Image: FBI.gov

Blog Editor’s Note: We have noticed renewed concern among many in the field at the lack of discussion and effort on GPS/GNSS receiver resilience to software attacks. For example, RNTF member and PNT expert Guy Buesnel recently mentioned this in an excellent Linkedin post “Why PNT Security Thinking Needs to Change.”

The only systematic treatment of the topic that we could find was a 2012 paper by researchers at Carnegie Mellon and Coherent Navigation.  It’s summary outlines the issue succinctly:

“The intricate nature of today’s GPS devices has created a large attack surface. Previous approaches have treated GPS security as an issue of hardware and signal analysis, but many traditional software security lessons have yet to be learned by GPS manufacturers. In this paper, we introduced novel attacks on GPS devices at the data level, many of which have serious ramifications to safety systems. Our attacks required hardware that cost only about $2,500, which is about the same as a laptop. We have shown our attacks are successful against consumer and professional receivers. We also propose defenses such as hardening GPS software against RF and network attacks, as well as an attack detection system. Until GPS is secured, life and safety-critical applications that depend upon it are likely vulnerable to attack.”

If you know of other publicly available work in this area, please send us links so that we may share them more widely.