GPS World

Tag: cyber security

  • Tips to combat cyberattacks on GNSS/PNT systems

    Tips to combat cyberattacks on GNSS/PNT systems

    For our March 2025 issue, Professor Washington Ochieng proposed the following question to members of our editorial advisory board: When we discuss the security of GNSS/PNT systems, we nearly always focus on interference — i.e., meaconing, intrusion, jamming or spoofing. However, GNSS/PNT systems are embedded in systems of systems that also offer many other opportunities for cyberattacks. What should we do about it?

    Miguel Armor
    Miguel Armor

    “As a GNSS receiver manufacturer and correction service provider, cyber attacks are a risk we must consider seriously that arises from our customers’ integration of our solutions into complex systems. At the receiver level, it is important to make risk assessments to identify vulnerabilities across all components and implement a robust, multi-layered security strategy that includes physical, network and software components. At the core, our strategy incorporates cybersecurity considerations into our product/service development processes. We utilize the ASPICE framework for our engineering processes and we layer into that process the ISO21434 standard to ensure that we take steps all along the development path to consider cybersecurity. We selected this standard from the automotive industry due to the connected car use case, which is now in the front of cybersecurity development. ISO21434 covers the entire development life cycle — from system, to hardware and software, to verification and validation — in a way that many other standards do not. As a correction service provider, we ensure our data streams are secure and reliable, maintaining the highest standards of accuracy and availability. We also use ISO27001 as an IT framework for our correction network infrastructure. Continuous monitoring and iterative improvements are crucial to maintaining a secure and resilient GNSS/PNT infrastructure. It is key also to prioritize redundancy and backup systems to ensure continuity and resilience, to develop a comprehensive incident response plan that allows for rapid action in case of a breach and to conduct regular employee training to promote cybersecurity awareness across all products and platforms.” – Miguel Amor, Hexagon Positioning Intelligence

    Alison Brown
    Alison Brown

    “Cyberattacks are a credible threat to all existing GNSS systems and certainly need to be taken into account when considering alternative resilient PNT solutions. In fact, Goal 3 of the recently released U.S. Department of Transportation PNT Strategic Plan identifies PNT cybersecurity as a critical element of PNT resilience. The National Institute of Standards and Technology (NIST) provided a report titled Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. This cybersecurity framework was created for both users of PNT services to manage risks when using PNT signals or data, and for operators of alternative PNT services to leverage when providing PNT signals or services. It was created by applying the NIST Cybersecurity Framework (CSF) and provides approaches for cybersecurity for PNT by continuously monitoring for attacks (e.g., denial of service, jamming), false data, and other malicious behavior within the systems and across the PNT services, using data-driven methods and solutions. This Cybersecurity Framework should be routinely adopted by both users and providers of PNT services.” – Alison Brown, NAVSYS Corp.

  • Editorial Advisory Board Q&A: The hidden cyber threats to GNSS/PNT systems

    Editorial Advisory Board Q&A: The hidden cyber threats to GNSS/PNT systems

    When we discuss the security of GNSS/PNT systems, we nearly always focus on interference — i.e., meaconing, intrusion, jamming or spoofing. However, GNSS/PNT systems are embedded in systems of systems that also offer many other opportunities for cyberattacks.

    What should we do about it?

    Ellen Hall
    Ellen Hall

    “The key is platform architecture, specifically ensuring robust spatial and temporal partitioning between safety-critical and non-safety-critical functions. Safety-critical functions, such as navigation and autopilot, must be isolated from non-safety-critical functions, such as mission compute, where artificial intelligence typically operates. This partitioning minimizes the scope and effort required to produce design assurance artifacts for airworthiness certification. Additionally, it enhances security by reducing potential attack vectors through the isolation of safety-critical and mission-critical capabilities.”

