Category: Applications

  • Resource Industry to Mine Data Faster with Actian and Geological Data Design

    Actian Corporation has announced that Geological Data Design (GDD), a specialist in the collection, management and analysis of exploration and mining data, has selected the analytical database Vectorwise to power its Field Data Integrator. GDD’s Field Data Integrator is an end-to-end mining and exploration solution that makes working with large volumes of resource data, including GPS, faster and simpler, Actian said.
     
    GDD’s Field Data Integrator automatically synchronizes sample data from GPS, various field instruments, and cameras onto a "tough" tablet using Bluetooth. Geologists enter notes directly onto the tablet using on-screen or wireless keyboards, enabling all data on samples to be collected automatically into a single source. The tablet then automatically synchronises with a master database running Vectorwise whenever in mobile range, saving geologists time in manual data entry.

    The end-to-end solution enables geologists to collect samples in shorter time frames, and then quickly analyze large volumes of sample data for complex scenarios such as such as project timings, cash flows, and profitability with greater sensitivity levels.
     
    “For the last 25 years GDD has been helping companies in the resource sector collect, manage, and analyze their data. Today’s technology enables us to do this more quickly and effectively,” said Tony Shellshear, principal and founder of GDD. “Geologists traditionally carry a lot of different field equipment to explore, record observations and take samples. They make notes and drawings, record coordinates, take photos, videos, or perhaps audio recordings. Collating this data can be very time consuming, and geologists can spend up to 1-2 hours a day manually entering these different information types into the database. GDD’s Field Data Integrator does all this automatically by synchronizing information from the various devices to the tablet computer, which then uploads the data to the main Vectorwise database when in reach of a wireless signal. This means geologists can spend more time collecting samples, or analysing the data, rather than being tied to the clerical work.”
     
    While the field data collected during the day is not always large, this data often integrates into a very large database, in some cases hundreds of millions or even billions of records. GDD chose the Vectorwise database for its ability to deliver significantly faster analysis of this data on commodity hardware, Actian said.
     

  • Drone Hack: Spoofing Attack Demonstration on a Civilian Unmanned Aerial Vehicle

    By Daniel Shepard, Jahshan A. Bhatti, and Todd E. Humphreys

    
    Unmanned aerial vehicle (uav) used in the spoofing tests; owned by the University of Texas.

     A radio signal sent from a half-mile away deceived the GPS receiver of a UAV into thinking that it was rising straight up. In this way, the UAV’s dependence on civil GPS allowed the spoofer operator to force the UAV vertically downward in dramatic fashion as part of multiple capture demonstrations.

    In December 2011, Iran captured a U.S. Central Intelligence Agency (CIA) surveillance drone with only minor damage to the undercarriage of the drone, likely due to a rough landing when captured. An Iranian engineer claimed in an interview that “Iran managed to jam the drone’s communication links to American operators” causing the drone to shift into an autopilot mode that relies solely on GPS to guide itself back to its home base in Afghanistan. With the drone in this state, the Iranian engineer claimed that “Iran spoofed the drone’s GPS system with false coordinates, fooling it into thinking it was close to home and landing into Iran’s clutches.”

    Although the Iranian claims are highly questionable, this incident left many unanswered questions as to the security of GPS systems on unmanned aerial vehicles (UAVs). The CIA drone should have been guiding itself based on the encrypted military GPS signals, which would be incredibly difficult to spoof. However, some experts have conjectured that simultaneous jamming of the military signals and spoofing of the civilian signals might have worked if the drone had been programmed to fall back on the civilian GPS signals in the event that the military signals were jammed. This raises the question: How difficult would it be to spoof a UAV guiding itself based on civilian GPS signals?

    FAA Modernization Act

    In February of this year, Congress passed the FAA Modernization and Reform Act of 2012. According to the Library of Congress summary, this act “requires the Secretary [of Transportation] to develop a plan to accelerate safely the integration by September 30, 2015, of civil unmanned aircraft systems (UASes, or drones) into the national airspace system … [and] determine if certain drones may operate safely in the national airspace system before completion of the plan.”

    Such civilian UAVs would be primarily guided by civil GPS, which has been shown to be readily spoofable in the lab. This would create a significant potential hazard in the national airspace if the problem of civil GPS spoofing is not fixed. Thousands of civilian UAVs (operated by postal services, police departments, research institutions, and others) could populate the skies in only a few years while still being vulnerable to remote hijacking via GPS spoofing. The passing of the FAA Modernization Act further emphasizes the need to examine the vulnerability of UAVs to GPS spoofing.

    Test

    On invitation of the Department of Homeland Security (DHS), unclassified spoofing tests against a UAV were performed at White Sands Missile Range (WSMR) on June 19, 2012 during the DHS GYPSY test exercise. These tests demonstrated the capability of a spoofer, built by the University of Texas (UT) Radionavigation Lab, to commandeer a civilian UAV by influencing the position-velocity-time (PVT) solution of the UAV’s GPS receiver.

    The Spoofer. The civil GPS spoofer used for these tests is an advanced version of the spoofer reported in “Assessing the Spoofing Threat,” GPS World, January 2009. A schematic representation of the spoofer is shown in Figure 1. It is the only spoofer reported in open literature to date that is capable of precisely aligning the spreading codes and navigation data of its counterfeit signals with those of the authentic GPS signals. Such alignment capability allows the spoofer to carry out a sophisticated spoofing attack in which no obvious clues remain to suggest that an attack is underway.


    Figure 1. This spooler is capable of precisely aligning the spreading code and navigation data of its counterfeit signals with GPS signals.

    The spoofer is implemented on a portable software-defined radio platform with a digital signal processor (DSP) at its core. This platform comprises:

    • A radio frequency (RF) front-end that down-mixes and digitizes GPS L1 and L2 frequencies
    • A DSP board that performs acquisition and tracking of GPS L1 C/A, calculates a navigation solution, predicts the L1 C/A databits, and produces a consistent set of up to 14 spoofed GPS L1 C/A signals with a user-controlled fictitious implied navigation and timing solution.
    • An RF back-end with a digital attenuator that converts the digital samples of the spoofed signals from the DSP to analog output at the GPS L1 frequency with a user-controlled broadcast power.
    • A single-board computer that handles communication between the spoofer and a remote computer over the Internet.

    The spoofer works by first acquiring and tracking GPS L1 C/A and L2C signals to obtain a navigation solution. It then enters its “feedback” mode, in which it produces a counterfeit, data-free feedback GPS signal that is summed with its own antenna input. The feedback signal is tracked by the spoofer and used to calibrate the delay between production of the digitized spoofed signal and output of the analog spoofed signal. This is necessary because the delay is non-deterministic on start-up of the receiver, although it stays constant thereafter.

    After feedback calibration is complete and enough time has elapsed to build up a navigation data bit library, the spoofer is ready to begin an attack. Initially, it produces signals that are aligned to within a few meters with the authentic signals at the location of the target antenna but have low enough power that they remain far below the target receiver’s noise floor. The spoofer then raises the power of the spoofed signals slightly above that of the authentic signals. At this point, the spoofer has taken control of the victim receiver’s tracking loops and can slowly lead the spoofed signals away from the authentic signals, carrying the receiver’s tracking loops with it.  The target receiver can be considered completely captured when either of the following are true:

    • each spoofed signal has shifted by 2 µs relative to the authentic signals, or
    • each spoofed signal is at least 10 dB more powerful than the corresponding authentic signal.

    The latter option ensures that there is no significant interaction between authentic and spoofed signals by simultaneously jamming and spoofing.
    The UT spoofer and attack strategy have been tested against a wide variety of civil GPS receivers and have always been successful in commandeering the target receiver.

    Test UAV.  The spoofing tests targeted a University-of-Texas-owned Hornet Mini UAV supplied by Adaptive Flight, which is shown in the  opening photo. The Hornet Mini is roughly five feet long and weighs about 10 pounds when fully loaded. The Mini’s sophisticated avionics package loosely couples an altimeter, magnetometer, and a MEMS IMU package to a GPS receiver via an extended Kalman filter.

    The Hornet Mini is representative of UAVs used by law enforcement. Thus, the results of the spoofing tests with the Mini also apply to other similarly-designed UAVs, including those used in most civil applications, whose navigation systems are centered on civil GPS. It should be noted that no special alterations were made to the Hornet Mini for this test – it was in its “as sold” or “stock” configuration.

    Setup. A schematic of the setup used for the spoofing tests against the civil UAV at WSMR appears in Figure 2. The spoofer was located on a hilltop with the receive antenna on the far side of the hilltop from the transmit antenna as shown in Figure 3. The UAV site was located in a sandy basin approximately 620 meters from the transmit antenna.


    Figure 2. Schematic of the test setup.


    Figure 3. Aerial view of the test site showing the spoofer location on a hilltop and the UAV site 0.62 kilometers away.

