GPS World

Tag: Anti-spoofing

  • Furuno’s most advanced global timing module, supporting L1 and L5 GNSS signals

    Furuno’s most advanced global timing module, supporting L1 and L5 GNSS signals

    Image: Furuno Electric
    Image: Furuno Electric

    Furuno Electric has announced a new global timing solution, GT-100, compatible with all GNSS constellations. The GT-100 realizes the world’s highest robustness and standard of time accuracy and stability. Interruption of GNSS satellite signals is a major concern for critical infrastructure systems. The GT-100 features advanced multipath mitigation, anti-jamming and anti-spoofing as well as short-term holdover, ensuring superior performance even if only L1 or only L5 are jammed. 

    The module delivers best-in-class nanosecond precision for 5G wireless systems, radio communications systems, smart power grids and grand master clocks. 

    Along with the GT-100, our GT-9001 and GT-90 achieve a level of time stability of 4.5ns (1σ) and offer superior features and performance.

    Image: Furuno Electric
    Image: Furuno Electric
    Image: Furuno Electric
    Image: Furuno Electric
  • GNSS Spoofing Detection: Guard against automated ground vehicle attacks

    GNSS Spoofing Detection: Guard against automated ground vehicle attacks

    Read Richard Langley’s introduction column, Innovation Insights: What is a carrier phase?

    An approach for ground vehicles using carrier-phase and inertial measurement data

    The combination of easily accessible low-cost GNSS spoofers and the emergence of increasingly automated GNSS-reliant ground vehicles prompts a need for fast and reliable GNSS spoofing detection. To underscore this point, Regulus Cyber, an Israeli cybersecurity company, recently spoofed a Tesla Model 3 on autopilot mode, causing the vehicle to suddenly slow and unexpectedly veer off the main road.

    Among GNSS signal authentication techniques, signal-quality monitoring (SQM) and multi-antenna could be considered for implementation on ground vehicles. However, SQM tends to perform poorly on dynamic platforms in urban areas where strong multipath and in-band noise are common, and multi-antenna spoofing detection techniques, while effective, are disfavored by automotive manufacturers seeking to reduce vehicle cost and aerodynamic drag. Thus, there is a need for a single-antenna GNSS spoofing detection technique that performs well on ground vehicles, despite the adverse signal-propagation conditions in an urban environment.

    In a concurrent trend, increasingly automated ground vehicles demand ever-stricter lateral positioning to ensure safety of operation. An influential study calls for lateral positioning better than 20 centimeters on freeways and better than 10 centimeters on local streets (both at a 95% probability level). Such stringent requirements can be met by referencing lidar and camera measurements to a local high-definition map, but poor weather (heavy rain, dense fog or snowy whiteout) can render this technique unavailable.

    On the other hand, progress in precise (decimeter-level) GNSS-based ground vehicle positioning, which is impervious to poor weather, has demonstrated surprisingly high (above 97%) solution availability in urban areas. This technique is based on carrier-phase differential GNSS (CDGNSS) positioning, which exploits GNSS carrier-phase measurements having millimeter-level precision but integer-wavelength ambiguities.

    Key to our promising results is the tight coupling of CDGNSS and inertial measurement unit (IMU) data, without which high-accuracy CDGNSS solution availability is significantly reduced due to pervasive signal blockage and multipath in urban areas. Tight coupling brings millimeter-precise GNSS carrier-phase measurements into correspondence with high-sensitivity and high-frequency inertial sensing. Our particular estimation architecture incorporates inertial sensing via model replacement, in which the estimator’s propagation step relies on bias-compensated acceleration and angular rate measurements from the IMU instead of a vehicle dynamics model.

    As a consequence, at each measurement update, an a priori antenna position is available whose delta from the previous measurement update accounts for all vehicle motion sensed by the IMU, including small-amplitude high-frequency motion caused by road irregularities. Remarkably, when tracking authentic GNSS signals in a clean (open-sky) environment, the GNSS carrier-phase predicted by the a priori antenna position and the actual measured carrier phase agree to within millimeters.

