A recent posting on the websites Forum has prompted me to post my thoughts on ths Blog.
The interference of satnav signals is an issue that threatens us all.
Much of my work brings me into close contact with the realities of life, from mountain rescue to counter-terrorism, and yet the single biggest threat I believe is the deliberate corruption and blocking of satnav signals, because it is not only relatively easy to do, it has the potential to stop our society functioning.
We have allowed ourselves to become reliant upon a technoliogy that whilst revolutionary has significant vulnerabilities.
In some ways it is good that the subjects of satnav spoofing and jamming have publically come to the fore, for the reason that politicians will now be forced to be seen to be proactive and respond. The downside is that by discussing the issue in an open forum the vulnerabilities of all Global Navigation Satellite systems (GNSS) are exposed.
It is a subject that I have taken an active interest in for the last four years, primarily as both ground troops rely heavily on satnav and mountain rescue teams. Whilst all these personnel always have at their disposal other methods of navigation at their disposal in the field, satnav has without question revolutionised equally troop movement in the same way as it has mountain rescue in expediting rescue missions. GNSS are quicker and require less interactive input from the navigator than conventional tools, thereby allowing the individual to concentrate on their primary remit.
I have held off until now writing publically about it. Now is the time to pool knowledge and experience so that commercial developers can start to develop systems to defeat these threats. Everything herein is in the public domain.
Why is it such a threat?
In addition to the numerous Safety of Life (SoL) applications from commercial aircraft to maritime vessels that use satnav to navigate, spoofing and jamming threaten to create a massive potential destructive impact our infrastructure and economy.
The most accurate information any GNSS transmits is its time signal, this is why new satellites can have up to five atomic clocks on board, and it is this component of the satellites transmissions which is most used in our infrastructure.
All mobile phones rely on GNSS timing signals for the mobile phone masts to synchronise with each other which enables them to call hand-off. They all use the same codes (CDMA spreading code) to both identify and distinguish themselves from other masts by phasing, in other words using microsecond time offset.
Power Grids also use GNSS time signals to manage the distribution of power across the grid; this is done by shutting down and powering up different generators and is controlled by devices called PMU’s (Phase Monitor Units). These units use time differentials to measure something called phase angles, and if the GNSS time signal is corrupted the results are blackouts and damage to the power grid equipment.
Investments across the world are made by computers calculating exactly the right time to buy or sell and to do this all stock markets need to be synchronised in time, otherwise a few milliseconds advantage of information about a market going up or down could have massive impacts for when to buy or sell.
The actual satnav component of the system, where a receiver employs all of the data transmitted from the GNSS cover a broad spectrum of use.
From our strategic assets (thermonuclear weapons) to shipments of gold bullion and other high-value items, satnav is used to track and monitor their safe movement. Criminal gangs have already used simple jamming technology here in the UK in a heist of a container load of cigarettes and there have been several documented cases elsewhere in the world of similar crimes employing this technology.
Car Satnav has become ubiquitous and it is available in nearly all new road going vehicles, even my local supermarket are selling car satnavs, and for what is a very sophisticated piece of technology it is available for under £50. In addition to the safety aspects of not trying to read a map when driving are the very real benefits of traffic flow. Most commercial vehicles and many top spec car satnavs have the ability to reroute traffic past bottlenecks, accidents and other road obstacles thereby increasing the flow of traffic, the commercial benefits of this to hauliers is enormous.
Government authorities can also use satnav to charge for individual vehicle use of toll-roads and in Germany this is already underway,
Like it or not we manufacture weapons to kill people and the more accurately and precisely they can be aimed minimises collateral damage (a euphemism generally applied to women and children in conflict zones). Less munitions are required, they can be deployed, unmanned, from literally the other side of the world.
Crime Prevention & Detection
Not only can assets be tracked, suspects can be too by placing small satnav receiver/transmitters on vehicles, planes and boats in addition to using the satnav chipsets in mobile phones to track and monitor peoples movement.
Accident Prevention & Management
A growing usage of this technology is using trackers with children, where if they leave a defined zone, such as a school, an emergency text is sent. When emergency calls are initiated from a mobile phone many already can report location, by 2015 all mobile phones in North America, under the revised E911 statute, will do so within a couple of meters.
These are the main uses of satnav; however there are many more applications with new ones constantly being introduced. Satnav has become an intrinsic component of our lives.
Militarily effective anti-spoofing techniques already exist and are employed; this is not the case for civilian satnav. Jamming represents a significant threat to both users as ironically although simpler in its deployment it is more difficult to defeat.