    Procedure. The UAV was commanded by its ground controller to hover approximately 60 feet above ground level at the UAV site. After the initial ground control command was sent, the UAV maintained its hovering position automatically based on the navigation solution of its extended Kalman filter, which is based in part on GPS. At this point in the test procedure, the spoofed signals were not being broadcast: the UAV was only under the influence of the authentic GPS signals.

    The spoofer was then commanded to begin transmitting spoofed signals. To ensure seamless capture of the UAV’s GPS unit, the code phases of the spoofed signals were aligned to within meters of the authentic signals at the location of the UAV’s GPS antenna. The spoofed signals overpowered their authentic counterparts and instantly captured the tracking loops within the UAV’s GPS receiver.

    Immediately after capture, the spoofer induced a false velocity and corresponding position change in the UAV’s GPS receiver, drawing the position reported by the UAV’s extended Kalman filter away from the UAV’s commanded hover position. To compensate, the UAV’s flight controller responded by moving in the opposite direction. A safety pilot was on hand to prevent the UAV from drifting out of control.  This was necessary because by commandeering the UAV’s GPS receiver, the spoofer operator effectively breaks the UAV autopilot’s feedback control loop. The spoofer operator must now act as an operator-in-the-loop, which requires real-time, meter-level knowledge of the UAV’s true location.

    Results. Between tests WSMR and UT, the spoofer demonstrated short-term 3-dimensional control of the UAV. Thus, we conclude that it is indeed possible to hijack a civil UAV — in this case, a fairly sophisticated one — by civil GPS spoofing.

    Interestingly, the Hornet Mini relies only on its altimeter for direct measurements of its vertical position; the GPS-measured vertical position is ignored. This can be done with reasonable accuracy because of the Hornet Mini’s short flight endurance (~20 minutes). However, the GPS vertical velocity does affect the extended Kalman filter’s vertical coordinate estimate because the filter propagates GPS velocity measurements through a UAV dynamics model to form an a priori vertical estimate that gets updated with the altimeter measurements. This dependence on GPS velocity allowed the spoofer operator to force the UAV vertically downward in dramatic fashion in the final three capture demonstrations.

    Developing a full spoofer-based control system for a UAV is a difficult problem that, in addition to the requirement for real-time true position feedback, requires the spoofer to model the UAV’s feedback control behavior and to estimate the UAV’s desired path. Causing a UAV to spin out of control and crash is not difficult with a spoofer, but fine-grained control certainly is.

    Implications

    These tests have demonstrated that civilian UAVs will be vulnerable to control by malefactors with a civil GPS spoofer looking to hijack or crash these UAVs unless their vulnerability to GPS spoofing is addressed. There are several reasons why someone may want to spoof a drone including fear over drones invading people’s privacy. This poses a significant safety concern that could result in mid-air collisions with other aerial vehicles or buildings, not to mention loss of property.

    Constructing from scratch a sophisticated GPS spoofer like the one developed by UT is not easy, nor is it within the capability of the average anonymous hacker. It is orders of magnitude harder than developing a GNSS jammer. Nonetheless, the trend toward software-defined GNSS receivers for research and development, where receiver functionality is defined entirely in software downstream of the A/D converter, has significantly lowered the bar to spoofer development in recent years.

    As a point of reference, we estimate that there are more than 100 researchers in universities around the globe who are well-enough versed in software-defined GPS that they could develop a sophisticated spoofer from scratch with a year of dedicated effort. More worrisome is the fact that one does not have to build a sophisticated spoofer like ours, capable of aligning its signals precisely with authentic signals at the location of a chosen target, to spoof a civil GPS receiver. A low-cost off-the-shelf GPS signal simulator would not permit the kind of seamless attack we carried out, but would be adequate to confuse and disrupt the navigation system of a commercial UAV.

    Fixing the Problem

    There is no quick, easy, and cheap fix for the civil GPS spoofing problem. Moreover, not even the most effective GPS spoofing defenses are foolproof. Nonetheless, there are many possible remedies to the spoofing problem that, while not foolproof, would vastly improve civil GPS security. These defenses can be broken up into two categories: cryptographic and non-cryptographic defenses.

    Cryptographic defenses come primarily in two forms, spread-spectrum security codes (SSSC) and navigation message authentication (NMA), depending on whether the unpredictable digital signature is placed on the spread-spectrum code or the navigation data. These cryptographic signatures could be placed on WAAS signals or existing or future GPS signals to provide authentication of the source of the WAAS or GPS signals. A cryptographic defense implemented with appropriate checks to protect against certain variants of spoofing attacks, described in “Straight Talk on Anti-Spoofing,” GPS World, January 2012, would significantly raise the bar for a would-be spoofer. Several proposals for cryptographic methods are currently on the table including a proposal by Logan Scott to place SSSC signatures on GPS L1C signals that will be broadcast by GPS Block III satellites. However, the current proposals for civil GPS cryptographic authentication schemes are still at least several years away from implementation and have a 5-minute window between authentications of each individual GPS signal. These proposals have currently gained no ground in being implemented because of a lack of dedicated funds for development and implementation.

    There are also a number of promising non-cryptographic techniques for civil GPS spoofing detection that include jamming-to-noise power detectors (J/N meters), correlation profile anomaly defenses, and antenna-based defenses. J/N meters are simple and easily-implementable and would prevent a spoofer from simultaneous jamming and spoofing. However, a J/N sensor will not typically detect a spoofing attack in which the spoofed signals are only slightly more powerful than their authentic counterparts. The inclusion of a J/N meter does ensure that the authentic signals will also be visible as a corruption to the correlation curve during a spoofing attack, due to the difficulty of nulling out the authentic signal. This allows correlation profile anomaly defenses to be viable. However, these methods suffer from the difficulty of distinguishing multipath effects from a spoofing attack, particularly in mobile receivers. Antenna-based defenses also present an attractive option for anti-spoofing, but most of these methods require additional hardware (multiple antennas) and cost. One promising new antenna-based defense is currently under development at Cornell University that does not require multiple antennas. This defense involves an extension of the signal spatial correlation technque developed by the University of Calgary PLAN group. However, this technique is still under development, and receivers implementing this technique would likely be several times more expensive than current receivers.

    For details on potential spoofing defenses, see Todd Humphrey’s congressional testimony in “The System.”

    Recommendations

    We recommend that for non-recreational operation in the national airspace, civil UAVs exceeding 18 pounds be required to employ navigation systems that are spoof-resistant. Spoof resistance will be defined through a series of four canned attack scenarios that can be recreated in a laboratory setting. A navigation system is declared spoof-resistant if, for each attack scenario, the system is either unaffected by or able to detect the spoofing attack. Spoofing detection combined with an appropriate GPS-denied mode for the UAV to fall back on will significantly increase the difficulty of mounting a successful spoofing attack.

    Additionally, civil GPS receivers in many critical infrastructures (communications networks, financial trade centers, and the power grid) are also vulnerable to civil GPS spoofing. These critical infrastructures primarily rely on GPS for timing, which is also susceptible to manipulation with varying consequences depending on the application. A discussion of power grid vulnerabilities to GPS spoofing is given in “Going Up Against Time” in this issue of the magazine on page 34. We also recommend that GPS-based timing or navigation systems having a non-trivial role in systems designated by DHS as national critical infrastructure be required to be spoof-resistant.

    Finally, we recommend that funding be committed for development and implementation of a cryptographic authentication signature in one of the existing or forthcoming civil GPS signals. The signature should at minimum take the form of a digital signature interleaved into the navigation message stream of the WAAS signals. A better plan would be to interleave the signature into the CNAV or CNAV2 GPS navigation message stream. The best plan for implementing a cryptographic authentication signature would be to implement the signature as an SSSC interleaved into the spreading code of the L1C data channel. Inclusion of a cryptographic signature would greatly aid manufacturers in developing receivers that are spoof-resistant.

    Manufacturers

    The Hornet Mini UAV carries a µ-blox GPS receiver.


    Daniel P. Shepard is pursuing M.S. and Ph.D. degrees in aerospace engineering at the University of Texas (UT) at Austin. He is a member of the Radionavigation Laboratory.

    Jahshan A. Bhatti is pursuing a Ph.D. in aerospace engineering and engineering mechanics at UT and is a member of the Radionavigation Laboratory.

    Todd E. Humphreys is an assistant professor of aerospace engineering and engineering mechanics at UT and director of the Radionavigation Laboratory. He received a Ph.D. in aerospace engineering from Cornell University.

     

  • The System: Fly the Pilotless Skies: UAS and UAV

     

    
    Unmanned aerial vehicles and civil aircraft may co-habit the airspace after September 2015.

