Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2014 Microsemi Corporation. COMPANY PROPRIETARY 1 Power Matters. TM Mitigating GPS Vulnerabilities in Mission Critical Applications Eran Gilat October.

Similar presentations


Presentation on theme: "© 2014 Microsemi Corporation. COMPANY PROPRIETARY 1 Power Matters. TM Mitigating GPS Vulnerabilities in Mission Critical Applications Eran Gilat October."— Presentation transcript:

1 © 2014 Microsemi Corporation. COMPANY PROPRIETARY 1 Power Matters. TM Mitigating GPS Vulnerabilities in Mission Critical Applications Eran Gilat October 2014

2 Power Matters. TM 2 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Agenda  Overview of GNSS  GNSS Vulnerabilities  Mitigation Strategies in Government (Defense, Research & Public Safety) Applications  Summary

3 Power Matters. TM 3 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Technology is Ubiquitous Aerospace/Defense, Satellite Systems and Public Safety within Government market depend heavily on GNSS technology to synchronize their network infrastructure

4 Power Matters. TM 4 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Navigation Satellite Systems (GNSS) Beido u Regional systems are also in operation or being planned Galileo (European Union) –In preparation stages Beido (China) –Partially operational GLONASS (Russia) –Operational GPS (United States) –Operational

5 Power Matters. TM 5 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Vulnerabilities – March 2012 GNSS vulnerability is a growing concern in critical infrastructure applications

6 Power Matters. TM 6 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Transmit Power is Very Low Visibility of 4 satellites typically needed to solve for position and precise time applications PPS Precise Positioning Service  P(Y) Code modulated onto L1 and L2 carrier  Encrypted signals  Authorized users only SPS Standard Positioning Service  C/A (Coarse Acquisition) Code modulated onto L1 carrier  No encryption  Commercial, civil and gov’t users (everybody) L1 Band – MHz L2 Band – MHz GPS transmit power is very low… less than a 25 watt light bulb 11,000 miles away.. Multiple atomic clocks are on each satellite.

7 Power Matters. TM 7 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GPS Signal Characteristics C/A code is on the L1 band only and more vulnerable than the P(Y) code

8 Power Matters. TM 8 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Vulnerabilities

9 Power Matters. TM 9 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Vulnerabilities are a Major Concern GNSS vulnerability is a growing concern in critical Government infrastructure applications 7th ANNUAL GNSS VULNERABILITIES AND SOLUTIONS CONFERENCE 18 – 20 April, 2013 COORDINATES MAGAZINE March 2012 “Maintains a central database for reports of domestic and international interference to civil use of GPS …” U.S. Department of Homeland Security

10 Power Matters. TM 10 © 2014 Microsemi Corporation. COMPANY PROPRIETARY 139,79566,018455,805 Geographical Area Impacted Maximum Miles 2 Minimum Miles 2 Average Miles 2 139,79566,018455,805 Geographical Area Impacted Maximum Miles 2 Minimum Miles 2 Average Miles Hours 90 days Cumulative Duration 141NOTAMs Shortest1.0 hour Average6.63 hours Longest72 hours 782 Hours 90 days Cumulative 9 Month Duration 141NOTAMs Shortest1.0 hour Average6.63 hours Longest72 hours GNSS Challenges: GPS tested by DOD Source: FAA, 2010 During the 9 month study there was an outage somewhere in the study area ~12% of the time, affecting on average ~4.5% of the continental U.S.

11 Power Matters. TM 11 © 2014 Microsemi Corporation. COMPANY PROPRIETARY $55 Ebay Everyday GNSS Outages (Intentional) $83 GPS&GSMJammersSpoofing Cheap jammers to sophisticated spoofing Software attacks Jammers and Spoofing

12 Power Matters. TM 12 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Everyday GNSS Outages (Unintentional) Mechanical, Human Error GPS cable conduit dangling in the wind Natural, Environmental Lightning hits, antenna icing Solar flares, atmospheric phenomena Antennas are easily damaged and can interfere with each other Foliage obscures GPS deployments Harmonics or radiation from nearby electronics failures or misaligned transmission equipment

13 Power Matters. TM 13 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Anti-Terrorist Initiatives Governments may intentionally jam GNSS to stop terrorist activities, for example: Five GPS phones that were used by the terrorists during the Nov 26, 2008 attacks in Mumbai Terrorists using GPS to navigate and organize anti- government activities War operations

14 Power Matters. TM 14 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Even Normal Operations Can Introduce Errors Orbit error Satellite clock error Ionospheric delay Tropospheric delay Multipath Receiver noise Tropospheric