    The research described in this article pursues a novel GNSS spoofing-detection technique based on a simple but consequential observation: it is practically impossible for a spoofer to create a false ensemble of GNSS signals whose carrier-phase variations, when received through the antenna of a target ground vehicle, track the phase values predicted by inertial sensing. In other words, antenna motion caused by factors such as road irregularities or rapid braking or steering is sensed with high fidelity by an onboard IMU but is unpredictable at the sub-centimeter-level by a would-be spoofer.

    Therefore, the differences between IMU-predicted and measured carrier-phase values offer the basis for an exquisitely sensitive GNSS spoofing-detection statistic. What is more, such carrier-phase fixed-ambiguity residual cost is generated as a byproduct of tightly coupled inertial-CDGNSS vehicle position estimation.

    Two difficulties complicate the use of fixed-ambiguity residual cost for spoofing detection. First is the integer-ambiguous nature of the carrier-phase measurement, which causes the post-integer-fix residual cost to equal not the difference between the measured and predicted carrier phases (as would be the case for a typical residual), but rather modulo an integer number of carrier wavelengths. Such integer folding complicates development of a probability distribution for a detection test statistic based on carrier-phase fixed-ambiguity residual cost.

    Second, the severe signal multipath conditions in urban areas create thick tails in any detection statistic based on carrier-phase measurements. Setting a detection threshold high enough to avoid false spoofing alarms caused by mere multipath could render the detection test insensitive to dangerous forms of spoofing. Reducing false alarms by accurately modeling the effect of a particular urban multipath environment on the detection statistic would be a Sisyphean undertaking, requiring exceptionally accurate up-to-date 3D models of the urban landscape, including materials properties.

    Our work takes an empirical approach to these difficulties. It does not attempt to develop a theoretical model to delineate the effects of integer folding or multipath on its proposed carrier-phase fixed-ambiguity residual cost-based detection statistic. Rather, it develops null-hypothesis empirical distributions for the statistic in both shallow and deep urban areas, and uses these distributions to demonstrate that high-sensitivity spoofing detection is possible despite integer folding and urban multipath.

  • TRX Systems enhances military anti-jamming device

    TRX Systems enhances military anti-jamming device

    Image: TRX
    Image: TRX

    TRX Systems has added a jammer finder capability to its NEON PT-MIL. The new function and expanded threat-mapping features enable dismounted soldiers to proactively respond to navigational warfare attacks (NAVWAR).

    NEON PT-MIL helps warfighters carry out their missions even when operating in environments where GPS/GNSS signals are unreliable or intentionally denied. The device can detect and eliminate compromised GNSS data while providing an alternative source of positioning information by fusing inputs from inertial sensors, GNSS signals, ultra-wideband and more.

    NEON PT-MIL can also be equipped to detect and map jamming and spoofing attacks. This feature was developed through a United States Army Rapid Capabilities and Critical Technologies Office program designed to extend NAVWAR functionality. The device accepts assured GNSS data from external devices — such as the Defense Advanced GPS Receiver, or DAGR, and the Orolia Defense and Security Broadsense Nano — to deliver a fused position and a NAVWAR threat indication when detected.

    The device can also derive a line of bearing to an enemy jammer and display it within the warfighter’s Android Tactical Assault Kit (ATAK) user interface, by using the GPS jamming indications available from a connected GNSS source.

    NEON PT-MIL with the jammer finding function is available in beta versions for field testing now and will be generally available in mid-2023.

  • Septentrio’s Stellar 2022

    Septentrio’s Stellar 2022

    Receiver maker Septentrio, based in Leuven, Belgium, has made a series of announcements this year that push the industry forward, from updating existing receivers to accepting new services to launching new product lines.

    Head of the CLAS

    In March, the company launched three new products that support Japan’s high-accuracy Centimeter Level Augmentation Service (CLAS). CLAS, which receives the L6 signal, transmits high-accuracy corrections from Japan’s QZSS constellation. The technology was developed in close cooperation with CORE, a leading integrator of high-accuracy positioning technology and services in Japan.

