DHS Publishes Free Resources to Protect Critical Infrastructure From GPS Spoofing

The Department of Homeland Security (DHS) Science and Technology Directorate has published the Positioning, Navigation, and Timing (PNT) Integrity Library and Epsilon Algorithm Suite to protect against GNSS spoofing. These resources advance the design of PNT systems and increase resilience of critical infrastructure to PNT disruptions.

“GPS users must plan for potential signal loss and take reasonable steps to verify or authenticate the integrity of the received GPS data and ranging signal, especially in applications where even small degradations can result in loss of life,” states the Space Policy Directive-7 (SPD-7), issued on January 15, 2021.

The PNT Integrity Library and Epsilon Algorithm Suite address this issue by providing users a method to verify the integrity of the received GPS data. “We are excited to release these resources to the PNT community to improve resiliency against potential GPS signal loss,” said DHS Science & Technology Directorate PNT Program Manager Brannan Villee.

The PNT Integrity Library (the link goes to a GitHub page) provides users a method to verify the integrity of the received GPS data and ranging signals, thereby improving resiliency against potential GPS signal loss. The software is a scalable framework for GNSS-based PNT manipulation detection that offers varying levels of protection based on the available data. The library is to be provided to GNSS receiver and GNSS-based timing server OEMs for use in future development or integration into existing products and platforms. More details on the PNT Integrity Library can be found under the PNT_Integrity_Library_Guide.pdf and PNT ReadMe on system components, algorithms, and checks. The library is licensed under the BSD 3-Clause License. The library contains source code developed by Integrated Solutions for Systems (IS4S) and third parties. Refer to the individual source files for applicable copyright information.

“The PNT Integrity Library provides a resource for both PNT system developers and users to verify the integrity of GPS-based measurements as well as a framework for incorporating additional detection algorithms as the state of the art evolves,” said David Hodo, Vice President – Assured PNT for IS4S. “We hope that making these tools available will lower the bar for system manufacturers to develop more resilient products and improve the security of our nation’s critical infrastructure.”

The Epsilon Algorithm Suite (also a GitHub page) states that “Detecting spoofing attacks is an open research area and many anti-spoofing (AS) techniques have been published. While these techniques can be effective, many require access to internal receiver processing.

“This code base is an implementation detail of the Epsilon AS algorithms. These algorithms enable an end-user to have basic spoofing detection capabilities without any modifications to the existing GPS receiver. The algorithms only require information commonly provided by GPS receivers and do not have to be implemented on the receiver itself. When used together, these algorithms can detect the effects of targeted position, velocity, and clock spoofing attacks.”

“Since GPS signals can be jammed or spoofed, critical infrastructure systems should not be designed with the assumption that GPS data will always be available or will always be accurate,” added Jim Platt, Chief of Strategic Defense Initiatives at the Cybersecurity and Information Security Agency (CISA) National Risk Management Center. “Application of these tools will provide increased security against GPS disruptions. However, DHS also recommends a holistic defense strategy that considers the integrity of the PNT data from its reception through its use in the supported system.”

[Photo: DHS Headquarters building, Washington, DC. Courtesy DHS.]

IGM_e-news_subscribe