SYSTEM AND METHOD OF SYNCHRONIZING A DISTRIBUTED CLOCK IN A PACKET-COMPATIBLE NETWORK

Abstract

There is provided a technique of clock managing in a packet data network implementing a time-transfer protocol. The technique comprises: modifying, by the timing-server, a timestamp record to enable a controllable access to data informative of the least significant part of clock-informative data (CLSP data), wherein modifying the timestamp record comprises modifying the least significant part of the timestamp record (RLSP) to comprise the CLSP data in an encrypted form or to comprise values substituting, in a predefined manner, the CLSP data; transferring the modified timestamp record to all timing-clients, wherein CLSP data are transferred in a controllable access manner; enabling access to the CLSP data merely to authorized timing-clients among the plurality of timing-clients; and enabling the authorized timing-clients to obtain the CLSP data and synchronize the respective clocks using the CLSP data together with data informative of the most significant part of the clock-informative data.

Claims

1. A method of clock managing in a packet data network (PDN) implementing a time-transfer protocol, the network comprising a plurality of timing-clients operatively connected to a timing-server, the method comprising: modifying, by the timing-server, a timestamp record to enable a controllable access to data informative of the least significant part of clock-informative data (CLSP data), wherein modifying the timestamp record comprises one of: a) modifying the least significant part of the timestamp record (RLSP) to comprise the CLSP data in an encrypted form and b) modifying the RLSP to comprise values substituting, in a predefined manner, the CLSP data; transferring the modified timestamp record to all timing-clients among the plurality of timing clients, wherein CLSP data are transferred in a controllable access manner; enabling access to the CLSP data merely to authorized timing-clients among the plurality of timing-clients; and enabling the authorized timing-clients to obtain the CLSP data and synchronize the respective clocks using the obtained CLSP data together with data informative of the most significant part of the clock-informative data (CMSP data), whilst enabling availability of the CMSP data for all timing-clients.

2. The method of claim 1 wherein the CLSP data in RLSP are substituted, the method further comprising encrypting the CLSP data and transferring the encrypted CLSP data as encrypted TLV (type-length-value) data structure attached to a time-transfer protocol's message that transfers the modified timestamp record.

3. The method of claim 2, wherein the message that transfers the modified timestamp record comprises a special indication of a presence of the attached encrypted TLV data structure, the TLV data structure to be decrypted with the help of keys shared between the timing-server and the authorized timing-clients.

4. The method of claim 1 wherein the CLSP data in RLSP are substituted, the method further comprising transferring the CLSP data separately from a time-transfer protocol's message that transfers the modified timestamp record, wherein the CLSP data are transferring merely to the authorized timing-clients.

5. The method of claim 4, wherein the message that transfers the modified timestamp record comprises a special indication of modification of the RLSP, thereby enabling the authorized timing-clients to obtain the separately transferred CLSP data corresponding to the modified timestamp record.

6. The method of claim 4, wherein the timing-server transfers CLSP to authorized clients in accordance with a preconfigured list available to the timing-server and comprising data indicative, for each authorized timing-client, of a unique clock identifier of the timing-client and IP address of a respective hosting network node.

7. The method of claim 4, wherein the timing-server transfers CLSP to authorized clients in accordance with a preconfigured list available to the timing-server and comprising data indicative of a unique clock identifier of each authorized timing-client, wherein IP addresses of respective hosting network nodes are derived from unicast message negotiation specified by the time-transfer protocol.

8. The method of claim 4, wherein the timing-server transfers CLSP to respective authorized clients as PTP signaling management messages with proprietary TLV carrying CLSP or as proprietary PTP messages.

9. A timing-server configured to operate in a packet data network (PDN) implementing a time-transfer protocol, the network comprising a plurality of timing-clients operatively connected to a timing-server, the timing-server comprising a processing and memory circuitry (PMC) operatively connected to a clock circuitry, wherein the PMC is configured to: modify a timestamp record to enable a controllable access to data informative of the least significant part of clock-informative data (CLSP data), wherein modifying the timestamp record comprises one of: a) modifying the least significant part of the timestamp record (RLSP) to comprise the CLSP data in an encrypted form and b) modifying the RLSP to comprise values substituting, in a predefined manner, the CLSP data; enable transferring data informative of the modified timestamp record to all timing-clients among the plurality of timing clients; and enable transferring the CLSP data in a controllable access manner.

