I have been involved in projects that have brought time to industrial and warehouse applications for over 20 years. Computer time requirements were one of the main drivers for these projects, ensuring they have secure access to servers, etc. It also supports the need for accurate time stamps in processes and distributed databases.
I have discussed the costs of installing a 'plug and play' future-proof NTP system in a previous blog. These costs can be significant, as installers will need to access the roof to deliver the time from GNSS constellations. You might wonder if this information is freely available on the Internet. Yes, it is, but there are several important factors to consider that make the implementation costs of your own timing service worthwhile.
Issue number one with timings from the Internet is that you do not know how trustworthy that source is. In fact, you do not know how reliable it will be in the future either. This source is completely out of your control, but the time you will be using could be crucial.
It is true that the use of three or more sources should give you the ability to qualify these services against each other. However, it does triple or more the risk of quality as well as the security of using external timing.
Even if the quality of timing is good, be cautious and ask why this service is free. There are time services available from national laboratories (such as NIST in the USA) so this isn’t always a consideration.
A more fundamental concern in using Internet Time is not the prospect of incorrect time but the prospect of your network being attached through the port where the NTP packets enter.
NTP uses UDP Port 123 and unfortunately that port has been used many times over many years as an attack vector for networks. The target of these attacks is not your time but your network.
Using a service such as NIST alleviate any concerns on time quality and security, but what about your own security? To receive an external time service, you will need to have the NTP UDP Port 123 open. There have been many instances, and I am afraid there will be plenty more, especially where UDP Port 123 has been used as an attack vector for networks. This means that even with a secure source, you are exposing yourself to attacks to your network through Port 123.
Using GNSS signals as your source of time effectively brings your system of timing completely within your company firewall. I have had customers who have used an Internet time source as a fallback despite using GNSS (not something I would ever recommend) and in this case, dedicated NTP solutions such as Microchip’s SyncServer S600 will be updated to take account of emerging security threats from the Internet.