1. Home
  2. Miscellaneous
  3. Solving the Issues of GPS Vulnerability

Solving the Issues of GPS Vulnerability

27
0

by Barry Manz, Editor, Microwave Product Digest

Buck Brannaman, the inspiration for the Horse Whisperer, once said timing is everything. Although he was referring to horses and roping, it could apply just as well to virtually every electronic device we use, from the watches we wear to the smartphones in our pockets and how we navigate everywhere on Earth. That is, a world without a reliable and precise source of time would be chaos.

Whether or not we realize it, the Global Positioning System and other global navigation satellite systems (GNSS) such as GLONASS, Baidu, and Galileo, provide this precision reference that they use to provide location that in turn enables accurate navigation (e.g., positioning, navigation and timing, PNT). It’s not surprising that we assume GPS will always be available (at least when we’re outdoors), but it is inherently vulnerable to a multitude of sources that range from jamming and interference to extreme space weather such as solar flares. And as GPS relies on spacecraft above the earth, it is a prime target for adversaries.

In today’s unsettling global military environment, reliance on a single source of such fundamental and vital information is increasingly coming under scrutiny by nations whose defense capabilities rely in part on the ability of GPS to perform unimpeded. The Department of Defense has been working on a way to make GPS more difficult to jam or hack, as well as on solutions that could supplement or replace it if it fails.

The primary question of whether the U.S. should devote the massive resources required to bolster GPS or produce alternatives was the subject of a study performed by RAND Corporation. The results were published in a report called “Analyzing a More Resilient National Positioning, Navigation, and Timing Capability” last year. It concluded that adding even more eggs to this single basket was inadvisable. Considering the ability of individuals and organizations to use existing alternatives and workarounds is considered, the RAND analysis suggests that while threats to GPS are real, the costs of GPS disruption may not be as high as is often assumed.

To understand how the analysts came to this conclusion, it’s important to review GPS, its vulnerabilities, potential upgrades, and whether other approaches would make more sense. This article is based on information contained in the report as well as material from other sources in the hope of providing a reasonably comprehensive picture of how the future of PNT may unfold.

GPS is Not Alone

Although GPS is ubiquitous, it is not the only source of PNT (Figure 1), and each source is viable in its own ways although none are, or are likely to be, as comprehensive as GPS and its other GNSS counterparts. In 2008, the National PNT Architecture Study released by the National Security Space Office envisioned PNT as an ecosystem of different satellite systems, terrestrial time-transfer systems, star-tracking systems, distributed clocks, beacons, inertial navigation systems (INS), and compasses. Some of the tools have been used for decades or even centuries and are still viable for navigating the oceans and locating points on the earth.

Figure 1: The PNT ecosystem Source: U.S. Department of Transportation

In addition, the cost of precision clocks has decreased significantly, making them affordable for integration in the infrastructure of financial trading, air traffic control, communications, and many other applications. Some have their own PNT signals either transmitted over the air, by fiber optic or other wired means, and others exploit signals from cellular networks or Wi-Fi access points.

Physical or digital GPS maps are also much more accurate and precise than ever and are available even if real-time access to GNSS is disputed. GPS, in conjunction with such tools as geographic information systems, has created many accurate geospatial data sets that preserve the value of national PNT for use in commercial and civil applications, at least for awhile. GPS was integral to the creation and benefits of this data legacy and is important in maintaining and extending it, but the daily activities of end users would retain many of the benefits should GPS not be usable for some time.

Threats to GPS

There are documented threats to the functioning of the GPS satellite system, including large-scale events such as a nuclear exchange between states affecting space systems and extreme space weather, and smaller-scale threats such as jamming or spoofing of GPS signals in local areas or cities. There are confirmed cases of these events, including solar storms, technical problems that have affected the GPS constellation, intentional spoofing of a vehicle’s GPS systems to change the vehicle’s movement, and jamming incidents of varying scope and duration.