     As the U.S. Federal Aviation Administration (FAA) moves ahead with plans for unmanned aerial systems/vehicles (UAS/UAV) to have regular access to U.S. airspace by 2015, it has encountered several barriers. For UAVs to be treated like manned aircraft, their systems likley need to be qualified to the same standards as civil avioncs. This is a challenge, as each UAS has largely unique systems. UAS equipment standards are emerging, but threats to GNSS abound, requiring defense/mitigation.

    Demand for UAS has produced many different types flying in a range of applications. With no apparent standard avionics fit or uniform safety standards, each UAS type is basically configured for specific tasks. Commercial UAS applications continue to emerge, and major market growth is anticipated. One forecast indicates that the UAS market could reach $7.26 billion this year alone. The promise of new and better ways to reduce costs, improve safety, and increase operational efficiency feeds market expansion.

    However, in the United States the FAA currently requires each UAS commercial project desiring access to controlled airspace to obtain an FAA-approved Certificate of Authorization. While the FAA has made efforts to speed up approvals, this process slowed widespread commercial adoption of UAS. Nevertheless, opportunities abound in pipeline and transmission line inspection, crop spraying, law enforcement, security, and surveillance, survey/mapping, remote area mail delivery, and hundreds of other applications. The FAA may have felt some pressure to move forward, because Congress has put in place the Modernization and Reform Act of 2012, which calls on the FAA to fully integrate unmanned systems, including those for commercial use, into the national airspace by September 2015.

    UAS in the NAS. Meanwhile, a project called the Unmanned Aircraft Systems Integration in the National Airspace System (UAS in the NAS), undertaken by NASA’s Dryden Flight Research Center, seeks to reduce technical barriers related to safety and operational challenges associated with enabling routine UAS access to the NAS.

    Europe has also launched a study on the integration of UAS in non-segregated airspace for the future Single European Sky. The ICONUS study will be carried out by a consortium within the European air traffic management program called Single European Sky ATM Research Programme (SESAR). The study will drive the definition of the requirements, capabilities, and equipment which UAS will need to operate safely and efficiently in the coming European SESAR environment.

    The U.S. RTCA SC-203 committee is drafting UAS operational requirements, and there has been significant progress towards publishing Minimum Aviation Performance Standards (MASPS), including requirements for navigation. Europe has similar activities underway aimed at improving UAS access to its airspace.

    MOPS. The big picture is that requirements for unmanned aircraft are being brought into conformance with the standards applied to the performance and behavior of manned aircraft. Navigation requirements for UAS are expected to specify that systems will need to be qualified to Minimum Operational Performance Standards (MOPS). This means that on-board electronics, including GNSS systems, will probably need to be FAA Technical Standard Orders (TSO) qualified, just as they are now for manned aircraft.

    Why do we need to investigate certified avionics now? In the scheme of avionics, more than two years breathing space to certify UAS avionics systems is not a long time, not at all, until the September 2015 deadline. FAA airborne software and hardware qualification will take much time and effort to implement, and re-configuration of systems, interfaces, and operating procedures may take even longer.

    For Manufacturers. UAS makers have the option to move forward in stages. For instance, by selecting a few existing airborne-qualified OEM avionics, they could minimize the internal effort to comply. As the first UAS with certified avionics emerge, they will probably get good support from FAA to adopt U.S. operating rules for the NAS. Embedding an existing certified GPS receiver in UAS avionics will reduce the internal work needed and allow more effort for developing commercial market opportunities that look to quickly adopt UAS.

    Meanwhile, efforts are in full swing to change the U.S. and European navigation landscapes over the next few years. So it would be better to be ready with a capable GNSS receiver that is already built to meet the challenges of NextGen and SESAR.

    GPS III and Galileo. The L5 civil GPS frequency may be operational around the time that UAS unrestricted access becomes possible. GPS L1/L5 dual-frequency operations will enable higher navigation accuracy, reliablity, and integrity. The FAA is already developing NextGen WAAS to include L5, and revisions to the GPS MOPS to include L5 should begin shortly, in time for a usable GPS L5 constellation in 2015/2016. The FAA is already preparing for L5 avionics, and industry investigative work is underway. Its possible that GPS L1/L5 may meet the accuracy and integrity requirements for CAT II/III automated landings. In Europe, Eurocae work is expected to gain momentum for the Galileo E1/E5a MOPS as the Galileo satellite navigation system becomes operational.

    The new GNSS environment also includes WAAS/SBAS precision approach (localizer performance with vertical guidance, or LPV) capability: LPV is available now in the United States and will soon be in wider operation in Europe. Automatic Dependendant Surveillance (ADS-B) is rolling out in the United States and around the world. ADS-B is being mandated within the U.S. NAS as the means for air-traffic control to track all aircraft, so UAS avionics will need to include certified ADS-B Out capability.

    In one commercial instance, the Septentrio AiRx2 receiver comes out of the box as a certified L1 GPS with ADS-B and WAAS LVP, but is also ready for GPS L5 and Galileo E1/E5a.

    Even as greater steps forward enhance how GNSS is used in this wider definition of aviation that will soon include UAS, a team at the University of Texas demonstrated how a UAV could be maliciously side-tracked (see article on page 30 of this issue) —  reminiscent of the Iranian downing of a U.S. surveillance drone in December 2011.

    Admittedly the GPS on the vehicle in the UT test was not a qualified airborne receiver, but how could this happen when there was also an inertial sensor and a radio-altimeter on the UAV? A good question, which UAV manufacturers will need to consider when they implement their on-board Kalman filters, knowing that spoofing is now an additional threat to parry.

    Couldn’t we detect that high-power RF spoofing signal at the front-end of the GPS receiver? Even if only to tell the on-board systems that there could be hazardous misleading information about? Or run separate GPS and GPS/inertial position solutions, detect significant divergence, and set the same warning flag? And multi-constellation, multi-frequency receivers, and even controlled radiation pattern antennas — all things to investigate.  More work for the aviation receiver guys who labor tirelessly to improve GNSS integrity.

    Of course if you hijack a UAV with a high-power spoofer, you are also spoofing civil transports operating in the same airspace, so now there is the potential to trigger a Federal investigation. It will probably be easier to detect this stuff with moving airborne sensors rather than the fixed ground equipment used to find jammers on trucks at Newark airport, and lots of pilots likely providing real-time location information on radios if their GPS goes even a little haywire. All would help to quickly locate and shut down any spoofer. Nevertheless, it’s a threat to be mitigated.

    Fatal Crash. In South Korea, the effects of intermittent North Korean jamming of GPS to disrupt seal, land, and air navigation in the South may have contributed to the recent fatal crash of a Schiebel Camcopter S-100 drone, a 150-kilogram rotorcraft capable of 220 km/h flight. It should have coped with loss of GPS as the Camcopter has multiple inertial measurement units that allow safe operation and recovery in the absence of GPS signals. Emergency procedures to ensure a safe recovery in such a situation do not appear to have been correctly and adequately followed, manufacturer Schiebel alleges.

    NovAtel may have found one way to help mitigate spoofing on UAVs; the company released a combined civil/SAASM GPS receiver, the OEM625S, aimed specifically at UAVs. Granted, the idea is to add SAASM anti-spoofing capability to a number of UAVs which currently use NovAtel commercial receivers, mostly in military systems. That may be motivated by the desire to avoid further Iranian incidents!

    BAE Systems has been thinking of giving GPS a back-up for just those situations where jamming or even spoofing is detected. BAE’s Navigation via Signals of Opportunity (NAVSOP) system was just announced at the Farnborough air show in the UK and is still in research phase, but looks extremely promising. It interrogates the radio environment for the ID and signal strength of local digital TV and radio signals, plus air traffic control radars, with finer grained adjustments coming from cellphone masts and Wi-Fi routers. Mapping the location of all these sources might be quite an undertaking, and given that these are all non-safety-of-life commercial signals, the sources are subject to the vagaries of power outages, regular maintenance, and breakdowns. Nevertheless, with such a multitude of signals, NAVSOP could well turn out to be a viable back-up for GNSS.

    So, shared access to civil airspace, wider applications in commercial operations, and changes in equipment qualification, along with potential solutions for GNSS jamming and spoofing: lots to consider for the UAS industry.


    Taking It to the House

    U.S. House of Representatives Committee on Homeland Security; Subcommittee on Oversight, Investigations, and Management; Hearing, July 19, 2012:  Using Unmanned Aerial Systems Within the Homeland: Security Game Changer?

    Testimony by Todd E. Humphreys, Ph.D.; Assistant Professor, Cockrell School of Engineering, The University of Texas at Austin. [Excerpted. Prof. Humphreys is a co-author of the article “Drone Hack” in the August issue of GPS World.]

    The vulnerability of civil GPS to spoofing has serious implications for civil unmanned aerial vehicles (UAVs), as was recently illustrated by a dramatic remote hijacking of a UAV at White Sands Missile Range.

