to ensure comprehensive security practices.



Enhancing Resilience

Resilience is key to public safety, ensuring critical operations stay functional under challenging conditions. SecureSync enhances system resilience, helping public safety organizations maintain reliability and deliver essential services during adversity.

Redundant Architectures
With redundant power supplies and timing sources, SecureSync ensures continuous operation, even during component failures.

High Availability
The system’s reliable design minimizes downtime, enabling uninterrupted operation during emergencies or disruptions.

SecureSync addresses the critical need for secure, accurate, and synchronized systems, helping organizations tackle public safety challenges. From real-time coordination during emergencies to protecting vital infrastructure and ensuring compliance, it showcases how innovation drives resilience and reliability.

Telnet Networks proudly supports organizations in achieving their security and synchronization goals with solutions like SecureSync. Contact us today for a consultation or a tailored quote to meet your specific operational needs.

Synchronizing Time in a System of Systems (SoS) in the Process Control Industry

In the process control industry, precise time synchronization is essential for ensuring coordinated operations, reliable data acquisition, and efficient control of interconnected systems. The Safran SecureSync time server is a critical solution that addresses the challenges of synchronizing system of systems (SoS) within this industry. By providing robust time synchronization capabilities, the SecureSync enables seamless coordination, enhances operational efficiency, and ensures the integrity of critical processes. Let’s explore the significance of the SecureSync in synchronizing SoS within the process control industry, its technical advantages, and its impact on operational excellence.

The Complexity of System of Systems in Process Control

The process control industry comprises a multitude of interconnected systems that rely on accurate synchronization to achieve optimal performance. These “system of systems” include various components such as sensors, actuators, controllers, and supervisory systems that work together to automate and monitor industrial processes. In this complex environment, precise synchronization is crucial to ensure seamless coordination, reliable data acquisition, and accurate control.

Reliable Time Synchronization for Coordination

Accurate time synchronization is fundamental to the coordination of system of systems in the process control industry. Precise and consistent time references facilitate efficient communication, data exchange, and coordinated decision-making across different subsystems. SecureSync offers highly accurate time synchronization, ensuring that all components within the system of systems operate on the same time scale, eliminating discrepancies, and enhancing overall performance.

Seamless Data Acquisition and Control

Accurate and synchronized timekeeping provided by SecureSync significantly enhances data acquisition and control processes. By ensuring consistent time stamps across various data sources, SecureSync enables efficient data integration and analysis. This synchronized data acquisition allows process control engineers to gain real-time insights, detect anomalies, and implement timely corrective actions, leading to improved operational efficiency and enhanced system performance.

Critical Infrastructure Protection and Security

In the process control industry, protecting critical infrastructure and ensuring data security are paramount concerns. Accurate time synchronization plays a crucial role in securing system of systems against cyber threats, data breaches, and unauthorized access. The SecureSync 2400 incorporates advanced security features and secure protocols, providing robust protection and ensuring the integrity of time synchronization in critical process control environments.

Compliance with Industry Standards

The process control industry operates under stringent regulatory frameworks and industry standards. Compliance with these standards requires accurate and traceable time synchronization. The SecureSync assists organizations in meeting these compliance obligations, providing compliant time synchronization for auditing, reporting, and adherence to industry regulations.

Scalability and Flexibility for System of Systems

The SecureSync is designed to support the scalability and flexibility requirements of system of systems within the process control industry. Its modular architecture enables seamless integration into existing infrastructure, accommodating a wide range of system configurations and diverse protocols. Whether in small-scale installations or large industrial plants, the SecureSync offers the flexibility to synchronize system of systems effectively, regardless of the complexity or scale of the operation.

Conclusion

Accurate time synchronization is crucial for achieving operational excellence in the process control industry, ensuring coordinated operations, reliable data acquisition, and the integrity of critical processes. The Safran SecureSync plays a pivotal role in synchronizing system of systems, providing highly accurate time synchronization capabilities. By leveraging the SecureSync, organizations in the process control industry can enhance operational efficiency, ensure data integrity, and meet regulatory compliance requirements. The SecureSync time server is a cornerstone in the pursuit of excellence within the process control industry, enabling seamless coordination, enhancing security, and optimizing performance across interconnected systems.