The incidence of these threats ranges from very rare to much more common, although there is insufficient data available to make defensible probability estimates. Most threats would likely disrupt or corrupt GPS signals from hours to days and a few weeks. Events like adversaries targeting space systems, massive cyber attacks, and sabotage could affect GPS functioning for months or even years if many new satellites were required. Aside from such low-probability scenarios in which the loss of PNT might not be the most immediate national concern, virtually all other disruption or loss scenarios involve effects lasting for days.

The potential for other parts of the PNT ecosystem to be affected varies because existing capabilities and potential backups or additions could be vulnerable. For threat scenarios involving strategic adversaries, attacks on GPS might be accompanied by attacks on other components of the PNT ecosystem, and the more concentrated or physically localized those components, the greater their vulnerability to small, focused attacks.

Other components of the PNT ecosystem that are more distributed (e.g., maintenance of backup clocks or use of distributed signals, such as cellular or Wi-Fi, for positioning) appear quite robust to many types of GPS threats. They have a different set of potential damage such as insider threats at less secure organizations or simply damage from severe weather.

When actual GPS jamming events have occurred in the past, users have felt the effects, but generally managed to cope without disastrous consequences. Also, the authors of the report consider it unlikely that any event short of nuclear war would deny all satellite navigation to the entire U.S. for more than a few days. Any system that could entirely replace GPS would be comparatively much more expensive than the damages it would mitigate.

Consequently, the authors believe it is difficult to justify extensive investment in more GPS backups, although industry or government might well invest in PNT systems for their other merits, not just as a backup for GPS disruption. For example, the federal government is already investing in a system that will improve PNT for wireless network users in key urban areas.

Space systems respond to jamming and GPS-specific risks though all are exposed to the potentially high consequence risks of space warfare and intense space weather events. In contrast, ground-based systems hedge more successfully against those sources of threat, though not all fully address ground-based jamming concerns and are more accessible to threats.

Wired timing signals provide highly accurate time data that is not very susceptible to the risks of concern to GPS, though with exposure to ground-based hazards. Finally, user-based equipment modifications can provide specific capabilities and address dependencies on GPS in which adoption is driven by the individual needs of end users and their willingness to pay.

So, many technologies show potential to serve as a backup PNT method for at least some risk cases for some users. They differ not only in terms of available accuracy but in several other ways. For example, most will be available only in areas with communications infrastructure, but a few could serve even remote areas. Some of the technologies can serve indoor users because RF signals at lower frequencies penetrate buildings.

It is important to note that not all options are equally mature. Some are already on a path toward commercialization with existing market demand, and others would be matured to maximum cost-effectiveness only if demand were driven via government action or subsidy. Even if market efficiencies are assumed, cost effectiveness is likely to vary considerably. The following discussion covers some of these solutions.

Holdover Clocks

When GPS is degraded, holdover clocks can maintain time, and integrating holdover clocks into user equipment is not new, as almost all user equipment has clocks capable of holdover for brief periods. The accuracy of such clocks relative to UTC tends to degrade with time, and until recently atomic clocks that could maintain a high level of accuracy after 24 hours were the size of electronics boxes, costing at least a few thousand dollars and using at least tens of watts of power. The highest fidelity atomic clocks have performance orders of magnitude more precise, but the best performance is achieved only in laboratory-scale systems.

Beginning in the early 2000s, DARPA sought to develop an atomic clock capable of providing one µs accuracy after 24 hours in a device of one cm3 size, using less than 30 mW of power. The result was a chip commercialized by Symmetricom (later Microsemi, now part of Microchip Technology) in 2011. The SA65 CSAC (Figure 2) is the latest version of Microchip’s chip-scale atomic clock. It measures 1.6 x 1.39 x 0.45 inches and has short term stability (Allan Deviation) of 3×10 – 10, typical long-term aging of less than 9 x 10–10/month, and maximum frequency change of ±3 x 10–10 over an operating temperature range of –40°C to +80°C. Warm-up is 2 minutes. This performance is certainly good enough for many critical infrastructure applications.

Figure 2: The SA65 CSAC is the latest version of Microchip’s chip-scale atomic clock Source: Microchip Technologies

DARPA has conducted multiple programs to develop precision timing capabilities. In the Quantum-Assisted Sensing and Readout (QuASAR) program, DARPA focused on making an extremely accurate, laboratory quality atomic clock portable for use in the field. Such capability could potentially improve the holdover performance at important infrastructure sites requiring very accurate time such as eLoran transmitters.