    — Ellen Hall
    Imminent Federal

    Mitch Narins
    Mitch Narins

    “An old mariner’s proverb is: ‘The prudent mariner never relies solely on any single aid to navigation.’ A more recent statement offers: ‘With so many pieces of sophisticated electronic equipment at our beck and call it would seem some are lulled into complacency and are ignoring basic seamanship.’ In September 2018, the U.S. Naval Institute published an article titled, ‘Professional Mariners Cannot Rely on Electronics Alone.’ The recent news that the U.S. ITAR restrictions on multi-element antenna arrays will be lifted (thanks to many in our community who have lobbied hard for this for many, many years) is excellent news. It will help and was a necessary change — but it is not sufficient. It certainly does not remove the need to pursue complementary, PNT solutions that will ensure the safety, security, and economic well-being of PNT users and their PNT-dependent systems worldwide. From a basic systems engineering perspective, incorporating multiple solutions with independent failure mechanisms is ultimately the end product that we in the PNT community should all be seeking. We must not forget, however, a key element of many of these systems: the human in the loop, who, if continually provided the opportunity to train in PNT-challenged environments, often can be the ultimate system safety element. This will require the design of our PNT services to ensure that the human factors designed into these systems include sufficient information for the human component to understand an off-normal situation and have the training and skills to take the appropriate corrective actions.”

    — Mitch Narins
    Strategic Synergies

  • U-blox provides LPWA IoT security to system engineers

    U-blox provides LPWA IoT security to system engineers

    Image: metamorworks/iStock/Getty Images Plus/Getty Images
    Image: metamorworks/iStock/Getty Images Plus/Getty Images

    U‑blox has launched a commercial internet of things (IoT) Security-as-a-Service offering. Available on both the u‑blox SARA-R4 and SARA-R5 series of LTE-M cellular IoT modules, the service protects data from malicious third parties, both on the device and during transmission from the device to the cloud, u-blox said in a press release.

    Both the SARA-R4 and R5 have integrated M8 GNSS receivers.

    The IoT Security-as-a-Service provides an out-of-the box onboarding process to cloud IoT platforms to speed up development, shortening time-to-market.

    The IoT Security-as-a-Service offering, which is managed via the u‑blox Thingstream service delivery platform, is specifically optimized for low-power, wide-area (LPWA) deployments that use resource-constrained IoT devices. By substantially reducing data overhead and keeping the number of handshakes to a minimum, the service improves power consumption and extends the battery life, a critical metric for most IoT devices.

    u-blox acquired Thingstream, an IoT communication-as-a-service provider, in April.

    Central to the effectiveness of the solution is a unique symmetric key management system (KMS). Through it, an infinite number of crypto keys can be generated on the fly for each device, rather than having to rely on the storage and management of pre-shared keys (which can add to overall operational complexity and the power budget).

    Keys are tied to the hardware and can be triggered from either the module or from the server/cloud, completely eliminating the need to create, deliver, and renew certificates, and bringing significant savings in terms of system cost, operational complexity, and power consumption.

    The solution also leverages u‑blox’s Foundation security offering, which comprises fundamental elements that make SARA-R4 and SARA-R5 modules secure by design. These include a unique and immutable device identity that is tied to its root of trust (RoT), which forms the basis for a trusted set of advanced security functionality, including a secure boot mechanism that ensures that the module can only run trusted software. In addition, u‑blox’s proprietary uFOTA feature enables authentication of over-the-air firmware updates.

    Among the relevant use cases that u‑blox IoT Security-as-a-Service can support are:

    • Asset tracking. Data authenticity is essential in such scenarios, as well as secure local storage of collected data and easy secure cloud onboarding. Because tracking devices are usually battery powered, they require extremely energy-efficient secure data transmission.
    • Connected health/eHealth. In this use case, patient confidentiality is paramount, with only authorized medical staff permitted to access sensitive data. This necessitates a high degree of protection against malware and data tampering.
    • Industrial monitoring. These solutions need to guarantee the integrity of real-time operational data to increase productivity, avoid downtime, and assure the safety of the workforce.
    • Building and home automation. Data confidentiality and authenticity need to be maintained, while allowing for data to be shared with trusted stakeholders without compromising customer privacy.
    • Telematics. In this scenario, the main security risks include denial-of-service (DoS) attacks, device cloning, jamming, etc.
    • Smart metering. Here, the authenticity of data logged by remote metering units needs to be confirmed to protect billing, and, once trusted communication is established, data transmission needs to be restricted to authorized servers.

    “We implemented a true end-to-end concept that protects data from the device to the end user without making it visible to intermediate nodes or platforms, or to service providers. The modules’ symmetric KMS offers engineers a streamlined and scalable alternative to conventional public key infrastructure or pre-shared key arrangements,” says Giovanni Solito, senior product manager, Product Center Services at u‑blox. “And with straightforward onboarding to all the popular cloud IoT platforms, efforts are not taken up by security concerns and operational complexities, but can be focused on speeding up time to market and growing business.”

