Historically, Global Positioning System (GPS) receivers have been considered single-purpose appliances like radios that required very focused, application-specific hardware but placed less emphasis on software. In contrast, today’s receivers are implemented and integrated as embedded software applications distributed over general purpose processors with special GPS hardware.
The GPS Allow List Development Guide presents a software assurance approach as a means of addressing potential vulnerabilities and increasing reliability of Global Positioning System (GPS) receivers. This guide is part of S&T’s emphasis on a cybersecurity-based approach for Positioning, Navigation, and Timing (PNT) resilience and can also help with the implementation of data-related requirements in the Resilient PNT Conformance Framework.
The approach utilizes input data validation based on allow list constraints to minimize the processing of malformed navigation messages entering a GPS receiver. An example allow list is used for the navigation data fields documented in the interface specification for a GPS signal. Some benefits, limitations, and caveats of the approach are further discussed in the guide. Example allow lists are also presented to illustrate the concept. This guidance is provided for navigation device developers seeking to create, implement, and verify GPS allow lists customized to their systems.
|DHS-GPS Allow List Development Guide v1.1||475.58 KB||11/09/2022|