Integrity Performance Assessment of GNSS positioning systems to detect and defeat the effects of Spoofing operationWhat is the exposure of a positioning system to spoofing risks ?
WHAT IS A GNSS SPOOFING?
GNSS technologies are implemented in many applications such as aviation, maritime navigation, road or rail transport. They use satellite signals to calculate precise positions anywhere and at any time. Unfortunately, malicious actors are likely to spoof them by manipulating and overlaying false signals to divert these transport means from expected trajectories.
These GNSS attacks can have serious consequences on navigation and accurate time synchronization.
The threat level continues to increase as low-cost, portable spoofing devices come onto the market.
In response, manufacturers are designing and integrating countermeasures into their terminals to detect and mitigate the effects of these GNSS attacks. National and European authorities are adopting regulations and standards to improve the safety of these positioning systems.
The purpose of tests is to establish the level of vulnerability (resilience) of these GNSS solutions.
Figure 1 – Effect on a receiver – Vulnerability test against GNSS spoofing threat
detection and mitigation AGAINST GNSS SIGNAL SPOOFING
Spoofing techniques are numerous, and some are particularly sophisticated.
In all cases, a security analysis is essential in order to focus on the most likely attacks and those with the most damaging effects on your business.
Most countermeasure devices attempt to detect the phenomena of temporal discontinuities and unrealistic position gaps.
An ultra-sensitive monitoring will improve detection capabilities to elude attacks. However, an excess of susceptibility leads on the other hand to false alarms or unavailability of the authentication system (e.g. OSNMA of GALILEO) of the original satellite signals.
Thus, the expected performance criteria shall be carefully defined before proceeding with vulnerability testing. In particular, it is necessary to select the spoofing cases and to define the typical conditions of use (environments, speeds, atmospheres).
- Speed and sensitivity of detections;
- Reliability of the detections according to the test cases;
- Resilience of position calculations;
- Robustness to interfering signals, often concomitant with spoofing attacks;
- Compatibility with signal authentication services;
- Maintainability and updateability of the countermeasures device, similar to cybersecurity protection systems.
Figure 2 – Example – Threats of GNSS spoofing in maritime activities
TEST CERTIFICATE OF GNSS ANTI-SPOOFING DEVICES
Several methods are proposed to assess the effectiveness of the implemented countermeasures.
First, it is necessary to make sure that they work properly, that they are reactive and that they are fully compatible with GNSS signal authentication services, such as the OSNMA of GALILEO.
Then, in the absence of any spoofing operation, its reliability and availability shall be tested in the presence of disturbances typical of the use case considered, i.e. degradations of the signal quality caused by the local environment (bridges, foliage, multipath, swell diffractions, etc.) or caused by non-voluntary electromagnetic interferences.
Finally, the spoofing cases will be studied, one by one, to establish the robustness of the device to their effects, individually.
The process to inspect this vulnerability shall start with the most common or easily implemented attacks, such as the one referred to as “meaconing”.