Does Anyone Really Know What Time It Is? Dr. Michael L. Cohen, MITRE October 15, 2013

Similar documents
HOW TO RECEIVE UTC AND HOW TO PROVE ACCURACY

Surviving and Operating Through GPS Denial and Deception Attack. Nathan Shults Kiewit Engineering Group Aaron Fansler AMPEX Intelligent Systems

The Effect of Radio Frequency Interference on GNSS Signals and Mitigation Techniques Presented by Dr. Tarek Attia

Jamming and Spoofing of GNSS Signals An Underestimated Risk?!

Extreme space weather: Geomagnetic storms, GNSS disruptions and the impact on vital functions in society

Our Cyber Security History and Future

Ensuring Robust Precision Time: Hardened GNSS, Multiband, and Atomic Clocks. Lee Cosart WSTS 2018

Power Utilities Mitigating GPS Vulnerabilities and Protecting Power Utility Network Timing

Canadian Coast Guard Review to Implement a Resilient Position, Navigation and Timing Solution for Canada. Mariners Workshop January 31 st, 2018

GNSS VULNERABILITY AND CRITICAL INFRASTRUCTURE

Communications Sector. Use of Positioning, Navigation and Timing (PNT) Services

S a t e l l i t e T i m e a n d L o c a t i o n. N o v e m b e r John Fischer VP Advanced R&D

GPS Interference Detection & Mitigation

Time Firewall: Securing the GNSS receivers against Spoofing/Jamming. Shemi Prazot AccuBeat

Results from a GPS Timing Criticality Assessment

Timing & Synchronisation

Providing a Resilient Timing and UTC Service Using eloran in the United States. Charles Schue - ION PTTI Monterey, CA

Energy Sector. Use of Positioning, Navigation and Timing (PNT) Services

Protection Augmentation Toughness and Alternatives of GNSS. Melaha 2016 Concord Al-Salam Hotel Cairo, April 25,2016 Refaat Rashad

The Case for Recording IF Data for GNSS Signal Forensic Analysis Using a SDR

ATIS Briefing March 21, 2017 Economic Critical Infrastructure and its Dependence on GPS.

Jager UAVs to Locate GPS Interference

Civil GPS Service Interface Committee (CGSIC) International Committee on GNSS November 2016

The Politics of Resilience Speaking Truth to Power the Last 18 Months

Current Challenges (and Solutions) in Satellite Navigation. Omar García Crespillo Institute of Communication and Navigation

GPS/QZSS Signal Authentication Concept

Benefits and Limitations of New GNSS Signal Designs. Dr. A. J. Van Dierendonck AJ Systems, USA November 18, 2014

GPS Time Synchronization with World-Class Accuracy using a Few Selected Satellites

Information Technology Sector. Use of Positioning, Navigation and Timing (PNT) Services

Coherent Navigation. Stanford PNT Symposium Copyright 2007 Boeing. All rights reserved.

Mobile Security Fall 2015

GPS Modernization and Program Update

Developing a GNSS resiliency framework for timing receivers. By Guy Buesnel and Adam Price Spirent Communications, October 2017

Universal Acquisition and Tracking Apparatus for Global Navigation Satellite System (GNSS) Signals: Research Patent Introduction (RPI)

Applying Defence-in-depth to counter RF interferences over GNSS

Civil GPS Systems and Potential Vulnerabilities

GPS & other Radio Time sources

Measurement tools at heart of Smart Grid need calibration to ensure reliability

Leadership in Resilient PNT

IMPLEMENTATION OF GNSS BASED SERVICES

Security of Global Navigation Satellite Systems (GNSS) GPS Fundamentals GPS Signal Spoofing Attack Spoofing Detection Techniques

TCG 02-G FULL FEATURED SATELLITE CLOCK KEY FEATURES SUPPORTS

Black Swans, White Elephants and Delivering a New National Timescale with eloran

Navigation für herausfordernde Anwendungen Robuste Satellitennavigation für sicherheitskritische Anwendungen

TCG 02-G FULL FEATURED SATELLITE CLOCK KEY FEATURES SUPPORTS

BROADSHIELD CAPABILITIES OVERVIEW. Beyond the Frontier

Resilience through co-primary PNT solutions: GPS and eloran. By Charles Schue September 4, 2014

MHz. Figure 1: spectrum plot of the L1 band without interference with the GPS L1C/A central frequency indicated

Leica GRX1200 Series High Performance GNSS Reference Receivers

Update from the United States Space-Based Positioning, Navigation, and Timing Advisory Board

Introduction GNSS RF interference. Jan-Joris van Es (NLR) January 2018

Experience with Radio Navigation Satellite Service (RNSS)

