Real-World Testing is Key in Hardening Fragile GPS

Article By : George Leopold

Security experts say testing methodologies will be critical in reinforcing the increasingly vulnerable GPS network.

The growing vulnerability of the Global Positioning System, critical infrastructure used for everything from synchronizing networks to guiding fire trucks, is prompting calls to harden the satellite network with backup networks that could be used if — and some predict, when — GPS is knocked out by jamming, spoofing or other types of interference.

As a technical debate continues over the best course for securing and augmenting GPS with complementary technologies, security experts are working to develop real-world testing frameworks that can be used to assess risks. Those effort are considering different technology options if relatively weak GPS signals are jammed or spoofed.

Incidents of both are on the rise, experts note.

Signals from the GPS satellite constellation are weak, making them vulnerable to interference. GPS became commercially available in 1983. Since then, overdependence on the service has made it a prime target for hackers. Spurred on by Congress, the U.S. Transportation Department and Department of Homeland Security are currently looking for ways to make GPS more resilient.

Those efforts reflect the framework originally espoused by the father of GPS, retired Air Force Col. Bradford Parkinson, who advocated a Global Navigation Satellite System (GNSS) framework dubbed “Protect, Toughen and Augment”.

Security experts say testing methodologies will be critical in reinforcing the vulnerable GPS network.

“The biggest issue is actually coming up with the right test frameworks and the right way of assessing resilience,” said Guy Buesnel, a position, navigation and timing technologist with U.K.-based Spirent Communications. “That would not just be for GNSS but in any system that combines” position, navigation and timing, Buesnel said.

Guy Buesnel

For now, U.S. officials assessing potential terrestrial backup systems for GPS say they are considering a mix of technologies. “We recognize some things are going to need to be backed up, but we’re also realizing that maybe some systems don’t need GPS to operate,” James Platt, the chief of strategic defense initiatives for the Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security, told the New York Times.

Buesnel agreed. “From the work that we’ve done in the lab, I don’t think there’s a silver bullet that fits everybody. But we do know that the testing, the risk assessment, is a vital part of all this.

“If you don’t understand what your risks are using GNSS — your precise positioning or timing — then if anything happens, you’re likely to get some unexpected behavior,” he added in an interview.

Along with test methodologies to assess risk and ensure security, Buesnel said GPS resiliency ultimately requires government action in the form of legislation and technical standards.

For now, he added, “We try and come up with test scenarios that include…real-world threats such as spoofing, jamming, interference.”

As for the third leg of the GPS hardening triad, Buesnel said augmentation involves introducing other positioning, navigation and timing technologies to back up the current system “in case the worse happens and you are denied [GPS] for a length of time.”

Subscribe to Newsletter

Leave a comment