Researchers from the National Institute of Standards and Technology (NIST), with funding from DARPA’s Quantum-Assisted Sensing and Readout (QuASAR) program (Figure 3), have built a pair of ytterbium atomic clocks that measure time with a precision that is about ten times better than the world’s previous best clocks, also developed under QuASAR.

Figure 3: DARPA’s Quantum-Assisted Sensing and Readout (QuASAR) program created ytterbium atomic clocks that measure time with a precision ten times better than the world’s previous best clocks Source: DARPA

How good are they? The clocks are stable to within less than two parts per quintillion (1 followed by 18 zeros) and they measure time so precisely that their readout would be equivalent to specifying the Earth’s diameter to less than the width of a single atom or the age of the known universe to less than one second. One goal of the QuASAR program was to transition the technology into another DARPA program called Spatial, Temporal, and Orientation Information in Contested Environments (STOIC), a goal of which was to develop accurate atomic clocks for tactical military applications.

The DARPA programs will likely result in atomic clocks with a range of sizes and accuracies. Integration of such clocks into user equipment must be addressed on a case-by-case basis. However, it seems that the size and cost of even the smallest such clocks are still much too large for the most compact user devices, such as smartphones.

Inertial Navigation Systems (INS)

An INS uses an inertial measurement unit (IMU) to measure angular and linear accelerations using gyroscopes and accelerometers, and when these accelerations are integrated over time, the INS can compute changes in position. INS systems are essentially a holdover capability for position and navigation, assuming an initial calibration using GPS. They are routinely integrated into a wide range of devices from smartphones to vehicles.

As with holdover clocks, the DARPA Micro-Technology for Positioning, Navigation and Timing (Micro-PNT) program pursued the miniaturization of INS devices to provide tactical capability for GPS-denied environments. GPS technology has been incorporated into vehicles and munitions to meet DoD requirements for precision guidance and navigation for many years. However, GPS dependence creates a critical vulnerability for many DoD systems in situations where the GPS signal is degraded or unavailable.

Micro-PNT developed high performance miniature inertial sensors to enable self-contained inertial navigation for precise guidance in the absence of GPS. The program focused on creating solutions for precision navigation in harsh environments relevant to the needs of DoD. To achieve this, the Micro-PNT partners created sensors that operate under high dynamics and sensors that self-calibrate. Micro-PNT also developed integrated, miniature timing and inertial measurement units (TIMU) and miniature atom-based inertial sensors for extended operation (C-SCAN).

Each program took a different approach to explore novel fabrication techniques and operational methodologies to create disruptive technological solutions. In each effort, the common objective was to improve inertial sensor precision, dynamic range, and long-term accuracy, while reducing size, weight, power consumption and cost (SWAP-C). DARPA specified “conservative” and “aggressive” goals for this development. Even the aggressive goal results in location errors of about 1 nm after an hour. This level of performance is sufficient for many military applications such as missile navigation lasting only a few minutes or flight of unmanned air vehicles aided by sensors.

Even the highest fidelity INS systems are not suitable backups to GPS by themselves, as position must be updated at least every few minutes. In GPS-denied environments, other sensors might provide these position updates. For example, one study showed that a low cost, commercial grade INS aided by cellular wireless signals could maintain navigation quality better than a tactical grade INS alone.

It appears likely that hybrid systems that combine INS with other data, such as maps and visual systems, to recognize key landmarks such as street signs can arrive at superior positioning solutions. A system based primarily on visual recognition of landmarks demonstrated effective navigation travel distances of 10 km between updates.

Improved INS systems may also be able to detect GPS spoofing using differences between INS-based and GPS-based positions. However, INS systems are likely to be able to detect only the most basic attacks that suddenly introduce large position errors into GPS user equipment. More sophisticated attacks that slowly walk the GPS solution away from the true location would not be detected. Thus, while the INS will continue to be needed in a wide range of navigation applications, improving its performance or reducing its size may offer limited value for most critical infrastructure applications.