  • Focus Telecom installs GPSdome to protect Israel’s ‘national clock’

    Focus Telecom installs GPSdome to protect Israel’s ‘national clock’

    Photo: Inifidome
    Photo: InifiDome

    The national time system at Israel’s National Physics Laboratory (INPL) in Jerusalem is now protected by a GPSdome unit for cyber protection of GPS/GNSS signals, according to Israel’s Homeland Security, a private company established in 2012.

    Microchip partner Focus Telecom installed the GPSdome cyber protection system under a support and maintenance contract. GPSdome was developed by infiniDome, an Israeli startup.

    INPL’s Nadya Goldovsky will now test and measure the system for its ability to protect the GPS/GNSS satellite signals from jamming and other interference. Over the course of several months, Goldovsky will test the system’s ability to protect its four independent atomic clocks, which continuously supply Israel’s national time.

    The cyber protection system is designed to enable continuous, uninterrupted GPS/GNSS service, which allows for full operation of the clocks. During a GPS cyber-attack, infiniDome’s Communication Module will report it to infiniDome’s Cyber Security Cloud.

    “GPSdome is a cyber protection system developed based on military technologies and principals which was adapted to non-military, commercial use,” said Omer Sharar, infiniDome’s CEO. “Our systems are already deployed and operational in Israel at multiple sites in the defense/HLS sector, border protection, financial sector and telecom sector.”

    The company has signed a global distribution contract with an international PNT solution provider to sell its GPSdome systems in more than 120 countries, Sharar said.

  • GPS satellite gets a digital twin to ensure cyber security

    GPS satellite gets a digital twin to ensure cyber security

    Artist's rendering: U.S. Air Force
    Artist’s rendering: U.S. Air Force

    The U.S. Air Force is using a digital replica of a GPS IIR satellite to detect any cyber-security issues, reports Air Force Magazine.

    Booz Allen Hamilton created the “digital twin” of the Lockheed Martin-built Block IIR GPS satellite — and then tried to hack the system.

    “The satellite itself was on orbit,” BAH Vice President Kevin Coggins told Air Force Magazine. “So we built this digital model … and then we went looking for vulnerabilities. We did [penetration] testing and we saw what we could discover.”

    The project is in response to a congressional mandate to test GPS for cyber vulnerabilities. Testing areas include the satellite, ground control stations and the radio-frequency links between them. BAH then conducted “man-in-the-middle” attacks on the communication links to identify potential weaknesses between the satellite and its ground control station.

    The 12 Block IIR legacy satellites, launched between 1997-2004, were designed for a 7.5 year lifespan, but it will be years before they can be decommissioned.

  • BAE Systems demonstrates XTS Guard 5 for military cyber security

    BAE Systems’ XTS Guard 5, equipped with the company’s Geospatial eXploitation Products (GXP), has successfully demonstrated its ability to provide U.S. intelligence organizations with access to geospatial imagery and data from BAE Systems’ GXP Platform, ensuring secure sharing between networks of various security classifications and sections.

    The innovative software demonstrated secure information sharing between government agencies and networks at the Enterprise Challenge, referred to as the EC-18, held this past spring.

    “Our expertise in developing technologies that quickly exploit massive amounts of data has allowed us to a product that brings numerous advantages to U.S. military intelligence organizations to securely transfer data from multiple sources,” said Kevin Malone, vice president of analytics systems at BAE Systems. “The EC-18 demo proved XTS Guard 5’s readiness to deliver operational success for a number of agencies.”

    EC-18 is an annual exercise sponsored by the Office of the Under Secretary of Defense, which allows Department of Defense agencies and international partners to demonstrate information sharing across disparate networks prior to their solution’s deployment. A guard is a cybersecurity appliance solution that resides between classified and unclassified domains for agencies using intelligence libraries.

    As an intelligence organization accesses geospatial imagery and data from BAE Systems’ GXP Platform, XTS Guard 5 provides cross-domain search functionality. This breaks down information stovepipes and secure boundaries that currently exist, providing a bridge between security domains to allow intelligence analysts to quickly and easily gather information that was previously cumbersome and time consuming to obtain. It saves analysts’ time, reduces operating costs, and allows decision makers to act more quickly, the company said.