    Photo: Septentrio
    Photo: Septentrio

    Septentrio now offers the mosaic-CLAS receiver for high-volume industrial applications; the AsteRx-m3 CLAS that combines PPP-RTK CLAS with dual-antenna heading functionality; and the AsteRx SB3 CLAS in a ruggedized IP68 enclosure to protect it in harsh environments.

    Septentrio is simultaneously offering various receiver types to the Japanese market ensuring an optimal match between products and customer needs in various applications including robotics, precision agriculture, construction, machine control and UAV.

    Stopping the Spoofs

    Following the CLAS upgrade, the mosaic line received another boost in April, when Septentrio announced Open Service Navigation Message Authentication (OSNMA) functionality. OSNMA offers end-to-end authentication on Galileo’s civilian signals, protecting receivers from OSNMA attacks.

    For the past two years, Septentrio has been working closely with the European Space Agency (ESA) during the test phases of OSNMA deployment. The know-how gained during this period allowed Septentrio to be one of the first to market with this advanced security feature.

    OSNMA’s anti-spoofing capability complements Septentrio’s Advanced Interference Mitigation (AIM+) technology and further strengthens the overall security of Septentrio GNSS receivers, making them suitable for assured PNT solutions as well as critical infrastructure, such as 5G network synchronization.

    Vertical Markets

    Machine Control. In April, Septentrio launched the AsteRx-U3 ruggedized GNSS receiver, successor to the AsteRx-U for construction, mining and other machine control applications. The new receiver combines Septentrio’s latest triple-band precise positioning GNSS core with extended wireless communication features including Wi-Fi, UHF and 4G LTE. The versatile connectivity features of this receiver make it easy to fit it into any control system and enable simple and cost-effective overall design.

    Photo: Septentrio
    Photo: Septentrio

    Unmanned Aerial Vehicles (UAVs). Also in April, Septentrio is collaborating with MicroPilot, maker of professional UAV autopilots. Septentrio receivers, including the small form factor mosaic modules, as well as the OEM board AsteRx-m3, will support seamless integration of positioning and orientation into MicroPilot’s autopilot ecosystem. MicroPilot chose Septentrio GNSS receivers for their resilience to radio interference such as jamming and spoofing, as well as security and robustness with high-accuracy real-time kinematic (RTK) positioning.

    Marine. In May, Septentrio introduced the housed AsteRx-U3 Marine and the OEM board AsteRx-m3 Fg, two receivers for dredging, marine construction and offshore applications. Both offer accurate positioning near shore and offshore via centimeter-level real-time kinematic (RTK) or the built-in Fugro precise point positioning (PPP) sub-decimeter subscription service, delivered either over NTRIP internet or over L-band satellite.

    Corrections delivered over L-band allow dredging, bathymetry or marine construction projects even in areas where there is no internet service. The AsteRx-U3 Marine receiver, enclosed in an IP68-rated housing, offers a dedicated L-band demodulator with a separate L-band RF input, which allows for the use of dedicated antennas for excellent reception of L-band signals even at high latitudes.

  • Septentrio showcases solutions for GPS jamming and spoofing

    Septentrio showcases solutions for GPS jamming and spoofing

    Septentrio will demonstrate how simple it is to spoof or jam unprotected GPS receivers at the upcoming ION Joint Navigation Conference, which takes place June 6-9 in San Diego. The company will showcase how its resilient technology makes a difference for overall security and availability of positioning, navigation and timing (PNT) .

    Photo: Septentrio
    The AsteRx-U3 receiver. (Photo: Septentrio)

    Septentrio will hold a GPS spoofing demonstration, as well as a detailed comparison of jamming solutions from various high-end receivers. The integration of the latest anti-spoofing authentication mechanism, Galileo’s Open Service Navigation Message Authentication (OSNMA), will also be shown.

    “With our growing dependence on GPS technology, resilience of PNT is an important point of attention, especially for mission-critical applications, tactical ground or aerial vehicles as well as autonomous systems,” said Gustavo Lopez, market access manager, Septentrio. “Since the number of malicious jamming and spoofing attacks is on the rise, it is crucial to understand how various GPS receivers can be affected. We are pleased to explain and display this with specific examples at JNC this year.”