15 Power Matters. TM 15 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GPS Outages Source: Examples compiled from published reports and open literature EventDurationCause & Impact St Charles, MO11-21 Oct, 1994 and May 1995 GPS/L1 interference from test equipment at nearby aerospace facility Chesterfield, SC15-23 April 1999 Army communications system radiating in GPS/L1 band Moss Landing, CA 15 April – 22 May, June & Fall, 2001 TV antenna pre-amp radiating in GPS/L1 band, GPS denied throughout harbor region Mesa, AZ13-18 Dec, 2001 Signal generator radiating at MHz, GPS denied for 150nm radius San Diego, CA22 Jan, 2007 US Air Force, emission at GPS due to personnel error, wide- scale denial of GP New York, NY2008 GPS outage and effected systems similar in character to ’07 San Diego event Leesburg, VAJuly January mW jammers caused minor disturbance to FAA Control Center, ZDC EWR, Liberty International Airport, NJ Present suspect 100mW - 250mW jammers, FAA equipment going off line Las VegasMarch 2012 DoD event, unintentional going; exercised Cease Buzzer; Las Vegas airport ground stop for approximately 1 hour March 2011: a U.S. military reconnaissance aircraft was forced to land during an annual major east Asian military exercise, known as Key Resolve, due to GPS jamming. The jamming reportedly took place along the northern portion of the 684-mile long Korean peninsula, with the jamming supposedly originating with the North Koreans. March 2011: North Korean military units jammed GPS signals in some parts of South Korea. Intermittent GPS failures occurred in northwestern base station coverage areas such as Seoul, Incheon and Paju. "We suspect the interference was caused by strong jamming signals sent by the North.“ It was believed that 146 cell sites were knocked out.

16 Power Matters. TM 16 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Mitigation Strategies

17 Power Matters. TM 17 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Timing Accuracy Requirements for Various Applications 0.1 ns 1 ns 10 ns100 ns1 µs10 µs100 µs1 ms10 ms100 ms 1 s Scientific/ Experimental High Precision Military GPS Monitor Situations GPS Weapons ATS Airborne Geolocation Demo Bistastic Radar Other Applications Advanced Comms PTTV R&D N/F Power Systems Fault Location Phasor Measurements Data Sharing CDMA2000 Base Stations Low Precision Military Ground Terminals VHF Terminals Wide Area Data Logging Sesmic Monitoring Nuclear Blast Detection Digital Time Servers NTP, etc. Astronomy Authentication Internet login Financial Transactions Timing user survey not intended to be a complete representation of all users. Requirements have been generalized and averaged over user groups.

18 Power Matters. TM 18 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Mitigation of GNSS Vulnerabilities  Strategy 1: Network distributed timing  Strategy 2: Holdover Oscillator Technologies Quartz Rubidium Cesium Primary Reference  Strategy 3 Use Model: Jamming recognition algorithms  Strategy 4: Secure GNSS (SAASM) Technology Used only by US Government Authorized Users

19 Power Matters. TM 19 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Strategy 1: Network Distributed Timing PTP 1588v2 GNSS Frequency & Phase Layer 2 and 3 Legacy & Next generation networks 1-10 microsecond accuracy Frequency & Phase Physical Layer Legacy & next generation networks 100 nanosecond or better Distribute timing over WAN using PTP when GNSS is jammed locally: GNSS remains the primary reference from a remote location PTP 1588v2 able to transfer time accurately Remote location enabled by PTP clients Both Time & Frequency can be transferred Key Applications: Test ranges: weapons and launch vehicles Distributed sensor networks Remote campus timing Locations not accessible to GNSS deployments o Security reasons o Bunkers o No provision for antennas

20 Power Matters. TM 20 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Use Model: Distributed Sensor Network  Driver Sensor network requiring a reliable back-up to the local GNSS infrastructure Need to monitor remote GPS units and manage  Central Timing Systems with PTP Central timing system delivers time to remote when GNSS is lost using PTP via WAN PTP with Telecom Profile can sync instruments across the WAN accurately On-path support not required in many cases Central Time Standard Time Cesium 4500 Clock TimeProvider 5000 GM & Time Pictra WAN/LAN PTP/ Ethernet

21 Power Matters. TM 21 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Strategy 2: Holdover  Holdover period is a function of the system timing requirements and the performance of the holdover oscillator  Temperature changes, both degrees of change and speed of change, affect holdover performance  Higher quality oscillators provide longer holdover (Ex: Cesium) Holdover: continuing operation when the primary timing and synchronization source is lost with a local oscillator There are a wide variety of oscillator types in use today. OCXO and Rubidium are most common due affordabaility

22 Power Matters. TM 22 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Holdover Performance OCXO 8 µs / day Microsemi Optimized OCXO < 4.5 µs / day Rb 1.5 µs for 24 hours Rb OCXO

23 Power Matters. TM 23 © 2014 Microsemi Corporation. COMPANY PROPRIETARY SIPRNET Red Voice Use Model: Government Tactical Communications Systems XLi /XLi SAASM - High Stability Rb - 10 MHz LPN - T1 - N.1 Freq - NTP KU Band NIPRNET Black Voice Services BITS HC Line-of-sight Radio Rubidium provides the most reliable holdover mobile communications

24 Power Matters. TM 24 © 2014 Microsemi Corporation. COMPANY PROPRIETARY  Cesium Technology is considered the most comprehensive holdover option against GNSS vulnerabilities Exhibit no frequency drift Maintains 5x accuracy over the life of the instrument  Critical for long-term autonomous operation  No on-going calibration required  More expensive than Rubidium and OCXO Consumes more power and space  Typical applications Fixed wireline communications infrastructure Under sea (Submarine) Satellite ground stations Ultimate Holdover: Cesium Technology

