2025.06.23

Data centres - protecting critical infrastructure from GNSS cyberattack

Jörg Urban and Frederic Silva, Oscilloquartz, discussed GNSS dependence and protective measures at the Netnod Meeting 2025. The talk covered how it is possible to build redundant synchronisation networks for data centres by using terrestrial alternatives.

This is part of a series focusing on the presentations from the Netnod Meeting 2025. Each blogpost aims to summarise the key points from the presentation and provides link for readers who want to know more.

GNSS and PNT

Global navigation satellite systems (GNSS) are commonly used as providers of Position, Navigation and Time (PNT). The presentation focused on the often implicit dependence of data centres on time from GNSS.

In Europe, the most commonly used GNSS systems are GPS (American military) and Galileo (European civilian). They are similar in design, with satellites in several orbital planes at 20 200 km altitude. They both provide free PNT almost anywhere on the globe, but they are vulnerable to cyber attacks.

These cyber attacks consist of: spoofing, when an attacker sends a signal from a fake location and attempts to make the target think the signal came from somewhere else; and jamming, when an attacker attempts to disrupt signals so that the target cannot properly receive GNSS signals.

Data centres and PNT

It is common today to use time from GNSS in data centres. This means that the time in data centres is dependent on GNSS and can therefore be spoofed and jammed.

The time requirements in data centres have changed over time; previously millisecond time was accurate enough, but more and more applications need microsecond, and even nanosecond, time accuracy. In practical terms, data centres are moving from using Network Time Protocol (NTP) to Precision Time Protocol (PTP), a much more accurate time transfer protocol.

In addition to accuracy, PTP over fibre provides a form of time transfer that mitigates GNSS vulnerabilities; that is time which works even if GNSS is spoofed or jammed.

In a larger policy scope, through CER and NIS2, the EU is mandating operators of data centres to assess risks structurally. As part of this process, it is likely that data centre operators will focus more on redundant time.

Terrestrial alternatives for PNT

The first atomic clock was built in 1955, a caesium-133 clock. Since then, Caesium has become the norm for standardised atomic clocks and is still used today. Currently, there is an ongoing shift towards optical caesium clocks with higher accuracy and better holdover.

You can watch Oscilloquartz’s presentation from the Netnod Meeting 2025 here and see the slides here.

End-to-end encryption: architecturally necessary

Fredrik Lindeberg

2025.06.04

Good intentions don’t always result in good outcomes. This is especially the case with recent suggestions regarding end-to-end-encryption adaptability requirements for number independent communication services; not only is security an issue, the suggestions themselves go against the design of the Internet, as well as digitization itself.

Cybersecurity

Prelude to a BGP hijack?

Fredrik Lindeberg

2025.05.22

Lasse Jarlskov, Peering Manager at Telia, discussed BGP-hijacks and security at the Netnod Meeting 2025. The presentation summarised a BGP hijack attempt and how Autonomous System Provider Authorization (ASPA) can help fight BGP attacks in the long-term.

Netnod Time

Cybersecurity

Securing time for any device: Results from the Roughtime Hackathon at IETF 121

Rob Allen

2024.12.12

A Roughtime Hackathon at IETF 121 led by Netnod’s Technical Consultant, Marcus Dansarie, brought together developers and researchers to refine the protocol and its implementations. In this blogpost, we summarise some of the outcomes from the hackathon.

Show all blog articles