10. The timing-server of claim 9, wherein the CLSP data in RLSP are substituted and wherein the PMC is further configured to encrypt the CLSP data and to enable transferring the encrypted CLSP data as encrypted TLV (type-length-value) data structure attached to a time-transfer protocol's message that transfers the modified timestamp record.

11. The timing-server of claim 10, wherein the message that transfers the modified timestamp record comprises a special indication of a presence of the attached encrypted TLV data structure, the TLV data structure to be decrypted with the help of keys shared between the timing-server and authorized timing-clients.

12. The timing-server of claim 9, wherein the CLSP data in RLSP are substituted and wherein the PMC is further configured to enable transferring the CLSP data separately from a time-transfer protocol's message that transfers the modified timestamp record, wherein the CLSP data are transferring merely to authorized timing-clients.

13. The timing-server of claim 12, wherein the message that transfers the modified timestamp record comprises a special indication of modification of the RLSP, thereby enabling the authorized timing-clients to obtain the separately transferred CLSP data corresponding to the modified timestamp record.

14. The timing-server of claim 12, wherein the PMC is further configured to enable transferring CLSP to authorized clients in accordance with a preconfigured list available to the timing-server and comprising data indicative, for each authorized timing-client, of a unique clock identifier of the timing-client and IP address of a respective hosting network node.

15. The timing-server of claim 12, wherein the PMC is further configured to enable transferring CLSP to authorized clients in accordance with a preconfigured list available to the timing-server and comprising data indicative of a unique clock identifier of each authorized timing-client, wherein IP addresses of respective hosting network nodes are derived from unicast message negotiation specified by the time-transfer protocol.

16. The timing-server of claim 12, wherein the PMC is further configured to enable transferring CLSP to respective authorized clients as PTP signaling management messages with proprietary TLV carrying CLSP or as proprietary PTP messages.

17. A non-transitory computer readable medium usable by a timing-server configured to operate in a packet data network (PDN) implementing a time-transfer protocol, the network comprising a plurality of timing-clients operatively connected to a timing-server, the computer readable medium comprising instructions that, when executed by a processor, cause the processor to perform operations comprising: modify a timestamp record to enable a controllable access to data informative of the least significant part of clock-informative data (CLSP data), wherein modifying the timestamp record comprises one of: a) modifying the least significant part of the timestamp record (RLSP) to comprise the CLSP data in an encrypted form and b) modifying the RLSP to comprise values substituting, in a predefined manner, the CLSP data; enable transferring data informative of the modified timestamp record to all timing-clients among the plurality of timing clients; and enable transferring the CLSP data in a controllable access manner.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0014] In order to understand the invention and to see how it can be carried out in practice, embodiments will be described, by way of non-limiting examples, with reference to the accompanying drawings, in which:

[0015] FIG. 1a illustrates a generalized schematic architecture of an exemplary time distribution network implementing the Precision Time Protocol (PTP) as known in prior art;

[0016] FIG. 1b illustrates a clock synchronization procedure in accordance with the PTP protocol as known in prior art;

[0017] FIG. 2 illustrates a generalized flow chart of timestamp delivery in accordance with certain embodiments of the presently disclosed subject matter;

[0018] FIG. 3 schematically illustrates a timestamp configured in accordance with certain embodiments of the presently disclosed subject matter;

[0019] FIG. 4 illustrates a generalized schematic architecture of an exemplary time distribution network implementing the Precision Time Protocol (PTP) in accordance with certain embodiments of the presently disclosed subject matter; and

[0020] FIGS. 5-6 illustrate generalized flow charts of non-limiting examples of embodiments of the presently disclosed subject matter.

DETAILED DESCRIPTION

[0021] In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the presently disclosed subject matter may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the presently disclosed subject matter.