    Hacking a UAV by GPS spoofing is but one expression of a larger problem: insecure civil GPS technology has over the last two decades been absorbed deeply into critical systems within our national infrastructure. Besides UAVs, civil GPS spoofing also presents a danger to manned aircraft, maritime craft, communications systems, banking and finance institutions, and the national power grid.

    Constructing from scratch a sophisticated GPS spoofer like the one developed by the University of Texas is not easy. It is not within the capability of the average person on the street, or even the average Anonymous hacker. But the emerging tools of software-defined radio and the availability of GPS signal simulators are putting spoofers within reach of ordinary malefactors.

    There is no quick, easy, and cheap fix for the civil GPS spoofing problem. What is more, not even the most effective GPS spoofing defenses are foolproof. But reasonable, cost-effective spoofing defenses exist which, if implemented, will make successful spoofing much harder.

    I recommend that for non-recreational operation in the national airspace civil UAVs exceeding 18 lbs be required to employ navigation systems that are spoof-resistant.

    More broadly, I recommend that GPS-based timing or navigation systems having a non-trivial role in systems designated by DHS as national critical infrastructure be required to be spoof-resistant.

    Finally, I recommend that the DHS commit to funding development and implementation of a cryptographic authentication signature in one of the existing or forthcoming civil GPS signals.

    Complete testimony (PDF) covers:

    • The potential vulnerabilities of U.S. national transportation, communications, banking and finance, and energy distribution infrastructure;
    • What does it take to build a spoofer? Buy a spoofer?
    • Range and required knowledge of target.
    • Fixing the problem:

    •    Jamming-to-noise sensing defense;
    •    Defense based on SSSC or NMA on WAAS signals;
    •    Multi-system multi-grequency defense;
    •    Single-antenna defense;
    •    Defense based on spread-spectrum security codes on L1C;
    •    Defense based on navigation message authentication on L1C, L2C, or L5;
    •    Correlation prole anomaly defense;
    •    Multi-antenna defense;
    •    Defense based on cross-correlation with military signals.

  • Topcon GRS-1 and Tesla Compatible with ArcGIS Mobile

    The Topcon Tesla and the Topcon GRS-1 are compatible with ArcGIS Mobile using the new Topcon eGPS GNSS configuration utility, announced Topcon today. ArcGIS Mobile allows GIS users to deliver GIS tools and data to the field and utilize GIS data while adding accurate position and attribute information to GIS databases.
     
    “With Topcon eGPS running on the Tesla and GRS-1, with ArcGIS Mobile you can tap into high-end GPS/GNSS receivers to easily update database accuracy and attribute information with one compact device," Jason Hooten, North American GIS sales manager, said.
     
    Topcon’s new Tesla is a “cross-over controller for all field applications and accuracies. The Topcon Tesla has the benefits of a larger handheld screen without the heavy burden of a Tablet PC,” Hooten said.
     
    Topcon’s GRS-1 is a 72-channel, dual-frequency L1/L2 GPS receiver with an integrated cellular modem. It can be used to dial up to a local reference station network for real-time corrections and is scalable from sub-meter to centimeter level accuracy.

    “The Topcon eGPS configuration utility enables ArcGIS Mobile users to access Topcon’s full range of GPS products for any accuracy needed in the field. Now all accuracy levels are available for ArcGIS Mobile users with a simple interface,” Hooten said.

  • Going Up Against Time: The Power Grid’s Vulnerability to GPS Spoofing Attacks

    By Daniel P. Shepard, Todd E. Humphreys, and Aaron A. Fansler

    Spoofing tests against phasor measurement units demonstrate their vulnerability to attack. A generator trip in an automatic control scheme could be falsely activated by the GPS spoofing, possibly leading to cascading faults and a large-scale power blackout.

     

    As electric power grids continue to expand throughout the world and as transmission lines are pushed to their operating limits, the dynamic operation of the power system has become a serious concern and increasingly difficult to accurately model. More effective real-time system control is now seen as key to preventing wide-scale cascading outages like the 2003 Northeast Blackout.

    For years, electric power control centers have estimated the state of the power system (the positive sequence voltage magnitude and phase angle at each network node) from measurements of power flows. But for improved accuracy in the so-called power system state estimates, it will be necessary to feed existing estimators with a richer measurement ensemble or to measure the grid state directly.

    Alternating current (AC) quantities have been analyzed for over 100 years using a construct developed by Charles Proteus Steinmetz in 1893, known as a phasor. In power systems, the phasor construct has commonly been used for analyzing AC quantities, assuming a constant frequency. A relatively new synchronization technique which allows referencing measured current or voltage phasors to absolute time has been developed and is currently being implemented throughout the world. The measurements produced by this technique are known as synchronized phasor measurements or synchrophasors.

    Synchrophasors provide a real-time snapshot of current and voltage amplitudes and phases across a power system, and so can give a complete picture of the state of a power system at any instant in time.  This makes synchrophasors useful for control, measurement, and analysis of the power system.

    A device used to measure synchrophasors is called a phasor measurement unit (PMU). In a typical deployment, PMUs are integrated in protective relays and are sampled from widely dispersed locations in the power system network. They are synchronized with respect to the common time source of a GPS clock. PMUs basically measure AC voltage (or current) and absolute phase angles at selected locations in an electric transmission or distribution system.

    GPS Spoofing

    GPS spoofing is the act of producing a falsified version of the GPS signal with the goal of taking control of a GPS receiver’s position-velocity-time (PVT) solution. This is most effectively accomplished when the spoofer has knowledge of the GPS signal as seen by the target receiver so that the spoofer can produce a matched, falsified version of the signal. In the case of military signals, this type of attack is nearly impossible because the military signal is encrypted and therefore unpredictable. On the other hand, the civil GPS signal is publicly-known and readily predictable.

    In recent years, civil GPS spoofing is becoming recognized as a serious threat to many critical infrastructure applications which rely heavily on the publicly-known civil GPS signal. A number of promising methods are currently being developed to defend against civil GPS spoofing attacks, but it will still take a number of years before these technologies mature and are implemented on a wide scale. Currently, there is a complete absence of any off-the-shelf defense against a GPS spoofing attack.

    See “Generation, Transmission” sidebar at the end of this article for background on the following tests.

    The Tests. The minimum threshold for success was to show that a GPS spoofer could force a PMU to violate the IEEE C37.118 Standard “Synchrophasors for Power Systems,” which defines accuracy as a vectorial difference between the measured and expected value of the phasor for the measurement at a given instant of time, called the total vector error (TVE).  TVE blends three possible sources of error: magnitude, phase angle, and timing. An error in timing appears identical to an error in phase angle. Without timing and magnitude errors, a phase angle error of 0.573o corresponds to a 1 percent TVE, the maximum allowable by the IEEE C37.118 Standard. This phase angle error could be equivalently and indistinguishably caused by a timing error of 26.5 µs, which was chosen as the threshold for success in the spoofing tests.

    The Spoofer

    The civil GPS spoofer used for these tests is an advanced version of the spoofer reported in “Assessing the Spoofing Threat,” GPS World, January 2009. A block diagram of the spoofer is shown in Figure 1. It is the same spoofer used in the tests described in “Drone Hack” in this issue of the magazine, and a detailed description is given in that article.

    The spoofer can carry out a sophisticated spoofing attack in which no obvious clues remain to suggest that an attack is underway. The University of Texas spoofer and attack strategy have been tested against a wide variety of GPS receivers and has always been successful in commandeering the target receiver.

     Figure 1. Block diagram of the University of Texas spoofer used to attack the phasor unit.
    Figure 1. Block diagram of the University of Texas spoofer used to attack the phasor unit.
    Test Setup

    Figure 2 shows a schematic of the setup used for the open-air tests. The signals received at the roof were routed into the spoofer for use in producing the counterfeit signals and into the RF shielded tent for rebroadcasting. The counterfeit signals were also routed into the tent for broadcasting. In addition to the antennas broadcasting the authentic and counterfeit signals, a third antenna was setup inside the tent to receive the combination of authentic and spoofed signals. This setup is representative of an actual attack scenario where the malefactor does not have physical access to the victim receiver’s antenna input but rather broadcasts the spoofed signals over-the-air. For cable-only tests, the entire setup inside the tent was replaced with a signal combiner that summed the authentic and spoofed signals.

    Figure 2. Schematic of the test setup.
    Figure 2. Schematic of the test setup.

    The combined authentic and spoofed signals were fed to the victim GPS time reference receiver. The output timing signal from the victim receiver was used as the synchronization reference for one PMU, whereas a second PMU was given timing from a separate GPS time reference receiver that was tracking only authentic GPS signals. Since the PMUs were in the same room and measured the local voltage and carrier phasors, both PMUs would report roughly the same phasor measurements under normal circumstances. Thus, any significant differences in the phase angle measurements between the two PMUs could be attributed to the effects of spoofing.

