Element 5: A Secure, Verifiable Audit Trail

Lastly, but certainly not least, a time synchronization infrastructure requires an audit capability. The whole point of a timekeeping infrastructure is to provide assurance that events happen on time and that the actual time of events can be verified. The audit trail is that assurance. This capability would typically take the form of a dedicated audit server—which makes sense given the fact that good auditors usually stand apart from the entities that they audit. This ensures integrity of the process—because time can be verified independently of the clocks subject to the audit—and because the process can be better isolated from security threats. That doesn’t mean that an audit server should require the installation of a redundant management layer (the focus of the preceding section). On the contrary, the audit server should be able to leverage the capabilities of an existing management layer.

The function of the audit server should be to prove conclusively (and on demand) whether the time on any monitored system was correctly synchronized at a particular time and date with a specified time source.

In general four requirements must be met for successful time auditing:

• Monitored machines must be able to be reliably and individually identified

• Time on individual machines must be synchronized regularly and accurately with a known time source

• Vital information must be easily retrievable, such as when the local clock was last adjusted and with what time source

• Sync information must be collected and regularly complied into concise and complete audit records

• Immediate email alerts must be generated when any monitored machine fails to be synchronized with desired tolerances or if a machine misses more audits than a specified threshold

It is this type of audit capability that is typically required by federal regulations (e.g., FDA, Sarbanes-Oxley, HIPPA) as well as by major securities organizations like NASD to prevent fraud and establish the validity of transactions.

In the case of event synchronization (as opposed to timestamp applications) an audit server enables compliance with ISO 9000 and cGMP (current Good Manufacturing Requirements).

Microsemi provides synchronization services that assist customers with the planning, deployment and maintenance of synchronization infrastructure. Services are designed to lower costs, streamline processes, ensure quality, and deliver the highest level of performance from your synchronization network. Visit Timing & Synchronization Systems and learn how we can help provide you with comprehensive solutions across a wide range of applications.

Read the previous posts in this series:

Part 1: 5 Essential Elements of Network Time Synchronization

Part 2: The Importance of Network Time Synchronization

Part 3: 5 Essential Elements of Network Time Synchronization – Element 1

Part 4: 5 Essential Elements of Network Time Synchronization – Element 2

Part 5: The Five Elements – Part 4: Robust Network Time Management

Part 6: The Five Elements – Part 4: Robust Network Time Management

Be sure and watch for the remaining articles in this series, too, in the coming days.

Please connect with me on LinkedIn and also follow Microsemi on LinkedIn.

Tags: Coordinated Universal Time, Network Operations, Synchronization, Timesharing, Timing, UTC