Most drivers place full trust in their GPS navigation systems to guide them to their destination. But what if those navigation systems can’t be trusted."The very reason we use GPS maps is because we are unfamiliar with an area so you can easily see how this attack, if done subtly, would be effective.” Several companies around the globe have demonstrated an ability to fool GPS navigation systems. For example, researchers from the University of Electronic Science and Technology of China, Virginia Tech, and Microsoft Research replaced the GPS navigation system's destination with a ghost location without drivers noticing.
But is this a real threat?
How important is civilian protection from GPS-spoofing? Civilian protection against GPS spoofing is becoming more and more important as mobility and transportation systems including drones and autonomous vehicles rely on geospatial coordinates to maneuver and perform their mission. The ability to spoof civilian GPS could result in financial and human losses.
For example, by spoofing fake GPS information to a fleet of driverless cars, an attacker could disrupt traffic, insert delays in delivery routes, or lead cars towards a target location in order to extract assets. GPS is also widely used as a time source. Thus, any systems relying on GPS for time synchronization could be significantly disrupted. As a matter of fact, time is a critical element in security systems. For example, to authenticate a signed message such as a software update file, the generation time and the certificate validity period are verified, which requires access to a trusted time source. Therefore, GPS spoofing could affect both positioning and time, making the protection of GPS even more critical.
In most cases, eCall in Europe uses Global Navigation Satellite System (GNSS) positioning to send a vehicle’s exact location to the emergency system. GNSS spoofing could lead to a response team being dispatched to the wrong location. Therefore, the deployment of the eCall system increases the need of anti-GNSS spoofing solution.
In the US, Executive Order 13693 requires agencies to collect vehicle asset-level operational data via telematics that are to be deployed in all new, light-duty and medium-duty vehicle acquisitions, except where the agency determines that it is not appropriate. Collection and analysis of operational data for individual vehicles—such as fuel use, maintenance, utilization, idling, location, routing or mapping of trips, emissions, or speed—can help fleet managers identify opportunities to reduce fleet size, fuel use, misuse of vehicles, unnecessary maintenance, and, ultimately, reduce fleet costs. Even if the location is not used for operational purposes directly, GPS spoofing could adversely affect this service. Hence, there is a need for anti-GPS spoofing technology, and in the next decade, it will get bigger with the development of connected, automated, and electric vehicles. Automated Vehicles (aerial or ground) require global positioning to know their location on high-definition maps or simply to locate an object detected by a sensor.
Solutions have been developed for automated vehicles in case the GPS isn’t functioning. For example, a camera can be used to identify known landmarks, terrain types, or even stars’ positions. But these solutions are not generally used while the GPS is functioning, so the system isn’t comparing the GPS information with data from other sensors. The fusion of sensor data and GPS data with an advanced misbehavior detection agent is required to defeat GPS spoofing attacks.
Interested in GPS spoofing? Explore more on this topic :-