Subject: File No. SR-NYSEArca-2015-102
From: Kermit Kubitz

January 6, 2016

It is not clear if the "Partial Cabinet" users who have access two 2 of 3 time feeds, but not the dedicated GPS time feed have any special vulnerability to some sort of feed failure. There has been discussion of the potential for GPS spoofing, which could cause some traders, especially High Frequency Traders (HFT) to be subject to GPS spoofing if GPS data are from an unsecured source like an over the air antenna. See below discussion by Themis Trading. If there are any potential vulnerabilities resulting from partial time feed access, the Exchange which is the proposing subject of this proposed rule and all similar exchanges (NYSE, others which provide colocation and associated time fee services) should identify and mitigate or have plans to mitigate any resulting market risk or unfairness. For example, if some traders are getting GPS time data in a different source than others, any disruption for either group of traders should be regarded as market failures subject to revision of trades or execution.

Why are we at Themis Trading talking about the hacking of a GPS receiver on a UAV? Because GPS devices are also embedded in our financial system and a GPS spoofing scenario could cause a market disaster similar to the flash crash. Here is what Todd Humphreys said in his testimony before the House Subcommittee on Homeland Security:

"But there is one input port that the network firewalls leave entirely unprotected. An unassuming set of antennas on the roof of these data centers carry unsecured civil GPS signals directly into the core of the matching engine network. Slaved to a once-per-second synchronization pulse from a GPS- disciplined clock, the individual servers in the network apply time stamps to the trades they execute. A decade ago, a tenth of a second was an acceptable time stamp resolution. High frequency traders now demand nanoseconds."

Now, thankfully, this is not news to the major stock exchanges. Todd talks about how he met with senior executives from some exchanges and feels that they have taken precautions against GPS spoofing. But there is a group of financial professionals that he feels have not taken any precautions against GPS spoofing and remain vulnerable to an attack:

"High frequency traders whose servers are co-located with the matching engines at major exchanges may be more vulnerable to GPS spoofing. In the NYSE and some other exchanges, these co-located customers are offered either a timing feed from the exchange's system time or a direct feed from GPS antennas on the roof. Many co-located customers, distrustful of the exchange's system time, opt for the direct GPS feed."

"The high-frequency traders who own the servers do not like inexplicable market behavior, and unlike old-fashioned traders who are obligated to stay in the market no matter its behavior, high-frequency traders can pull the plug at any moment. In the aftermath of the May 6, 2010 flash crash, it was revealed that automatic data integrity checks in trading algorithms were configured to trigger on unusual latency in the exchanges data feeds. In other words, if transaction time stamps do not look right, algorithmic traders flee the marketplace."

"A spoofing attack that aggressively manipulated the timing in a large number of co-located servers could therefore cause a partial market vacuum, what traders call a loss of liquidity, with the result being increased price volatility and damage to market confidence."

We wonder if our regulators are aware of this potential vulnerability in our market structure. While we hear so much about the supposed benefits of high frequency trading (they tell us that they shrink spreads and add liquidity), we don't often hear about the systemic risks that HFT has placed on our market. While HFT continues to extract its ultra short term rents from the market, it also continues to layer more and more risk on the market. You can bet that if a GPS spoofing event were to corrupt data, HFT's would run for the exit doors quickly. And guess who would be left holding the bag again?

In addition the SEC generally should institute an investigation, and report to the SEC Equity Market Structure Committee, on any risks associated with provision or non-provision of time feeds, and likely impacts if there is a failure of these feeds. If substantial, up to 50% of market volumes, come from algorithmic of HFT trading, risks of systems dependent upon data feeds, including time feeds, should be identified and mitigated. Measures to prevent failure, hacking, or spoofing of all important data feeds, including time and GPS feeds should be provided by all exchanges providing such services as part of their market services, in order to insure that data failures do not cause market failures.