    Advance Interference Mitigation (AIM+) is an interconnected set of sophisticated anti-jamming and anti-spoofing technology components, securing GPS/GNSS receivers against various forms of interference.

    AIM+ is an interconnected set of anti-jamming and anti-spoofing technology components comprising a robust defense system against various forms of GPS/GNSS interference. Such resilience to jamming combined with anti-spoofing measures ensures the safety of autonomous machines, improves the security of GNSS-based infrastructure, and increases efficiency with extended PNT availability.

    OSNMA anti-spoofing authentication from Galileo is available on Septentrio receivers such as the mosaic module as well as the recently released AsteRx-U3 boxed receiver. Other products such as AsteRx-SBi3 also add inertial sensors for increased protection against spoofing.

    Septentrio will be at booth 220 in the ION JNC exhibit hall.

  • BAE Systems receives $325M for M-code GPS modules

    BAE Systems receives $325M for M-code GPS modules

    BAE Systems Inc. has received a $325.5 million contract from the Defense Logistics Agency for advanced military code (M-code) GPS modules that will provide reliable and secure positioning, navigation and timing data with anti-jamming and anti-spoofing capabilities.

    The modules will help warfighters conduct operations in contested electronic warfare environments.

    “Our state-of-the-art GPS technology works with the advanced military M-code signal to provide reliable information to the warfighters who depend on it,” said Greg Wild, director of Navigation and Sensor Systems at BAE Systems. “This contract will ensure the availability of M-code module inventory to build advanced, next-generation GPS receivers.”

    Under the multi-year contract, BAE Systems will deliver Modernized GPS User Equipment (MGUE) Increment 1 Common GPS Modules (CGMs) compatible with the advanced M-code signal to support the U.S. Department of Defense and international allies through 2030.

    BAE Systems will manufacture the modules, manage their inventory on behalf of the Defense Logistics Agency, and use them to build military-grade GPS receivers for ground and precision-guided munitions.

    BAE Systems’ portfolio of M-code GPS receivers provides flexible, efficient, and reliable navigation and guidance solutions for airborne systems, precision munitions, handheld receivers, and embedded applications.

    The company’s Miniature Precision Lightweight GPS Receiver Engine – M-Code (MPE-M) — the smallest M-code solution on the market — and the NavStrike-M GPS receiver for precision-guided munitions are both available today. Additional receivers from the company’s military GPS family are in development for transition to M-code.

    Photo: BAE Systems
    Photo: BAE Systems
  • Microchip TimeProvider 4100 Grandmaster now more redundant, resilient

    Microchip TimeProvider 4100 Grandmaster now more redundant, resilient

    IEEE 1588 precise timing grandmaster with gateway clock now offers software-based redundancy

    Photo: Microchip
    Photo: Microchip

    For today’s critical infrastructure providers — 5G wireless networks, smart grids, data centers, cable and transportation services — a fundamental need exists for a redundant, resilient and secure precise timing and synchronization solution.

    Microchip Technology Inc.’s TimeProvider 4100 Release 2.2 grandmaster provides a new level of resiliency with the introduction of an innovative redundancy architecture in addition to support for a multi-band GNSS receiver and enhanced security to ensure always-on precise timing and synchronization.

    Redundancy is key for infrastructure providers to ensure uninterrupted services. Infrastructure deployments previously relied on hardware redundancy to avoid service disruption despite costly modular architectures. Microchip’s TimeProvider 4100 Release 2.2 grandmaster provides redundancy via software implementation, enabling flexible deployment and lower hardware costs without sacrificing ports.

    In addition, the TimeProvider 4100 Release 2.2 grandmaster introduces an increased level of resiliency by supporting a new GNSS multi-band, multi-constellation receiver to protect against time delay resulting from space weather, solar events and other disruptions that may impact critical infrastructure services.

    Multi-band GNSS is particularly important for the highest levels of accuracy, including primary reference time clock class B (PRTC-B, 40 ns) and enhanced primary reference time clock (ePRTC, 30 ns).

    With a focus on security solutions across its technology portfolio, Microchip’s new TimeProvider 4100 Release 2.2 grandmaster adds support for RADIUS and TACACS+ as well as new anti-jamming and anti-spoofing capabilities.

