Previous Abstract Return to Session A5 Next Abstract

Session A5: Integrity and Assurance

A Novel Fault Correlator for GNSS Spoofer Survivability
Anderson Givhan, Auburn University; Connor Brashar, Mike Walker, Tucker Haydon, Elizabeth Esterly, Sandia National Laboratories
Location: Ballroom E
Date/Time: Wednesday, Aug. 25, 4:25 p.m.

We present results for a novel correlator structure within a global navigation satellite system (GNSS) receiver that is capable of tracking duplicate satellite signals created by faults or advanced threats and binning them according to purported position solution for anti-spoofing. This novel signal processing and receiver autonomous integrity monitoring (RAIM) architecture allows a GNSS receiver to track multiple possible position solutions, reject multipath, and resolve errors caused by multiple satellite failure or falsified signals. In the event of advanced anti-access area denial (A2AD) attacks, this architecture can recover a receiver’s position solution and allow it to continue navigating through a contested environment when advanced A2AD threats are employed against the receiver.
Current GPS receiver architectures are vulnerable to advanced A2AD attacks. Spoofer and meaconer attacks on GPS receivers allow an adversary to falsify satellite signals received by a GPS receivers, which gives adversaries a way to take control of GPS receivers and in many cases degrade or take control of navigators. Current solutions to GNSS spoofer attacks tend to revolve around A2AD detection approaches, through which a navigator can determine that an attack has occurred. This is especially useful in the context of advanced A2AD threats, wherein an adversary tracks a receiver and slowly drags perceived position away from truth such that detection of a threat is more challenging to perceive. But most anti-spoofing strategies amount to confirming that a receiver’s data is no longer usable—viewing a smoking gun in the context of navigation warfare. Our proposed fault correlator framework extends contemporary spoofer detection approaches by modifying GPS receivers to provide both true and false viable signals to an A2AD detection framework. When one perceived signal set (comprised of any number of satellites) is deemed as false by a spoofer detection framework, this architecture then allows a receiver to track the true live sky framework and continue to navigate to target.
Our GNSS spoofer survivability architecture requires two modifications to a contemporary GNSS receiver framework: 1) a modification of a traditional GNSS correlator architecture whereby duplicate acquisition channels are instantiated to search for additional correlation peaks for already-tracked satellite signals, and 2) a modified RAIM architecture to bin perceived correlator outputs into three specific types (position A, position B, and multipath). Multipath signals are then rejected, and position A and B signals can then be parsed through any A2AD detection framework for rejection of false or incorrect position solutions.
In this presentation, we discuss results of the fault correlator architecture in the presence of simulated duplicate signals and multipath wherein a full GPS constellation L1 C/A signal set is duplicated and transmitted to the receiver. Results from a receiver leveraging a traditional GPS correlator are presented with discussion of the restriction in duplicate signal search space imposed by GPS correlator length. Preliminary results for a fault correlator architecture that uses narrow GPS correlators is also presented, which greatly extends the spatial search window for threats or faults in signals. Finally, we will present results of this architecture employed with an Innovation Sequence Monitor (in conjunction with a traditional tactical-grade IMU) for spoofer detection in order to fully excise a simulated faulty satellite constellation signal.
Sandia National Laboratories is a multimission laboratory managed and operated by National Technology & Engineering Solutions of Sandia, LLC, a wholly owned subsidiary of Honeywell International Inc., for the U.S. Department of Energy’s National Nuclear Security Administration under contract DE-NA0003525.



Previous Abstract Return to Session A5 Next Abstract