Why a commercial GNSS test bed could help to deal with GPS spoofing

Given such weak signals and such a complex calculation, there is one very simple way to disrupt GPS, and that is to block the signals by jamming them. For a few hundred pounds you can buy a portable GPS jammer or "Personal Privacy Device" to stop law enforcement agencies from using your smartphone or a concealed vehicle tracking device to inform them about your movements. These can also allow lorry drivers to bypass the vehicle tracking systems used by fleet operators to monitor vehicle usage and abusage.

In 2013 there were a number of incidents around the world where GPS jammers affected other users, including a truck driver in New Jersey who caused interference to the Newark Liberty International Airport ground-based augmentation system, and taxi drivers in Melbourne, Australia using jammers to queue-jump and steal fares. These show just how widespread GPS jamming devices have become – quite apart from the sat-navs you buy for navigation.

If an enemy or criminal were to deliberately jam GPS or GNSS signals, it might seem a pretty blunt instrument in the sense that the impact of the jamming cannot be controlled or targeted. Approaching the jammer, the receiver will stop tracking satellites, and most individuals will realise that something is amiss and stop using it. Out comes that dog-eared street map you last saw somewhere in the car boot – and in something as critical as an aeroplane there are always alternative navigation systems just to be on the safe side.

Potential for chaos

But multiply that nuisance factor across a wide area, and it could create chaos. A concerted jamming attack on a major city could mean delivery drivers losing their guidance, bus and transport status screens displaying incorrect information, passengers stuck on trains because doors refuse to open (some use GNSS to control operation of doors at stations), ATM machines and other systems that also use GPS could cease to function... A city grinds to a halt whilst authorities try to identify the problem and locate the jamming source – even a blunt instrument can do plenty of damage to a big enough target.

What could be even more threatening is "spoofing": i.e. creating fake GNSS signals with all the complexity of real signals, but specifically designed to generate false but convincing position data. From what has been said about the nature and subtlety of these signals, it is clearly not such a trivial task as simply jamming the signal – otherwise it might seem surprising that we had to wait sixteen years after Tomorrow Never Dies before those students from Texas provided their public demonstration of spoofing in practice.

The real threat of spoofing is that the victim does not know what is happening and so carries on using false information. Yes, a spoofing box like the one created by the students could be concealed aboard a ship or plane and at some time be switched on, replicate the real signals and be accepted, and then increase signal strength until it dominates the real signals, and then begin to bend reality by taking the vessel off course and into forbidden territory – or onto rocks.

This would need to be done cleverly – not even the most trusting navigator would accept that the ship was cruising down Kensington High Street – so what defence measures are there apart from common sense?

There is visual confirmation – if the supposed location looks way off course suspicions will be aroused – and there are alternative positioning systems such as those based on dead-reckoning using accelerometers, vision sensors, or an alternative fixing technology such as eLORAN. Augmenting your GNSS with one of these technologies could provide an indication that something is wrong.

Then there is the alternative provided by another good GNSS. Although the US military might regret no longer having a monopoly with GPS, the fact that there are other systems operational or coming online will provide extra resilience, and the European Galileo constellation is deliberately designed to complement GPS for additional accuracy and resiliency. So a truly diabolical spoofing attack would also need to foil all these backup alternatives, and that could include not only the complexity of creating realistic GPS signals but also spoofing every other likely GNSS signal in the vicinity just in case.