A method to avoid sympathetic switches in path switching protection due to client protection switching includes monitoring a drop side Tandem Connection Monitoring (TCM) entity and a line side TCM entity for a connection, wherein the drop side TCM is provisioned between a drop port of the node and a second drop port of a corresponding node, and wherein the line side TCM entity is provisioned between a plurality of line ports of the node and a second plurality of line ports of the corresponding node; responsive to detecting defects in both the drop side TCM entity and the line side TCM entity on a working line, implementing path protection switching of the working line; and, responsive to detecting defects only in the drop side TCM entity, implementing path protection switching of the working line responsive to persistence of the defects.

A secure control system includes a network of multiplexers that control end/field devices of an infrastructure system, such as an electric power grid. The multiplexers have a default secure lockdown state that prevents remote access to data on the multiplexers and prevents modification of software or firmware of the multiplexer. One or more of the multiplexers include a physical authentication device that confirms the physical proximity of a trusted individual when remote access is requested. A user accesses the network and one of the multiplexers remotely by way of login credentials. The trusted individual confirms the identity of the remote user and operates the physical authentication device connected with and in proximity to that multiplexer, thereby confirming that the remote user can be trusted to access data and reconfigure the multiplexers. The multiplexer connected with the physical authentication device generates a token that is passed to each of the multiplexers that the remote user needs access to. The token may specify a time period, after which, the multiplexers will reenter secure lockdown mode.

A secure control system includes a network of multiplexers that control end/field devices of an infrastructure system, such as an electric power grid. The multiplexers have a default secure lockdown state that prevents remote access to data on the multiplexers and prevents modification of software or firmware of the multiplexer. One or more of the multiplexers include a physical authentication device that confirms the physical proximity of a trusted individual when remote access is requested. A user accesses the network and one of the multiplexers remotely by way of login credentials. The trusted individual confirms the identity of the remote user and operates the physical authentication device connected with and in proximity to that multiplexer, thereby confirming that the remote user can be trusted to access data and reconfigure the multiplexers. The multiplexer connected with the physical authentication device generates a token that is passed to each of the multiplexers that the remote user needs access to. The token may specify a time period, after which, the multiplexers will reenter secure lockdown mode.

In general, techniques are described for programming a set of one or more pre-defined rules within the forwarding plane of a packet gateway of a mobile service provider network and caching, within control plane, a group identifier that identifies the set of programmed, pre-defined rules. The control plane may match quality of service (QoS) information of incoming subscriber service requests with the group identifier and respective subsets of the set of programmed, pre-defined rules to rapidly associate service requests with already-programmed PCC rules and thereafter install, to the forwarding plane, subscriber service-specific actions for the PCC rules.

[Object] To reduce the frequency of the occurrence of the transmission collision of frames. [Solution] A communication device, including: a receiving unit configured to receive a frame transmitted by another terminal; a length information acquiring unit configured to acquire length information related to the frame from the received frame; and a transmission frame deciding unit configured to decide a length of a transmission frame on the basis of the acquired length information.

There is provided a technique of securing clock synchronization between master clock node (MCN) and client clock node (CCN). During a cycle of exchanging PTP messages between MCN and CCN, MCN generates an associated paired message for each PTP message generated thereby and informative of t.sub.1 or t.sub.4 timestamps provided by MCN and sends each paired message to a validation entity (VE) via a secured channel between MCN and VE. When PTP messages traverse transparent clock nodes (TCN) between MCN and CCN, each TCN generates a paired message for each version of PTP message updated thereby and sends each generated paired message to VE via a secured channel between respective TCN and VE. VE uses the received paired messages to provide a validation of the cycle, wherein synchronization-related task(s) (e.g. clock correction by the client clock node, etc.) are provided only subject to successful validation of the cycle by VE.

Embodiments of this application relate to the field of communication technologies, and provide a timing method for dealing with a link exception and an apparatus. A specific solution is as follows: receiving a first synchronization packet from a first terminal device; receiving a second synchronization packet from a second terminal device or a server; and if the first synchronization packet and the second synchronization packet belong to a same TSN domain, determining a to-be-forwarded synchronization packet in the first synchronization packet and the second synchronization packet. In this way, if the to-be-forwarded packet is the first synchronization packet, the first synchronization packet is forwarded, and the second synchronization packet is filtered. Embodiments of this application are used to improve timing precision in a timing process of the TSN device for the 5GS.

Systems, methods, and instrumentalities are disclosed for Random Access Channel (RACH) procedures in unlicensed spectrum. A wireless transmit/receive unit (WTRU) may monitor for a random access response (RAR) or a reference signal (RS), e.g. in an RAR window. The WTRU may determine whether an RS has been received a threshold amount of times, e.g. if an RAR is not received. The WTRU may continue to monitor for an RAR or an RS, e.g. if the RS has not been received a threshold amount of times and the RAR window is not at a maximum RAR window size.

An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to “hide” or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.

An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to “hide” or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.