    Test Results

    Both the cable-only and the over-the-air spoofing attacks were successful in leading the PMU phase measurements off from the truth. Figure 3 shows the measured phase angle difference between the reference PMU, which was fed the true GPS signal, and the spoofed PMU throughout one entire test. This value would normally be less than a few degrees in the absence of spoofing, since the two PMUs are co-located. After the initial ten minute capture-and-carry-off, which proceeds slowly to avoid detection, the spoofer accelerates its carry-off and the reference and spoofed phase angles quickly diverge.

    Figure 2. Schematic of the test setup.
    Figure 3. A plot of the phase angle difference between the reference and the spoofed PMUs. Normally the phase angle difference would be nearly zero in the absence of a spoofing attack. Point 1 marks the start of the test. Point 2 marks the point at which the spoofer has completely captured the victim receiver. Point 3 marks the point at which the IEEE C37.118 Standard has been broken. Point 4 marks the point at which the spoofer-induced velocity has reached its maximum value for the test. Point 5 marks the point at which the spoofed signal was removed.

    Figure 4 shows pictures of an oscilloscope and the Synchrowave screen at the start of the test. The oscilloscope shows two pulse-per-second (PPS) signals, with the upper yellow pulse coming from a reference clock being fed true GPS and the lower blue pulse coming from the spoofed timing receiver. Both PPS signals are initially aligned with each other. The Synchrowave screen displays the PMU phase angle data in real-time as phasors with the nominal 60 Hz operating frequency subtracted from the phase angle. The red and green phasors show the phase data from the reference and spoofed PMUs respectively. These phasors are within a few degrees of each other at the beginning of the test.

     Figure 4. Oscilloscope (left) and Synchrowave (right) screen at the start of the test, which is marked as point 1 in Figure 3.
    Figure 4. Oscilloscope (left) and Synchrowave (right) screen at the start of the test, which is marked as point 1 in Figure 3.

    Figure 5 shows pictures of the Oscilloscope and the Synchrowave screen at about 620 seconds into the test. At this point, the spoofer has moved the victim receiver 2 µs off in time and has completely captured the receiver.  The delicate initial capture-and-carry-off is performed at a slow rate to suppress any evidence of the spoofer’s presence. However, this process could be done quicker because the receiver was not looking for such evidence of foul play. At this stage of the test, there is not yet any significant difference between the two phasors on the Synchrowave screen, since the spoofed time offset remains relatively small. The oscilloscope, however, reveals that the PPS output from the victim receiver has moved by about 2 µs relative to the reference PPS. At this point, the spoofer begins to accelerate the victim receiver’s time solution at a distance-equivalent rate of 4 m/s2 until it reaches a final distance-equivalent velocity of 1000 m/s. Distance-equivalent velocity can be converted into the actual time rate of change of time by dividing by the speed of light.

     Figure 5. Oscilloscope and Synchrowave screen at about 620 seconds, point 2 in Figure 3.
    Figure 5. Oscilloscope and Synchrowave screen at about 620 seconds, point 2 in Figure 3.

    The acceleration segment of the attack must be tailored to the individual receiver’s ability to track the spoofer-induced dynamics. Otherwise, the spoofer risks losing control of the victim receiver’s tracking loops by moving too quickly for the receiver to track or by raising alarms. Alternatively, a malefactor could survey possible GPS time reference receivers that might be used and tailor the spoofing attack such that any of the receivers would track and believe the spoofed signals. This would place severe limits on the spoofer’s ability to manipulate timing, but would not make the attack impossible or implausible.

    Figure 6 shows the oscilloscope and Synchrowave screen at about 680 seconds into the test. At this point, the spoofer has broken the IEEE C37.118 Standard for PMUs, which requires accuracy in the measured phase angle of 0.573o. This demonstrates a significant vulnerability for PMU-based monitoring and control, since these applications leverage the accuracy supposedly guaranteed by the standard. There is yet no noticeable difference on the Synchrowave screen, but the oscilloscope clearly shows that the victim receiver has now been offset in time by about 20 µs.

     Figure 6. Oscilloscope and Synchrowave screen at about 680 seconds, point 3 in Figure. 3.
    Figure 6. Oscilloscope and Synchrowave screen at about 680 seconds, point 3 in Figure. 3.

    Figure 7 shows pictures of the oscilloscope and the Synchrowave screen at about 870 seconds into the test. At this point, the spoofer has reached its final velocity of 1000 m/s. A phase angle offset of 10o has also been introduced in a matter of minutes. As expected, there is a marked difference in the phasors on the Synchrowave screen. The oscilloscope also shows a time offset of 400 µs has been induced in the victim receiver.

     Figure 7. Oscilloscope and Synchrowave screen at about 870 seconds, point 4 in Figure 3.
    Figure 7. Oscilloscope and Synchrowave screen at about 870 seconds, point 4 in Figure 3.

    Figure 8 shows pictures of the oscilloscope and the Synchrowave screen at about 1370 seconds into the test. At this point, the spoofed signal was heavily attenuated and instantly realigned with the authentic signals. This was intended to be the end of the test, but when this particular receiver lost lock on the signal it continued to send out a valid time signal to the PMU while fly-wheeling off its internal clock. This caused an alarm to issue on the front panel of the time reference receiver indicating loss of GPS signal lock. The downstream PMU, however, was oblivious to this loss of lock. This state persisted for about half an hour before the clock finally reacquired the authentic signal and instantly realigned its time output, which caused the phasors to realign.  Figure 3 does not show the phase angle data for this entire period, but does show that the phase angle difference exceeds at least 70o before the time reference receiver reacquires the authentic signal.

     Figure 8. Oscilloscope and Synchrowave screen at about 1370 seconds, point 5 in Figure 3.
    Figure 8. Oscilloscope and Synchrowave screen at about 1370 seconds, point 5 in Figure 3.
    Implications

    Synchrophasor data provides a clear picture of the state of the power system in real-time. As the size of the power grid grows and stability margins are reduced (to provide more efficient distribution of power), it will become desirable to use synchrophasors for control purposes. PMU manufacturers are currently selling PMUs capable of implementing automated control schemes that offer response times less than 4 cycles.  Such swift response times are seen as necessary to prevent grid instability or damage to equipment.

    Control schemes based on synchrophasors rely on phase angle differences between two nodes as an indicator of a fault condition. One example of a currently operational synchrophasor-based control system is the Chicoasen-Angostura transmission link in Mexico. This transmission line links together large hydroelectric generators in Agostura to large loads in Chicoasen through two 400-kV transmission lines and one 115-kV transmission line. If a fault occurs in which both of the 400-kV lines are lost, then the hydroelectric generators may experience angular instability. In order to prevent this, a PMU was set up at each end of the transmission lines with a direct communications link between them. It was found that under nominal and single-fault (only one 400-kV line lost) conditions, the phase angle difference between the two locations was less than 7o, whereas a double-fault (both 400-kV lines lost) produced a phase angle difference of 14o. Based on this finding, the PMUs were configured so that if the phase angle difference exceeded 10o, the hydroelectric generators would be automatically tripped.

    If a spoofer were to attack this system in Mexico or a similar implementation elsewhere, then the spoofer could cause a generator trip. In the test described in the previous section, a 10o offset, the threshold for the Chicoasen-Angostura link, was induced by the spoofer about 250 s after capturing the target receiver, as seen in Figures 3 and 7. A malefactor could even lead the phase angle off in the opposite direction (say 7o) before cutting both 400-kV transmission lines. Instead of causing a generator to unnecessarily trip, this would prevent PMUs from tripping the generator when required and potentially cause damage to the generator or remaining transmission lines.

    Beyond tripping a single generator, there is potential for the effects of the attack to propagate through the grid and cause cascading faults across the grid. One example of this type of cascading failure is the 2003 Northeast blackout. Although this blackout did not involve PMUs or a spoofing attack, it demonstrates how an appropriately targeted attack against PMUs used for control on the power grid could cause large scale blackouts that originate with a single generator or transmission line trip.

    On August 14, 2003, at 3:05 p.m., a 345-kV transmission line in Ohio began to sag from increased flow of electric power. When the line sagged too close to a tree, it caused a short-to-ground and tripped offline. This is something that happens fairly frequently on the massive U.S. electrical grid and is usually easily dealt with. However, the tripping of that line in northern Ohio began a cascade of failures that, in a little more than an hour, led to a near total power loss for more than 50 million people in the northeastern U.S. and parts of Canada.

    The blackout is estimated to have cost approximately $6 billion for only four days of power loss. This led the Department of Energy and the North American Electric Reliability Corporation (NERC) to fund and push for an improved “smart grid” with synchrophasor technology as a major component.

