Thoughts on GPS Security and Integrity Todd Humphreys, UT Austin Aerospace Dept. DHS Visit to UT Radionavigation Lab | March 10, 2011.

Slides:

Advertisements

Similar presentations

Probabilistic Secure Time Transfer: Challenges and Opportunities for a Sub-Millisecond World Kyle D. Wesson, Prof. Todd E. Humphreys, Prof. Brian L. Evans.

Advertisements

Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September.

The leading pioneer in GPS technology Copyright © 2007 NavCom Technology, Inc.Confidential A New Anti-Jamming Method for GNSS Receivers Jerry Knight, Charles.

Protecting Civil GPS Receivers

ION GNSS 2011, September 23 rd, Portland, Oregon Improving Security of GNSS Receivers Felix Kneissl University FAF Munich.

GNSS Security Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | September 18, 2014.

Secure Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin LAAFB GPS Directorate | December 5, 2012.

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.

Thursday, 3:55pm, room 24 This session will discuss techniques for enhancing the ability of receivers to detect, disregard, and operate through intentional.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

GPS - Global Positioning System Presented By Brindha Narayanan.

Workshop EGNOS KRAKÓW GNSS RECEIVER TESTING TECHNIQUES IN A LABORATORY ENVIRONMENT Institute of Radar Technology Military University of Technology.

14/03/2005 CGSIC Meeting, Prague, Czech Republic Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems.

GPS and other GNSS signals GPS signals and receiver technology MM10 Darius Plausinaitis

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.

Lecture 11 Reliability and Security in IT infrastructure.

Wireless Sensor Network Security Anuj Nagar CS 590.

Frontiers in Radionavigation Dr. Todd E. Humphreys.

Patrick Caldwell Chris Kellar. Overview  Basic Concepts  History  Structure  Applications  Communication  Typical Sources of Error.

WNCG, UT Austin, 1 April 2011 Mark L. Psiaki Sibley School of Mechanical & Aerospace Engr., Cornell University Civilian GPS Spoofing Detection based on.

Kyle Wesson, Mark Rothlisberger, and Todd Humphreys

How Global Positioning Devices (GPS) work

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

MImOSA2 Update Meeting Politecnico di Torino first results 27 May 2015.

Strategic Technology Planning for Nonprofits 2009 Pacific Northwest Digital Inclusion Summit David Forrester January 28, 2009.

Pg 1 of 12 AGI GPS Signal Simulation & Visualization Oct 11, 2005 Curtis Hay Spirent Federal Systems.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

SEC835 Database and Web application security Information Security Architecture.

SVY 207: Lecture 4 GPS Description and Signal Structure

Development of Global navigation satellite system (GNSS) Receiver

Modernization and GPS III Southern California Section ION Meeting 11 March 2009 Lt Col David Goldstein, US Air Force Chief Engineer GPS Wing This briefing.

Extending the Reach of GPS-assisted Femtocell Synchronization and Localization through Tightly- Coupled Opportunistic Navigation Ken Pesyna, Kyle Wesson,

Improving the Security of GNSS Receivers Portland, Oregon | September 23, 2011.

Oscar Pozzzobon Technical Director, Qascom ION GNSS 2011, September 23, Portland, US.

GPS Modernization 14 March 2005 CGSIC IISC Europe.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

ION/GNSS 2011, 23 Sept Mark L. Psiaki Sibley School of Mechanical & Aerospace Engr., Cornell University Developing Defenses Against Jamming & Spoofing.

Tripp Corbin, CFM, GISP CEO eGIS Associates, Inc. Relationships Matter.

Evaluation of Smart Grid and Civilian UAV Vulnerability to GPS Spoofing Attacks D. P. Shepard, J. A. Bhatti, T. E. Humphreys, The University of Texas at.

1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.

An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing Kyle Wesson, Daniel Shepard, Jahshan Bhatti, and Todd Humphreys Presentation.

Riding out the Rough Spots: Scintillation-Robust GNSS Carrier Tracking Dr. Todd E. Humphreys Radionavigation Laboratory University of Texas at Austin.

1 Todd E. Humphreys, Cornell University Larry Young, JPL Thomas Pany, University FAF Munich 2008 IGS Workshop, Miami Beach FL IGS Receiver Considerations.

Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.

Securing Wireless Medical Implants Shyamnath Gollakota Haitham Hassanieh Benjamin Ransford Dina Katabi Kevin Fu.

Quickest Detection of GPS Spoofing Attack Z. Zhang, M. Trinkle, L. Qian, and H. Li MILCOM 2012 Nadia Adem 10/27/2014.

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

GPS: Everything you wanted to know, but were afraid to ask Andria Bilich National Geodetic Survey.

GRIM & DynaPos Overview, Examples and Results Dr. Benjamin Remondi Kendall The XYZs' of GPS,

Characterization of Receiver Response to a Spoofing Attack

Tightly-Coupled Opportunistic Navigation for Deep Urban and Indoor Positioning Ken Pesyna, Zak Kassas, Jahshan Bhatti, and Todd Humphreys Presentation.

GPS Spoofing Detection System Mark Psiaki & Brady O’Hanlon, Cornell Univ., Todd Humphreys & Jahshan Bhatti, Univ. of Texas at Austin Abstract: A real-time.

