Image: GPSwise

What’s new: An opinion piece by one of the newest members of our International Advisory Council, Jason Kim, urging authentication for GPS.

Why it’s important; 

• GPS could have an internet enabled High Accuracy and Robustness Service that could provide authentication fairly easily and inexpensively.
• A lack of governance, will, and coordination between federal departments has stymied this and other efforts such as setting L5 healthy.

What else to know: Jason has 25+ years of government experience with GPS and PNT policy. He recently retired from his position as an official in the Department of Commerce. See his bio here. We are very happy to have him as an advisor.

From Inbox to Airspace: The Expanding Threat of Spoofing

By Jason Kim

Last Monday, I got an email from what appeared to be Amazon, advising me to update my credit card info ahead of Prime Day. Since I did have an expired card in my profile, I carelessly clicked the link—instantly regretting it as suspicious URLs flashed in my browser. This malicious email, spoofing a real Amazon message, had gotten through spam filters from my ISP and Apple.

What filtering is there to protect a GPS receiver from malicious spoofing of real GPS messages? In most cases, nothing. The receiver blindly trusts and ingests the incoming data, then passes a fake location along.

Imagine if, instead of compromising your credit card, a spoofed GPS app guided you to make a sharp turn off a cliff. Hopefully, your eyes and brain would prevent you from doing so. But what happens if there is no human in the loop, such as when ships and planes run on autopilot?

They stray dangerously off course, sometimes with catastrophic results. Recently, an oil tanker collided with another—catching on fire—after it made an erratic turn in an area rife with GPS jamming and spoofing. A month earlier, a container ship ran aground outside Saudi Arabia after following fake GPS signals. On Christmas Day, an airliner flew off course due to GPS spoofing and got shot down by Russian missiles, killing 38 people.

With self-driving cars poised to take over our streets, the problem could potentially get a lot worse.

One way to address it is to add an authentication method to civil GPS signals. There are plans to do so, but they are creeping at the pace of government progress. Many users will likely turn to the authenticated services offered by Galileo and other foreign systems. Meanwhile, entrepreneurs seeing demand for trusted navigation sources are launching entire satellite constellations to fill the gap commercially, ahead of the U.S. government.

Authentication will give navigation devices the equivalent of a spam filter that can reject fake signals and messages. Additional filtering can be done based on signal strength, angle of arrival, illegal field values, etc. But as no filter is foolproof, critical navigation systems must be redesigned to use multiple sensors and the laws of physics to cross-check solutions. An autopilot should be able to disregard nonsensical inputs, such as a suggestion that a ship has teleported thousands of miles away to an inland airport.

Yes, there will be cost involved to make it happen, but surely it is less than the cost of a tanker full of oil and 38 human lives.