Evaluation of NovAtel's Jamming and Spoofing Detection and Mitigation Capabilities During Jammertest 2024
Ali Broumandan, Ali Pirsiavash, Isabelle Tremblay, and Sandy Kennedy, Hexagon Autonomy & Positioning Division
Location: Beacon A
Global Navigation Satellite Systems are widely used in critical infrastructure and safety of life applications such as aviation, maritime and land transportations. With such widespread use, open signal descriptions, and a crowded RF spectrum, jamming and spoofing are well-known threats to GNSS. Various detection and mitigation methods have been developed to deal with these threats, but the additional signal processing increases the size and power consumption. A recent report of the GPS spoofing workgroup "https://ops.group/dashboard/wp-content/uploads/2024/09/GPS-Spoofing-Final-Report-OPSGROUP-WG-OG24.pdf" emphasizes a 500% increase in GNSS spoofing incidents in 2024, with an average of 1500 flights per day affected.
GNSS Resilience and Integrity Technology (GRIT) is a firmware suite developed for NovAtel OEM7 receivers to expand situational awareness and interference detection and mitigation tools across applications and environments to protect against GNSS threats including jamming and spoofing attacks. GRIT includes Interference toolkit (ITK) and spoofing detection toolkit (SK) to identify when a GNSS signal is under threat. NovAtel’s Robust Dual Antenna Receiver (RoDAR), is based on a commercial OEM7 dual-antenna receiver, and employs special firmware to mitigate jammers and spoofers without an increase in size or power consumption. Open service navigation massage authentication (OSNMA) implementation joins the NovAtel’s multi-layer protection suite against malicious attack. GRIT relies on different layers of countermeasures ranging from jamming detection and characterization to spoofing detection and mitigation in favor of a guaranteed level of solution integrity and reliability. OSNMA enhances the GNSS security by cryptologic protection by implementing on the newly developed Galileo E1B Open Service Navigation Message.
Norwegian jamming and spoofing test occurred during 9-13 of September 2024 in Bleik, Norway. During Jammertest 2024, various methods were used to interfere and manipulate navigation systems to mislead the participant’s equipment. These tests included stationary meaconing on all GNSS bands which involved retransmission of live sky signal, where the GNSS environment had the wrong position or had small time delays. Furthermore, different methods of spoofing were tested on multiple constellations and frequencies including coherent and incoherent stationary spoofer using altered ephemeris where the transmitted satellite ephemerides are different from the live sky satellites. As well as some coherent and incoherent spoofing scenarios using true ephemerides. Some scenarios lead the user to believe its position was static at a false location while other scenarios caused the user on a false route. In addition to manipulating the position, certain scenarios introduced a small time offset while others were transporting the user multiple years into the future. During each meaconing and spoofing tests, varying jamming scenarios were executed simultaneously depending on the test such as five minutes of jamming on all signals before spoofing begins or continuous jamming of non-spoofed signals during scenarios. This article provides NovAtel receivers jamming and spoofing detection and mitigation capabilities of actual data collected during the jammertest 2024. The jamming detection provides spectrum monitoring and jamming characterization on all GNSS bands. The effectiveness of the anti-jam and anti-spoofing technology is demonstrated using representative complex spoofing and jamming test cases during this event. The NovAtel PwrPak7 receiver was configured with a multi-frequency and multi-constellation operation. The position estimation results are based on all available measurements. In the full paper, the test outcomes and receiver behavior will be presented under jamming and spoofing events. Average C/N0 values as a signal quality monitoring metric will be demonstrated. The receiver position and timing errors under spoofing attack will be shown. The receiver input power monitoring reported by ITK logs and real-time spoofing detection results using SK logs will be demonstrated. Finally, navigation message authenticity for Galileo E1 signals will be evaluated using onboard OSNMA implementation.