In the era of advanced technology, where navigation and positioning systems have become crucial to countless industries, ensuring the accuracy and reliability of these systems is paramount. Whether autonomous vehicles navigating urban jungles or drones charting unexplored territories, the integrity of the data they rely on is non-negotiable. Enter Inertial Labs’ INS-D-OEM: a cutting-edge Inertial Navigation System designed to offer precision and shield against deceptive practices like spoofing. This article delves into the intricacies of the INS-D-OEM, highlighting its state-of-the-art spoofing protection features and explaining why it stands out in a crowded market.
What is Spoofing?
Satellite constellations use RF signals to transmit information to GNSS receivers. These signals contain information on the satellite ephemeris, clock bias parameters, almanac, and satellite health status. Receivers use these signals to compute position (and timing) information in global coordinates of longitudinal and latitudinal locations. Spoofers transmit signals with higher relative power (a dominating signal strength) than the GNSS/GPS signals that are typically received by receivers. These signals contain false positioning information, resulting in the receiver believing false data. This was a complicated and expensive process that only militaries could perform. Still, with technological advances and the growing pervasiveness of the internet, GPS spoofing transmitters can be found quickly and inexpensively by members of the civilian population.
A non-overlapped attack’s spoofing signal is not synchronized with the authentic GNSS signals. In this type of attack, the correlation peaks between the spoofing and the authentic GNSS signals are asynchronous. Non-overlapped spoofing attacks are effective during a cold start where the spoofing signal has a higher power than the authentic signal; this can deceive the device depending on the receiver search strategy. When a signal is in the tracking stage, the other regions of the cross-ambiguity function are not visible to the receiver. As a result, the higher power spoofing signal may not affect the tracking procedure if the delays or Doppler frequencies are not aligned.
A spoofer can synchronize its code phase and Doppler frequency with authentic signals in a more sophisticated attack. In an overlapped attack, the correlation peaks of spoofing and authentic signals combine to constructively or destructively change the shape of the correlation peak. This type of spoofing attack can be generated by a receiver-based spoofing device where the spoofer knows the time, number of observable satellites, and the location and parameters of the target receiver. Detecting an overlapped spoofing attack is much more challenging as the distortions caused by spoofing signals appear similar to multipath errors, but it can be detected so we can establish a spoofing protection plan.
The receiver’s power is integral to any spoofing attack to deceive the target receiver. The power level of spoofing signals compared to authentic signals can highly impact spoofing interference’s effectiveness and error limit. Identifying spoofing attacks based on their relative power is difficult as it requires information about the propagation channel, antenna gain pattern, and the orientation of the spoofer’s signal.
How Do You Detect Spoofing?
As noted in the previous section, spoofing attacks tend to have some signature characteristics that can be used to detect spoofed signals, and that can also help with spoofing protection.
Input Power Analysis
A common way to spoof a receiver is to jam it and provide false signals. This attack can be detected by closely monitoring the input power to detect additional power from interference signals. Monitoring the input power is achieved by observing the gain of the automatic gain control (AGC) module.
Structural Power Content Analysis
Structural power content analysis utilizes a GNSS signal’s cyclo-stationarity, or the statistical properties that vary cyclically, to detect excessive amounts of structured signal power in the received data set. Received baseband data is filtered within the GNSS signal bandwidth and multiplied by their delayed version to remove the Doppler effect. As a result, the signal has a line spectrum, which consists of only a few lines of specific wavelengths generated by the multiplication of cyclo-stationary signals. Then, the signal and its noise components are filtered by comb filters. A detection test statistic is calculated based on the filter outputs of the signal and comparing it to the threshold of an attack.
The most common spoofing detection method is analyzing the effective C/N0 available in most commercially sold receivers. The upper limit of a receiver’s C/N0 value can be defined for any given receiver. A very high C/N0 value can be an indicator of a spoofing attack. The jamming signals can also affect the practical C/N0 values by increasing the noise floor.
Signal Quality Monitoring (SQM)
Distortion in the shape of the correlation peak can be caused by the interaction between authentic and spoofing signals during overlapped attacks. Signal quality monitoring tests are focused on this distortion to detect any asymmetric, abnormally sharp, or elevated correlation peaks. Though initially used to monitor the correlation peak quality affected by multipath signals, users have successfully used SQM metrics to identify spoofing attacks.
Dangers of Spoofing
As GPS technology becomes more widespread, there is an increasing reliance on GPS as a part of the world’s critical infrastructure. Secure, stable, and resilient position, navigation, and timing (PNT) are necessary to function as the world’s critical infrastructure. Nearly all sectors of the economy rely on accurate PNT information to provide services for civil, commercial, or military applications. With GPS technology being ubiquitously used for accurate PNT, spoofing is a serious threat to this infrastructure that so many everyday systems, such as cars, phones, and computers, rely on.
As the use of autonomous vehicles for both commercial and military applications becomes more widespread, the dangers of GNSS spoofing become more prevalent. Unmanned underwater vehicles (UUV), unmanned ground vehicles (UGV), automated guided vehicles (AGV), and Unmanned Aerial Vehicles (UAV) can be drastically impacted by GNSS spoofing. GNSS spoofing can redirect unmanned vehicles to incorrect locations, which can cause crashes that can be fatal and cause millions of dollars in damage.
Protecting Against Spoofing
With the prevalence and dangers of spoofing in mind, there are a few general ways to prevent GNSS spoofing. For instance, some GPS signals are designed to provide protection from spoofing attacks by providing security in the satellite itself, an example of this is found in the Galilea OS-NMA E6 frequency band or the GPS military code.
Additionally, GNSS receivers can detect a spoofed signal from a mix of authentic and spoofed signals. Once a spoofed signal is detected, it should remove that signal from consideration for any positioning calculation. That’s when spoofing protection comes to the rescue.
The INS-D-OEM with Spoofing Protection
The Inertial Labs INS-D-OEM features the top-of-the-line dual antenna Novatel OEM7220 GNSS receiver. It contains a real-time spoofing detection unit that employs some of the most effective detection metrics. These metrics include input power analysis by monitoring the gain of the automatic gain control module, structural power content analysis based on the filter outputs, signal quality monitoring to monitor the peak quality affected by multipath signals, and clock monitoring using spoofing signals from a single-antenna source based on the position solution of a moving receiver. These detection metric outputs are fed to an onboard central spoofing detection unit, which decides whether the unit is under a spoofing attack every two seconds. The spoofing detection unit minimizes false detection likelihood from the presence of jamming and multipath signals while identifying spoofing attacks with a high degree of certainty.