    The product is further enhanced by SMARTXD from Sterling Computers, which is a key enabling component to secure multi-domain information sharing within an agency or large organization. It allows existing customer applications to become multi-domain enabled and share releasable data across security domains, including coalition partners. This capability has been successfully demonstrated in the last three Enterprise Challenge events.

    The XTS Guard 5 demo at EC-18 showed that the product’s architecture will support multi-enclave and multi-compartment controlled information sharing, for information that is subdivided based on its sensitivity, with advanced administration and auditing, ensuring that releasable information stored on a section of an internal network is sharable. It proved the effective transfer of multiple data types in near-real time, including email, attachments and chat.

    Offering industry-leading geospatial intelligence and movement intelligence solutions, including licensed software and professional services, BAE Systems’ GXP 5 delivers advanced data management, image exploitation, tracking analytics, geospatial production and intelligence reporting, the company said.

  • BlackBerry and Baidu partner on connected car technology

    BlackBerry Limited and Baidu Inc. are collaborating to accelerate the deployment of connected and autonomous vehicle technology for automotive OEMs and suppliers worldwide.

    The companies have signed a statement of intent to make BlackBerry QNX‘s ISO26262 ASIL-D certified safety operating system (OS) the foundation for Baidu’s Apollo autonomous driving open platform.

    Also, BlackBerry and Baidu will work together to integrate Baidu’s CarLife, the leading smartphone integration software for connected cars in China, as well as its conversational artificial intelligence system DuerOS, and high-definition maps to run on the BlackBerry QNX Car (Infotainment) Platform.

    Blackberry QNX will host demonstrations of its foundational software for autonomous and connected vehicles at the Consumer Electronics Show (CES) 2018, at North Hall Booth 7523. The show takes place Jan. 9-12 in Las Vegas.

    “BlackBerry QNX has established itself as the OS platform for safety-certified production-based systems,” said Li Zhenyu, general manager of Intelligent Driving Group, Baidu. “We aim to provide automakers with a clear and fast path to fully autonomous vehicle production, with safety and security as top priorities. By integrating the BlackBerry QNX OS with the Apollo platform, we will enable carmakers to leap from prototype to production systems. Together, we will work toward a technological and commercial ecosystem for autonomous driving, intelligent connectivity and intelligent traffic systems.”

    “Joining forces with Baidu will enable us to explore integration opportunities for multiple vehicle subsystems including ADAS, infotainment, gateways and cloud services,” said John Wall, senior vice president and GM of BlackBerry QNX. “Baidu has made tremendous strides in artificial intelligence and deep learning. These advancements paired with their high-definition maps and BlackBerry’s safety-critical embedded software and expertise in security will be crucial ingredients for autonomous vehicles.”

    Announced by Baidu in April 2017, Apollo is an open platform that provides a comprehensive, secure, and reliable solution that consists of cloud services, an open software stack and reference hardware and vehicle platforms. It supports all major features and functions of an autonomous vehicle.

    More than 70 global partners are involved with Apollo, including OEMs, Tier 1 suppliers, developer platforms and technology start-ups. The project was named after the historic lunar landing program to illustrate its scale and complexity. BlackBerry provides OEMs with cybersecurity technology to protect and mitigate, including hardware, software, applications and end-to-end systems from cyberattacks.

    BlackBerry’s pedigree in security and continued innovation has led to recent automotive design wins with Delphi, Denso, Qualcomm, Visteon and others.

  • Intelsat demonstrates mitigation of satellite signal interference

    Mitigating intentional interference for satellites is addressed in a new white paper released by Intelsat General.

    The white paper details interference mitigation on the Intelsat EpicNG platform. Intelsat General is a wholly owned subsidiary of Intelsat and operator of the worldwide Globalized Network.

    The whitepaper validates the ability of the Intelsat EpicNG platform to mitigate attempts by adversaries to intentionally interfere with signals operating on Intelsat’s multi-spot, high-frequency reuse, high-throughput satellites. This is particularly important for U.S. and allied military forces in hostile theaters throughout the globe.