Wide Area Time distribution Via eloran. NASPI WG Meeting

Integrity of Satellite Navigation in the Arctic

GNSS Threats at Airports and detecting them

GPS Jamming Quantifying the Threat

F6052 Universal Time Synchronizer

Receiving the L2C Signal with Namuru GPS L1 Receiver

ATIS GPS Vulnerability TECHNICAL REPORT

Configuring the Global Navigation Satellite System

The GLOBAL POSITIONING SYSTEM James R. Clynch February 2006

An alternative way of WAM system time synchronization. Presented by Vojtěch Stejskal ATM Madrid 2015

GPS jamming

POWERGPS : A New Family of High Precision GPS Products

EP A1 (19) (11) EP A1 (12) EUROPEAN PATENT APPLICATION. (51) Int Cl.: G01S 5/02 ( ) G01S 5/14 ( ) H04L 12/28 (2006.

Configuring the Global Navigation Satellite System

Quartz Lock Loop (QLL) For Robust GNSS Operation in High Vibration Environments

Configuring the Global Navigation Satellite System

Implementing a Wide Area High Accuracy UTC Service via eloran

Configuring the Global Navigation Satellite System

Robust GPS-Based Timing for PMUs Based on Multi-Receiver Position-Information-Aided Vector Tracking

Implementation and Performance Evaluation of a Fast Relocation Method in a GPS/SINS/CSAC Integrated Navigation System Hardware Prototype

Briefing for NPSTC DHS SCIENCE AND TECHNOLOGY 2017 FIRST RESPONDER ELECTRONIC JAMMING EXERCISE. September 6, 2017

Configuring the Global Navigation Satellite System

GPS Adjacent Band Compatibility Assessment

STRIKE3 Standardization of GNSS Threat reporting and Receiver testing through International Knowledge Exchange, Experimentation and Exploitation

Leica GRX1200+ Series High Performance GNSS Reference Receivers

Shared Use of DGPS for DP and Survey Operations

Guidelines for Synchronization Techniques Accuracy and Availability

Weathering the Storm GNSS and the Solar Maximum Next Generation GNSS Ionospheric Scintillation and TEC Monitoring

Understanding GPS: Principles and Applications Second Edition

PROTECTING GPS/GNSS-RELIANT MILITARY SYSTEMS

Scale Manufacturers Association (SMA) Recommendation on. Electrical Disturbance

Leica Spider Infrastructure HW Solutions Introducing: Leica GR30 & GR50

INTEGRITY AND CONTINUITY ANALYSIS FROM GPS JULY TO SEPTEMBER 2016 QUARTERLY REPORT

satech SynchroStar GPS 200 Series

PRIORITIZING DANGERS TO THE UNITED STATES FROM THREATS TO GPS

NMI's Role and Expertise in Synchronization Applications

Security mechanisms for positioning systems - enhancing the security of eloran

TIME AND FREQUENCY ACTIVITIES AT THE CSIR NATIONAL METROLOGY LABORATORY

Improving the Resilience to Interference of a GNSS Reference Station

On Location at Stanford University

Global Navigation Satellite System for IE 5000

GIDAS GNSS Interference Detection & Analysis System

Note that MIFD II will also be influencing standards in the US.

CLICK HERE TO KNOW MORE

Tracking New Signals from Space GPS Modernization and Trimble R-Track Technology

Proposed standard for permanent GNSS reference stations in the Nordic countries

Proceedings of Al-Azhar Engineering 7 th International Conference Cairo, April 7-10, 2003.

White Paper. GPS Jamming. Increasing system resilience to counteract intentional and unintentional GPS signal interferences

Transcription:

Does Anyone Really Know What Time It Is? Dr. Michael L. Cohen, MITRE October 15, 2013 2013 The MITRE Corporation. All rights reserved Approved for Public Release; Distribution Unlimited 13-3392.

The Problem: Disruption or Manipulation of Time 1 Source: http://www.ejumpcut.org/archive/jc52.2010/pramaggiore911/ 1

Topics 2 Recognizing the power grid is a real-time system, we address four topics related to time: Timing Dependency Timing Threats Timing Mitigation Measures Proposed Resilient Timing Goals 2

Timing Dependency 3 Key Terms Defined Time-of-Day:* a single time of day that can referenced globally; also known as coordinated universal time (UTC). Clock:* the internal hardware and software that maintains time of day in a computer or intelligent microprocessor device. Time Interval: a unit of time duration such as one second. The constant rhythm of a clock. Clock Synchronization: Setting all clocks to the same time of day to within a specified tolerance of a reference clock time (UTC) and the same time interval (rate of advancement). Time Resolution:* The smallest increment of time to which a measurement can be distinguished. *Adapted from NERC Time Stamping of Operational Data Logs 3

