Accurate positioning, navigation, and timing (PNT) is necessary for the functioning of many critical infrastructure sectors. Precision timing is particularly important and is primarily provided through the Global Positioning System (GPS). However, GPS’ space-based signals are low-power and unencrypted, making them susceptible to both intentional and unintentional disruption.
To address GPS vulnerabilities in critical infrastructure, S&T’s Positioning, Navigation, and Timing (PNT) Program has a multi-pronged approach of conducting vulnerability and impact assessments, developing mitigations, exploring complementary timing technologies, and engaging with industry through outreach events and meetings. Through these sustained efforts, the goal of the program is to increase the resiliency of critical infrastructure to GPS vulnerabilities in the future.
Examples of measures that can be taken to enhance resiliency can be found in the following DHS best practice documents released via the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT):
- Best Practices for Improved Robustness of Time and Frequency Sources in Fixed Locations (PDF, 10 pages, 465.67 KB)
- Improving the Operation and Development of Global Positioning System (GPS) Equipment Used by Critical Infrastructure (PDF, 21 pages, 512 KB)
As part of industry engagement, DHS S&T has published the PNT Integrity Library and Epsilon Algorithm Suite to protect against Global Navigation Satellite System (GNSS) spoofing, or deceiving a GPS device through false signals. These resources advance the design of PNT systems and increase resilience of critical infrastructure to PNT disruptions.
- Intended for GNSS receiver and GNSS-based timing server Original Equipment Manufacturers (OEMs) for use in future development or integration into existing products and platforms.
- Provides spoofing detection capabilities for GNSS-based PNT sources using available receiver PNT solutions and observables and, when possible, other measurements and data available in the antenna / receiver processing chain.
- Provides scalable framework for GNSS-based PNT manipulation detection that offers varying levels of protection based on the available data.
- Allows additional checks to be added as new threats arise due to the modular nature of the application.
- Detects inconsistencies in position, velocity, and clock observables commonly provided by GPS receivers.
- Enables an end-user to have basic spoofing detection capabilities without any modifications to the existing GPS receiver.
- Presents a software assurance approach as a means of addressing potential vulnerabilities and increasing reliability of GPS receivers.
- Utilizes input data validation based on whitelist constraints to minimize the processing of malformed navigation messages entering a GPS receiver.
Conformance Framework Report
Resilient PNT Conformance Framework (report)
PNT Program Fact Sheet
Resilient PNT for Critical Infrastructure (fact sheet)
To learn more about the work DHS S&T is doing to promote resiliency in positioning, navigation, and timing, email GPS4Critical-Infrastructure@hq.dhs.gov.