Hijacking Satellite Navigation

Comments

• 	GPS Navigation SBLGIS on 10/02/2008 at 1:03 AM
  Posts: 2 Avg Rating:	very useful informative article. thank you. Regards Mobile Mapping Rate this comment: (Reply)

• 	GPS hacking Silacon on 10/02/2008 at 2:12 AM
  Posts: 41 Avg Rating:	Feedback could solve this problem. The receivers must be able to verify the source. This is a horrible disclosure. Surely terrorists will come upon this information. Please send a schematic of your circuits. We want to inject a solution.  Your work is very valuable. Thank you!   Rate this comment: (Reply)

• 	Power Grid? jwargo on 10/02/2008 at 6:38 AM
  Posts: 2 Avg Rating:	Exactly how can GPS spoofing affect the power grid? It's rediculous to make such a preposterous suggestion and not explain how. Rate this comment: (Reply)

  • Re: Power Grid? dtutelman on 10/02/2008 at 9:17 AM

    Posts: 23 Avg Rating:

    I guess we find different things preposterous. I find it preposterous that someone would post a note like this without so much as a Google search. I also find it preposterous to assume -- given a few decades of experience -- that nobody would find a way to exploit a technological weakness for gain, terrorism, or just plain mischief. I know remarkably little about GPS or the power grid. Still, a single search on {gps power grid} educated me enough to hint how an attack might work in the future. Here are things I learned from just the first five search results, and my conclusions in italics: (1) GPS is not only useful for finding position, but also very accurate time. That seems to be the way the power grid is using it today. (2) Right now, that is being used mostly to monitor and telemeter the quality of the power: the timing and phase of the sine waves. No automatic action is being taken -- yet. But we tend to automate the USE of instrumentation of many things, and I don't see this as an exception. It's starting to happen already. The fifth search result (http://www.gpsworld.com/gpsworld/Application+Challenge/Pacify-the-Power/ArticleStandard/Article/detail/154868) describes a demonstration project in the Pacific northwest that uses power phase (as measured using GPS timing) to stabilize the grid. It is clear from reading the description that spoofing the timing badly enough would DE-stabilize the grid. (3) Another more recent use is to bring new generators on-line, especially after a disaster. (The need for this system was pointed out by 9/11.) So spoofing the GPS system could be used as an ADJUNCT to a terrorist attack, disabling the ability to bring new generators on-line and heal the disruption. As past blackouts have shown, this might even disrupt the system enough to spread the problem. So it's not preposterous at all. Not easy yet, but probably a serious vulnerability in the not-too-distant future. DaveT Rate this comment: (Reply)

    • 	Re: Power Grid? jwargo on 10/02/2008 at 9:02 PM
      Posts: 2 Avg Rating:	You're right, I should have googled it before I posted, but I know quite a bit about GPS and I didn't expect to see a power grid connection. It would have been better journalism to explain your points in the article. It's the Internet, there's a lot of room in the article for details.  Rate this comment: (Reply)

  • 	Re: Power Grid? Erica Naone on 10/02/2008 at 9:40 AM		TR Staff Assistant Editor
    Posts: 29 Avg Rating:	Dave T, thanks for the information you provided. That definitely helps. The way it was explained to me, it's the ability of GPS to provide precise time signals that's used in the power grid. By disturbing the time signals when connecting grids, it's possible to generate large power spikes due to phase misalignment. Incidentally, the time signals from GPS are also used in the financial sector. The example cited in the article of criminals using GPS to circumvent house arrest, however, would be based on confusing positional signals. Best, Erica Naone Rate this comment: (Reply)

    • Re: Power Grid? dtutelman on 10/02/2008 at 10:16 AM

      Posts: 23 Avg Rating:

      Sounds about right, Erica. "By disturbing the time signals when connecting grids, it's possible to generate large power spikes due to phase misalignment." Connecting grids is the same as bringing a generator on-line; the latter is a very simple case of the former. So we're talking about the same thing. But this vunlerability depends on a spoof that is timed with a significant maintenance action on the grid. If I were a terrorist, I'd be more interested in steady-state, when my target isn't in the act of connecting grids. And the Pacific northwest demo project is a case in point. They use GPS-based phase measurements to stabilize the grid. Anytime I hear the word "stabilize" in this sense, I know we're talking about a feedback control system. It may be too complicated a control system to analyze its poles and zeroes, the way I had to in my engineering courses over 45 years ago. But the principles are the same - namely: * A change comes about in the environment -- say, an increased load somewhere. * The change is measured and converted to a signal or message. * In response, the control system changes the input in such a way to reduce the effect of the change -- to correct back to the former status quo. Every stabilization system I've ever encountered works this way. And they all share a common problem: if the signal from the instrumentation is reversed or sufficiently delayed, the corrective action destabilizes the system instead of stabilizing it. The power grid demo project uses GPS timing to control the instrumentation. So spoofing might change or delay the signal enough to destabilize everything. DaveT Rate this comment: (Reply)