Timing Dependency (II): Power Grid Time-Dependent Equipment & Networks 4 Phasor Measurement Unit TW Fault Locator Quality of Power Supply Lightning Strike Measurement Disturbance Monitoring Event Recorder Protective Relay Synchrophasor Network Control Center/EMS 4

Timing Dependency (III): GPS: A Great Clock Setter and Synchronizer 5 GPS Synchronizes Clocks Across the Globe

Timing Dependency (IV): Timing Dependencies Across the Power Grid/Smart Grid 6 Key: = Strong Timing Dependency = Medium Timing Dependency

Timing Dependency (V): Summary 7 All portions of the Power Grid/Smart Grid have timing dependencies Ranges over six orders of magnitude from 1 microsecond (10-6 s) to 1 second Many, but not all, timing dependencies are met by GPS timing Other timing sources include local crystal oscillators (clocks) and time servers that obtain and distribute timing from external sources such as NIST s ACTS, WWV, or WWVB broadcasts Portions of Power Grid/Smart Grid utilizing GPS timing include: Generation, Transmission, Operations, and Distribution Those portions are the portions where any disruption would be the most consequential for power grid operations Based on findings from DHS GPS NRE, few timing backups exist today in the Energy Sector, including the Power Grid Both major and moderate opportunities to enhance GPS timing resilience across the Power Grid/Smart Grid 7

8 Threats & Potential Vulnerabilities Threat Taxonomy Unintentional RF Interference Space Weather/ Geomagnetic Storm Intentional Jamming Spoofing http://www.nyc.gov/html/oem/html/planning_response/planning_all_hazards.shtml 8

Threats & Potential Vulnerabilities (II) Unintentional RF Interference TV Pre-Amplifier GPS Interference Moss Landing, California, 2002 Characterization: Intermittent Isolated incidents Duration of Event: Days to Months 2013 The MITRE Corporation. All rights reserved Approved for Public Release; Distribution Unlimited 13-3392.

Threats & Potential Vulnerabilities (III): Space Weather/Geomagnetic Storm Characterization: Correlated to 11-year solar cycle Bombards satellites with relativistic particles in near-earth environment May cause premature satellite failure (rare) Radio scintillation causes GPS signal degradation on all satellite signals May cause degradation or complete PNT failure for hours, with some events lasting for days Duration of Event: Several days Photo: Solar Dynamics Observatory/NASA 2013 The MITRE Corporation. All rights reserved Approved for Public Release; Distribution Unlimited 13-3392.

Threats & Potential Vulnerabilities (IV): Intentional Threats 11 2001 DOT Volpe Report "[a]s GPS further penetrates into the civil infrastructure, it becomes a tempting target that could be exploited by individuals, groups, or countries hostile to the U.S." 11

Threats & Potential Vulnerabilities (V): Jamming: Types 12 Definition: Deliberate drowning out of legitimate PNT signals using higher power signals to cause loss of satellite lock and to prevent reacquisition. Types: Tone Single frequency broadcast within a GPS band Swept tone A tone whose frequency is swept over a range of frequencies in a GPS band Matched spectrum A interference signal with the same modulation characteristics as the signal being targeted Filtered noise Amplified noise that is filtered to a bandwidth commensurate with the signal being targeted Duration of Event: Days to Weeks Source: GPS NOTAMS (Notice to Airmen) from http://silvereage.blogspot.com/2011_02_01_archive.html 12

Threats & Potential Vulnerabilities (VI): Spoofing: Types 13 Spoofing (I): the deliberate emitting of legitimate-appearing false signals to shift arbitrarily the computed position or time of a victim s receiver Spoofing (II): a type of spoofing in which GPS signals are precisely controlled and transmitted so as to produce a predetermined false navigation and/or false timing solution in the victim s receiver. Simplistic Intermediate Sophisticated Commercial Signal Simulator Portable Software Radio Multiple Phase-locked Spoofers Source: Humphreys, Assessing the Civil GPS Spoofing Threat, 2008 Duration of Event: Days to Weeks 13

Threats & Potential Vulnerabilities (VII): Threats Reveal Need for Holdover/Backups 14 Durations of threat events indicate need for Holdover Times/Backups within critical infrastructure lasting at least several days (e.g., 72 hours) RF Interference Space Weather/Geomagnetic Storm Jamming Spoofing 14

Threats & Potential Vulnerabilities (VIII): Potential Vulnerabilities 15 Potential Vulnerabilities Include: Lack of threat detection/alarming for users Lack of long holdover timing backups Lack of resilience to threats 15

