TL;DR
- ▸Timing infrastructure is increasingly a target. The attack surface includes GNSS jamming, spoofing, direct compromise of grandmasters, configuration manipulation and observability blind spots.
- ▸Six steps materially reduce the surface: hardened GNSS, authenticated PTP, network segmentation, audit logging, continuous monitoring and a documented incident response runbook.
- ▸None are exotic. All are routinely skipped because the team didn't budget for them.
The six steps
These are the six steps we recommend to every customer running a production timing fabric. Each one is straightforward; together they materially reduce the attack surface and make compromise much harder to execute and much easier to detect.
- ●Multi-band, multi-constellation GNSS with anti-jam where the environment justifies it. Single-band L1 GPS-only is no longer acceptable for any production deployment that takes resilience seriously.
- ●Authentication on PTP messages where the profile supports it. IEEE 1588 supports message authentication; not all profiles use it but it's worth turning on where available.
- ●Network segmentation isolating the timing fabric from general traffic. PTP should run on its own VLAN or its own physical network where possible, with strict ACLs preventing lateral movement.
- ●Audit logging on all configuration changes to grandmasters and boundary clocks. Configuration drift is a common attack vector and an even more common operational failure mode.
- ●Continuous monitoring with alerts on anomalous timing behaviour. Phase offset excursions, clock class transitions, BMCA election outcomes — all of these are anomaly indicators worth alerting on.
- ●A documented incident response runbook for timing-related security events. What does the team do if a grandmaster is compromised? If GNSS is being spoofed? If the audit log shows unauthorised configuration changes? These questions should have pre-documented answers.
Why these matter
An adversary that can manipulate the timing infrastructure can manipulate audit trails (defeating regulatory compliance), cause coordinated transmission failures (disrupting 5G fronthaul or broadcast IP video), defeat distributed system consistency guarantees, and disrupt physical operations that depend on precision time. The threat model is real and growing as timing becomes more load-bearing across regulated industries.
The good news is that most of the threat surface is closeable with disciplined operations rather than exotic security technology. The six steps above are unglamorous but effective. Operators that skip them are accepting risk they don't have to accept.
Frequently asked questions
What's the most common timing security vulnerability?+
Is PTP authentication widely deployed?+
How do I respond to a GNSS spoofing event?+
Related reading
Blog · Policy
CISA Recommendations for Timing and Sync
The US Cybersecurity and Infrastructure Security Agency has published recommendations for timing and synchronisation in critical infrastructure. What the guidance says and how operators should respond.
Blog · Policy
UK Government PNT Resilience Policy Framework
The UK government's policy framework for greater position, navigation and timing (PNT) resilience — what it says, what it means for critical national infrastructure operators, and where the regulatory direction is heading.
Blog · GNSS
Timing Without the Roof
GNSS-free timing is no longer a niche concern. From contested electromagnetic environments to indoor venues with no antenna access, more deployments now have to deliver precision time without a clear sky view. What the alternatives actually look like.