    “U.S. DoD (Department of Defense) satellite communication systems are critical for collecting and disseminating video and data that give the military real-time information about a hostile environment,” said Skot Butler, president of Intelsat General. “Our Interference Resolution demonstration showcases the capability of the Intelsat EpicNG system, and its advanced digital payload, to work around efforts to interfere or jam the signals being transmitted via our satellites.”

    https://youtu.be/B0rhVk4MYY0

    Demonstration. The Interference Resolution demonstration used a remote terminal transmitting video to a hub Earth station over the Intelsat 29e satellite. During the validation process, technicians transmitted an interference signal on the same channel used to transmit the video.

    Once the interference was detected, technicians were able to reconfigure the satellite and the remote terminal, thereby re-establishing video transmissions. The reconfigurations

    • terminated the interferer at the satellite thereby clearing the downlink,
    • provided a new, interference-free uplink channel, and
    • connected the new video uplink channel to the original, now clear, downlink channel.

    Intelsat 29e, launched in January 2016, was the first of Intelsat’s fleet of high-throughput satellites. Five Intelsat EpicNG satellites are now in orbit with one more planned for launch in 2018.

  • Esri and Idaho National Laboratory sign cyber security CRADA

    Organizations work together to fight cyber attacks with innovations to visualize threats.

    Esri and the U.S. Department of Energy’s Idaho National Laboratory (INL) have entered into a cooperative research and development agreement (CRADA) to collaboratively research and create prototype concepts with a specific focus on location intelligence solutions for the protection of critical infrastructure and critical missions.

    The work will also estimate the impacts on critical infrastructure caused by exploited cyber vulnerabilities and targeted attacks.

    Esri provides geospatial analysis and visualization capabilities across infrastructure industries like water, electric, oil and transportation, as well as in support of federal, state and local governments charged with the mission of protecting those industries.

    These capabilities, combined with INL’s knowledge and capabilities for securing these systems from physical and cybersecurity threats, make this cooperative research and development effort truly unique in addressing crucial gaps in cyber/physical analysis and situational awareness technologies.

    INL is the nation’s leading center for nuclear energy research and development, working in energy, national security, science, and the environment. Esri and INL have worked together for more than three years.

    “We are looking forward to working closely with INL in this capacity,” said Brian Biesecker, technical director, Esri intelligence community. “As the government continues to embrace new technologies, CRADAs provide a great way for private and public partnerships to continue moving our country forward.”

  • Septentrio’s PolaRx5 updated with seismic monitoring, advanced CORS

    Septentrio’s PolaRx5 updated with seismic monitoring, advanced CORS

    The Septentrio PolaRx5 GNSS receiver.
    The Septentrio PolaRx5 GNSS receiver.

    Septentrio has released version 5.1.0 firmware for the PolaRx5 product line of GNSS reference receivers. The 5.1.0 firmware brings new features for file management, usability, security and seismic monitoring.

    Septentrio’s PolaRx5 product line of GNSS reference receivers includes the PolaRx5 for CORS and network operations, the PolaRx5TR for time and frequency transfer and the PolaRx5S for space weather applications.

    Improvements in precise point positioning (PPP) have opened the door on seismic monitoring using GNSS technology. As well as allowing precise measurement of long-term slow surface displacement, PolaRx5 now allows real-time recording of the high-frequency vibrations typically accompanying earthquakes. Firmware 5.1.0 introduces the support for on-board PPP and dynamic response tuned for seismic applications.

    The 5.1.0 firmware release brings greater logging efficiency to the PolaRx5 users. Storage integrity is crucial for many applications. Retransmitting data can be an expensive business, especially when using Iridium telemetry. To improve archival functionality, Septentrio has developed a storage integrity feature to retransmit only the data which has been lost in the initial transmission. This avoids the common and unnecessary overhead of retransmitting complete files.

    Preventing unauthorized access is a crucial aspect of cyber security. PolaRx5 product line is now equipped with firewall and IP filtering, SFTP and ssh keys. This complements and strengthens the user management and access level protection of the PolaRx5 product line.

    Various independent tests have shown PolaRx5 consistently ranks highest among GNSS receivers in many areas of measurement quality, including lowest measurement noise and fewest number of cycle slips, and this at the lowest power consumption on the market. The PolaRx5 products offer robust and high-quality GNSS tracking of GPS, GLONASS, Galileo and BeiDou as well as regional satellite systems including QZSS and IRNSS.

