The US Time Server Foundation

USTiming today operates 1/3 of the NIST ITS servers around the Internet. Today it added Carrier-Neutral Access

capabilities.

2

Section One

• Section One – About USTiming.ORG

• Section Two – NIST ITS Program

• Section Three – Carrier Neutral Access Program

3

The dream – USG time everywhere

• US Timing is a group of people who came to realize that a government was the ultimate provider of time in any jurisdiction and that to meet that any time services in compliant activities must come from the government in a provable manner– Time protocols make that complex because they were

not built to provide evidence. – USTiming’s systems are. – That architecture statement has implications – end-

user time distribution services don’t cut it. Mass-use distribution models are needing from timing authorities.

4

• Disclaimer Page– USTiming.ORG is not a part of the

Government but rather an industry operated consortia to meet the industry’s needs for direct first-person access to the national time standard.

5

Section One

• Section One – About USTiming.ORG

6

What is USTiming.ORG 1

• USTiming is a not-for-profit entity who’s charter is to “deploy the NIST ITS UTC time service as a network enablement for all US Critical Infrastructure/Key Resource uses”.

– For Tax USTiming is structured as a co-operative NPO and is filing for its 501(c)(12) status this year

• For Governance Purposes to facilitate its Tax Status as a 501 (c)(12) USTiming is structured as a chaord type foundation with all seated members sharing equally in all benefits.

– Mechanically USTiming.ORG sponsors NIST ITS systems for public access and absorbs the overhead in “the replication of the Government’s Time Server Operations Cost as a component of the Industry’s support of US Critical Infrastructure Operations'”.

7

What is USTiming.ORG 2

• Why? – 15 USC 271 and 15 USC 272 define NIST itself as the civilian source of time in the US.

• NIST’s ITS program is its method of making that electronic time standard available to the public en-mass across the Internet.

• USTiming.ORG hosts 10 NIST Time Servers today… and they are all “Built for Speed” in their hosting models. Key centers are disciplined further by NIST TMAS services to provide a resource which is capable of certifying the sub-nanosecond deployment of USG time service on an instant by instant basis.

• USNO as the source of GPS makes it necessary for the civilian timebase to be available for regulated commerce applications per US law and International Treaty.

8

What is USTiming.ORG 3

• USTiming today a hub-and spoke distribution model to make NIST UTC available directly and strategically located to support financial and other critical infrastructure operations. – For its relying parties

• USTiming provides an open regulatory compliance service for entities who need US CI/KR PNT Ground Segment Access so that they may claim first-person use of the NIST UTC timescale in their Digital Operations.

9

What is USTiming.ORG 4

• How do USTiming.ORG NIST ITS servers compare to the other NIST ITS members?– In comparison to other NIST ITS program sites

Certichron’s sites are better. • Other ITS Sites generally suffer end-user network resources

and are not built out to provide local peering as an option. • USTiming’s are all centrally located in datacenters to provide

carrier-level access for long-haul (national) and local carriers use.

• This higher-quality access model allows this service to fully meet the idea and needs for the NSPD-39 Ground Segment Access mandates in “making NIST UTC available for access for all across the US” a reality.

10

USTiming is Regionally Deployed

• ITS services are operated as part of NIST’s limited authority under its 15 USC §260 limitations and so the US Timing Industry Initiative to massively deploy them expands the availability of these services.

• The vision in the service is to provide regional Hub and Spoke type access models to end users and carriers. – Either end-users or Carriers may peer with USTiming.ORG

operations centers to provide the service access to their clients or internally for their own calibration.

11

USTiming.ORG operations sites• US

Deployments– Allows Carriers

to tie-in at various points across the US for a seamless one source solution for their NSPD-39 readiness requirement for PNT ground segment access.

12

USTiming.ORG Structure

• USTiming.ORG is two layers– ExCom – Executive Committee and its Functional

Area and their Oversight Committees• ExCom

– provides the governance of the Foundation and administers its access policies and practices

– seats belong to key members and internal USTiming Management Staff

» seats are re-affirmed on a yearly basis by the Sponsoring Entity or USTiming itself as a matter of its yearly operating statement practice for which there is a formal notice practice between the Foundation ExCom members and for public transparency.