Atom Interferometers

The potential for atom interferometers is to enable drift-free inertial navigation by providing high precision measurements of acceleration without the need for an external reference signal. Researchers at Sandia National Laboratories reported an advancement that could allow atom interferometry to work at environmental temperatures rather than at temperatures closer to absolute zero.

This new approach offers hope that atom interferometers might eventually work outside of laboratory environments. DARPA has stated that it believes atom interferometers may be useful for position and timing, and multiple patents were granted for atom interferometry, indicating that hardware and processing advancements are continuing.

Simultaneous Localization and Mapping (SLAM)

SLAM is the solution to the problem of an autonomous vehicle moving through an unknown environment in which the vehicle must build the map and estimate its position as it moves. This problem was formulated in the mid-1980s. There are two major aspects to SLAM. The first is the selection of an algorithm that simultaneously estimates the parameters of the map, the pose of the vehicle, and its position within the map. The second is the selection of sensors and signal processing that provides the data for estimation. Since the early 2000s, the algorithmic aspects of SLAM were considered to be fully solved.

Two algorithms, known as the extended Kalman filter (EKF-SLAM) and particle filters (FastSLAM), are commonly employed. These algorithms, in principle, solve the SLAM problem if the input data is correct. The key input data are the parameters describing “landmarks” that are observed by the sensors. As long as signal processing extracts landmarks from sensor data and correctly associates those landmarks on sequential views as well as when landmarks are revisited at later times, position estimates will remain as accurate as the sensor data supports. Accuracy can even improve over time.

The most common types of sensors used in terrestrial applications are visual or infrared imagery and lidar. Imagery usually provides only angular measures to landmarks and lidar provides range. These can be used independently or in combination. Although SLAM is understood at a basic level, research continues with the forefront being in making signal processing and SLAM algorithms efficient and accurate. This appears to be very dependent on the nature of the application and environment.

A key emerging application will be the use of SLAM in autonomous vehicles. In such vehicles, millimeter-wave radar as well as visual imagery are the key sensors. When GPS is available, SLAM will augment navigation performance by developing the local dynamic map, where the dynamic elements are other traffic or changes in the map, such as from construction.

SLAM algorithms are not needed if the map is fully known; they are needed only to the extent that there are dynamic elements in the map or if the autonomous vehicle goes off the map, as might be common for some emergency vehicles. When the map is known, position simply needs to be updated often enough that an INS can maintain the required accuracy.

When GPS is absent, how much detail is good enough to have a map that is able to support street driving? The answer is likely to be that sensors will need to identify multiple landmarks on adjacent buildings and structures as vehicles move along streets, even in the absence of a dynamic environment. In an environment without GPS, autonomous vehicles will need to access data in a “navigation cloud” that includes enough information on landmarks to support the sensors that are continually imaging their surroundings.

These landmarks would be adjacent buildings, structures, or terrain or features on them. This “cloud-based-location-as-a-service” might be provided for free or by subscription from service providers or as a government owned service, similar to how NIST supports timing services. It would be natural for such a service to include data on the RF environment as well, as location based on Wi-Fi and other signals is also useful for positioning and navigation.

In all likelihood, autonomous vehicles would access the “navigation cloud” using 5G connectivity. Without 5G, SLAM as an alternative for position and navigation would probably not be viable. 5G itself could potentially provide the time transfer support for a full PNT alternative. 5G might also provide positioning to complement SLAM-based estimates. However, unless 5G cellular capability has sufficient independence from GPS, SLAM could inherit GPS-related risks from connectivity requirements.

As accuracy for SLAM performance is highly dependent on sensors and environments, it seems probable that systems that meet the requirements of a wide range of users could be developed. SLAM for autonomous vehicles will be good enough to support safety requirements over short times and close distances, but the ability to sustain navigation over long periods without GPS will be contingent on the data and sensors available.