[0022] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as “processing”, “sending”, “receiving”, “transferring”, “modifying”, “generating”, “using” or the like, refer to the action(s) and/or process(es) of a computer that manipulate and/or transform data into other data, said data represented as physical, such as electronic, quantities and/or said data representing the physical objects. The term “computer” should be expansively construed to cover any kind of hardware-based electronic device with data processing capabilities including, by way of non-limiting example, the controller, the clock agent and respective parts thereof disclosed in the present application.

[0023] The terms “non-transitory memory” and “non-transitory storage medium” used herein should be expansively construed to cover any volatile or non-volatile computer memory suitable to the presently disclosed subject matter.

[0024] The operations in accordance with the teachings herein may be performed by a computer specially constructed for the desired purposes or by a general-purpose computer specially configured for the desired purpose by a computer program stored in a computer readable storage medium.

[0025] Embodiments of the presently disclosed subject matter are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the presently disclosed subject matter as described herein.

[0026] Bearing this in mind, attention is drawn to FIG. 1a schematically illustrating an exemplary time distribution network 100 including a plurality of clock nodes denoted as 12-1-12-5 and implementing the Precision Time Protocol (PTP) as known in prior art. Each clock node comprises a processing and memory circuitry with a clock circuitry. In accordance with IEEE 1588 standards, distribution of timing information in the network 100 is implemented in a hierarchical manner.

[0027] Clock nodes 12-2-12-5 are operatively connected to the clock node 12-1 via respective clock ports (not shown). Clock node 12-1 is configured to be the source of synchronization data, i.e. to serve as PTP master clock node (timing-server) and to provide the timing reference to the slave clock nodes 12-2-12-5 (timing-clients). PTP master clock nodes receives and/or generates accurate clock-informative data, generates respective timestamps and distributes them over the network 100.

[0028] The exemplary PTP-based time distribution network 100 operates on top of a packet-compatible communication network (not shown) which may have ring, bus, tree, star, or mesh topologies, or a combination of different topologies. Clock nodes correspond to the hosting network nodes of the underlying communication network and can constitute parts of the respective network nodes.

[0029] Referring to FIG. 1b, there is illustrated a simplified sequence of message exchange between the master clock node 12-1 and one of slave nodes when operating the PTP protocol as known in prior art. FIG. 1b provides a pictorial representation of SYNC, SYNC FOLLOW UP, DELAY RESPONSE, and DELAY REQUEST messages and the associated timing information that are exchanged between a master clock 102 and a slave clock 104. SYNC message 106 comprises embedded by the master clock timestamp, t.sub.tx.sup.sync (referred to hereinafter also as t.sub.1), which represents the time at which the transmission of the SYNC message 106 was initiated. The SYNC message 106 is received at a certain time, t.sub.rx.sup.sync (referred to hereinafter also as t.sub.2), by the receiving slave clock 104. Since t.sub.2 is measured by the slave clock, the value of t.sub.2 can be less accurate than t.sub.1 measured by the master clock. Equation (1) expresses the relationship between the time values t.sub.1 and t.sub.2 in terms of the network transit delay (Δt.sub.delay.sup.sync) and the time offset (Δt.sub.offset) between the slave clock measurement and the master clock measurement: t.sub.2=t.sub.1+Δt.sub.delay.sup.sync+Δt.sub.offset=t.sub.1+Δt.sup.sync (1).

[0030] Optionally (e.g. when the master clock hardware does not support inclusion of timestamp t.sub.1 in the SYNC message 106), a highly accurate hardware measurement of the timestamp, t.sub.1, can be transferred not within the sync packet itself, but within a separate SYNC FOLLOW UP message 108.

[0031] The slave clock sends to the master clock DELAY REQUEST message 110 informative of measured by the slave clock transmission time t.sub.tx.sup.dreq (referred to hereinafter also as t.sub.3). The master clock notes the reception time, t.sub.rx.sup.dreq (referred to hereinafter also as t.sub.4) of the DELAY REQUEST message 110; it generates, in response, DELAY RESPONSE message 112 and transmits the DELAY RESPONSE message 112 to the slave clock. The DELAY RESPONSE message 112 provides the timing information t.sub.4 back to the slave clock. Similar to Equation (1), the relationship between time values t.sub.3 and t.sub.4 can be expressed as: t.sub.4=t.sub.3+Δt.sub.delay.sup.dreq+Δt.sub.offset=t.sub.3+Δt.sup.dreq (2). Equations (1) and (2) can produce the slave clock offset Δt.sub.offset indicative of time difference between the slave clock and the master clock.