13

Managing DirectorMTS

CTO’s office of technology

CFOCertichron

Liaison

MTSRyan Terp

(Dir of Technology Ops)

Director of Membership

USTiming Audit Services Director

Carrier Programs

Data Center Partners Program

TELX SAVVISSite Operations

Telemetry Controls

CTO Admin

EquinixIBM, AT&T and

Sungard

Certichron Licensing

ExCom: The Executive Committee

14

USTiming.ORG Structure

• USTiming.ORG is two layers– OpsCom – Operations Committee and its

Functional Area and their Oversight Committees

• OpsCom – provides the day to day elbow-grease for implementing

the ExCom practices. Some OpsCom roles may involve compensation to their holders.

» Ops Com seats do not expire and are part of the working infrastructure of the Foundation itself, and therefore through this and the audit practices provide for the foundations public transparency.

15

Section One

• Section Two – NIST ITS Program Services

16

The NIST ITS Service: End-User Access to UTC(NIST).

• NIST ITS Services– “NIST ITS Service provides NTP (RFC1305) Service

from NIST Stratum-1 Resources to an End User client of SNTP or NTPv3/4 without authentication”.

• ITS Program limitations are to a polling rate using NTP of 4 times per minute.

– Users needing higher polling rates need to formally register so that machine overhead and proper use allocation can be achieved.

• NIST oversight of the ITS program– ITS program time resolution is provided by NIST ITS Auditing

on a monthly and yearly basis as part of the ITS Program Operations under the “deployment of the National Time Standard” NIST Time and Frequency is the chartered keeper of.

17

The NIST ITS Service: End-User Access to UTC(NIST).

• NIST ITS Services– Who are the other members of the ITS program

• Symmetricom by far is the largest because it has acquired smaller timing companies who individually were members of the program. It has settlements with members of the foundation which impact its participation in this effort;

• All other operators (with the single exception of the Microsoft machine are outside of the dot-gov domain and operated on end-run nodes (that is at the perimeter of the main user they are being sponsored and used by).

• This means public access suffers in all of these models, only the USTiming model of placing NIST ITS servers at switching centers addresses this additional uncertainty and latency.

18

Section One

• Section Three – USTiming Resources

19

The NIST ITS Service: End-User Access to UTC(NIST).

• USTiming.ORG provides Unrestricted Unauthenticated Access to NIST ITS services for NIST ITS program clients. – NIST itself is constrained by 15 USC 260

which prevents it from deploying NIST Time Services everywhere.

• USTiming bridges that limitation by allowing USTiming to be the calibration services client with its partner Certichron.

20

Beaches as the basis of deployment

• USTiming uses Beaches Systems as NIST instances. The Beaches project was performed by Certichron to repackage NIST Services into larger process level assurance models. – CNAP is the lowest level of that and so

USTiming benefits by partnering with Certichron to deploy their Beaches systems everywhere as the basis of USTiming’s NIST UTC Time Service.

21

Beaches

• Beaches– The Beaches

System allows USTiming to place a reliable instance of the NIST UTC time service anywhere on earth as a policy or process control component resource.

22

Beaches provides a system…

• Using Beaches as a base-line for USTiming.ORG allows for the national time distribution service to be properly operated from reliable instances of US Government NIST UTC. – Unifies foot print– Makes support simpler– Identifies targets for participation

23

Section One

• Section Four – CNAP the Carrier Neutral Access Program

24

USTiming.ORG: CNAP has landed… USG NIST Carrier Level access is here today!

• Summary - USTiming.ORG announces the transfer of the Certichron Carrier-Neutral Access Program (CNAP) to the Timing Foundation:

• CNAP Service expands the Foundation’s limited-bandwidth access program to enable carriers to get either private or shared-pool access to Stratum-1 NIST UTC across a 10G switching platform for port-fee/cross-connect fee only based models.

– USTiming’s CNAP Time Services are always free.

• How does the Foundation operate?– Foundation members and Service Clients subsidize the operations of the foundation. For the use of the service the

members they pay a recurring port fee for their cross connect and through that the offset the monthly cost of facilitating that service.

» Thus CNAP operations costs are paid for through a monthly peering fee by carriers and certain enterprise clients qualifying for this program.