16 Timing Mitigation Measures Perfect Time versus Good Enough Time: The Trade Space 16

Timing Mitigation Measures (II): Low Cost/Best Practices for Anti-Jamming 17 Anti-Jamming Measures First: Identify mission-critical systems dependent on GPS timing Assess jamming risks to and from those GPS-dependent systems Then implement measures such as: Hiding the antenna from direct view Orienting antenna to favor high elevation angles Using choke ring/crpa antennas Adding jamming alarms and failover to holdover timing sources Acquiring dual-frequency GPS receivers (2016)/ multi-frequency, multi-platform GNSS receivers Sample of Commercial Technology Based on Advertisements (Unverified Claims) C-Nav 3050 Manufacturer/Product Geodetics Inc. Geo-DL GlobalTop Tech AntiJACK Inventek models Javad models Leica Viva SmartTrak Navcom models Navis Core GNSS Navman units Septentrio models SiRFstarIV GSD4t Spirit DSP u-blox Description in Manufacturer Advertisement Patented interference rejection Extreme noise and interference rejection GPS jammer detection and notification Built-in jamming detection and mitigation In-Band interference rejection Jamming resistant Superior interference suppression both in-band and outof-band Uses sharp channel separation of GPS NAVSTAR and SNS GLONASS to secure advanced jam-protection Jupiter modules outperform competitors in close proximity to RF noise sources Advanced interference monitoring and mitigation successfully protects receivers against in-band continuous wave and pulsed interference signals Reliable choice for difficult environments; active jammer remover, tracks up to 8 continuous wave jammers Excellent resistance to interference, EMI suppression An advanced, proprietary adaptive digital filtering technology which actively suppresses interference Source: MITRE 17

Timing Mitigation Measures (III): Low Cost/Best Practices for Anti-Spoofing 18 Anti-Spoofing Measures First: Identify mission-critical systems dependent on GPS timing Assess spoofing risks to and from those GPS-dependent systems Then implement measures such as: Hiding the antenna from direct view Monitoring received signal strength and constancy; spoofed signals are constant and relatively strong Monitor acquisition times of all received signals (they should be different) If a fixed receiver shows it has moved it indicates re-radiator/ repeater spoofing Source: Humphreys, Assessing the Civil GPS Spoofing Threat, 2008 18

Timing Mitigation Measures (IV): Emerging Anti-Loss/Anti-Jamming Technology 19 SEL ICON System Referenced in NERC Extended Loss of GPS Impact on Reliability White Paper Terrestrial distribution of precise time via multiplexed fiber-optic communications systems Distribute time over a widearea network (WAN) with better than 1 microsecond accuracy so that very accurate relative time is maintained in the event of a GPS failure. May be able to circumvent localized jamming No Jamming Jamming Source: https://www.selinc.com/icon/ 19

Timing Mitigation Measures (V): Emerging Anti-Jamming/Anti-Spoofing Technology 20 University of Texas/Coherent Navigation GPS Assimilator/In-Line Anti-Spoofing Device: Weak-signal tracking RF Interference robustness Spoofing resistance No hardware or software modifications to GPS receiver required Source: The GPS Assimilator: A Method for Upgrading Existing GPS User Equipment to Improve Accuracy, Robustness, and Resistance to Spoofing, ION, 2010; Also: http://coherentnavigation.com/an-in-line-anti-spoofing-devicefor-legacy-civil-gps-receivers/ 20

Timing Mitigation Measures (VI): Emerging Anti-Jamming/Anti-Spoofing Technology 21 MITRE/SEDI prototype under development: Detects jamming and spoofing Alarms user Potentially reports to NERC, DOE and/or DHS for threat geolocation Mitigates via failover to highstability atomic clock After Lab testing, prototype will be pilot tested in the field and transitioned to commercial vendors Source: MITRE/SEDI 21

Timing Mitigation Measures (VII): Longer-Term Timing Alternatives 22 Leveraging emerging Communications Sector carrier synchronous Ethernet (SyncE) Timing is pulled from comms Implementing a commercial Low Frequency Terrestrial Wide-Area Timing System (aka eloran) Source: http://www.ursanav.com/ 22

Proposed Resilient Timing Goals 23 Develop GPS time and frequency systems (TFS) that detect, warn of, and resist both unintentional and intentional GPS threats. Upon threat detection, GPS TFS should failover to internal or known valid external timing sources. Employ multiple layers of backup capabilities, mitigation strategies, and contingency plans to provide protection against GPS timing loss, manipulation, and its critical infrastructure impacts. 23

Questions or Comments? Dr. Michael L. Cohen Principle CI Systems Engineer (703) 983-7372 mlc@mitre.org

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback