Global Satellite Services Position Integrity & The World of Spoofing Daan Scheer Global Strategic Businesss Development Satellite Positioning & Integrity
Content 1. Location revolution 2. World of Spoofing 3. Mitigation 4. SATGUARD - NMA Proposition NMA - Navigation Message Authentication 5. Fugro & Asset integrity 2
A changing world IoT, Autonomous navigating assets, Smart cities & harbours, Electronic road pricing, all with location as a centerpiece Over the coming decade processes and systems will rely more and more on quality positioning and equally those are exposed to more cyber attack related risks; Position Integrity is a clear necessity 3
Imagine NO Geolocation service or a WRONG position! 4
Imagine NO Geolocation service or a WRONG position! The line is First In First Out, meaning the next request will go to the Uber cab who has been waiting the longest and is in the waiting area (in blue): International airport Penang, Malaysia Your location within the airport / pickup lot does not affect your position in the queue, however you will not receive dispatches unless you are in the waiting area 5
World of Spoofing 6
The world of spoofing - Likelihood Self-spoofing (Uber case) or Being spoofed? Who is the attacker & What is objective? What are the Attacker s skills & What resources available? Reference to Galileo Open Service Authentication: A Complete Service Design and Provision Analysis (Sept 2015) 7
The world of spoofing - Variables Reference to Galileo Open Service Authentication: A Complete Service Design and Provision Analysis (Sept 2015) 8
The world of spoofing - Use cases Low Value Asset Tracker: o Tamper motivated, tracking (Insurance telematics, ERP, vehicle fleet & fishing vessel tracking) High Value Asset Tracking: o Non-tampered, externally spoofed, tracking (High value goods or vehicles / trains) Portable Tracker: o Constrained on power, tamper motivated, tracking (Tagging) High Value Positioning: o Non-tampered, externally spoofed, positioning (Autonomous driving, dynamic positioning (rig)) GNSS Disciplined Timing: o Power & financial transactions 9
The world of spoofing - Threat sources Individual Operator: o Driver avoiding being tracked o Limited resource and little technical ability Lone Criminal: o Motivated by financial gain Prestige Attacker: o Hacker, academic, journalism o Motivated by publicizing their achievement o Moderate resources but significant technical ability Organized Crime: o Motivated by financial gain and possess sizeable resources Organized Attacker: o Terrorists or foreign intelligence services o Motivated by the disruptive effect of the attack, potentially unlimited resources and ability. 10
The world of spoofing - Likelihood score Uber case Attack likelihood: Extreme (4), High (3), Moderate (2), Low (1), or Negligible (0) 11 Reference to Galileo Open Service Authentication: A Complete Service Design and Provision Analysis (Sept 2015)
The world of spoofing - Countermeasures Full Position Integrity Cryptographic source External-data aided position qualification Authentication of signal & message 12
Fusion of systems for maximal resilience GNSS Navigation Message (NM) Ephemeris (incl. Time & Clock) Satellite health IMU Inertial sensor aid Full system resilience GNSS Authentication Other signals Software System (positioning) software & Receiver Autonomous Integrity Monitoring Other sensors Video, Radar, Ultrasonic, Lidar & Map match GNSS Signal Pseudo range GNSS Augmentation Corrections, Satellite Health, Real time & Extended ephemeris 13
Navigation Message Authentication Ensures the received GNSS signals carry the correct messages Authenticity of messages established using a global GNSS receiver network Digital signature information produced for authenticated messages Signature information distributed to the user User checks that received navigation message matches signature Observe in Fugro s global reference network & broadcast digital signature 14
Spoofing complexity GNSS receivers & spoofing detection methods Multiple spoofing signals and/or at multiple locations (Self) spoofing using synchronised signals RAIM & IMU other external aids (signals & sensors) Pseudo range Authentication (Dual Antenna or CRPA) Re-transmission (Self) spoofing using pre-recorded (Self) spoofing using signal generator Change ephemeris for use in Assisted GPS Navigation Message Authentication Receiver technology Mass market - Land Low-end High-end 15
Fugro people and equipment 10,000 Employees 26 Vessels 98 CPT Trucks 40 Laboratories 28 Jack-up Platforms 16 R+D centres 239 Land-based Drill Rigs 18 Offshore Drill Rigs 119 ROVs 5 AUVs 169 Offices Source: Fugro AR 2017 16
Multiple applications are vulnerable Website & use cases 17
Position critical processes need reliable location services Navigation Message Authentication provides a clear yes or no as to spoofing detection in all receiver domains and adds redundancy to the system 18
We are Fugro proud to provide geo-intelligence, location services and asset integrity solutions to contribute to a liveable world Daan Scheer