Future Directions in GNSS Research Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | November 15, 2012.

Secure Civil Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin MITRE | July 20, 2012.

Characterization of Receiver Response to a Spoofing Attack Daniel Shepard Honors Thesis Symposium 4/21/2011.

Navy GPS GPS Users Conference 02 November 2000 LCDR Drew Williams SSC-SD, Code D315 GPS Division GPS Vulnerability.

Assessing the Civil GPS Spoofing Threat

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

GPS, GNSS, and Space Weather A Look Into the Future Paul Kintner and Brady O’Hanlon Cornell University Todd Humphreys UT-Austin

Koji Nakao, Dai Arisue NICT, Japan

GPS - Global Positioning System

Practical Cryptographic Civil GPS Signal Authentication

Microsemi Corporation

Counter-UAV Challenges: Is GNSS Spoofing Effective?

Hashing Hash are the auxiliary values that are used in cryptography.

Todd Humphreys | Aerospace Engineering

Hash Function Requirements

Presentation transcript:

Thoughts on GPS Security and Integrity Todd Humphreys, UT Austin Aerospace Dept. DHS Visit to UT Radionavigation Lab | March 10, 2011

GPS: The Big Issues  Weak GPS Signals  Like a 30-Watt lightbulb held 4000 km away  GPS does not penetrate well indoors  GPS is easy target for jamming  GPS is vulnerable to natural interference (e.g., solar radio bursts and ionospheric scintillation)  Unauthenticated Civil GPS Signals  Civil GPS broadcast “in the clear”  Makes civil GPS vulnerable to spoofing

Emerging Threat: GPS Jamming

Emerging Threat: Civil GPS Spoofing

Spoofing and Jamming are Different Threats  Spoofing is more difficult & costly  Spoofing leaves no trace – victim receiver doesn’t know it’s being spoofed  Spoofer typically targets a single receiver  Many countermeasures to jamming are ineffective against spoofing

Assessing the Spoofing Threat  Multi-frequency, multi-system receivers inherently resistant to spoofing  Vast majority of GPS receivers in critical applications are single-frequency L1 C/A (easily spoofable)  Software radio techniques are game-changer, enabling one to “download” a spoofer  Strong financial incentives encourage “complicit spoofing” (spoofing one’s own receiver)  Timing receivers used in communications infrastructure are attractive target

Civil GPS Spoofing Testbed at UT Austin  Vestigial signal defense  Data bit latency defense  Cryptographic defenses  Phase trauma monitoring  Dual-frequency tracking Spoofer Defender  GPS L1 C/A output  Software radio platform  Output precisely synchronized with authentic signals via feedback  Finely adjustable output signal strength  Remotely commanded via Internet

Inside the Box Digital attenuator for precise control of output signal power

Inside the Box Spoofing signal feedback for precise signal alignment

Inside the Box Interface board for remote operation

Inside the Box Tracking, data-bit prediction, and synthesis on single DSP Total bill of materials: ~$1,000

Civil Anti-Spoofing Techniques Inspired by Work to Date  Data bit latency defense (weak but easy to implement)  Multi-antenna defense (patented in 1996; strong against single spoofer; fails against multiple spoofers; requires additional hardware)  Vestigial signal defense (work in progress; appears strong)  Navigation message authentication (strong, practical, more on this later)  Cross-correlation using P(Y) code (pioneered by Lo, refined by Psiaki, very strong but not so practical)

Thoughts on the Way Forward for Civil GNSS Authentication  More signals means more inherent security, but probably insufficient  Some civil cryptographic authentication scheme is likely required  “Signal definition inertia is enormous” – Tom Stansell  Navigation message authentication (NMA) appears to be best, practical option (advocated by Logan Scott in 2003, others since, more on this later)  Goal of cryptographic authentication: force adversary to use directional antennas in a replay attack  Preliminary evaluation of NMA for L2C suggests optimism (more on this later)  Cryptography must be paired with detection theory

Spoofing Detection as a Hypothesis Testing Problem (Soft W-chip Estimation) Spoofing detection depends on rough estimates of nominal (C/No)s and (C/No)r See forthcoming paper on this topic: “Detection strategies for civil cryptographic anti-spoofing.”

Navigation and Timing Resilience Through Opportunistic Navigation

Tightly-Coupled Opportunistic Navigation Enabling configuration: (1) Same clock: Downmix and sample GPS and SOO with same oscillator (2) Same silicon: Sample GPS and SOO in same A/D converter Enabling configuration: (1) Same clock: Downmix and sample GPS and SOO with same oscillator (2) Same silicon: Sample GPS and SOO in same A/D converter

TCON for Legacy GPS Receivers: The GPS Assimilator

Assimilator Prototype

More Information

Backup Slides

Synchrophasor-Aided Power Distribution

Usage Example: Protecting a GPS Time and Frequency Receiver

Usage Example: Reducing Ionospheric Errors

Usage Example: Harnessing CDMA Cellular Signals as Aid for Weak GPS Signal Tracking

User LEO crosslinks Aiding signal from LEO high-power spot beams over area of operations 400-km switchable beams GPS Signals  Strong signals  Stable clocks  Navigational backup to GPS  Civilian Anti-spoofing Usage Example: Iridium-Augmented GPS