    “Resilient, redundant and secure precise timing and synchronization solutions are necessary to mitigate security risks to critical infrastructure,” said Randy Brudzinski, vice president and general manager of Microchip’s frequency and time business unit. “This latest release brings an innovative software redundancy that enables always-on technology as well as support for multi-band GNSS to eliminate ionospheric time error delays. It provides new key security, anti-jamming and anti-spoofing so critical infrastructure services can be accessed only by authorized, authenticated personnel.”

    In addition, the TimeProvider 4100 Release 2.2 grandmaster provides a super oven controlled crystal oscillator (OCXO) option for enhanced holdover capabilities in case of GNSS disruption.

    The TimeProvider 4100 Release 2.2 grandmaster is a family of products with hardware expansion modules for legacy fan-out or Ethernet fan-out with 10 Gigabit Ethernet support. It can be configured in specific operation modes to act either as a gateway clock, a high-performance boundary clock or an ePRTC.

    The TimeProvider 4100 Release 2.2 grandmaster embeds additional Microchip technology including its OCXO, super OCXO, rubidium atomic clock, field-programmable gate arrays (FPGAs), Ethernet switch, synthesizers and cleaning oscillators.

    The TimeProvider 4100 is part of Microchip’s Virtual Primary Reference Time Clock (vPRTC) product portfolio, offering end-to-end precise time and synchronization solutions. These include Cesium atomic clocks for source of frequency and time, the BlueSky GNSS Firewall for security, TimeProvider 4100 high-performance boundary clock and TimeProvider 4100 Gateway clocks, as well as the TimePictra software suite, which manages the end-to-end precise time architecture across all Microchip timing products.

    Microchip’s TimeProvider 4100 Release 2.2 grandmaster offers several options for software and hardware support including installation, sync audits, network engineering and 24/7 worldwide support. It is available now for both new and already-deployed systems.

  • Septentrio receiver authenticates Galileo OSNMA signals

    Septentrio receiver authenticates Galileo OSNMA signals

    A Septentrio receiver has successfully authenticated navigation data of the first OSNMA encrypted GNSS satellite signal.

    OSNMA (Open Service Navigation Message Authentication) offers end-to-end authentication on a civilian signal, protecting receivers from spoofing attacks.

    OSNMA is being pioneered by the Galileo Program, with Septentrio providing a testbed for this technology from the end-user point of view. The anti-spoofing capabilities of OSNMA will complement Septentrio’s already available anti-jamming technology, AIM+, and further strengthen the overall security of Septentrio GNSS receivers.

    “The authentication of the Galileo signal using the OSNMA technology is yet another first that we are pleased to share with our close partner ESA [European Space Agency],” commented Bruno Bougard, R&D director at Septentrio. “Septentrio is proud and thankful to be able to contribute to the realization of one of Galileo’s key differentiators. “

    With OSNMA, Galileo is the first satellite system to introduce an anti-spoofing service directly on a civil GNSS signal.

    OSNMA is a free service on the Galileo E1 frequency. It enables authentication of the navigation data on Galileo and even GPS satellites. Such navigation data carries information about satellite location — if altered, it will result in wrong receiver positioning computation.

    While currently in development, OSNMA is planned to become publicly available in the near future. GPS is experimenting with satellite-based anti-spoofing for civil users with its Chimera authentication system.

    Within the scope of the FANTASTIC project led by GSA, OSNMA anti-spoofing protection was implemented on a Septentrio receiver.

    “Septentrio is committed to providing highly accurate and secure positioning and timing solutions to industrial applications and critical infrastructure. This is another example where Septentrio demonstrates its leadership in end-to-end GNSS receiver security with its breakthrough anti-jamming and anti-spoofing technology,” said François Freulon, head of Product Management at Septentrio. “Thanks to our future proof products, we will be rolling out OSNMA in our portfolio as soon as it is available. This will further enhance the security of our receivers, ensuring robust, trustworthy and reliable operation even in the most challenging environments.”

