NIST IR 8323 Revision 1 | Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of PNT Services (January 31, 2023)
Today, much of our Positioning, Navigation, and Timing (PNT) needs are met by GPS. Precision time signals sent through GPS synchronize cellphone calls, time-stamp financial transactions, and support safe travel by aircraft, ship, train and car. But GPS transmissions can be disrupted unintentionally by radio interference or the weather in space, and they could be interrupted intentionally.
On Feb. 12, 2020, President Trump signed the Executive Order on Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services. The order seeks to ensure that the nation’s critical infrastructure, such as the energy, financial and transportation sectors, are resilient to disruptions in GPS or other sources of PNT, including time signals sent over the internet .
The Executive Order directs the Department of Commerce and other agencies to work with the private sector to identify and promote responsible methods of using PNT services that appropriately manage risks.
NIST will provide guidance in the form of “profiles” to help organizations make deliberate, risk-informed decisions on their use of PNT services and will offer a time service over optical fiber lines as an alternate source of precision time.
This project is part of NIST’s response to the February 12, 2020, Executive Order (EO) 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing Services. The EO notes that “the widespread adoption of PNT services means disruption or manipulation of these services could adversely affect U.S. national and economic security. To strengthen national resilience, the Federal Government must foster the responsible use of PNT services by critical infrastructure owners and operators.” The Order also calls for updates to the profile every two years or on an as needed basis.
Based on NIST’s interaction with public and private sector stakeholders and their efforts to create “sector specific” profiles, it was decided to create Revision 1.
No substantive changes were made to the original Foundational PNT Profile; NIST only sought comments on the changes made in this revision. Among the most noteworthy are:
See the publication details for a copy of the profile and link to the comments received.
On February 11th, 2021 NIST released; NISTIR 8323 - Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services to help organizations identify systems, networks, and assets dependent on PNT services; identify appropriate PNT services; detect the disruption and manipulation of PNT services; and manage the associated risks to the systems, networks, and assets dependent on PNT services. This profile was developed using an open and collaborative process involving public and private sector stakeholders to ensure critical infrastructure owners and operators, government agencies, and others can inform the responsible use of PNT services and effectively adopt, refine, and implement the profile. In addition, reference the PNT Quick Guide for a high-level overview of the project.
For decades, NIST has offered time services at various levels of accuracy to meet a broad range of customer needs. For example, NIST’s Internet Time Service, which receives 40 billion hits per day, provides time independent of GPS with an accuracy to about 1 millisecond — adequate for many computer networks but much less stringent than some customers require.
To meet the higher requirements of some industries and to support resilient PNT, NIST has launched a special calibration service for companies, utilities or other organizations that wish to receive or disseminate U.S. civilian standard time through commercial fiber-optic cable. The service will use commercial telecommunications networks to distribute NIST’s realization of the global time standard, Coordinated Universal Time [UTC(NIST)], independently of GPS. NIST’s fiber-optic service aims to be 1,000 times more accurate than its Internet Time Service.
If you have any questions, please contact NIST at pnt-eo [at] list.nist.gov.
NIST Recommends Steps to Boost Resilience of U.S. Timekeeping (11/29/2021)
NIST Finalizes Cybersecurity Guidance for Positioning, Navigation and Timing Systems (2/11/2021)
Safeguarding Critical Infrastructure: NIST Releases Draft Cybersecurity Guidance, Develops GPS-Free Backup for Timing Systems (10/23/2020)