Traceability Loss - Server's Clock

Need

Accurate timestamping for traceability

Context

• Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications

• Usage of Logger module for logging

Description

1. Non compliant code

def log_event(event) do
  Logger.info("{#{DateTime.utc_now()}} - #{event}")
end

This function logs an event with a timestamp that is based on the system's internal clock, which may not be synchronized with an NTP server. If the internal clock is wrong, the logged timestamps will also be wrong, causing a loss of traceability.

2. Steps

• Make sure your server's clock is synchronized with an NTP server.

• Ensure the application relies on this synchronized time for timestamping logs.

3. Secure code example

def log_event(event) do
  Logger.info("{#{DateTime.utc_now()}} - #{event}")
end

In the corrected code, the function's behavior doesn't change because the NTP synchronization happens at the system level. The function still uses `DateTime.utc_now()`, but now the underlying system time is correctly synchronized with an NTP server. This ensures accurate timestamps in logs.

References

• 064. Traceability Loss - Server's Clock

On this page