Two agencies charged with helping protect America’s critical infrastructure are working on ways to safeguard GPS receivers, particularly those used to tap the signal for essential timing data.
The Department of Homeland Security (DHS) is building on its more recent, technically focused research to identify and mitigate risks.
Two agencies charged with helping protect America’s critical infrastructure are working on ways to safeguard GPS receivers, particularly those used to tap the signal for essential timing data.
The Department of Homeland Security (DHS) is building on its more recent, technically focused research to identify and mitigate risks.
“DHS has been working with industry to identify the most prevalent receivers used within the critical infrastructures,” said DHS Program Manager Sarah Mahmood. “These receivers are being tested against various jamming and spoofing scenarios.”
The results of the current round of tests, she told Inside GNSS, including analyses of potential impacts to the various critical infrastructures, is expected later this year.
The testing expands on work Mahmood described to the National Space-Based Positioning, Navigation, and Timing (PNT) Advisory Board during their June 2014 meeting. The agency, she said, was looking in detail at the need for timing data to synchronize both the power grid and the telecommunications network. It was also working on ways to identify and locate GPS interference and jamming using the location capability that already exists in cell phones.
Since then the DHS has released a list of best practices for those installing and operating fixed-location GPS receivers. The 10-page set of guidelines discusses various classes of antennas, their relative merits and estimated costs, as well as how to place them to avoid interference from other equipment, saboteurs, and even summertime vegetation foliage. The document describes proper cabling, the time needed for receiver stabilization, and making sure cesium clocks, which last 5 to 12 years, don’t run out of cesium and the absolute necessity for continued monitoring and maintenance.
The document also summarizes cybersecurity issues with Ethernet ports and Network Time Protocol (NTP) services, underscoring the need for at least two, preferably three or more, NTP sources traceable by either the U.S. Naval Observatory or the National Institute of Standards and Technology (NIST).
“NTP is founded on the User Datagram Protocol (UDP), and is highly susceptible to IP spoofing,” the DHS wrote. A compromised NTP server “opens the door to more sophisticated attacks that include NTP poisoning, replay attacks, obfuscation/alteration of logging data, denial of service (DOS), and distributed denial of service (DDOS).”
Secure communications need to be used, DHS said, and verification and authentication is essential. Non-authenticated ports should be blocked.
Interestingly, the agency directed critical infrastructure managers to report problems to groups very familiar to the navigation community.
“GPS users,” said DHS, “should report service degradations, disruptions, other incidents or anomalies to the U.S. Coast Guard Navigation Center.”
The list of best practices could be useful to NIST, which has been asked by industry to develop getting-started guides and other resources to help companies improve cybersecurity.
A standards-focused agency within the Department of Commerce, NIST was tasked by the White House in 2013 with working with stakeholders to develop a plan for improving the cybersecurity of critical infrastructure. They released the voluntary, multi-level Framework for Improving Critical Infrastructure Cybersecurity on February 12, 2014, to help firms assess their cybersecurity practices and develop steps to improve them.
After absorbing industry feedback about the framework at a round of meetings, an August Request for Information, and a workshop in October, the agency issued a progress update on December 5. They said they would forego updating the framework for now and develop training materials, including real-world examples, to help firms adapt and adopt the current framework.
In a related but separate effort, NIST has been building a specially designed facility to support research on phasor measurement units (PMUs) and timing, an element in NIST’s work on protecting the power grid, explained that Victoria Yan Pillitteri, an advisor for information system security with NIST’s Computer Security Division, Information Technology Laboratory. PMUs frequently use GPS-based time sources to synchronize the electrical waves on an electricity grid.
“NIST is charged by the 2007 Energy Independence and Security Act (EISA) with facilitation of interoperability standards to enable successful implementation of the evolving cyber-physical national electric grid system known as the smart grid,” Pillitteri told Inside GNSS in an emailed response.
To help do this, she said, NIST is building the Smart Grid (SG) Testbed Facility in Gaithersburg, Maryland. Its unique set of interconnected and interacting labs “will accelerate the development of SG interoperability standards by providing a combined testbed platform for system measurements, characterization of smart grid protocols, and validation of smart grid standards, with particular emphasis on microgrids.”
The testbed’s Cybersecurity and Precision Time Synchronization Lab module is now in the final stages of construction. Although it would be a stretch to describe current plans as “GPS signal-security” research, she said, “there will be GPS signal availability to support PMU/timing research with a potential cybersecurity component.”