Since GPS (Global Positioning System) became operational in 1995, remote signals from space have become the electronic guiding force behind almost every aspect of military operations from aerial refuelling to missile guidance. The military has become so deeply reliant on space based capability (more often than not satellite navigation services) that, according to the Defence iQ Military Satellites: UK Space Capability Development report, 90% of military equipment platforms and systems now depend on space signals. Global Navigation Satellite System (GNSS) signals are increasingly crucial to our wider economy and critical national infrastructure, with the Royal Academy of Engineering estimating that 6-7% of GDP in Western countries is dependent on GNSS-derived data.
This turns the continued security and integrity of Position, Navigation and Timing (PNT) data into “a matter of national security ”. The growing reliance of commercial, critical national infrastructure and military systems on GNSS creates a potential ‘single point of failure’. For example, sea trials carried out by the General Lighthouse Authorities have demonstrated that GNSS interference/jamming can not only knock out the satellite navigation receiver on a vessel but also impact a range of vital coupled maritime navigation systems, from radar and electronic charts to the Automatic Identification System that tracks the worldwide whereabouts of vessels. And Dr Martyn Thomas CBE, member of the Defence Scientific Advisory Council and Fellow at The Royal Academy of Engineering, has warned that “a surprising number of different systems already have GPS as a shared dependency, so a failure of the GPS signal could cause the simultaneous failure of many services that are probably expected to be independent of each other.”
The Central Threat
GNSS are vulnerable to electronic jamming because they are broadcasting from over 20,000km up in space, so the signals are faint and difficult to distinguish from background noise by the time they reach Earth. This renders them highly susceptible to terrestrial or airborne electronic jammers that can drown out the signals.
Russia has reportedly already been using airborne jammers in Ukraine to disable electronics on a U.S. destroyer in the Black Sea, confuse aircraft radars and disrupt reconnaissance drones and military communications. This threat is growing as military experts have warned that Russia has “companies, they have battalions, they have brigades that are dedicated to the electronic warfare mission.” Meanwhile, South Korea recently complained to the UN Security Council that North Korea’s military-grade GPS jamming attacks have affected more than 1,000 aircraft and 700 ships, posing a major hazard to vital transportation systems.
And electronic jamming technology can also be used by non-state actors, including criminals and terrorists. The SENTINEL Project – a Government-backed UK investigation into GNSS signal jamming – found that the power of electronic jammers in civilian use is significantly increasing and that they are widely available online for as little as $30.
It is also possible to echo GNSS signals with a fake signal that gives a false time or position – a technique called spoofing. This could potentially cause ‘guidance drift’ in GPS-guided missile systems that misleads them onto the wrong target, or allow ships on Autopilot to drift off-course, creating confusion over the whereabouts of military assets. To prove the concept, researchers used ‘spoofing’ technology to send a large yacht several hundred yards off course while the on-board navigation systems remained completely unaware of the deception.
And there is a cyber threat too where an attacker uses either a spoofing signal or the host system to which the GNSS receiver is connected to inject data designed to cause a denial of service or to generate misleading outputs. With the reduction in cost of programmable software radio experimentation tools, such attacks can be mounted not just by state actors but potentially by hackers.
This is not theoretical; a German Patriot missile battery was subject to a brief cyber-attack last year, possibly through the computer chip that provides guidance.
GNSS constellations could also be vulnerable to ‘system-level failures’ caused by bugs or even solar weather events. 15 GPS satellites broadcast the wrong time earlier this year due to a software bug, and a previous glitch rendered thousands of US military receivers useless. Meanwhile a Royal Academy of Engineering report has warned that “the risk of a common mode failure affecting an entire GNSS constellation or even multiple constellations cannot be ruled out. The Earth is subject to extreme solar events from time to time and these have the potential to disrupt the GNSS signals, and the satellites themselves.”
The Fightback
The defence community is now working on a number of potential ways to combat these threats.
QinetiQ is working with a group of stakeholders, including the European Space Agency and the UK Government, to develop a new generation of high performance satellite receivers that can simultaneously utilise multiple frequencies and GNSS ‘constellations’, i.e. GPS, Europe’s Galileo potentially even Russian and Chinese satellite systems. This provides enhanced resilience and robustness by using all the different satellite-based navigation systems available, ensuring continuity of service in the event of a significant jamming or spoofing attack affecting a signal or an entire constellation. Crucially, the new receivers could also compare location and timing data between multiple satellite networks to help identify any erroneous data.
And there are other ways to protect military infrastructure beyond a multi-sensor system; advanced signal processing can add another defensive layer while an anti-jam antenna can effectively nullify any sources of signal interference and can even help identify and locate the source.
Alongside this, the EU’s Galileo satellite network will provide a new special ‘spoof-proof’ encrypted signal service, dubbed PRS (Public Regulated Service), for government-authorised users that requires a high level of robustness and continuity. PRS signals are encrypted against cyber-attack by cryptographic keys which are stored and managed by the PRS user. A recent QinetiQ trial with the Ordinance Survey demonstrated that the keys can be placed in a secure server located in the “cloud” and accessed via the internet. When used in conjunction with the receivers, this will add yet another layer of redundancy and security to the mission critical services that use it.
Looking further into the future, the UK Ministry of Defence’s Defence Science and Technology Laboratory (Dstl) is now working on a ‘quantum compass’ which would operate at a subatomic level and would consequently be very hard to echo or disrupt.
QinetiQ is also exploring complementary technologies including opportunistic navigation methods which use whatever radio signals are in the environment, and even novel techniques for using celestial navigation.
Protecting military and civilian infrastructure against the electronic warfare of the future depends on the uptake of new methods used to navigate; methods that are already being developed, fine-tuned and, introduced by industry.
(Photos courtesy of ESA)