Advanced simulation software developed via an ESA project is now helping to extend cybersecurity to the crucial sphere of satellite navigation.
New commercial receivers and related products can now be rigorously tested to pinpoint any vulnerability to counterfeit satnav signals – known as spoofing – so that countermeasures can then be developed.
The potential of spoofing was demonstrated in dramatic fashion in 2012, when University of Texas researchers used fake satnav signals generated with low-cost hardware to take control of a flying drone, forcing it downwards by misleading it on its actual location.
“Reducing vulnerability to spoofing is very important,” explains Massimo Crisci, heading ESA’s Navigation Systems and Techniques section. “In everyday life we are increasingly reliant on Global Navigation Satellite System (GNSS) in all kinds of ways, beyond simple navigation.
“GNSS time signals are used to synchronise financial, power and communication networks, for example. They are also set to underpin critical operations such as fleet management, road tax or tolling, along with ‘safety-of-life’ systems such as air traffic guidance.”
The new SimSAFE suite of software allows new products or systems to be evaluated against spoofing. Adding up to around 60 000 lines of code developed over two years of work, SimSAFE can precisely simulate intentional interference attacks along with ‘genuine’ signals from virtual satnav constellations.
A prototype version of the software was first put to use by ESA’s Navigation Laboratory for its existing satnav simulator test rack, which had been supplied by simulation specialist Spirent Communication in the UK.
“This simulator is typically used to recreate signals from multiple GNSS constellations along with additional terrestrial inputs such as 3G or wifi signals often used by receivers,” adds Massimo.
“With spoofing an issue of increasing concern in the civilian domain, we decided we needed this new suite for our internal test purposes.”
Encrypted governmental or military-grade satnav signals are resilient against spoofing, but their access is strictly controlled by definition. Civilian signals are indeed at risk however, Massimo adds: “Simulation systems such as this one allows us to test out solution strategies.
“That might involve adding an authentication code, for example – currently being looked at for Galileo’s Commercial Service – or monitoring the evolution of the signal over time to check if it is real or not.
“Signals from an actual satellite would shift their source over time, for instance, and exhibit telltale Doppler shifting.”
ESA turned to a small Italian company called Qascom, founded a decade ago by a small group of engineers with experience in both satnav and security systems.
The company had begun developing the simulator internally before being contracted by ESA for its further development.
X