Spoofing is clever in concept, where a spoofer transmits counterfeit signals, usually from a mobile ground based transmitter, with data they choose that your receiver uses to calculate your location and thereby this false data create an incorrect location report. These false signals are on the same frequency as the global navigation satellites in orbit and they to hijack what is called the tracking loop of a receiver, which allows this spoofer to control the receivers timing and/or navigation solution.
The attacks are categorised into three levels:
1. Simple: this involves creating a GNSS simulator to broadcast high-powered false signals, in other words adding another satellite to the GNSS constellation which, because your receiver perceives as providing a good quality signal, it then uses this data to calculate its location. Any receiver within range of this transmission will report an inaccurate location. Fortunately the equipment required to do this is expensive and the signals are easily detected because they are not synchronised to the real satellites.
2. Intermediate: The spoofer have to identify exactly which receiver they wish to corrupt, it exact location and the direction and speed it is travelling in so they can synchronise their false signals with the real satellite signals and thereby be seen as part of the constellation. Again, serious money is needed for the equipment however the attack is both difficult to detect and also hard to mitigate.
3. Sophisticated: This is where the spoofer creates a network of false satellite transmission that replicate the content and mutual alignment of visible satellites and their spatial distribution. This is very expensive and requires a great deal of planning and logistics which really only governments could afford and implement. It is very difficult to mitigate against and there are no papers in the public domain about this.
The systems being used and developed to detect and nullify the effects of spoofing fall broadly into two technologies
1. Cryptography – using a secret code that is transmitted and where the receiver has the correct cipher is used by the military, in civilian use, where by its very nature access to the units is available in theory to everyone and not controlled, cryptography has limited potential.
2. Vestigial Signal Defense (VSD). This is software embedded in the receiver which exploits the fact that suppressing real satnav broadcasts is very difficult and it uses something called the distortion of complex correlation function from the satellites to determine if a spoofing attack is taking place. The spoofer can generate something called a phase-aligned nulling signal but this is very complex and difficult to perform, so VSD is a hot candidate for civilian anti-spoofing.
3. Antenna design – this is the hot candidate for civilian anti-spoofing. Using multiple antennas a spoofer transmitter is required for each satnav antenna. In addition, the spoofer would have to locate each transmit antenna in close physical proximity to the appropriate satnav antenna in the array and the large manufacturers of civilian satnav are already using three types of antenna: Silicon Patch, Quadrafillar Helix and Linear Antenna. Multiple antenna and in-built Radio Frequency (RF) chokes for on these antenna is a very effective at defeating spoofing.
This is the single biggest threat to the integrity of any satnav system, primarily because it is so easy to use in terms of cost, deployment and efficacy.
There are four categories of jammers currently available and used by civilians. Military jammers will not be discussed in this article.
1. Jammers disguised as mobile phones
These affect tracking (T) at a range of around 10m and acquisition (A) at 20m.
(Expressed as T10m A20m)
2. In-car jammers – simple all-in-one devices that plug into the cigarette lighter.
3. Jammers that use an externally connected aerial and are powered by an internal battery. T300m A600m
4. ‘Graduate made jammers’ –these are very powerful transmitters that flood an area with a massive output of signal on the same frequency as the L1 GNSS carrier that can be built by someone with a degree level of understanding of RF technology.
These jammers use signals classified as either tones, swept waveforms, pulses, narrowband noise, or broadband noise. Effectively either completely masking the real satellite transmissions or interfering with their complete reception.
Jammers can only be defeated by locating the source, in other words finding the jamming equipment and neutralising the threat (switching it off).
The good news is that equipment to detect jammers is very effective and already, near airport and large sea port, most governments are employing this technology.
The Way Forward
1. Outlaw the procession of both a spoofing and jamming device and hand down very heavy custodial sentences to offenders. Both spoofing and jamming threaten life and I personally am lobbying for a minimum custodial sentence of 10 years imprisonment.
2. Jamming detection equipment fitted to all new police vehicles.
3. Grant license to manufacture certificates to all manufacturers across the globe, where a mandatory requirement is the provision of anti-spoofing devices in every receiver built. This should be relatively easy to implement as it is in nearly every nation states interest to do this as everyone from China and Russia to America and the EU have GNSS of their own.
4. Write to your Member of Parliament expressing concern.
5. Write to the manufacturers and when the first manufacturer responds by building and providing a protected unit buy it at the expense of other manufacturers models – thus putting into action the forces of market demand and supply.
It is in all of our interests to make this happen to stop the lights going out!