[0032] The values of t.sub.1, t.sub.4 (collectively referred to also as master timestamps) transmitted to the slave clock 104 as part of message exchange and values t.sub.2 and t.sub.3 (collectively referred to also as slave timestamps) generated by the slave clock 104 are stored in a memory location accessible by the slave clock 104. The slave clock further uses the collected timestamps and generates clock-recovery data usable for clock (i.e. frequency and/or phase) recovery.

[0033] In addition to exchange of synchronizing messages detailed above with reference to FIG. 1B, PTP supports other synchronizing messages (e.g. for peer-to-peer synchronization). PTP also supports other announce and signaling messages usable to configure and maintain the PTP-based clock distribution.

[0034] In both NTP and PTP protocols, time delivery accuracy is determined by time stamp accuracy and network conditions.

[0035] It is noted that a clock synchronization algorithm at a slave clock collects and filters the received timestamps during a collection period, and further uses the collected information for steering local time and frequency to match its recovered time to the server's time. The collection period depends, for example, on the network conditions, local oscillator parameters, required accuracy, etc.

[0036] Referring to FIG. 2, there is illustrated a generalized flow chart of timestamp delivery from a timing-server to timing-clients. In accordance with certain embodiments of the presently disclosed subject matter, the timing-server is configured to modify (201) a timestamp record so to enable controllable access to data informative of the least significant part of clock-informative data (referred to hereinafter as CLSP data).

[0037] Unless specifically stated otherwise, it is appreciated that throughout the specification the terms related to controlling access to certain data refer to technique(s) regulating which timing-client can use the respective data. As will be further detailed by way of non-limiting examples with reference to FIGS. 5-6, the access can be controlled by encrypting the least significant part of clock informative data and/or by delivering the least significant part of clock informative data merely to authorized timing-clients.

[0038] Timestamp records in both PTP and NTP protocols have the similar format. Timestamp field comprises 32 bits subfield for the second and 32 bits subfield for the fractions of seconds. An exemplarily timestamp record 300 is schematically illustrated in FIG. 3. In the illustrated example, bits corresponding to seconds, milliseconds and microseconds constitute the most significant part and are recorded in the most significant part (RMSP) 301 of the timestamp record, while bits corresponding to nanoseconds constitute the least significant part and are recorded in the least significant part (RLSP) 302 of the timestamp.

[0039] For purpose of illustration only and unless specifically stated otherwise, the following description is provided for timestamp records configured in a manner illustrated in FIG. 3. Those skilled in the art will readily appreciate that the teachings of the presently disclosed subject matter are, likewise, applicable to other timestamp configurations. By way of non-limiting example, the timestamp record can comprise the most significant part (e.g. corresponding to seconds and milliseconds) and a plurality of less significant parts each configured to enable separately controllable access (e.g. separately controllable parts corresponding to microseconds and to nanoseconds).

[0040] Referring back to FIG. 2, the timing-server transfers (202) to the timing-clients timestamps each comprising RMSP and RLSP. Data informative of CLSP (the least significant part of clock-informative data) are transferred in a manner enabling accessibility merely to authorized timing-clients. For such authorized timing-clients, the timing-server (and/or an external system operating in conjunction with the timing-server) enables (203) access to data informative of CLSP. As further detailed with reference to FIGS. 5-6, data informative of CLSP can be transferred in encrypted or in clear text mode, it can be transferred in pull or push mode in accordance with a list of authorized timing clients, and it can be transferred together or separately of data informative of CMSP (the most significant part of the clock-informative data).

