An Israeli firm is introducing a technology to detect the spoofing of GPS and other satellite navigation signals that is packaged into a device so small it can be integrated into existing receivers for drones, ships and autonomous vehicles — and, soon, maybe even cell phones.
Haifa-based Regulus Cyber is demonstrating its Pyramid GNSS product at the Consumer Electronics Show running January 8-13 in Las Vegas, Nevada.
The palm-sized device can be incorporated with existing receivers — including those for mobile and Internet of Things (IoT) devices — receiving signals from GPS or the other global navigation satellite systems (GNSS) like Europe’s Galileo or China’s BeiDou. A wide range of products including driver-assisted cars, commercial vehicles, robotic equipment, precision farm machinery, boats, cell phones and unmanned aircraft rely on GNSS for location and navigation. And the threat of these systems being intentionally misdirected is growing.
“Any vehicle guided by a GNSS system can be spoofed using open source software and a software defined radio (SDR) legally purchased from Amazon for under $300,” the firm said in a statement. “A spoofer can generate and transmit fake GNSS signals that can be used by the vehicle’s navigation system to calculate a false destination, directing the vehicle to an entirely different location, a potentially life-threatening hazard.”
“GNSS spoofing and jamming is something that has been long discussed,” said Roi Mit, Regulus’ chief marketing officer. Only recently have governments and large corporations started to deal with the issue, he said, largely because of the push toward using autonomous systems.
“(GNSS) is actually the backbone of almost every autonomous navigation system,” said Mit, and GNSS spoofing is a threat that many people and industries do not fully understand. “We all (take GNSS as a given) when we turn on that location service on our phones. We always trust it. We always find it reliable. We always have it accessible and we don’t realize how vulnerable it is.”
Though Mit was circumspect about how the detector works a U.S. patent application published on October 18 provides some clues. The application says the device relies on a “plurality of GNSS antennas connected to a plurality of GNSS receivers.” Each of the antennas is covered by a radio frequency (RF) absorber “wherein the RF absorber enables the plurality of GNSS antennas to identify a direction from which at least one GNSS signal is received.”
The use of multiple antennas is not new, said Todd Humphreys, an associate professor at the University of Texas at Austin, the director of the school’s Radionavigation Laboratory and an expert on GNSS spoofing. For example, he said, Controlled Radiation Pattern Antennas (CRPA) have been used by the military for many years and are one of the primary ways to thwart jamming. “That technology is very effective when applied to spoofing because we can check whether the signals are arriving from multiple satellites, as they should be, or whether the signals are arriving from a single transmitter which would be indicative of spoofing.”
(Humphreys is not a part of Regulus’ efforts though he has talked with the company in the past and shared some of his data.)
That technique of combining signals from various antennas to get a direction is a high-quality approach but generally expensive and cumbersome. Though research has been underway to shrink the technology down, said Humphreys, “at present it’s still fairly exotic.”
“What’s novel here, and I think quite patentable, is the use of RF (radio frequency) absorbent material on each one of the antennas so that the individual antennas have sensitivity to signals coming from a particular direction,” Humphreys said. What Regulus is proposing in the patent, he said, makes an array of antennas sensitive to the direction of arrival of the signals, which could reveal a spoofing attempt, but does it in the really nice and cheap way.
While this approach may not, he said, be able to determine where a fake signal is coming from with the same precision, that may not be necessary. Other signal characteristics, like the signal-to-noise ratio, are also taken into account, he noted. “It’s basically a poor man’s way of getting directionality out of the antenna and that means that they can produce a less expensive spoofing detector. And that’s valuable.”
Humphreys is not the only one who sees potential in Regulus’ approach. The company has raised a total of $6.3 million since April 2018.
The Pyramid device is available now and can be used to protect existing systems but currently is used mostly for testing and demonstration, said Mit. The firm is working on a software product that could be used to upgrade receivers and is also developing a version of its technology that could be used in cell phones.
“The cell phone version will either be software or chip level,” said Mit, and they hope to have it ready by the end of 2019.