    As previously pointed out, PMUs are high-speed, real-time synchronized measurement devices used to diagnose the health of the electricity grid. With synchrophasor data, electric utilities can use existing power more efficiently and push more power through the grid while reducing the likelihood of power disruptions like blackouts. Synchrophasor measurements are being looked at to reduce the likelihood of false and inappropriate triggers of transmission system circuit breakers that protectively shut down electrical flow and contribute to cascading blackouts. However, GPS spoofing poses a significant threat to these objectives for PMUs and can make synchrophasor-based control the cause for these events instead of the cure.

    Conclusions

    Spoofing poses a threat to the integrity of synchrophasor measurements. A spoofer can introduce a time offset in the time reference receiver that provides the timing signal for a PMU without having physical access to the receiver itself. This produces a corresponding phase offset in the synchrophasor data coming from that PMU. Tests demonstrated that a PMU could be made to violate the IEEE C37.118 Standard for synchrophasors in about 11 minutes from the start of a spoofing attack.

    As PMU usage continues to grow throughout the world, PMUs will increasingly be used for automatic control purposes instead of just grid monitoring. The tests described here demonstrate that a spoofer could cause control schemes to falsely trip a generator.  In the presence of other exacerbating factors, this could lead to a cascade of faults and a large scale blackout.


    Daniel P. Shepard is pursuing M.S. and Ph.D. degrees in aerospace engineering at the University of Texas at Austin. He is a member of the Radionavigation Laboratory.

    Todd E. Humphreys is an assistant professor of aerospace engineering and engineering mechanics at the University of Texas at Austin and director of the Radionavigation Laboratory. He received a Ph.D. in aerospace engineering from Cornell University.

    Aaron A. Fansler serves as cyber critical infrastructure protection (CCIP) program manager for Northrop Grumman Information System. He obtained a Master’s degree from Capitol College in information assurance and is currently working on a Ph.D. in that field.


     

    Generation, Transmission

    The generation, transmission, and distribution of electric power make the power grid the most critical of critical infrastructures in the United States. Past events and numerous government demonstrations have shown just how vulnerable the power grid can be, not only to natural disasters, but more importantly to malicious cyber activity, which is on the rise.  Past consequences of power disruption were annoyance and some economic cost; future disruptions from intentional malicious activity could cascade into crippling failures. Cyber threats now rival the consequences of physical attacks.

    Over the past decade, the power industry has seen an explosion in the use of accurate, synchronized time incorporated into its controlling networks. Accurate timing signals are exploited in power systems from the generation plant down to the distribution substation and now down to individual smart grid component.

    The value of time synchronization is best understood by recognizing that the power grid is a single, complex, interconnected, and interdependent network. What happens in one part of the grid affects operation elsewhere, and in other systems reliant on stable power, as was observed in the 2003 Northeast Blackout.

    With the transition to smart technologies and a unified, synchronized grid, the potential for catastrophic cascading failures increases if proper control measures are not implemented. Time-synchronized measurements are changing the way electric power systems are controlled to protect against these events. Phasor measurement units (PMUs) have recently emerged as one technology which has the potential to one day anticipate failures, making it possible to take remedial actions before failures spread across the network.

    PMUs rely on GPS to provide accurate, synchronized time across the power grid. This reliance creates a vulnerability to a particular type of malicious attack: GPS spoofing. Spoofers generate counterfeit GPS signals that commandeer a victim receiver’s tracking loops and induce spoofer-controlled time or position offsets. The 2001 USDOT Volpe Report noted the absence of any off-the-shelf defense against civilian spoofing. In 2008, researchers demonstrated that an inexpensive portable software-defined GPS spoofer could be built from off-the-shelf components.

    Northrop Grumman Information Systems (NGIS) and the University of Texas (UT) conducted a functional test and evaluation of the effects a spoofed GPS timing signal would have on synchrophasors, to determine if adverse effects could be produced on a sensitive timing-signal-dependent network such as a Supervisor Control and Data Acquisition (SCADA) network and the network devices such as PMUs. This article describes the test.

  • Geodetics, ITT Exelis Announce SAASM RTK Solutions

    Geodetics Inc., in cooperation with Exelis, has announced the availability of a new Selective Availability Anti-Spoofing Module (SAASM) high-accuracy real-time kinematic (RTK) GPS capability. The new capability is based on a collaborative effort between the two companies.

    It incorporates proven RTK technologies and products from Geodetics integrated with the high-precision and GPS security features of the Exelis SAASM.
    The new Geodetics/Exelis offerings provide high-accuracy GPS capabilities using the military Precise Position Service (PPS) Y-code on both L1 and L2. The Exelis SAASM produces pseudorange and integrated carrier-phase observables at a selectable output rate. These observables are fully integrated into Geodetics' high-accuracy GPS technologies and is compatible with a full line of turn-key positioning and navigation products including inertial navigation (GPS/INS) and relative navigation systems, GPS-based attitude determination, GPS reference network/survey and post-processing tools.

    The result is a cost-effective SAASM capability, integrated with a solution suite designed to support a wide range of positioning and navigation applications for manned and unmanned air, sea, and ground vehicles, the companies said.

    "Geodetics is delighted to be working with Exelis. Our collaboration provides the authorized military user with turn-key solutions providing unprecedented centimeter-level position accuracy with full SAASM compliance," said Lydia Bock, Geodetics president and CEO.

  • On the Edge: Mapping the Delta

    By Tracy Cozzens

     Surveyors install and configure a base and rover for a 13,000-hectare survey of the Plains Kogoni in Mali.
    Surveyors install and configure a base and rover for a 13,000-hectare survey of the Plains Kogoni in Mali.

    In the heart of landlocked Mali, between the Atlantic Ocean 800 miles to the south and the Sahara desert to the north, lays the extraordinary Inner Niger River Delta, also known as the Macina, a 1.8 million hectare oasis of lakes and floodplains with a vast potential for hydro agriculture.

    CIRA, a major West African consulting engineering firm, working on behalf of the Office du Niger, a quasi-governmental Mali company charged with managing more than100,000 hectares of irrigated delta land, has completed surveying an additional 25,000 hectares for hydro-agriculture development.

    map

    Created in 1991, CIRA is an engineering and applied research consulting firm working in transportation, hydraulics, civil engineering and the environment. Based in Bamako, Mali, the firm works in more than 15 African countries, primarily in West Africa, Central Africa and East Africa.

    In the course of two months during the dry season, two CIRA survey teams, each equipped with three Spectra Precision ProMark 500s, a base station, and two rovers connected via UHF, completed the entire 25,000 hectare survey collecting four points in x, y, and z per hectare to produce a digital model. The model enabled the production of rough pre-study with all plans and a detailed pre-project CAD drawings for drainage, irrigation canals, and related infrastructures.

    A very short eight-month contractual time set to complete the different studies meant that the land survey study would have to be completed as quickly as possible. The first thought was to use aerial photography combined with LIDAR, but setting this up would have taken too long, according to a CIRA spokesperson. Instead, CIRCA chose to employ differential GNSS, using base and rovers working in real-time kinematic. CIRA’s experience suggested the firm would achieve reliable results much quicker using only optical total stations. CIRA elected to use Ashtech ProMark 500 GNSS receivers for the project. From experience, they knew the models were easy to set up and use, lightweight, offered long battery life in the field, and field to office data transfer would be easy. Their expectations were met, and the job was completed within two months and on time.

    The ProMark 500 RTK survey system provides short time to fix, long-range RTK and solution reliability. Its BLADE technology provides multi-constellation signal processing with the use of SBAS and GLONASS ranging signals to strenghten the GPS solution.

    Trimble acquired Ashtech in 2011, making it part of Spectra Precision.

     Setting up bitter points for calibration of satellite images on the corridor Sarh - Abeche in Chad (800km).
    Setting up bitter points for calibration of satellite images on the corridor Sarh – Abeche in Chad (800km).
     Reference station during the survey topo Richard Toll road - N Dioum (120 miles) in Senegal.
    Reference station during the survey topo Richard Toll road – N Dioum (120 miles) in Senegal.
     A reference station during the survey topo Zégoua Sikasso road (95 km) in Mali.
    A reference station during the survey topo Zégoua Sikasso road (95 km) in Mali.
  • GPS at the Olympics: Twitter Disrupts GPS Data from Olympic Cyclers to Broadcasters

     


    UPDATE: Title changed to clarify that GPS signals are not affected, but the transfer of the GPS data to the broadcasters.

     

    GPS is playing a role at the 2012 Olympics in London, through apps for smartphones to transportation issues, and even a clash with social media.

    Twitter Disrupts GPS Data from Olympic Cyclists to Broadcasters

    The International Olympic Committee (IOC) said that social media prevented broadcasters from getting accurate GPS data about the precise location of Olympic bicycle competitors during the155-mile men’s cycling road race.

    According to Reuters, commentators on Saturday’s men’s cycling road race were unable to tell television viewers how far the leaders were ahead of the chasing pack because data could not get through from the GPS satellite navigation system traveling with the cyclists.