Unparalleled Efficiency At Scale With SecureSync In Data Operations

Introduction

In the era of big data and distributed systems, achieving efficiency at scale is crucial for data operators. The Safran SecureSync emerges as a game-changing solution, providing unparalleled efficiency and reliability in time synchronization for data operations. We will explore the technical details behind the SecureSync and demonstrate how data operators can gain significant efficiencies at scale by leveraging its advanced features.

Exceptional Precision and Reliability

The SecureSync boasts exceptional precision and reliability, ensuring accurate time synchronization across distributed systems. Its innovative architecture combines precision timing components and advanced technologies, delivering ultra-low phase noise and frequency accuracy. With a holdover stability of <1 µs/day, the SecureSync guarantees uninterrupted synchronization, even in the event of temporary loss of reference signals.

High Scalability and Flexibility

Data operators often deal with expanding infrastructures and evolving requirements. The SecureSync is designed to address these scalability challenges. It supports a high number of simultaneous network clients, accommodating large-scale distributed systems effortlessly. Whether deployed in a small cluster or a global network, the SecureSync seamlessly integrates with existing infrastructure, providing precise time synchronization across all nodes.

Robust Timing Redundancy

The SecureSync ensures reliability in demanding operational environments through its timing redundancy capabilities. It incorporates dual-redundant power supplies and accepts multiple timing sources, minimizing the risk of single points of failure. Redundant timing sources and power supplies guarantee continuous synchronization and prevent disruptions that could impact data operations.

Advanced Network Time Protocol (NTP) and Precision Time Protocol (PTP) Support

SecureSync supports both NTP and PTP, enabling compatibility with a wide range of distributed systems. NTP provides accurate time synchronization for applications that require millisecond-level accuracy, while PTP offers sub-microsecond synchronization for applications with stringent timing requirements. The SecureSync’s ability to support both protocols ensures flexibility in integrating with various data operations, optimizing performance and efficiency.

Compliance and Traceability

Data operators often face stringent compliance requirements and the need for traceability in their operations. The SecureSync addresses these concerns by adhering to industry standards for time synchronization. It provides traceable and auditable event timestamps, facilitating compliance with regulatory frameworks and simplifying the audit process for data operations.

Comprehensive Management and Monitoring Capabilities

To efficiently manage and monitor distributed systems, the SecureSync offers advanced management and monitoring features. Its intuitive web-based interface allows for centralized control, configuration, and monitoring of multiple SecureSync units. The interface provides real-time status updates, performance metrics, and alerts, ensuring proactive management and facilitating rapid troubleshooting.

Conclusion

The SecureSync from Safran empowers data operators to achieve unparalleled efficiency at scale in their distributed systems. With exceptional precision, scalability, redundancy, protocol support, compliance adherence, and comprehensive management capabilities, the SecureSync proves to be a reliable and efficient solution for accurate time synchronization.

By leveraging the technical capabilities of the SecureSync, data operators can ensure seamless data operations, mitigate risks of inconsistencies, and optimize performance at scale. With its advanced features and robust design, the SecureSync emerges as a key enabler for data operators seeking efficiency, reliability, and compliance in their distributed data environments.

CYBERSECURITY: Hardening Security On Your SecureSync®/NetClock 9483

Customers frequently seek information and recommendations from Safran about hardening security, including general guidelines about available network security features, jamming and spoofing deterrence, bug fixes, and networking-related issues.

Sometimes they’re in search of specific practices for time servers and clients. Sometimes, because SecureSync®/9483 is part of critical infrastructure, they may not fully understand all the issues related to timing, such as GNSS jamming/spoofing, NTP vulnerability or the various types of network attacks.

Generally speaking, the correct answers are specific to each networking infrastructure and each customer’s policies. However, there are some general guidelines to follow to harden security on your SecureSync®/9483, and this document should help. It covers the following areas and explains how to use each to prevent cyberattacks:

  • Authentication and authorization
  • HTTPS and SSL
  • SSH
  • SCP
  • SFTP with public/private support

This document also consolidate the recommendations from various product manuals into one handy location. They identify each security feature, shows default settings and offers recommendations about whether you should choose to enable it.

