Guy Buesnel, Product Manager GNSS Vulnerabilities, Spirent Communications, suggests ten tips for protecting your business from GNSS vulnerabilities
No matter what your business, the availability of accurate, uncompromised GNSS signals could play a significant part in its success. Look closely at any business and its key outsourced services and you will probably find systems that rely directly on GNSS for tracking goods or people, or to provide accurate time signals. But how far can we trust its reliability and accuracy?
GNSS depends on very delicate measurement of extremely weak signals. The device has to recognise signals that are actually weaker than background electronic, or thermal “noise” and it takes extremely clever technology, combined with atomic clocks in the satellites, to deliver such accuracy and reliability. So GNSS systems are vulnerable, both to natural and man-made threats – ranging from human error to deliberate threats from criminal activity, terrorism or acts of war.
Despite this sensitivity GNSS is surprisingly resistant to local weather. However, more serious changes can occur in the ionosphere from sunspots and solar flares. The relationship between position data and map co-ordinates can be distorted by continental drift. More common errors arise from ground effects such as “multipath” where GNSS signals reflect off relatively distant buildings, and the receiver locks onto the reflected instead of the direct signal. More subtle errors arise when the reflective objects are closer and the direct and reflected signals merge. Receiver manufacturers have introduced all kinds of counter measures, but multipath can still cause problems.
High power transmitters, ultra wideband radar, television, VHF, mobile satellite services and personal electronic devices can all interfere with delicate GNSS signals. Accidental jamming can occur if a GPS antenna rebroadcasts the signal – poor impedance matching in the amplified signal path from the low noise amplifier can cause this to interfere with reception in a nearby antenna.
However good the GNSS system, human error can still make nonsense of its output. The satellites have to be loaded with a mass of data including clock and precise orbit predictions – even small errors in that data could accumulate over time. Bad input could cause all the satellites to transmit bad navigation data simultaneously, causing GPS receivers to fail everywhere – this actually happened in 2014 when corrupted ephemeris data had been uploaded to a number of GLONASS satellites.
At the other end of the data stream, people can be so confident of the GNSS system that they will trust its data even when common sense should tell them something is amiss. Even without human error, a fault in the signal modulation or generation process on a satellite can result in bad signals that confuse receivers.
Deliberate threats begin with simple pocket-sized jammers that generate signals to overload the GNSS receiver and cause loss of lock. In many countries it is illegal to possess these jammers, in others you can buy them but it is illegal to use them. Nevertheless they are often used by car thieves, road toll evaders and drivers escaping from their fleet operator’s vigilance. This sort of jamming is usually just enough to defeat the immediate vehicle location system, but it can also impact third parties’ systems.
Spoofing means generating realistic, false GNSS signals. Criminal uses include drug smugglers fooling government surveillance drones into reporting false location data for suspicious activity. The Automatic Identification System (AIS) identifies vessels by electronically exchanging data with other nearby ships, so smugglers, people traffickers and poaching fishing boats could hide or falsify their location. Further possibilities include outsmarting location-based payment authentication services or falsifying a smart phone tracking record to generate a false alibi.
Today’s business must understand these very different risks, assess their likelihood and the potential impact on the business. So I suggest these ten steps as an initial plan:
- Find out how many GNSS-dependent systems your business relies on.
- Determine how each uses GNSS – time and/or position?.
- Which GNSS outages and likely durations would be most critical.
- What systems would most attract criminals, and what harm could result?
- Get professional advice on threat-testing – for performance, reliability and vulnerability.
- Test your critical systems against truly realistic simulated GNSS signals.
- Issue guidelines for staff and operators on likely errors and responses.
- Decide your back-up measures – switching to different GNSS system, reverting to manual or failing safe?
- Initiate regular test program to re-audit against evolving threats.
- Share experiences and ideas – eg the GNSS Vulnerabilities group on LinkedIn.
Author: Guy Buesnel, PNT Security Technologist, Spirent Communications