    IOC spokesman Mark Adams says the Olympic Broadcasting Services service was jammed by “hundreds of thousands” of people sending texts, pictures and updates to social networks such as Twitter and Facebook, the Washington Post reports.

    To alleviate the bandwidth issue, the IOC asked users not to tweet, saying unless it’s an “urgent, urgent one, please kind of take it easy.”

    The problem arose due to lack of data bandwidth provided by telecom carriers, which did not properly anticipate demand. CNET’s Zack Whittaker reports that users send almost 10 million tweets during the opening ceremonies alone.

    The problem appeared to be solved for Sunday’s women’s road race.

    Apps Spark User Interaction, Excitement

    A number of mobile apps will help spectators at the Games keep tabs on the action.

    SoFit Mobile. A Toronto-based mobile development company, SoFit Mobile, has released a free social-gaming app that uses GPS technology to track users’ steps as they compete with friends. Users can donate money to charity or unlock medals and real-life discounts and coupons based on how far they travel. Early participants were eligible to win tickets to the games.

    The app is designed to connect users with friends virtually, regardless of geographical and cultural differences, where they can train together and take part in athletic events like the New York Marathon.

    “Using the Olympics as a way to inspire more people to get active, SoFit will engage users to take small steps to start living healthier while connecting millions to make the world a better place,” said Olympic figure skater Michelle Kwan in a press release.

    The app was developed in partnership with the Walk A Mile campaign, which was inspired by the 2012 London Games. SoFit is available for Apple and Android devices.

    Samsung Hope Relay. For every mile run while this app is activated, Samsung donates 1 pound to charities, including Kids Company and International Inspiration. The app uses GPS to track the users’ movements walking, running, or cycling, alone or as part of a team.

    TorchTracker. This app used GPS tracking to pinpoint where the Olympic Torch was as it made its way to the games, and helped fans find places to see it go by.

    American and Australian Team Buses Get Lost

    Before the games began, buses taking Australian and American athletes from Heathrow Airport to Olympic Park experienced a failure of GPS end users, sending the athletes around the city for a long tour before arriving at the Olympic Village.

    The bus driver hired by London Olympic organizers had not driven or been shown the route before, and could not operate the GPS navigation system fitted in the vehicle. Also, some of the venues, such as the village, had not been pre-loaded into the devices.

    For the Aussies, it turned into a 3½-hour marathon, accidentally taking them past central London landmarks such as Buckingham Palace and the Houses of Parliament.

    A separate London 2012 bus carrying American athletes got so badly lost it took four hours to make the 23-mile trip across the capital.

    Olympic Lanes and GPS Vehicle Tracking

    After there were problems for the athletes getting to events in 1996, every host country has had an Olympic Lane to speed the journey for Olympians. However, residents have grumbled about it and there has been some talk about defying the rule and using the lane for unofficial business.

    Blogger Oliver Ortiz posits that the conflicts could have been avoided if organizers had made use of GPS vehicle tracking. “The Olympic Lane is open from 6 a.m. until midnight both ways, and for many this is a folly. There will be certain times of the day when the Olympic Lane will be essential and it almost appears lazy on behalf of the Olympics organisers not to consider the best times for the lane to be open. If only they had thought about using GPS Vehicle Tracking to not only design the opening times, but also to monitor the Olympic Lanes during the games and make changes to when they are open. GPS Vehicle Tracking would have made these two things possible.

    “London knew they were having the Olympics way back in 2005, could the Olympic Committee not have thought about levels of traffic and travel times at various points in the day using GPS Vehicle Tracking to put forward a more practical schedule for the Olympic Lane to be open?”

  • Esri’s Survey Summit Showcases UAVs, 3D, the Cloud

    While the Esri Survey Summit still struggled to find a way to attract attendees, the International User Conference exploded by blowing away last year’s attendance by attracting a record 16,000+ GIS’ers this year in San Diego.

    The Survey Summit reeled in only ~250 people this year along with a roomful of exhibitors. That’s not to say the content wasn’t good. On the contrary, the content was very good, as it usually is. However, state/regional conferences seem to be gearing up so it’s difficult to see how a national conference like the Survey Summit can offer enough superior content to entice people to spend a few days and a lot of dollars traveling to San Diego during prime field season.

    Further complicating the issue is the fact that ACSM/NSPS is likely not going to participate in next year’s Survey Summit. But, the Survey Summit will survive because Esri will continue to sponsor it, and there’s a select few of us (yes, I’ll likely attend next year) who see the value of networking with the others who are like-minded.

    Highlights of the Survey Summit

    The opening ceremony featured Esri’s Donny Sosa playing the “Star-Spangled Banner” on an electric guitar.

    But Donny wasn’t playing just any electric guitar. It was an Atom 3D “printed” guitar made by 3D Systems. Folks, 3D printing is going to be mind-blowing technology of the future. It will be like everyone having a machine-shop in their home/office. Design a part or a system on your home computer and manufacture it using your 3D printer (or a local 3D printing service).

    Aside from the 3D printing entertainment, three subjects stuck in my head from the Survey Summit:

    1. UAVs (Unmanned Aerial Vehicles) for mapping

    I think the presenter from Hawkeye UAV said it best. Paraphrasing, he said that UAV commercial operations aren’t a major issue in any country besides the U.S. In the U.S., of course, commercial operations of UAVs are still prohibited. Only universities and government entities that are granted a CoA (Certification of Authorization) from the Federal Aviation Administration (FAA) are allowed to operate UAVs. The requirement for a CoA isn’t to be taken lightly, either. Last week, the Oregon Department of Fish & Wildlife was shut down from deploying a mapping UAV because its FAA paperwork wasn’t in order. They were planning to use an inexpensive RiteWind Zephyr II modified by Embry-Riddle University.

    If you recall, a bill was passed earlier this year with a provision to integrate UAVs into the U.S. National Airspace System (NAS) by 2015. This is going to be a challenge for the FAA, and you can expect some pretty tight regulations being applied to UAV operations. Imagine paparazzi circling UAVs over Hollywood snapping photos of celebrity sunbathers. Some people speculate that UAV operators will be required to be licensed pilots, even if they aren’t actually flying the UAV (UAVs have pre-programmed paths they follow). The rationale is that UAV operators may need to communicate with Air Traffic Controllers to ensure there is a safe distance from other aircraft.

    Although there are UAVs being designed and built specifically for mapping such as Gatewing (recently acquired by Trimble), there are an increasing number of low-cost and do-it-yourself UAVs such as Event 38 and others. In fact, I was speaking with one university researcher who operates UAVs. He said that for navigating one of his UAVs, he actually places a GPS-enabled mobile phone inside the UAV. The mobile phone, with a u-blox GPS chipset, is used to navigate the UAV as well as receive GPS corrections from mobile phone network. The only missing link from him obtaining reeeeally good accuracy was an external antenna (no such luck on a mobile phone), but he said the accuracy was still usable, and very affordable.

    GPS World has published several articles lately on UAVs that you may be interested in reading.

    March 9, 2012 – Unmanned Aerial Vehicles: The FAA is Taking Them Seriously, Should You?

    March 21, 2012 – Unmanned Aircraft Navigation

    April 9, 2012 – Unmanned Aerial Vehicles (UAVs)

    May 8, 2012 – Massive GPS Jamming Attack by North Korea

    July 25, 2012 – Is It Time for Unmanned Aerial Systems to Get Certified GNSS?

    August 1, 2012 – Drone Hack

    Although I hear people say they don’t take UAVs seriously, I think it’s a serious technology with a lot of potential. Hawkeye UAV, which I mentioned earlier, says it is as busy as ever performing a lot of stockpile (volume) measurements in mines. That’s just one of many apps for this low-cost, fast, and easy-to-deploy technology.

    2. 3D Rendering Technology

    I’ve written before about 3D rendering technology; remember this cool Ted video? It’s worth watching.

    Last year, Esri acquired a company called Procedural, which is the developer of a product named City Engine. It’s a really neat tool for “building” a city, from scratch if you wish, to help people visualize (in 3D) what a proposed development would look like. I’ve done similar things in the past with Autodesk’s 3D Studio Max, but City Engine seems to be a more quick-and-dirty, GIS-centric tool. Take a look at the following video on how to build a city from scratch into a complete 3D visualization:

    3D visualization tools have been progressing slowly over the years, but I think it’s getting to the point that without a lot of expertise, one can generate high-quality 3D visualizations. The trend is clear. If you recall, Trimble acquired Sketchup from Google earlier this year to incorporate a 3D visualization toolset inside its software. Geospatial specialists are getting closer and closer to being able to produce video-game-quality 3D renderings for visualizing everything from land development to regional watersheds and environmental impact areas. It’s a fantastic tool for presenting rich, complex geospatial data to the general public.

    3. The Cloud

    Ok, cloud-based apps aren’t anything new. In fact, I’m writing this article using a cloud app. Microsoft has had a cloud version of Office apps for years.