[0041] An authorized timing-client obtains (204), for a given timestamp and based on the enabled access, data informative of the least significant part of the clock-informative data and synchronizes (205) its clock using together data informative of the most significant and data of the least significant parts of the clock-informative data. Non-authorized timing-client synchronizes (206) its clock without knowledge of CLSP data and, thus, with accuracy lower than the accuracy available for the authorized timing-client.

[0042] For purpose of illustration only and unless specifically stated otherwise, the following description is provided for clock synchronization based on a single timestamp. Those skilled in the art will readily appreciate that the teachings of the presently disclosed subject matter are, likewise, applicable to timing-clients configured to synchronize the clock based on a plurality of the timestamps received during a collection period. Referring to FIG. 4, there is illustrated a generalized schematic architecture of an exemplary time distribution network implementing the Precision Time Protocol (PTP) in accordance with certain embodiments of the presently disclosed subject matter.

[0043] Timing-server 12-11 is configured to operate as detailed with reference to FIG. 2. Timing-clients 12-3 and 12-4 are non-authorized timing-clients having no SLA requirements of the received time accuracy. Timing-client 12-7 is an authorized client with SLA requirements of time accuracy and timing-client 12-6 is an authorized client with enhanced SLA requirements of time accuracy.

[0044] In the illustrated example of FIG. 4, the timestamp record can comprise the most significant part (e.g. corresponding to seconds and milliseconds), a less significant part (e.g. a part corresponding to microseconds) and the least significant part (e.g. corresponding to nanoseconds) with separately controllable access.

[0045] In accordance with the method detailed above with reference to FIG. 2, time synchronization by non-authorized timing-clients 12-3 and 12-4 is based on the knowledge of, merely, data of the most significant part of the clock-informative data (i.e. seconds and milliseconds). In correspondence with SLA, authorized timing-client 12-7 has further knowledge of data of the less significant part of clock-informative data corresponding to microseconds, and can provide time synchronization with improved accuracy; while authorized timing-client 12-6 has knowledge of data of the entire clock-informative data and can provide time synchronization with the highest (among the illustrated clients) accuracy.

[0046] It is noted that implementing the method above requires no changes for non-authorized timing-clients providing time synchronization based, merely, on the knowledge of data of the most significant part of the clock-informative data. As will be further detailed with reference to FIGS. 5-6, in accordance with certain embodiments of the presently disclosed subject matter, the authorized timing-clients shall be configured to enable the access to more accurate data having controllable access.

[0047] Referring to FIG. 5, there is illustrated a non-limiting example of embodiments of the presently disclosed subject matter. In the illustrated example, the timing-server modifies (501) a timestamp record to comprise the most significant part (RMSP) with the most significant part of clock-informative data (CMSP) in a clear text form and the least significant part (RLSP) with the least significant part of clock-informative data (CLSP) in an encrypted form and transfers (502) the modified timestamp to all timing-clients. The authorized timing-clients are configured to share (503) encryption keys with the timing-server. By way of non-limiting example, the encryption keys can be pre-shared. Additionally or alternatively, the encryption keys can be automatically exchanged with the help of a key distribution protocol (e.g. Transport Layer Security Protocol (TLS) as specified by RFC8446, etc.). In a non-limiting example of TLS protocol, the timing-server can be configured as a TLS server and the authorized timing-client can be configured as a TLS client. Further, in order to enable TLS-based automatic key exchange, both timing-server and timing-client can be equipped with valid Public Key Certificate according to ITU-T X.509.

[0048] Optionally, authorized timing-clients can be preconfigured to decrypt all timestamps when received from the timing server. Otherwise, time-transfer messages can comprise a special indication of required decryption of the encrypted part of the timestamp (e.g. it can be one of the reserved flags in PTP common message header, value of proprietary Extension Field Type in NTP message, etc.), and the authorized timing-clients can be further configured to decrypt the timestamp responsive to the special indication.

[0049] The authorized timing-client uses the respectively shared keys to decrypt (504) the received encrypted data in the least significant part of the timestamp, and uses (505) the data of the most significant part together with data of the least significant part of the timestamp for clock synchronization.

[0050] Non-authorized timing-client is incapable to use encrypted data in the least significant part of the timestamp and, thus, synchronize the clock using the knowledge of, merely, data in the most significant part of the time stamp.

