Top of Page

Domain Time II
Version 5.2

The New York Stock Exchange


The New York Stock Exchange has various regulations regarding the synchronization of clocks used for timestamping, particularly in regards to use of the Front End Systemic Capture (FESC) system.

    NYSE Rules 123 and, in particular, 132A detail these requirements. NYSE Information Memo 03-26, June 10, 2003 specifies:

    "New Rule 132A requires members to synchronize the business clocks used to record the date and time of any event that the Exchange requires to be recorded. The Exchange will require that the date and time of orders in Exchange-listed securities to be recorded. The Rule also requires that members maintain the synchronization of this equipment in conformity with procedures prescribed by the Exchange."
    Specific NYSE Time Synchronization Requirements
    Rule 132A contains two specific requirements:

    • Clocks Synchronized to Commonly Used Time Standard
      All computer clocks and mechanical timestamping devices must be synchronized to a commonly used time standard, either the National Institute of Standards and Technology (NIST) or United States Naval Observatory (USNO) atomic clocks.

    • Synchronization must be maintained
      Rule 132A also indicates that the member must ensure that their systems remain synchronized.

How to Use Domain Time II to comply with the NYSE Rule 132A Requirements


Domain Time II meets or exceeds all of the specific requirements detailed above. Properly configured, Domain Time will allow you to easily comply with all of the computer clock synchronization requirements.

    Domain Time II is designed specifically to provide both accurate time synchronization and a complete history of that synchronization. Each Domain Time II time sync component (Servers and Clients) have the ability to keep detailed logs and statistics of their own activity - and, critically, to report that information automatically to monitoring and auditing systems when requested.

    This diagram shows the basic structure of the Domain Time II system, showing how time synchronization and audit data collection are handled.

    The Domain Time II System

    Configuring for compliance
    These are the steps necessary to use Domain Time II to achieve compliance with NYSE Rule 132A:

    • Requirement: Clocks Synchronized to Commonly Used Time Standard
      Solution: Configure Domain Time II to provide accurate time sync to all clocks

      Domain Time II, when installed according to the instructions found on the Recommended Configurations page of the Domain Time II documentation, will meet the NYSE requirements for time synchronization. However, there are a few additional configuration considerations beyond the standard recommend installation instructions for NYSE compliance.

      Required Configuration Change

      Set the Domain Time II Master to use NIST or USNO as its time source:
      Use the Time Sources tab page of the Domain Time II Server Control Panel Applet to include the following entries in the Sources fields (in any order):
      • time.nist.gov
      • ntp2.usno.navy.mil

    • Requirement: Synchronization must be maintained
      Solution: Domain Time II does this automatically. Optional: Use Domain Time II monitoring and logging to verify synchronization

      Domain Time II is a robust and reliable time distribution system. It automatically maintains synchronization to time sources with no user intervention required. In addition, it has multiple methods for administrators to verify that synchronization is occurring. No additional configuration is required to meet this requirement. However, the Optional Steps detailed below

      Optional Steps
      Although current regulations do not overtly require records be kept of time synchronization, several planning and Information Memos imply that compliance with the time sync regulations may need to be demonstrated. Also, the SEC currently has regulations regarding the maintenance of specific types of records, including time synchronization logs, and the NASD OATS requirements (to which Rule 132A specifically refers) already require such record retention. It is reasonable to assume that NYSE will also do so in the near future.

      Domain Time II has exceptional built-in functionality to easily provide an audit trail of time synchronization.

      How to Configure Domain Time II to collect and maintain sync records in an audit trail


      The information below is based on meeting NYSE regulatory requirements, but gives a good overview of how Domain Time II can assist in creating and maintaining an audit trail of time synchronization.

      • NYSE Requirement: Documentation of clock synchronization procedures
        Solution: Use Domain Time II documentation as necessary to write your procedures. At minimum, document which time sources you use and how often each component synchronizes with them. Be sure to indicate the path back to NIST time (i.e. your GNSS/GPS source is traceable to NIST).

          Domain Time II is thoroughly documented, and the behavior of the Domain Time II system and each time component and how it synchronizes is detailed in the online documentation. These documents can be used to provide any level of detail of the system operation for compiling your documented procedures.

      • NYSE Requirement: Keep Logs of every time a clock is synchronized and the results of that synchronization
        Solution: Use Domain Time II Audit Server to collect sync logs.

          See the Audit Server documentation for details on configuring and using Audit Server.

          Domain Time II Audit Server is capable of collecting a log of time sync activity from Domain Time II components into a central location for easy analysis and archiving. Information retrieved includes when a sync occurred, with whom the component synced, and amount the clock was corrected. Log retention is configurable to match archival schedules.

          Audit Server also keeps an audit record which can be used to demonstrate on-demand that any particular machine was synchronized, with what source, and with what accuracy.

          Domain Time II Server and Client also keep a local log that includes not only time sync events, but all other events activity and events by the component. These logs can be manually collected and archived to meet the log retention requirements, however doing so is typically much more complex than using Audit Server to do so, and results in significantly larger log files to be archived. In most cases, using Audit Server to collect sync logs is optimal.

          Suggested Configuration Changes to Audit Server

          Audit Server shares Domain Time Manager's view of the network. Adjust Manager's discovery settings to be sure you are able to see all the machines you need to audit. Be sure to Enable Auditing on your selected machines.