To make it easier, we’ve also provided links to the online manuals for each protocol — so configuration help is just a click away.

Supporting Material



TECH TIP: SECURESYNC 1200 SECURITY HARDENING RECOMMENDATIONS


Download Document

Time Synchronization for Secure Networks Using Fiber

Government and military networks often utilize the concept of unclassified networks vs classified networks to manage levels of information security. Since a complete “air-gap” around a highly sensitive network is not practical, every data connection is evaluated as a security risk.

When it comes to accurate synchronization traceable to time standards on a classified network, we lose the ability to deploy a GPS receiver due to restrictions on wireless connections. The best choice for a “wired” connection is fiber optics since they do not emit nor receive electromagnetic energy. In its SecureSync synchronization platform, Orolia has deployed fiber optics for the transfer of any digital synchronization signal that can be utilized for synchronization of isolated networks.

A pair of SecureSyncs are deployed on opposites sides of a security boundary. The unit on the unclassified network is deployed with a GPS receiver and transmits highly accurate timing data to the unit on the classified network via IRIG time code. Then this “IRIG slave” operates as the master clock for all time-sensitive devices on the classified network. In this scheme, a single master can serve many isolated networks via multiple IRIG ports.

The IRIG connection is one-way. IRIG time code is not a communication protocol therefore, there are no requests nor hand-shaking. A time and date message is streamed point-to-point. The transmitter of IRIG data cannot receive any information and the receiver cannot transmit any information to comply with the practices of network isolation.

At the time of this writing, Orolia utilizes Avago Technologies’ fiber optic ports (transmitter P/N = HFBR-1414TZ; receiver P/N = HFBR-2416TZ). However, if further qualification is required contact us to verify the current configuration.



Accurate Time with Network Isolation

  • Compatible with SIPRNET and NIPRNET
  • No wireless connection (GPS receiver)
  • One-way communication via IRIG timing protocol does not allow unauthorized access
  • Fiber optic connections protect against unauthorized access

SecureSync as a Flexible Time and Frequency Reference

  • GPS master deployed on unclassified network
  • IRIG slave deployed on classified network
  • IRIG signaling via 820 nm multi-mode ST fiber connectors)
  • IRIG DCLS option with 4 outputs (model 1204-1E) on master
  • IRIG DCLS option with 1 input and 2 outputs (model 1204-27) on slave

Cybersecurity: Hardening security on your SecureSync

StableNet APM Pie Chart


Security Hardening

Customers frequently seek information and recommendations from Orolia about hardening security, including general guidelines about available network security features, jamming and spoofing deterrence, bug fixes, and networking-related issues.

Sometimes they’re in search of specific practices for time servers and clients. Sometimes, because SecureSync® is part of critical infrastructure, they may not fully understand all the issues related to timing, such as GNSS jamming/spoofing, NTP vulnerability or the various types of network attacks.

Generally speaking, the correct answers are specific to each networking infrastructure and each customer’s policies. However, there are some general guidelines to follow to harden security on your SecureSync®, and this document should help. It covers the following areas and explains how to use each to prevent cyberattacks:

  • Authentication and authorization
  • HTTPS and SSL
  • SSH
  • SCP
  • SFTP with public/private support

This document also consolidates the recommendations from various product manuals into one handy location. They identify each security feature, shows default settings and offers recommendations about whether you should choose to enable it.

To make it easier, we’ve also provided links to the online manuals for each protocol — so configuration help is just a click away.


Download the Security Hardening PDF

Don’t hesitate to call upon us for help with your timing applications, and be sure to ask us about other ways to harden your timing chain with Resilient PNT (positioning, navigation and timing) solutions that provide signal protection in the event of an outage, interference/detection/mitigation, and GNSS simulation to identify issues before they affect your critical infrastructure.