[0051] Referring to FIG. 6, there is illustrated another non-limiting example of embodiments of the presently disclosed subject matter.

[0052] The timing-server modifies (601) each timestamp record such that the least significant part of the record (RLSP) comprises predefined values (e.g. zeros), whilst the timing-server separately keeps (602) data informative of the values of bits in the least significant part of clock-informative data (CLSP). It is noted that, likewise, the values of bits in RLSP can be substituted by random or otherwise dynamically defined values.

[0053] Timing-server transfers (603) to all timing-clients the modified timestamp. Timing-server further separately transfers (604), in a controllable-access manner, data informative of CLSP. In certain embodiments, timing-server can transfer data informative of CLSP in correspondence with every SYNC/Follow Up message sent to the timing client during the collection period detailed with reference to FIG. 1b. Likewise, optionally, and depending on the configuration of the timing-client, data informative of CLSP can be further transferred in correspondence with DELAY RESPONSE messages.

[0054] The timing-server (and/or external system operating in conjunction with the timing-server) enables (605) access to data informative of CLSP, merely, to authorized timing-clients that synchronize their clocks using (606) data of the most significant part (CMSP) together with separately received data informative of the least significant part (CLSP) of respective clock-informative data.

[0055] By way of non-limiting example, CLSP can be sent as encrypted TLV attached to the protocol message. In such a case, enabling access to data informative of CLSP can be provided in a manner detailed with reference to FIG. 5. Messages carrying the modified timestamps can comprise a special indication informative of presence of the attached encrypted TLV, and the authorized timing-clients can be further configured to decrypt the attached CLSP accordingly.

[0056] By way of alternative example, the timing-server can transfer CLSP (in a clear text or in an encrypted manner) to the authorized timing-clients via an alternative (i.e. out of timing protocol) channel between the respective clock ports. Timing-server can obtain information on the authorized client in various ways. By way of non-limiting example, CLSP can be transferred in accordance with a preconfigured list available to the timing-server and comprising data indicative, for each authorized timing client, of clock ID of the client, IP address of the respective clock node and CLSP option. Optionally, instead of pre-configuring, an IP address can be derived from unicast message negotiation specified by the PTP protocol.

[0057] By way of another non-limiting example, the destination address and credential information required for CLSP transferring can be fully signaled by an authorized timing-client with the help of proprietary TLV in signaling messages used for unicast message negotiation. Timing server can further verify the received credentials (e.g. by facilitating Public Key Infrastructure (PKI) and SSL certificates).

[0058] Accordingly, the timing-server transfers CLSP to respective authorized clients as PTP management messages with proprietary TLV (type-length-value) structure informative of CLSP, or as proprietary PTP messages. The messages can be transferred in a push mode (e.g. once per n of sync messages) and/or in a pull mode responsive to a request received from an authorized timing-client. It is noted that as unicast messages are transferred merely to the authorized timing clients and comprise the same CLSP data, they can be transferred without encrypting the CLSP.

[0059] Time-transfer messages with the modified timestamps can comprise special indications of modification of the least significant part (e.g. this can be one of the reserved flags in PTP common message header, the value of proprietary Extension Field Type in NTP message, etc.).

[0060] It is to be understood that the invention is not limited in its application to the details set forth in the description contained herein or illustrated in the drawings. The invention is capable of other embodiments and of being practiced and carried out in various ways. Hence, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting. As such, those skilled in the art will appreciate that the conception upon which this disclosure is based may readily be utilized as a basis for designing other structures, methods, and systems for carrying out the several purposes of the presently disclosed subject matter.

[0061] It will also be understood that the system according to the invention may be, at least partly, implemented on a suitably programmed computer. Likewise, the invention contemplates a computer program being readable by a computer for executing the method of the invention. The invention further contemplates a non-transitory computer-readable memory tangibly embodying a program of instructions executable by the computer for executing the method of the invention.

[0062] Those skilled in the art will readily appreciate that various modifications and changes can be applied to the embodiments of the invention as hereinbefore described without departing from its scope, defined in and by the appended claims.