– Foundation steering members may also subsidize the foundation through technology and service contributions as well enabling us to operate our NIST UTC service free of charge to the carriers for their National NSPD-39 Ground Segment Access certification.

» The only possible charges for access to the Stratum-1 NIST UTC resource are any port fees for landed circuits and any cross connect or demark fees that the Carrier Hotels we operate from put forth.

25

CNAP Program 1

• CNAP is intended for specific regulatory compliance– CNAP’s intent is to provide the capability for all relying parties to access NIST Stratum-1

Time Services so that they may claim they take time from a regional instance of the US National Time Standard.

– Functionally it provides a source of time for people who need to be able to say they got time from the US Government directly rather than time handed off and passed layer-by-layer across.

• NIST UTC attestation limitations. – Their use is ONLY for their own internal synchronization of their key resource systems and

perimeter time servers to the US Civilian National Standard. • They may not make the claim that any Stratum-2 device they operate which would then deliver time to

a stratum-3 customer is in fact getting NIST UTC from a NIST Certified Server, that may ONLY be stated if the Carrier provides direct access to the Stratum-1 resource of the Foundation Time Service to its clients directly as a preferred source of time.

– Carriers in the Carrier Neutral Access Program provide Time-Service Transport so that their clients as well may use the service for their own calibration.

• Carriers are encouraged to open complete access to the USTiming.ORG site to their clients as well since its is the first-person taking of time from the US national time service which is often the specific goal of the synchronization event.

26

The NIST ITS Service: End-User Access to UTC(NIST).

• CNAP: Bringing NIST UTC to the Carriers in the US– The CNAP Program: CNAP is a UC CI/KR End-User Access program which

allows for carriers to peer at carrier bandwidth levels with NIST UTC ITS Time Services as a Time Service Access guarantee.

• 1G, 10G, and 40G cross connects capable• Private channel and shared pool access are available for members.

– CNAP Vision: CNAP’s intent is to provide the capability for all relying parties to access NIST Stratum-1 Time Services so that they may claim they take time from a regional instance of the US National Time Standard.

– Carriers in the Carrier Neutral Access Program provide Time-Service Transport so that their clients as well may use the service for their own calibration.

– Carriers are encouraged to open complete access to the USTiming.ORG site to their clients as well since its is the first-person taking of time from the US national timeservice which is often the specific goal of the synchronization event.

• CNAP Users: Those users may be Carriers or Entities of any type. Their use is ONLY for their own internal synchronization of their key resource systems and perimeter time servers to the US Civilian National Standard

27

What exactly is available in the NTP Access Resource?

• CNAP Summary– NTP Bandwidth for Carrier’s

• Basic 1G Ethernet Access for NIST NTP – perfect for regional carriers or those needing limited access

• Expanded 10G Ethernet Access for NIST NTP – ILEC/LEC and Internet Transport Providers all fall in here.

• The “Home Improvement” grade of access – a full 40G Carrier Access Program for NIST NTP

• National Carriers can also choose to become seated members of the Foundation – for a flat yearly fee and use any of the sites operated to support

their regional PNT Ground Segment access needs.

28

Service Limitations

• NIST ITS Program Services – are provided with no authentication or logging of

services as those are premium overhead based services which the Foundation’s Sponsor Certichron commercially offers to those that need a higher grade of trust for their compliance models or other services not a part of the NIST ITS program.

– Services may not be resold in any form or manner by any party.

• The CNAP program is a 1-way public access program to support US CI Operations.

29

USTiming.ORG PNT Ground Segment Access: 1G services

• These are not hard fast rules but depending on the center– 1G Service (1.5K to 2K/mo) – comes

optionally with dedicated resource servers and can also optionally include outage meshing from adjacent centers.

• Includes basic NIST ITS services and direct access to the NIST Stratum-1 Time Servers or for certain members access to the stratum-2 service infrastructure for PTP master channel distribution.

30

USTiming.ORG PNT Ground Segment Access 10G Services

• These are not hard fast rules but depending on the center– 10G Family of Services

• Basic Rule – for each 10G single channel (Port Fee of 3K to 5K/Mo) – comes with dedicated resource servers and outage meshing from adjacent centers.

– Dual and Quad Channels available with service uplift.