    Figure 3. European Galileo satellites provide an open authentication service on the E1 signal and a commercial authentication service on the E6 signal. (Image: European Space Agency)
    European Galileo satellites provide an open authentication service on the E1 signal and a commercial authentication service on the E6 signal. (Image: European Space Agency)

    ESA and GSA (European GNSS Agency) have now commenced the testing phase of the OSNMA authentication, which will continue during the coming months. To find out more about spoofing and OSNMA, see this article. For more information about GNSS signals and the value they bring, see Septentrio’s free webinar More GNSS signals: What’s in it for you?

  • Tests begin of Galileo’s OSNMA signal authentication service

    Tests begin of Galileo’s OSNMA signal authentication service

    In a first for any satellite navigation system, Galileo has achieved the first position fix based on navigation signals carrying authenticated data, according to the European Space Agency.

    Galileo’s Open Service Navigation Message Authentication (OSNMA) is intended as a way to combat malicious spoofing of satnav signals.

    OSNMA receivers successfully calculated an OSNMA-protected position fix after Galileo satellites started transmitting authentication data at 15:28 UTC on Nov. 18, 2020. The first tests used eight Galileo satellites for around two hours on Nov. 18. Tests have continued ever since, for intermittent periods, and will continue over the next months ahead of a public observation phase.

    The first authenticated signal position, velocity and timing fixes were made using a total of eight Galileo satellites for around two hours on Nov. 18, 2020. The tests represent a first proof of concept for an eventual operational service offering positioning with authenticated data to users. (Image: ESA)
    The first authenticated signal position, velocity and timing fixes were made using a total of eight Galileo satellites for around two hours on Nov. 18, 2020. The tests represent a first proof-of-concept for an eventual operational service offering positioning with authenticated data to users. (Image: ESA)

    Pioneering a long-awaited service

    The Galileo OSNMA authentication mechanism allows GNSS receivers to verify Galileo information, making sure that received data are indeed from Galileo and not modified in any way.

    “Ensuring the validity of positions elaborated by GNSS is one of the main challenges before addressing an entirely new set of applications demanding dependability and resilience,” said Matthias Petschke, director of space at the European Commission, DG DEFIS. “Galileo is now set on course to deliver on this highly anticipated feature and has many more novel features in store for the coming years.”

    Testing is taking place at ESA's Navigation Laboratory at ESTEC in the Netherlands, the same site where the first Galileo positioning fix took place in 2013.(Photo: ESA)
    Testing is taking place at ESA’s Navigation Laboratory at ESTEC in the Netherlands, the same site where the first Galileo positioning fix took place in 2013.(Photo: ESA)

    Increased robustness

    OSNMA test signals are being broadcast by the Galileo constellation using the spare bits from the current navigation message, therefore not impacting the legacy OS receivers implementing the current OS Signal-In-Space Interface Control Document (OS SIS ICD).

    “Galileo’s Open Service Navigation Message Authentication is one of its key differentiators,” said Rodrigo da Costa, executive director of the European GNSS Agency. “The additional robustness that it will provide to the Galileo signal will be critical for many applications, particularly those where security and trustworthiness are a priority, making the OSNMA a key component in any resilient PNT solution.”

    OSNMA works on a comparable basis to everyday encryption, where  sending a digitally signed document involves both sender and recipient using compatible cryptographic keys (private and public) to validate the document’s source of origin.

    “Up until now, as a navigation satellite disseminates navigation and timing data, there is no way of confirming these data are indeed coming from their apparent originator,” explained Paul Verhoef, director of navigation at the European Space Agency. “As a result, the data could be falsified, a phenomenon known as spoofing, where corrupt false signals mislead receivers about their position, misleading their users in turn, with potentially serious consequences.”

    An ESA Navigation Directorate team at the ESTEC technical centre in the Netherlands worked with their European GNSS Agency (GSA) counterparts at the twin Galileo Control Centres in Italy and Germany and the Galileo Service Centre (GSC) in Spain to develop and test the OSNMA.