    Some of those who have recently deployed the PolaRx5 include the Oregon Department of Transport (DOT), UNAVCO, the Jet Propulsion Laboratory (JPL) and the SAPOS CORS network in Germany.

    “The 5.1.0 PolaRx5 firmware continues Septentrio’s commitment to its customers.” stated Francesca Clemente, PolaRx Product Manager. She continued: “The new features of the 5.1.0 firmware complement existing standard features of the PolaRx5 GNSS receivers such as Advanced Interference Mitigation technology (AIM+) and the web UI offering full user control and status to make PolaRx5 the most complete GNSS reference station on the market today.”

  • Iridium launches alternative GPS PNT service

    Iridium Communications Inc. has introduced its Satellite Time and Location (STL) service, an alternative or complement to traditional indoor and outdoor location-based technologies, and declared it ready for use. STL’s position, navigation and timing (PNT) technology is deployed through Iridium’s 66 cross-linked, low-earth orbit satellite constellation.

    Through Iridium satellites and in GNSS receivers, STL technology can work to verify GPS, GLONASS, Galileo and other navigation services, and also can serve as an alternative for those services when GPS signals are degraded or unavailable. STL also can provide an alternative source of time when testing GPS signals.

    Iridium is working with Satelles, a division of iKare Corporation, as its primary technology partner. Satelles enables Iridium’s paging channels to reach small, low-cost receivers in nearly any environment, the company says in a news release.

    “We think STL can help solve an important and growing problem for governments and businesses, and serve as a platform for continued innovation,” says Matt Desch, chief executive officer at Iridium. “With STL, we are introducing a global capability that is already in space, technologically ready for use and is independent of any particular location technology. The team at Satelles has been able to leverage the unique capabilities that our network offers to create a solution that can ultimately be integrated into almost any kind of platform, including other Iridium machine-to-machine devices, heavy machinery, automobiles and even the power grid, to name a few. Once implemented, STL could revolutionize the way the world’s largest, global companies and governments operate and manage cyber security.”

    In a chipset about the size of a postage stamp, the technology can be embedded into many devices. STL’s signal strength may make spoofing GPS systems more difficult, the company says. STL transmits its signals through Iridium’s satellite constellation to deliver a unique code to each position on the ground that can be independently authenticated, which allows operation or access only if the user is in the location expected.

    “Commercial users are now able to use STL to deliver trustworthy timing solutions for critical infrastructure, such as LTE networks, transactional data centers and the power grid,” says Greg Gutt, president and chief technology officer of Satelles. “Military and government users can also acquire these commercial off-the-shelf solutions for the Department of Defense and other government applications. In addition to enhancing the security and resiliency of GPS, STL technology can be embedded into servers anywhere in the world to geo-fence data and applications, providing trusted time and location data as an independent factor for end-point authentication.”

    The STL solution has been successfully demonstrated across multiple sectors, including military, academia and commercial applications. The technology is available today and will be supported by Iridium NEXT, the Iridium’s next-generation global satellite constellation, which is scheduled for completion by late 2017, the company says.

  • German automakers complete HERE acquisition

    Kevin Dennehy
    Kevin Dennehy

    In what was 2015’s largest location-industry deal, three German luxury auto manufacturers completed the purchase of HERE. But that wasn’t the only recent acquisition as location-based services provider TeleCommunication Systems, or TCS, was bought by Comtech Telecommunication Corp. Both deals indicate the growing, and continued growth, of location services going forward into 2016.

    Three German automakers are now in the location business following the finalization of a $2.8 billion deal to buy Nokia’s HERE digital mapping company last week. Audi, BMW and Daimler are now equal owners of HERE following quick regulatory approval.

    While some say there was much Nokia-driven hype about who was bidding on HERE, including Uber and Baidu, ultimately others breathed a sigh of relief that automotive companies, not Google, bought the digital mapping pioneer.

    The deal, which was originally announced in early August, shows the continued value of accurate maps to the automotive industry as it transitions for connected to autonomous vehicles. In addition, the number of big suitors interested in HERE shows the rise in the potential and real market for location-based services in both smartphones and connected vehicles.

    Many of the early suitors balked at HERE’s early price tag, estimated to be more than $4 billion. Uber, which some felt would be a good match for HERE because of their autonomous vehicle intentions, decided to go in another direction, buying mapping company deCarta.