Enhancements to GPS Resiliency

Technologies are available that may enable the continued use of space-based GNSS signals, especially GPS, despite a threat to their PNT performance. These methods are not alternatives to GPS, but like other alternatives, the result would be the availability of PNT at required performance levels. As the RAND analysts believe that the operational consequences of threats and the cost of mitigations are more important than the means of remediation, it is important to present the pros and cons of such resiliency options.

These technologies include multi-GNSS chips and receivers, nulling antennas, and jammer detectors. At least one other option, ready-to-launch spare satellites, belongs in this category but is not included in part because the complexity of this option goes far beyond the cost of the satellites themselves.

Antennas that suppress the energy of jamming signals while admitting the desired GPS or other GNSS signals with minimal attenuation can be effective against noise jamming. Such antennas are of three general types of increasing complexity and cost. Choke rings can reject jammers (as well as desirable GPS signals) near or below the horizon and are likely to be inexpensive. Many of the advantageous effects of these devices might also be obtained from good antenna installation practices, such as by placing antennas high on buildings but blocked from public view.

Nulling antennas, commonly called controlled radiation pattern antennas, can substantially attenuate jamming signals. The most complex can reject five or six simultaneous jammers in different directions, although many can only null one direction at a time. The most sophisticated antennas are beamforming phased-array antennas that maximize the signal in the desired directions, but attenuate signals from all others, with the strongest attenuation in the jamming direction.

Nulling antennas are typically at least several inches in diameter, at least at microwave frequencies and the lower areas of the millimeter-wave spectrum, so they might not accommodate personal devices like smartphones. However, the massive investments made possible by 5G are making this less and less a problem. For example, active phased arrays have been integrated within a single small device that includes the RF front end, leaving baseband and ancillary functions supplied by another small device and a few small components. The most sophisticated nulling antennas incorporate integrity monitoring and can successfully reject spoofing attacks. The PNT performance that results when nulling antennas are effective should be comparable to performance in benign environments.

Direction Finders

When jamming events occur, they can be detected and perhaps geolocated using direction-finding devices. GPS jamming direction finders (Figure 4) are sold commercially, although they are illegal in the U.S., and they have been used in such events as the infamous incident of the “white van man” who jammed GPS at Newark Liberty International Airport for many months in 2012. An accidental spoofing also occurred during a 2017 Institute of Navigation conference in Portland, OR. It has also been reported that many types of commercial aircraft have been affected by various means.

Figure 4: A commercial—and illegal—jammer

The key limitation of mitigation against these devices is that any enforcement action takes preparation, proper equipment, and some time. The “white van man” was apprehended after about 12 months of intermittent jamming only after a significant surveillance effort. Longer periods of jamming and more significant assets dedicated to his capture would have yielded a better outcome. Even in a conference with hundreds of GPS experts and state-of-the-art equipment, the Portland spoofing event was not discovered and remediated for several hours. Enforcement actions against deliberate and criminal jamming would take longer than a few hours absent preparation for the event.

Direction finders alone are useful as a mitigation tool against long term, high power jamming, which could be the case in a terrorist attempt to interfere with GPS. Unfortunately, they are likely to provide only limited value against jamming that occurs over brief periods, such as is characteristic of the common nuisance or negligent jamming. To be effective in this latter case, detection systems will have to operate in near-real time, and other surveillance systems such as cameras that can help identify vehicles and individuals of interest, and phone detection systems can do the same to help eliminate a threat more rapidly than a simple jamming detection system.

Handheld devices that only detect at short range are unlikely to be of much use except in sorting between a few candidate targets. Although networked antennas could be deployed regionally, they might not detect and geolocate the lowest power jammers, such as personal privacy devices, on scales as large as a city. Approaches that make use of virtual detection barriers that catch the emitter passing by or outposts to detected emitters within or near a perimeter could be useful. The PNT performance that results when direction finders succeed in locating jammers will be as good as the benign environment once jammers are eliminated and will be as good as any holdover capabilities until then.

For Further reading

1. “Analyzing a More Resilient National Positioning, Navigation, and Timing Capability,” The RAND Corporation under contract to the Department of Homeland Security, 2021, https://www.rand.org/pubs/research_reports/RR2970.html

(27)

print

LEAVE YOUR COMMENT