High-security NTP timing and synchronisation servers from Microsemi

January 12, 2016 // By Graham Prophet
Microsemi may be best known to EDN Europe readers for its silicon products at device level; as a corporation it has numerous other activities one of which is in providing time servers to communications and other infrastucture installations worldwide.

These servers are GNSS (navigation satellite) locked, often with miniature-atomic-clock internal holdover to provide very high level timing and time stamping (nanosecond accuracy) to all forms of synchronous system. They must be secure in providing accurate time without reference to any other (network) connection, and be resistant to any form of hack or attack.

Microsemi has added the SyncServer S600 and SyncServer S650 are in the SyncServer S6xx series of Network Time Protocol (NTP) servers, providing a highly secure, accurate and flexible timing and frequency platform for synchronising network elements and mission-critical electronics systems in enterprise information technology (IT) applications such as Internet protocol (IP) telephony and physical security and government instrumentation applications such as satellite communications and defence operational infrastructure. Clock accuracy is typically better than 10 nanoseconds to universal time.

Third-party comment is offered by by Jeffry Dwight, president of Greyware Automation Products, a provider of time synchronisation, management, and auditing software for Windows. “The new SyncServer raises the bar for accurate time synchronisation with hardware-based time stamp support, which we found significantly reduced jitter and latency in time served, without losing accuracy. Installation was also much more flexible than any other GPS/GNSS unit we’ve tested.”

The new series features SyncServer S600, a security-hardened NTP time server with Microsemi’s NTP Reflector technology for robust security, accuracy and reliability of network time services, and the SyncServer S650, a highly versatile timing and frequency system with the company’s FlexPort technology for multiport, user definable output signal configuration. The SyncServer S600 is designed for enterprise IT customers managing corporate networks in industries such as financial services and healthcare, while the SyncServer S650 is ideal for electronics system engineers synchronizing mission-critical, system-level instruments.

The features mentioned refer to an architecture in which the network-facing task of responding to time requests is taken up by an FPGA-based sub-system which can run at line speed with its functions in hardware. It separates the respnse task from the server’s CPU, so that the CPU cannot be stalled by request overload such as a DNS attack; the FPGA front-end handles any such attempt simply by answering all legitimate requests (which its speed permits) and ignoring any ill-formed ones.

Flexport indicates the use of re-configurable hardware to enable any port to be set to accommodate any protocol (changed on the fly if necessary) to increase operational flexibility and reduce the hardware options a user might need to hold.