NIST’s Jim McCarthy provides an overview of the recently-released draft NISTIR 8323, Cybersecurity Profile for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services that helps organizations make deliberate, risk-informed decisions on their use of PNT services.
In this pre-recorded session, topics such as the background on Executive Order 13905, the PNT profile development timeline, and the implementation of the NIST Cybersecurity Framework will be addressed.
Watch the video HERE
Today, much of our Positioning, Navigation, and Timing (PNT) needs are met by GPS. Precision time signals sent through GPS synchronize cellphone calls, time-stamp financial transactions, and support safe travel by aircraft, ship, train and car. But GPS transmissions can be disrupted unintentionally by radio interference or the weather in space, and they could be interrupted intentionally.
On Feb. 12, 2020, President Trump signed the Executive Order on Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services. The order seeks to ensure that the nation’s critical infrastructure, such as the energy, financial and transportation sectors, are resilient to disruptions in GPS or other sources of PNT, including time signals sent over the internet .
The Executive Order directs the Department of Commerce and other agencies to work with the private sector to identify and promote responsible methods of using PNT services that appropriately manage risks.
NIST will provide guidance in the form of “profiles” to help organizations make deliberate, risk-informed decisions on their use of PNT services and will offer a time service over optical fiber lines as an alternate source of precision time.
NIST will develop a foundational PNT profile to help organizations identify systems, networks, and assets dependent on PNT services; identify appropriate PNT services; detect the disruption and manipulation of PNT services; and manage the associated risks to the systems, networks, and assets dependent on PNT services. This profile will be developed using an open and collaborative process involving public and private sector stakeholders to ensure critical infrastructure owners and operators, government agencies, and others can inform the responsible use of PNT services and effectively adopt, refine, and implement the profile .
For decades, NIST has offered time services at various levels of accuracy to meet a broad range of customer needs. For example, NIST’s Internet Time Service, which receives 40 billion hits per day, provides time independent of GPS with an accuracy to about 1 millisecond — adequate for many computer networks but much less stringent than some customers require.
To meet the higher requirements of some industries and to support resilient PNT, NIST has launched a special calibration service for companies, utilities or other organizations that wish to receive or disseminate U.S. civilian standard time through commercial fiber-optic cable. The service will use commercial telecommunications networks to distribute NIST’s realization of the global time standard, Coordinated Universal Time [UTC(NIST)], independently of GPS. NIST’s fiber-optic service aims to be 1,000 times more accurate than its Internet Time Service.