NovAtel's Annual Journal of GNSS Technology Solutions and Innovation

Issue link:

Contents of this Issue


Page 27 of 51

anti-jamming UnderStanding tHe difference between anti-Spoofing and anti-jamming When the GPS SiGnalS Were deSiGned in the early 1970s, the principles of electronic warfare were already well understood. Generally speaking, adversaries may attempt to disrupt position, navigation and time solutions derived from GPS in one of two ways: spoofing (making a GPS receiver calculate a false position); and jamming (overpowering GPS satellite signals locally so that a receiver can no longer operate). Spoofing and jamming are two different problems, and the potential mitigation solutions for the user differ accordingly. Spoofing To spoof a receiver, an adversary needs to recreate the signals from multiple satellites and then transmit that "spoofing" signal to capture a local GPS receiver. (See Figure 1.) If the targeted GPS receiver is unable to tell the difference  between the real satellite signals and the spoofed  signals,  the spoofing will fool the target  receiver into appearing to be at a different location. The legacy GPS signals include an encrypted binary code of 1s and 0s known as Y-code that is transmitted on the L1 and L2 frequencies, Figure 1: An adversary creates a replica of the C/A code from the GPS satellites to try to fool or 'spoof' the GPS receiver 28 velocity 2013 GPS Rx Spoofer with these signals only intended for military use. This encrypted binary code changes 10.23 million times per second, and the Y-code does not repeat over the course of an entire week (in other words, a unique sequence of 6.18 trillion 1s and 0s per satellite per week). Without the encryption keys it is virtually impossible for an adversary to generate the Y-code and, hence, virtually impossible to spoof a GPS receiver set to track Y-code. The legacy GPS signals also includes a Coarse Acquisition, or C/A code, that was originally meant to aid acquisition of the Y-code, but is now used for all civilian GPS receivers. The C/A code is unencrypted. The 1's and 0's change 1.023 million times a second, and the code itself repeats every millisecond (a unique sequence of 1,023 1s and 0s every millisecond). As the C/A code structure is openly published in a public signal-in-space interface specification, it can be recreated by a relatively competent adversary who can then generate a "spoofed" version of the GPS signal with which to capture a receiver. How can we protect against spoofing? The best way to protect against spoofing is to directly track the encrypted Y-code. Of course, this is only possible by using a GPS receiver that has a Selective Availability AntiSpoofing Module (SAASM). SAASM receivers can track Y-code only when loaded with the currently valid decryption key, and the modules are tamper-proof to prevent reverse engineering by adversaries. SAASM receivers such as the NovAtel OEM625s are only available to governmentauthorized customers, and the sales and distribution of these units are tightly controlled by the United States Department of Defense. For civil users, multi-constellation receivers that can track multiple GNSS such as GPS, GLONASS, Galileo, and BeiDou simultaneously can be effective against spoofers, because an adversary would have to produce and trans- For more Solutions visit http:/ /

Articles in this issue

Links on this page

view archives of Velocity - 2013