    It seems Esri has retooled its entire corporate strategy around cloud-based apps and data. It’s not just www.arcgis.com, Esri’s new cloud app for GIS, or ArcGIS for Android/iOS/Windows Mobile for mobile devices. According to Esri president Jack Dangermond, Esri has spent “tens of millions” on acquiring/licensing content (data) for cloud users. It’s not just vector data either (roads, etc.). In the U.S. arcgis.com subscribers will have access to nationwide 30-cm resolution imagery. In Europe, subscribers will have access to 60-cm resolution imagery, while subscribers in the rest of the world will have access to 1-meter imagery.

    The upside of cloud apps is that users can offload the IT overhead part of GIS, which can be frightenly expensive and complex. It also makes GIS apps easier to deploy because there is no client software to install or maintain on users’ computers.

    However, cloud GIS is not the solution to every GIS challenge. Even Esri president Jack Dangermond openly stated last week that “You don’t have to buy this, but you should,” referring to arcgis.com. But make no mistake about it, he’s clearly pointed the Esri ship to the cloud. My gut tells me that with arcgis.com, Esri will be successful in introducing GIS apps to a much broader audience, seemingly in line with Dangermond’s vision that eventually GIS will evolve from a scientific tool to a tool used by general society.

    Courtesy: ESRI

    On the subject of bringing GIS tools to to general public, Esri announced Esri Maps for Office, which Esri describes as an analytics tool to “visualize data by creating and sharing interactive maps directly within Microsoft Office.” In other words, make maps based on your Excel (or other Office) data. Take a look at the video below to gain an understanding of what Esri is talking about.

    If you’d like to see some brief comments that I tweeted from the Survey Summit on some other interesting items, click here for a quick summary. In next week’s newsletter, look for my summary on the Esri User Conference.

    Thanks, and see you next week.

    Follow me on Twitter at http://twitter.com/GPSGIS_Eric
  • New Online Tool Gives Public Wider Access to Key U.S. Statistics

    The U.S. Census Bureau released a new online service that makes key demographic, socio-economic and housing statistics more accessible than ever before. The Census Bureau’s first-ever public Application Programming Interface (API) allows developers to design Web and mobile apps to explore or learn more about America's changing population and economy.

    According to the announcement, the new API lets developers customize Census Bureau statistics into Web or mobile apps that provide users quick and easy access from two popular sets of statistics:

    • 2010 Census (Summary File 1), which includes detailed statistics on population, age, sex, race, Hispanic origin, household relationship and owner/renter status, for a variety of geographic areas down to the level of census tracts and blocks.
    • 2006-2010 American Community Survey (five-year estimates), which includes detailed statistics on a rich assortment of topics (education, income, employment, commuting, occupation, housing characteristics and more) down to the level of census tracts and block groups.

    The Census Bureau reports that the 2010 Census and the American Community Survey statistics provide key information on the nation, neighborhoods and areas in between. By providing annual updates on population changes the survey helps communities plan for schools, social and emergency services, highway improvements and economic developments.

    “We hope to see many apps grow out of the Census API, as this opens up our statistics beyond traditional uses,” Census Bureau Director Robert Groves said. “The API gives data developers in research, business and government the means to customize our statistics into an app that their audiences and customers need.”

    For example, developers could use the statistics available through this API to create apps that:

    • Show commuting patterns for every city in America.
    • Display the latest numbers on owners and renters in a neighborhood someone may want to live in.
    • Provide a local government a range of socioeconomic statistics on its population.

    “Apps give people simpler access to our statistics so they can get the information they need to answer questions or solve problems,” said Stephen Buckner, chief of the Census Bureau's Center for New Media and Promotions. “As Web developers exercise their creativity with our statistics, we believe the public will gain more opportunities to access more of our information on their laptops and mobile devices — anytime and anywhere they wish.”

    The Census Bureau announced it has also launched a website for developers to provide feedback and ideas on the API. The website includes an “app gallery” where the public can view and download Web apps that have already been created:

    • Age Finder — Users have the flexibility to get a count of the population for a single year of age or for a customized age range by sex, race and Hispanic origin for states, counties and places.
    • Poverty Status in the Past 12 Months by Sex by Age — Users can get the poverty rate for counties in New York by sex and multiple age groups in an app developed by the Program on Applied Demographics at Cornell University.

    Developers can access the API online and share ideas through the Census Bureau’s Developers Forum.

    With the release of this API and other upcoming forward-looking online communications improvements, the Census Bureau is meeting the goals of the President's digital strategy to make information more transparent and customer-centered.

    Editor’s note from the Census Bureau: The API does not include any information that could identify an individual; such information is kept strictly confidential by law. The API only uses statistics that the Census Bureau has already released publicly and in aggregate form.

  • Ricoh Unveils New Military-Grade Geotagging GPS Module

    RICOH AMERICAS CORPORATION SE-7 GPS
    Photo: Ricoh

    Ricoh Americas Corporation announced a new module for Ricoh digital cameras that provides the most advanced solution for precise, secure and portable military-grade photo/video geotagging.

    Available in August, the thumb-sized Ricoh SE-7 GPS hardware module bolts on to the ruggedized Ricoh G700SE digital camera. This combination enables users to automatically geotag images with location information immediately useful in navigation, mapping, planning, analysis, strategy, reporting and more.

    “The SE-7 module gives the military and other users important new capabilities for fast, precise and secure geotagging under less-than-ideal conditions,” said Yuki Uchida, Vice President, New Business Development, Ricoh Americas Corporation. “There’s a lot going on in this ultra-compact module to help soldiers and others be more successful in their work.”

    According to the announcement, the module, which sets a new standard in global positioning system (GPS) speed and accuracy, offers a more compact and convenient geotagging solution than traditional systems requiring a laptop-camera combination. The SE-7 also generates location coordinates down to the meter, which is far more precise than consumer-grade products. For even better accuracy, the Ricoh G700SE/SE-7 combination is forward-compatible to 18-satellite GPS processing, a military standard scheduled to take effect in 2016.

    Ricoh reports that the SE-7 module integrates directly with attachable laser range finders, includes a built-in compass for directional data capture, enables barcode tagging, and provides full support for selective availability anti-spoofing modules (SAASMs). SAASMs ensure GPS precision and accuracy even in the presence of malicious jamming and spoofing.

    Tagging

    The camera/module combination supports up to 20 memo fields that are customizable for tagging photographs with valuable data. Example data tags are photographer’s name, operation ID, operation type, unit ID and more. This information, along with GPS coordinates, GPS date and Zulu time, are automatically stored as metadata in each image file on the G700SE.

    Mapping and direction

    The SE-7’s GPS Track-Log feature maps the geographic path by which photographs are collected. An integrated electronic compass allows users to accurately record the direction in which a photograph is taken regardless of the angle at which the camera is held. After images are collected in the field, data is uploaded using the camera’s built-in wireless, Bluetooth or USB connection in preparation for analysis, mapping and reporting.

    Formats

    GPS coordinates collected with the SE-7 module can be displayed in a variety of formats directly on the camera, including LAT/LONG, MGRS, UTM and combinations of each, depending on user requirements. Data is compatible with a broad range of software, and images are plotted as a spatial data layer along with tagged information.

    Laser range finder integration

    Range finder integration allows users to tag not only where the picture was taken, but the location of objects in the distance being photographed.

  • Trimble Marine GNSS Receivers Support Marinestar Corrections for Offshore Dredging

    Trimble has announced that its latest generation of GNSS receivers for marine construction and hydrographic survey now support Fugro's Marinestar positioning services. Using satellite-delivered Marinestar corrections with Trimble SPS855 and SPS555H GNSS receivers, contractors can conduct dredging work up to 20 miles offshore, without relying on land-based infrastructure such as reference stations and radio networks. The Fugro Marinestar positioning service expands the operating environment for contractors using the Trimble marine construction GNSS receivers and enables decimeter accuracy for precise placement of dredging equipment and dredged materials.

    The Trimble SPS855 GNSS Modular Receiver provides accurate water level information and tidal height for a construction or dredging location, which is significantly more cost-effective than with conventional methods. Its modular design means the contractor can place the receiver inside the vessel cabin for maximum security and protection from the environment while mounting the GNSS antenna outside for optimized signal strength. The Trimble SPS555H Heading Add-on Receiver provides exact heading information for projects that require precise orientation of a dredging vessel.

    The Marinestar positioning service from Fugro offers two options:  Marinestar GPS — a high-performance, high-accuracy GPS augmentation service; and Marinestar GNSS — a high-performance augmentation service for both the GPS and GLONASS.

    The new Trimble SPS855 GNSS Modular Receiver and SPS555H Heading Add-on Receiver are available now through the Trimble Marine Construction distribution network. Subscription to the Marinestar GPS and Marinestar GNSS service is available for dredging and other marine construction applications through Fugro.