    Next steps

    Upon successful completion of the internal testing phase, a public observation phase will begin, in which the OSNMA signal will be publicly accessible. In preparation for this phase, the OSNMA user Signal-In-Space Interface Control Document (OSNMA SIS ICD), receiver implementation guidelines, and the necessary cryptographic materials will be published. This will allow receiver manufacturers and application developers to test and prepare their products.

    During the public observation phase, feedback will be gathered from users, leading to the consolidation of the service.

    Testbed vehicle by ESA's Navigation Lab. (Photo: ESA)
    Testbed vehicle by ESA’s Navigation Lab. (Photo: ESA)

  • Regulus Cyber miniaturizes anti-spoofing GNSS receiver

    Photo: Regulus
    Photo: Regulus

    Regulus Cyber is showcasing its anti-spoofing GNSS receiver at the Consumer Electronics Show, being held Jan. 8-11 in Las Vegas.

    Previously introduced in our Launchpad feature, the Regulus Cyber solves GNSS spoofing attacks that threaten the automotive, aviation, maritime and mobile industries with a unique technology applicable both as a fortified GNSS receiver, capable of detecting spoofing attacks, and at the chip level, allowing mobile phones, cars and internet of things (IoT) devices to receive GNSS spoofing protection for the first time, the company said.

    The company was able to miniaturize its technology into a form factor that provides customers more flexibility with integration.

    The Regulus Pyramid GNSS Receiver is a fully functional GNSS receiver, fortified with the spoofing detection capability. The receiver contains patented technology that enables it to differentiate between real GNSS signals and fake ones generated by an attacker.

    The Pyramid GNSS receiver is a direct replacement to any automotive GNSS receiver. The upcoming chip-level technology offers both spoofing detection and spoofing mitigation to any GNSS-based device, including mobile phones, the company added.

    The Spoofing Problem. Any vehicle guided by a GNSS system can be spoofed using open-source software and a software defined radio (SDR) legally purchased from Amazon for under $300. A spoofer can generate and transmit fake GNSS signals that can be used by the vehicle’s navigation system to calculate a false destination, directing the vehicle to an entirely different location, a potentially life-threatening hazard.

    In addition, spoofing is a growing concern to any application or device that uses satellite positioning, navigation or time. While real attacks are expanding, anti-spoofing solutions remain a luxury that only high-end, defense markets can afford.

    While current solutions are big, heavy and expensive, Pyramid GNSS offers industry-standard size and price. Industries such as automotive, aviation, maritime, and mobile phones can defend themselves against this sophisticated emerging threat, at an affordable price and relevant size, power consumption and weight, the company said.

    “We designed our product to be a fraction of the size that is currently available on the market so that all types of companies – whether it is a car manufacturer or telecom provider relying on GNSS – can integrate it seamlessly,” said Yonatan Zur, CEO of Regulus Cyber. “GNSS spoofing will need to be a major security focus during 2019 since it leaves so many industries vulnerable to attacks.”

    To meet Regulus Cyber at CES, visit booth #2602 at the Westgate.

  • Centum Solutions demonstrates NO JAM ZONE interference detector at ION GNSS+

    Centum Solutions demonstrates NO JAM ZONE interference detector at ION GNSS+

    Photo: DJI
    Photo: DJI

    Centum Solutions of Madrid, Spain, introduced its NO JAM ZONE interference detector ION GNSS+ in Miami.

    NO JAM ZONE is Centum’s solution for GPS interferences detection and location.

    Centum will have a booth in the ION GNSS+ exhibit hall to showcase NO JAM ZONE, as well as and a GNSS simulator to show the process of detection and location of different sources of interference.

    Critical infrastructures need to ensure the proper functioning of their radio frequency systems. A good example of this is airports. NO JAM ZONE is a GNSS spectrum monitoring system, capable of detecting interferences that affect the proper functioning of these systems.

    NO JAM ZONE works with the most-used GNSS frequencies. Because of its distributed network of beacons, the system is able to give, in real time, the position of a source of interference.

    NO JAM ZONE  can detect the following types of interference:

    • Service interruption (jamming)
    • Spoofing interference
    • Induced electromagnetic emissions whose power exceeds a certain harmful threshold

    Centum also offers the NO FLY ZRONE drone and remotely piloted aircraft system (RPAS) detection and protection system. The active defense system is capable of detecting threats and creating a shield of electronic countermeasures preventing the intrusion of drones in protected areas and diverting them to safe catch areas.

