6 minute read
Protecting GNSS
Access to Global Navi- example, the reported spoofing of GPS reception, attributed gation Satellite System of commercial shipping in the to the ongoing Syria conflict. (GNSS) has become a Black Sea in which hundreds of GPS-guided autonomous fundamental expectation ships were affected, as well as cranes were unable to operate, and a mainstay of the modern the recent report by Eurocontrol meaning the ports had to revert world. While the low strength of that over 3500 GPS outages were to manual methods of loading GNSS signals received on Earth reported to them in 2020. and unloading cargo. This incimeans that they are particularly dent has echoes of the hoursvulnerable to RF interference, Internal flights in the north- long shutdown experienced multipath and atmospheric east of Norway lost GPS reception by an unnamed port on the US events, the use of GNSS to obtain multiple times in 2017 and 2018. East Coast in 2014, in which precise timing and positioning This was attributed to jamming the source of the jamming was data has become ubiquitous. from nearby Russia — either as never identified, or at least not In many cases, systems have part of a Russian military exer- made public. dependencies on GNSS data that cise, or as a deliberate attempt are not readily understood or to disrupt the NATO exercise In 2016, more than 20 ships recognized. The impacts of GNSS Trident Juncture. Russia, off the Crimean Peninsula denial or disruption on these however, denied the allegations. reported that their electronic systems are largely unknown or Military jamming exercises in the chart displays were showing untested, so when a disruptive United States are also having an their location as being on land. incident does occur, the conse- increasing impact on commercial This was widely attributed to quences are at the very least unex- and private aviation – such that Russian GPS spoofing equippected and can cause complete the Aircraft Owners and Pilots ment designed to protect Presifailure of dependent systems. Association has appealed to the dent Putin from possible drone FAA to recognize military GPS attacks. The theory gained cred-
The COVID-19 pandemic has jamming as a safety risk. ibility with a March 2019 report made the task to secure our GNSS by the Center for Advanced signals even more urgent. The These nation-states initiated Defense Studies which also notes recent blockage of the Suez Canal jamming and spoofing inci- similar incidents in the Black by a large container ship demon- dents often have the unintended Sea’s Kerch Strait. strates just how quickly our consequence of affecting signifjust-in-time supply chains can be icant numbers of commercial On 23 September 2020, The severely affected by an event. users who have the misfortune US Department of Transportaof being located in the range of tion’s Maritime Administration Increasing risks the powerful equipment that is (MARAD) issued a new warning During 2019 and 2020, there was available to nation states. on GPS interference affecting a concerning rise in the number commercial shipping, following of GNSS jamming and spoofing Real impacts reported instances in eastern incidents worldwide. Several of In June 2019, iHLS reported and central Mediterranean Sea, those incidents have had wide- that container ports in Haifa the Persian Gulf and multiple spread impacts, including, for and Ashdod experienced loss Chinese ports.
There is increasing evidence that criminals are using GNSS jammers routinely for the theft of luxury cars or cargo shipments. The jammers are used to mask the location of the car when it is being stolen, then the location of the shipping container. Taking it a step further, it was reported that cargo thieves in North Florida used GPS jammers with a stolen refrigerated trailer containing a temperature-controlled shipment. In this incident, the hauling tractors were swapped out by the cargo thieves.
The GPS Week Number Rollover is a phenomenon that happens every 1024 weeks (19.6 years). The GPS broadcasts a date, including a weekly counter that is stored in only ten binary digits. The range is therefore 0–1023. After 1023, the internal value "rolls over", changing to zero again. Older software that is not coded to anticipate the rollover to zero may stop working or could be moved back in time by 20 or 40 years. The New York City Wireless Network, which controls traffic lights and other key functions within the city, was adversely impacted for 11 days in April 2019. A report concluded the outage could have been prevented had firmware updates been conducted in advance of the rollover event.
Each of these incidents show that commercial users (and parts of our supply chain) are at risk from the possible impacts of GNSS disruption. Even if they are not the intended targets, all it takes is being in the wrong place at the wrong time. With such impactful repercussions, why do these attacks continue to fly under the radar and go unaddressed while ransomware makes headlines daily?
Improving security The “Father of GPS”, Dr Bradford Parkinson proposed the “Protect, Toughen, Augment” framework for securing GNSS. This is a constructive approach to improving the overall security of systems dependent on GNSS for precise PNT data. “Protect” covers operational-type measures, such as improved legislation, regulations and standards, “Toughen” covers improving the resilience of the system (including the GNSS receiver), and “Augment” is concerned with the use of complementary technologies to augment GNSS. Applying the framework to improve GNSS security is the most cost-effective way to carry out a risk assessment and audit existing GNSS dependent systems. The audit should include an assessment of the system’s current levels of robustness and resilience against real world threats and its ability to detect anomalies, as well as confirm the software and firmware are up-to-date.
Risk assessments and audits should also identify where and how the precise positioning and timing info is used and what the constraints are on integrity, continuity and availability of GNSS inputs in addition to any impacts of degraded performance. Creating a recovery plan in the event of significant disruption is also an important consideration.
Constructive action is essential Our widespread dependencies on GNSS means it is essential to secure its use in all critical application areas. Having the ability to carry on as normal when GNSS is denied or degraded is obviously a highly desirable state of affairs. The US and UK have both been proactive in raising awareness of GNSS vulnerabilities by developing frameworks and strategies that will reduce sole dependencies on GNSS in crucial areas, such as national critical infrastructure. The strong need for an assured, secure PNT for critical national infrastructure has even led to GNSS being singled out as a priority area in the recently published UK Integrated Review. However, this is not enough. Constructive action is required globally if we are going to develop safe, secure infrastructures for providing highly accurate and precise PNT services that are relied on to keep our society operating.
Guy Buesnel
Is PNT Security Technologist at Spirent Communications