• GPS Spoofing neuendorff on 10/02/2008 at 3:35 PM

  Posts: 1 Avg Rating:

  The timing spoof might not be effective if the receiver has an internal accurate clock that would be reset by the GPS signal periodically.  The reset system would not accept a change in time that exceeded the maximum possible internal clock error for the sampling period.  The sampling period would depend on the sensitivity of the user's application.  An error would trigger a warning to the operator. The position spoof could similarly be detected by having internal solid state gyros.  If the GPS data was not consistent with the internal position data, the receiver could reject it and send a warning to the operator. Rate this comment: (Reply)

  • Re: GPS Spoofing kmarsh on 10/02/2008 at 4:50 PM

    Posts: 1 Avg Rating:

    Both decent suggestions, but I'm not sure either would work; for the positioning, odometry is notoriously inaccurate; roboticists have devoted an enormous amount of effort into researching better ways to do odometry and don't really have good solutions that work in the general case.  In fact, many robots use GPS rather than trust their odometry.  Inertial sensors would do better than odometric data, but they're still not perfect (too much acceleration will max them out and make the data useless, for instance) and they're likely to make the GPS receivers substantially more expensive (although that is an unresearched claim). As for the time-correction, I think you are just delaying the problem.  One of the earlier comments by Dave or Erica mentioned that the spoofer works by slowly deviating the spoofed signal from the real signal after the receiver has switched to the spoofed signal.  Even with built-in checks based on known error-rates the spoofing device could simply always move its signal in the same direction within the acceptable tolerance.  I admit this is dependent on the details of how your tolerance checking worked, but it wouldn't take a heroic effort to disrupt it.  It could be too slow to be practical, I suppose. ~KMarsh Rate this comment: (Reply)

• 	[no subject] jfrank on 10/02/2008 at 4:43 PM
  Posts: 1 Avg Rating:	The internal clock idea is a good one and should be very easy to implement. There are small solid state accelerometers that might be more feasible than gyros, though... Rate this comment: (Reply)

• 	FAA NextGen Air Traffic Control LDighera on 10/03/2008 at 11:09 PM
  Posts: 13 Avg Rating:	The Federal Aviation Administration is basing their next generation air traffic control system on GPS and decommissioning existing radars. Not only is GPS spoofing an issue, satellite communications are vulnerable to solar storms which are expected to increase. Rate this comment: (Reply)

  • Re: FAA NextGen Air Traffic Control arnetwork on 10/05/2008 at 8:58 AM

    Posts: 4 Avg Rating:

    Stabilizing power grids becomes all important once you start trying to inject alternative power sources. Conventional sources of power are relatively easily managed w.r.t. phase. G.p.s. based control systems would simply be a refinement that would maximize efficiency. So called alternative sources such as wind and solar have uncontrollable and unpredictable variation in output. Phase alignment is _the_ critical limitation on the amount of perceived green energy that can be blended into the grid. Currently, no power grid has succeeded in blending in more than approx. 20 per cent from unconventional sources. There are some countries whose output is a very high percentage but their consumption of such power is relatively low. The rest is exported to help pay for imported conventional power. Generally the transaction happens at an unfavourable rate to the exporter. However it's seen as better than what seems to be nothing. If you ignore the cost of subsidy for construction and operation as well as the opportunity cost of the resources, money, time, effort and property values it might even seem to make economic sense. Phase alignment issues are alive and well. It is an inconvenient truth that the Al Bore types wish to ignore but there is no free lunch when it comes to maintaining a modern industrial democracy.     Rate this comment: (Reply)

• 	Concerned about the Power Grid? MGTek on 10/06/2008 at 4:17 PM
  Posts: 1	There are easier less technologically advanced ways to take down the powergrid. If you sincerely concerned about the issue I would strongly suggest that you refer to the manufacturer of the GPS products for advice. Rate this comment: (Reply)