Close X

GPS Spoofing

GPS-SpoofingThe word spoofing sounds like something my eighty year old grandmother would say in reference to a bad joke.  But don’t be fooled, be aware, be concerned, and be educated spoofing is no joke. Unlike GPS jamming which often result in loss of satellite signal tracking or signal denial, jamming could potentially be unintentional. GPS spoofing however, is malicious, very intentional, and comes with terroristic objectives. Until last summer I don’t believe many took spoofing too seriously. Even when  a few Iranian engineers claimed they spoofed a RQ-170 CIA stealth drone, landed it and took it apart; many thought was a tall tale for sure, a scare tactic. But all that changed in July of 2012 when an associate professor from the University of Austin Texas by the name of Todd Humphreys and some graduate students showed the world that spoofing was no joke when his team successful spoofed a fairly sophisticated navigational system on board an $80,000 dollar rotorcraft UAV. To ensure his efforts did not go unnoticed by many reluctant federal officials including some at the FAA and DHS, Mr. Humphreys upped the ante just last month when his teamed successful spoofed an $80 million dollar yacht with a GPS navigation and mapping system comparable to that found on commercial airliners. He accomplished both these goals using about $2000 dollars in readily available parts. If you find this all too confusing or just don’t get the math I suggest you watch Mr. Humphrey presentation on his YouTube TED “How to fool a GPS” (here is the link). 

As explained in the video, the basic idea of spoofing is simple, create fake stronger GPS satellite signals and fool or spoof a GPS receiver into tracking the stronger fake signals under someone else’s control.  As experienced on the $80 million dollar yacht, you will have no warning, nor do you have any idea that this is happening, your receiver will show no signs of foul play. You simple just aren’t where you thought you were or where your UAV was suppose to be.

There is a current military solution, it’s called GPS signal authentication.  The magazine ‘INSIDE GNSS’ states the issue as follows:

“Some GNSS signals are specifically designed to prevent spoofing or to deny unauthorized access — encrypted signals such as the GPS P(Y) and M-code and Galileo’s Public Regulated Service (PRS), or obscured signals such as the GLONASS P-code. These signals produce asymmetry, meaning that the service provider has the encryption or generation mechanism while an attacker does not. Consequently, an attacker will not be able to generate the authentic encrypted signal for use in a spoofing broadcast or injection attack. Of course, civil users do not have access to the P(Y), M-code, or PRS, and even authorized military GPS users require Selective Availability/anti-spoofing module (SAASM) hardware, which is both expensive and access-restricted.”

Incorporating signal encryption into civilian GPS receivers may take twenty years and will be very expensive to do. It will also require users to buy new receivers.  There is another much less expensive approach to jamming and spoofing prevention, it’s called T-PAAS. T-PAAS stands for Tunable Passive Antenna Array, and is a new emerging technology.  T-PAAS technology is a passive filter that can be installed around an existing GPS antenna and will mitigate both spoofing and jamming signals before reaching sensitive receiver signal processors. T-PAAS technology is classified and still in the development stage with a technical readiness level (TRL) of five. However, T-PAAS technology has been built, tested, and demonstrated to both the Department of Defense and Ministry of Defense agencies. T-PAAS technology survived JAMFEST 2008 with flying colors and rave reviews from DHS and many other federal agencies. Current test results suggest a T-PAAS unit could be produced and installed that will reduce unwanted jamming signals by 70 dB (a factor of 10 million or equal to jamming signals divide by 10,000,000) and effectively eliminating all ground based spoofers. The cost for such a device is expected to be less than $1000 dollars.

Semper Fi Steve