GPS Vulnerability Study of Low-Cost Software Defined Radio Spoofing Devices

GPS has played an important role in air navigation in modern aircraft. It is an important part of safety for the aircraft. From a pilot standpoint, it is the primary tool to fly an airplane from point A to point B. GPS is also used on timing systems for various Federal Aviation Administration (FAA) National Airspace System (NAS) infrastructure systems, and the timing signal is used to help coordinate different aspects of the NAS to keep things safe. 

Tens of thousands of airplanes fly over the entire NAS daily and all of them use GPS as a guide. Any disruption in GPS, including jamming and spoofing, would cause a tremendous disruption to the NAS. GPS jamming results in the loss of GPS and the corresponding aircraft capabilities. GPS spoofing is more subtle because it produces a false GPS signal that the plane believes is real, intentionally misguiding the pilots. Therefore, GPS spoofing could be more dangerous than GPS jamming because the pilots may not be aware of a false GPS signal caused by GPS spoofing. This could possibly cause a collision with the ground, or the aircraft could go into another aircraft’s airspace.

SST has worked with the FAA and the Naval Air Systems Command (NAVAIR) in a study of possible GPS vulnerabilities using low-cost Software Defined Radio (SDR) spoofing devices and potentially harmful devices. The goal is to better understand and quantify the effects of these generated signals on GPS civil aviation receivers, and to learn about mitigations.

Working with our FAA and NAVAIR counterparts, SST conducted flight tests to understand how they could affect avionics on an aircraft. The technique involved using an SDR to generate an artificial GPS constellation, causing the plane to go wherever it was coded in to be. We built up our test from ground, to taxi, to flight over various phases to try to understand what might happen to the avionics and the pilots from these devices themselves. We tested various receivers to mimic what is in the NAS. Our engineers set up these receivers on board the aircraft prior to flight testing, developed our own in-house software, and did all the decoding. Our engineers performed both real-time and post-time analyses of the data collected during the flight testing. It usually takes a combination of different pieces of information to get a good idea of how the receivers react to different vulnerabilities that we are exploiting. The study provided a comprehensive understanding of how spoofing could affect avionics on an aircraft and about what mitigations are available. It allows the FAA to make informative decisions on what requirements need to be enacted to improve flight safety.