    NO FLY ZRONE is effective against the vast majority of drones and RPAS, whether radio-controlled by an operator or by autonomous guidance through GPS. It detects drones and discriminates against those that constitute potential threats.

    Once the threat has been classified, NO FLY ZRONE neutralizes the drone control system by taking control of it and driving it to a safe area for its descent and capture; it can also geolocate the operator of the drone.

  • Expert Opinions: How simulation can aid in anti-spoofing developments

    Q: How can simulation aid in the development of anti-spoofing measures or product features?

    Lou, Pelosi, VP, Cast Navigation

    A: Anti-spoofing is a receiver function. It is the ability of a GNSS receiver to distinguish between actual navigation signals and false signals. Simulators allow a receiver developer to play “what if” games with their receiver. A simulator user controls every variable that a receiver processes. Time, satellite information and almanac are all specifiable.

    Mark Wilson, Vice President of Sales, IFEN

    A: With a simulator, a user may include spoofing signals in a variety of test scenarios. The results from the receiver under test may then be compared to the “truth” data available from the simulator, in order to demonstrate any susceptibility to spoofing. As anti-spoofing measures or product features are developed and applied, the same tests may be repeated, in order to evaluate the effectiveness of the countermeasures.

    Said Jackson, President, Jackson Labs Technologies

    A: Since live-air spoofing is illegal, simulators provide a fully controlled and repeatable environment for evaluating spoofing resilience of algorithms and products. Newly available low-cost simulators may also reduce the overall cost and time, and increase the confidence level as well as reduce the environmental impact compared to having to go to a military test-range for live testing. Simulators also provide the ability to test spoofing scenarios that may not yet be possible with today’s technology, such as multi-GNSS spoofing.

    Mark Sampson
    LabSat Product Manager, Racelogic

    A: Simulation is of great benefit when developing product features due to its repeatability. By replaying a consistent scenario, new products can have GNSS capabilities edge-tested for criteria such as receiver sensitivity, programming robustness and latency. Additionally, by replaying two scenarios created with signal-generator software on a multi-constellation simulator, starting at the same position and time and using the same constellation(s) but with one that diverges in position, spoofing vulnerabilities can be assessed.

    Iurie Ilie, CTO & Co-Founder, Skydel

    A: One of the most effective methods for mitigating GNSS spoofing is spatial discrimination. This supposes two or more receiving antennas are used. To test such systems and help designers to tune their algorithms in a controlled environment, the spoofing and truth GNSS signals must be simulated by a wavefront approach. This ensures that the signals’ code and carrier-phase offsets at the antennas’ phase center will be a function of the relative receiver/transmitter geometry.

    Phil Bonilla, Systems Engineer, Spirent Federal

    A: A flexible, high-quality RF constellation simulator provides the capability to model a multitude of scenarios in realistic environments. Users can configure signals and data to perform spoofing attacks, echoing both those observed and those purely theoretical today. Performing these tests via RF simulation provides highly controlled, repeatable system tests while providing flexibility to evaluate performance thresholds. The ability to assess risk and evaluate system robustness using simulation is vital in the evolving GNSS threat environment.

    Joel Korsakissok, President, Syntony GNSS

    A: A spoofer is a simulator that has been modified to be a slave of a master system, which defines the signal and trajectory to be emitted. To test an anti-spoofing system, it is necessary to have two simulators: the first will emit the real GPS constellation and the second will emit the spoofing signal, which will be probably synchronized in time and position at the beginning, but with divergent evolution in time.

    Tim Erbes, Chief Technology Officer, Talen-X

    A: Simulation is currently the best method to develop and test anti-spoofing algorithms. To ensure realism, it is often necessary to simulate both the true and spoofed signals from separate simulators. This provides flexibility for the threat to be modeled differently than the real satellites, a critical nuance that is often overlooked. Without the repeatability and control that such simulation provides, it would be impossible to adequately test the anti-spoofing capabilities of a GNSS receiver.