25 Power Matters. TM 25 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Use Model: Strategic Government Communications SONETCrypto SIPRNET NIPRNET Voice / Video IDNX 56k or SSU 2k BITS Clock ATMFuture Primary Secondary TOD NTP IRIG 10 MHz SAASM technology backed by Cesium delivers ultimate protection against GNSS vulnerability Cesium XLi (C/A) or SAASM Time & Frequency Receiver XLi (C/A) or SAASM Time & Frequency Receiver SyncServer (C/A) or SAASM Network Time Server SyncServer (C/A) or SAASM Network Time Server

26 Power Matters. TM 26 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Strategy 3 Use Model: Jamming recognition algorithms Modern GNSS receivers got internal mechanism to identify jamming Indicator for continuous wave (narrowband) jammers indicator for broadband interference (Example from u-blox 8MF receiver) Management (NMS) system technics to identify jamming scenarios Recognition of Jamming in the receiver should cause holdover in the System

27 Power Matters. TM 27 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Microsemi TimePictra 10.2 Example TimePictra is End to End Sync management solution TimePictra checks each GPS for The Reported position has not changed – Remember the antenna is fixed to a building PDOP is checked, which checks for poor satellite geometry Number of satellites that report ok, alarms if less then 4

28 Power Matters. TM 28 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Strategy 4 Use Model: GPS Positioning Services PPS Precise Positioning Service Encrypted P(Y) code modulated onto L1 and L2 carrier Authorized users SPS Standard Positioning Service C/A (Coarse Acquisition) code modulated onto L1 carrier Commercial, civil and military users (everybody) L1 Band – MHz L2 Band – MHz SAASM GPS Receivers are PPS Receivers

29 Power Matters. TM 29 © 2014 Microsemi Corporation. COMPANY PROPRIETARY SAASM Receiver Keys Keyed SAASM receivers support A-S and correct for SA Classified - distribution must be protected Cumbersome and not encrypted Antiquated paper tape distribution and loading Must be manually re-keyed Red KeysBlack Keys Encrypted and unclassified Black keys = encrypted Red keys Can be distributed and loaded electronically Decryption of the key takes place in the SAASM module Renew with over-the-air-rekeying (OTAR) (future) Red keys are more difficult to securely distribute and manage as they are Classified Black keys solve key distribution problem as they are Unclassified

30 Power Matters. TM 30 © 2014 Microsemi Corporation. COMPANY PROPRIETARY XLi SAASM GB-GRAM Time & Frequency Receiver XLi features & functions with security of SAASM For users authorized by the US government only SAASM has been mandated for new US DoD GPS systems since 2006 (unless waivered) Chairman of the Joint Chiefs of Staff CJCSI D – April 13, 2007 (FOUO) As of October 1, 2006 all newly fielded DoD GPS system will use SAASM PPS devices. Procurement of non-SAASM GPS user-equipment will be disallowed, unless waivered. Chairman of the Joint Chiefs of Staff CJCSI D – April 13, 2007 (FOUO) As of October 1, 2006 all newly fielded DoD GPS system will use SAASM PPS devices. Procurement of non-SAASM GPS user-equipment will be disallowed, unless waivered.

31 Power Matters. TM 31 © 2014 Microsemi Corporation. COMPANY PROPRIETARY SAASM: Direct Y Acquisition GPS Satellites L1 Band GHz L2 Band – GHz C/A Jammed DAGR PLGR The keyed XLi SAASM supports a “Hot-Start” from a DAGR or PLGR when C/A code is absent

32 Power Matters. TM 32 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS Vulnerability Mitigation Strategies - Recap Satellite based Network based GNSS including SAASM PTP IEEE 1588v2 Resilient infrastructure Needs 2 Out of 3 Holdover Protection Rubidium/OCXOCesium

33 Power Matters. TM 33 © 2014 Microsemi Corporation. COMPANY PROPRIETARY GNSS vulnerabilities in government infrastructure can be mitigated with: Secure GPS SAASM Technology Redundant clocks in the network Adding PTP over WAN or LAN Rubidium or Cesium for holdover Spoofing identification in receiver or management system Summary Microsemi offers solutions to ensure that mission critical applications will be protected from GNSS vulnerabilities

34 Power Matters. TM 34 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Eran Gilat EMEA, System Sales Engineer Thank You

35 Power Matters. TM 35 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Reference Section

36 Power Matters. TM 36 © 2014 Microsemi Corporation. COMPANY PROPRIETARY Other Factors Affecting GPS A sun outage, or sun fade is a signal degradation phenomenon that affects the transmission of radio signals in satellite communications. It is quite clear from the previous section that we are currently unable to meet the measurement requirements for most of the climate variables.


Download ppt "© 2014 Microsemi Corporation. COMPANY PROPRIETARY 1 Power Matters. TM Mitigating GPS Vulnerabilities in Mission Critical Applications Eran Gilat October."

Similar presentations


Ads by Google