        • Set clock display granularity to your desired resolution:
          Domain Time keeps clock granularity internally to the limits of the operating system, however, you may display the time with any granularity you wish. This can be adjusted from the Manager menu. Choose Options -> Appearance and Interface -> Format Options and adjust the Significant digits to show item.

        • Discover machines for audit from all Domain Time II Servers:
          If you want to automatically audit all machines that synchronize with Domain Time II Server (this is a very robust choice), choose the Audit Server -> Advanced -> Audit List Management option from the Manager menu, enable the "Add machines that have synchronized with Domain Time II Server" option and enter the list of Domain Time II Servers you want to contact for their list.

        • Manually Enter Other Machines:
          Manually enter any machines not automatically discovered by the methods above. Enter machines to be added one at a time by right-clicking on the category where you want them to appear on Manager's Tree pane, or use Manager's Batch Add process for adding multiple machines.

        • Enable Central Log Collection:
          Use the Audit Server -> Synchronization Logs -> Configure menu item of Domain Time II Manager to collect Time Synchronization logs. Choose retention settings that correspond with your archival processes to ensure that all logs are transferred to archival storage before being deleted from the Audit Server.

        • Use the Conversions -> Daily Drift CSV file for analysis and compliance:. Audit Server can compile all Synchronization (Drift) Logs into a single Daily Drift CSV file which is ideal for complying with violation reporting or other tasks. This file can be provided to your Compliance Department for their use in compiling the necessary reporting forms and documents.

          The Daily Drift CSV file can also be configured as an exception report, which only shows machines that have violated your alert thresholds. You may find this more useful than providing the entire drift data to compliance. To enable this function, select the Only include error records - omit all records within defined tolerances checkbox on the CSV File Configuration dialog.


      • NYSE Requirement: The log should include notice of any time the clock drifts more than 50ms second from NIST time.
        Solution: Domain Time II Audit Server has the capability to generate alerts when any monitored system's variance from a reference clock exceeds a threshold you set. Warning entries of these events are also included in the logs.

          Reference Clock
          Audit Server can compare the sampled time of any audited machine to a reference clock. The reference clock's time is used to calculate certain variances and alerts. By default, Audit Server shares the Reference Clock settings of Domain Time II Manager. Since NYSE specifies that variances by shown in relation to NIST, the reference clock setting on Manager must be changed to include a clock with as short a path to NIST time as possible (preferably a NIST server or a clock derived directly from it, such as a GPS time source).

          Alert Thresholds
          Audit Server has the ability to generate an alert if the time variance on any system exceeds a particular threshold. The NYSE-specified requirement is that the log for any machine drifts outside 50ms from NIST time should include a notice to that effect. Audit Server will automatically add a warning to the log when any machine exceeds the Any machine time off by... setting on the Audit Server Alerts dialog page.

          Required Configuration Changes to Audit Server

          Set the Reference Clock to NIST sources: Use Manager's Options -> Network Options -> Reference Time... menu selection to set the Reference Clock setting to use at least, preferably more of the official NIST Servers (note, you must have the NTP port 123 UDP open on your firewall to allow Manager/Audit Server to contact a NIST time server). You may also choose reliable local NIST-derived clocks, such as a GPS receiver.

          Note that if your Audit Server is synchronizing via PTP to a GPS/GNSS synchronized Grandmaster, you may set the Reference Clock to "Use this machine's clock" as recommended in the configuration documentation. This still maintains traceability to the NIST source.

          Set the Alert Threshold: On Audit Server's Alerts dialog page, make sure the Any machine time off by setting is set to 50ms or less.


      • NYSE Rule Requirement: Logs must be maintained and preserved for the period of time and with the accessibility specified in SEC Rule 17a-4(b)
        Solution: Use Domain Time II to collect audit logs and sync data and archive as necessary.

          Rule 4590 specifies the retention period for this type of record is 3 years, the most recent 2 years of which must be in an easily accessible location.

          Rule 6820 specifies the retention period for this type of record is 5 years, the most recent 2 years of which must be in an easily accessible location.

          The Domain Time II Audit Server automatically collects detailed time synchronization data from the network into local disk storage. You may choose to keep the records locally or archive them into offline storage.

      • NYSE Rule 4590 Requirement: Logs must be maintained in a format permitted under SEC Rule 17a-4(f)
          Domain Time II does not directly address the specific provisions of this regulation (such as the use of non-erasable storage for electronic data records), however it does provide the data in an easily collected and stored manner that can be transferred to your required format.
      • Violation self-reporting under CAT NMS. The Daily Drift CSV file can be used by your Compliance Department to determine if violations have occurred and provide the necessary documentation of events.

    References
    NYSE Information Memo 03-26, June 10, 2003
    Front End Systemic Capture (FESC) Drop Copy Application Interface Specification, Version 4.1.0
    OATS Technical Reporting Specifications
    FINRA Rule 7430. Synchronization of Member Business Clocks
    SEC Rule 17 CFR 240 17a-4. Records to Be Preserved by Certain Exchange Members, Brokers and Dealers

    Disclaimer
    This document is provided for informational and planning purposes only. The information used in compiling this document was obtained from publically available sources and no representation is made as to the accuracy of the information, nor as to the accuracy of any reading or interpretation thereof. No warranty is made or implied regarding the usefulness or suitability of this information for a particular purpose. Further, Greyware Automation Products, Inc. is not liable for any damages, real or consequential, arising from use of this information.

     


Domain Time II Software distributed by Microsemi, Inc.
Documentation copyright © 1995-2024 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.