	US 12,250,233 B2
	Techniques to detect attacks for time synchronization networking
Marcio Juliato, Portland, OR (US); Javier Perez-Ramirez, North Plains, OR (US); Manoj Sastry, Portland, OR (US); Dave Cavalcanti, Portland, OR (US); Christopher Gutierrez, Hillsboro, OR (US); Vuk Lesi, Cornelius, OR (US); and Shabbir Ahmed, Beaverton, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by INTEL CORPORATION
Filed on Feb. 3, 2023, as Appl. No. 18/105,580.
Prior Publication US 2024/0267390 A1, Aug. 8, 2024
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/1416 (2013.01) [H04L 63/0876 (2013.01)]

20 Claims

1. A computing apparatus comprising:

a processor circuitry; and

a memory storing instructions that, when executed by the processor circuitry, cause the processor circuitry to:

receive a diagnostic message in a time-synchronized network (TSN), the diagnostic message to comprise a set of alignment-check packets (ACPs), the set of ACPs to include a first node ACP from a first set of ACPs associated with a first TSN node in the TSN, the first node ACP to carry diagnostic information associated with the first TSN node, the diagnostic information to comprise a node identifier for the first TSN node, an ACP sequence number for the first TSN node, and an authentication code for the first TSN node, wherein the first node ACP has a defined size;

authenticate the first node ACP based on the authentication code;

determine a number of dropped ACPs from the first set of ACPs associated with the first TSN node that were not received within a time window associated with the first TSN node based on the ACP sequence number of the first node ACP; and

determine a desynchronization time for the first TSN node based on the number of dropped ACPs from the first set of ACPs associated with the first TSN node and the defined size for the first node ACP.