    While it’s too early to analyze the consequences of the deal, some analysts say it will be interesting to see if the new owners keep the mapping giant neutral to not alienate future clients.

    It remains to be seen whether its competitor, TomTom, which also has been talked about as an acquisition target, should stay as an independent company or form its own consortium.

    Nokia purchased HERE, the former Navteq, for $8 billion in 2007. The sale of HERE is part of Nokia’s transformation as it completes its $16.6 billion acquisition of Alcatel-Lucent, which is expected to close early next year.

    In another big deal since our last column, Annapolis, Md.-based TeleCommunication Systems was acquired by Comtech Telecommunication Corp. for $430.8 million deal. The deal is expected to close in March 2016.

    TCS was one of the first companies to do it all in the consumer location space, buying entities in automotive navigation and also making inroads in the fleet management and indoor positioning/9-1-1 space. The company most recently was developing location technology for mobile, or m-health markets.

    Cyber Security Big Connected Vehicle Concern in 2015

    As we review the past year, one of the biggest connected vehicle trends in 2015 was when cyber security became real for the automakers, said Jon Allen, Booz Allen Commercial Solutions principal.

    “Just as automakers are increasingly demonstrating the power of automation, their momentum is challenged by researchers showing they really can hack into vehicles. While there are engineering challenges ahead to realize the full potential of autonomy, the priority in automotive is to protect the trust of customers and regulators as autonomous capabilities are further developed,” he said. “That puts cyber at the top of the agenda.”

    2016, OEMs will need to further embrace a security mindset, Allen said. “These [cyber risk] issues are solved by designing, engineering and testing your vehicle to meet defined standards. But cyber risk has an outside variable you can’t control: cyber threat actors. This means you’re not just engineering a solution — you’re fighting an adversary,” he said.

    Allen said that automakers need to identify a single leader to champion vehicle cyber security, supporting them up with an integrated, cross-functional team. “That includes experts from safety, privacy, IT, legal, engineering, manufacturing, customer service and supply chain,” he said.

    Autonomous vehicles tout a safety record that far surpasses today’s cars, but a cyber incident has potential to reverse that claim, Allen said. The “doomsday” scenario is attacking multiple vehicles over the air to “brick” multiple platforms, but this may be an unlikely near-term scenario, he said.

    “The near-term attacks will be motivated by money. That’s why many of the largest hacks were designed to exploit personal and financial information,” Allen said.

    At a Colorado Space Roundup meeting in Denver last week, Thad Allen, former Coast Guard commandant and now executive vice president at Booz Allen Hamilton, said that there won’t be a “cyber Pearl Harbor” as the government and civilian entities should have had plenty of warning it was coming. Allen, who was in Denver working on the GPS Operational Control System, or OCX, also said that it would be catastrophic if the GPS infrastructure was compromised.

    “If someone does something to disrupt GPS, it will affect everyone,” said Allen, who oversaw the Hurricane Katrina and Deepwater Horizon oil spill operations.

    Indoor Positioning’s Big Story in 2015: Consumer Appliances?

    While there were several significant tests and infrastructure rollouts, at least one analyst says the rise of indoor positioning in consumer appliances was huge. Bruce Krulwich, Grizzly Analytics founder, said that such companies as Move ‘n See are putting location chips into electronic devices.

    Move ‘n See also has a camera robot, called Pixio, which follows a person moving around a sports field or other indoor site. “What’s huge about this is not the product itself — it’s hard to tell whether it will appeal to the masses or only a niche market–but I believe that it’s the first in a new trend of electronic products that enhance their capabilities by incorporating indoor location technology,” he said.

    In other location news:

    • CalAmp Corp. said it made a $113 million offer for LoJack Corp., which is a pioneer in car theft-recovery using location technology. According to published reports, CalAmp has made three cash offers for Lojack in the past 14 months. LoJack’s car recovery systems use location technology, which seems to be a great fit for CalAmp, which offers fleet tracking software.

    It’s been a good run. After eight-and-a-half years, this is my last Wireless LBS Insider column. Many thanks to Alan Cameron and Tracy Cozzens, both seasoned journalists, who steered me on the right course over the years. I will be at CES in a freelance role next month and will continue to operate my autonomous vehicle conference, Driverless.