Enhancing Automotive Positioning Security and Robustness Using Trimble’s RTX Navigation Message Authentication (RTX-NMA)
Ramzi El Khayat, Manish Maruthi, Johannes Traugott, Markus Brandl, Alexandr Sokolov, Juan Castro Arvizu, Trimble Inc.
Date/Time: Wednesday, Sep. 18, 4:46 p.m.
Automotive applications necessitate a robust, secure and accurate GNSS positioning system to meet safety-critical requirements. To cater to the needs of the mass-market, these applications utilize automotive-grade GNSS chipsets that typically face a trade-off between availability of the measurements, measurement quality, power consumption, and production cost. Concurrently, a surge in spoofing incidents have been reported globally. These phenomena can be attributed to the increased availability of low-cost, highly capable spoofing devices on the market. Mass-market automotive GNSS chipset can be more vulnerable to such interference due to their inherently low-cost characteristics. Additionally, low-cost receivers might exhibit the tendency to occasionally introduce discrepancies in navigation frames before forwarding them to the positioning engine.
A spoofing attack can take the form of meaconing where the attacker rebroadcasts authentic but recorded navigation messages from a different time and/or location. Another possible attack can manifest as manipulating and broadcasting navigation messages causing incorrect positioning estimates by the GNSS receiver. In contrast to spoofing attacks, discrepancies in the navigation frames may involve data corruption introduced by unintentional bit flips and shifts. When left undetected, the errors in the ephemeris can lead to unexpected position jumps and degraded accuracy.
While the protection against malicious interference may not be fully achieved, detection and mitigation mechanisms are crucial. Therefore, ensuring the integrity of the navigation bits used by the positioning engine is critical for safeguarding users from such challenges. Recognizing the challenges in ensuring the authenticity of the navigation data, Trimble is introducing the RTX Navigation Message Authentication (RTX-NMA). This solution is designed to guarantee that users subscribed to Trimble’s RTX correction streams receive authentic navigation frames. The new service is achieved through data cryptographic integrity checks using Trimble’s global network of reference stations.
There have been recent developments in GNSS Open Service Navigation Message Authentication (OSNMA) primarily for the Galileo constellation, alongside plans for the introduction of Chimera, an authentication enhancement for GPS. Apart from the Galileo OSNMA, rollout of similar open services for other GNSS satellite systems is still years away, and legacy signals are less likely to be covered by these authentication methods. Given the immediate necessity for enhanced safety measures, Trimble’s RTX-NMA can bridge this gap by securing multiple satellite systems including legacy signals. GNSS navigation message authentication data is produced using state-of the art cryptographic algorithms based on the globally distributed Trimble RTX tracking network that monitors satellite orbits and clocks for all GNSS in real-time. This enables the users of Trimble's RTX corrections service to protect their positioning solution from both, non-authentic navigation data under a spoofing attack and also from authentic, but faulty navigation messages produced by the GNSS system ground controls.
While RTX-NMA is fully supported in Trimble's positioning ecosystem, we show that it can also be applied to secure and robustify navigation data from third-party automotive-grade GNSS receivers when using Trimble's precise positioning engine and RTX correction data along with measurements generated by said receivers. We demonstrate the effects of receiving erroneous navigation bits on satellite position computations and how these errors, when undetected, can propagate to the position domain. Our study focuses on kinematic scenarios in various settings such as highways, downtown areas, and suburban environments. We present real-life and software simulated cases of navigation data discrepancies introduced to multiple broadcast ephemeris parameters provided by a low-cost third-party automotive-grade receiver. The impact of these discrepancies on satellite position errors is quantified. To add, we showcase how reliable detection of erroneous ephemeris is achieved through RTX-NMA along with the accompanying performance implications with and without such detection.
For Attendees Call for Abstracts Registration Hotel Travel and Visas Exhibits Submit Kepler Nomination For Authors and Chairs Abstract Management Student Paper Awards Editorial Review Policies Publication Ethics Policies For Exhibitors Exhibitor Resource Center Marketing Resources Other Years Future Meetings Past Meetings