Security uses TAI not UTC: Need to add 4 Leap seconds
Here is a possible fix.
Possibly even better to add a "PICS variable" for Leap seconds, since they will differ in future.
diff --git a/ccsrc/Protocols/Security/security_services.cc b/ccsrc/Protocols/Security/security_services.cc
index ff58bef4..5bb87746 100644
--- a/ccsrc/Protocols/Security/security_services.cc
+++ b/ccsrc/Protocols/Security/security_services.cc
@@ -160,6 +160,8 @@ int security_services::process_ieee_1609_dot2_signed_data(const IEEE1609dot2::Si
unsigned long long gt = ((INTEGER&)(*v.get_opt_value())).get_long_long_val();
// Get current time timestamp
unsigned long long us = base_time::get_instance().get_its_current_time_us(); // in microsecond
+ // ADD 4 leap seconds to convert to TAI (as Feb 2019)
+ us += 4000000;
loggers::get_instance().log("security_services::process_ieee_1609_dot2_signed_data: generation time check %ld / %ld, delta = %f", header_info.generationTime(), us, abs((double)gt - (double)us));
if (abs((double)gt - (double)us) >= 500000.0) { // TODO Use a params for generation_time_epsilon, 500ms differences
loggers::get_instance().warning("security_services::process_ieee_1609_dot2_signed_data: Invalid generation time, discard it");