Two problems need to be solved in any time-related application:

StableNet Network Management Solutions 5


Master Clock

  1. Which clock is used as the reference for all other clocks
  2. How to transfer the time from the reference clock to all other clocks

The solution is to use a master clock as your reference. Master clock systems are used in a wide variety of applications and industries including aerospace and defence, broadcast, radio and telecom, network systems, financial services, emergency operations, call centers, and healthcare — essentially anywhere reliability of data and signals are paramount.

What is a master clock?  

A master clock takes one or more precise timing reference signals as inputs, and then converts and distributes those timing references to other devices. The method by which the accuracy of the master clock is transferred to other secondary clocks is known as synchronization. Typically, GPS satellite signals are utilized for synchronization to ensure accurate time, but other references may be used such as local atomic clocks or other time standards.

A core feature of all master clock systems is that they accept precise timing reference signals as input. It is a rare case for a master clock to be free-running and not continuously synchronized, or at least compared against an external reference. Orolia’s SecureSync modular time and frequency synchronization system can accept over 14 different signal types to discipline its local clock. This system can then generate a similar number of signal types to synchronize other devices. In case of loss of the external reference (or any redundant references), the local clock maintains timing accuracy using a local clock oscillator until the reference(s) can be restored. Several different clock oscillators are offered depending on the accuracy required during the “hold over” period.

Network master clocks can distribute their timing references over local or wide area networks. Master clocks with wireless transmitters enable synchronization of devices like display clocks without having to run wires between them for the synchronization signal. There are also highly accurate master clock solutions that utilize copper or fibre connections for precise analog and digital signal distribution, such as IRIG timecode signals.

Orolia offers a variety of master clock systems to meet the requirements for your application of accurate time. Learn more about flexible SecureSync Master Clocks

NTP Over Anycast. The Easy Way to Sync Clients and Servers

What Is NTP Over Anycast?

NTP (Network Time Protocol) over Anycast mode is a software technology that allows two (or more) NTP servers to sync clients via a single IP address.

NTP is a packet network-based synchronization protocol to sync a client clock to a network master clock.

Anycast is a networking methodology using standard routing protocols where messages are routed to one of a group of potential receivers via a single Anycast address, thus significantly simplifying the configuration management for the larger pool of clients.

NTP over Anycast, available in both SecureSync® and NetClock®, is a combination of the two concepts, allowing them to:

  • Associate one of their network ports to an Anycast IP address
  • Remove themselves as an available time source if the reference is lost or degraded, or vice versa

Though NTP clients typically need to be individually configured with the IP address(es) they are to sync with – even when using NTP over Anycast mode – this mode allows the clients to be configured with one address instead of multiple and lets the “nearest” available time server to respond to the request.

How It Works

  • Configure an Anycast IP address to any Orolia network interface.
  • NTP server responds to client requests as directed by the configured routing protocol so long as the time server is in sync.
  • NTP server becomes “unavailable” if the time server goes out of sync or a problem with its reference is detected. Client requests are directed to the “next-nearest” server, which is also configured with the NTP over Anycast address.
  • NTP server is automatically made available when synchronized.

When to Use NTP Over Anycast

Configuring NTP clients for mission-critical timing using NTP servers with static IP addresses can be problematic for large deployments across several network and geographic boundaries. Referencing an NTP server by hostname with existing DNS infrastructure can help, but still requires a lot of configuration.

For Anycast-enabled networks, the ability to route NTP requests to several potential servers via a single IP address, without any specific client configuration, offers the simplest, most reliable, most scalable approach.

Benefits to You

  • Reduce latency, increase availability, improve scalability of NTP deployments.
  • Simplify the management of a reliable wide-area NTP deployment with redundant stratum-1 servers.
  • Leverage the ability of a “smart” NTP server for a simple NTP client implementation.

How to Get NTP Over Anycast

 Contact Us for more information or, for currently fielded units, to receive the application software upgrade.

About the Author Sadie Nedo

Sadie Nedo is a global account manager at Orolia, where she supports the public safety market. For nearly a decade, she has specialized in helping PSAPs develop and deploy solutions that simplify the integration of precision timing and frequency into their critical infrastructures. She holds a bachelor’s degree in advertising and public relations from Rochester Institute of Technology.