Accurate positioning, navigation, and timing (PNT) is necessary for the functioning of many critical infrastructure sectors. Precision timing is particularly important and is primarily provided through the Global Positioning System (GPS). However, GPS’ space-based signals are low-power and unencrypted, making them susceptible to both intentional and unintentional disruption.
To address GPS vulnerabilities in critical infrastructure, the Science and Technology Directorate (S&T) Positioning, Navigation, and Timing (PNT) Program has a multi-pronged approach of conducting vulnerability and impact assessments, developing mitigations, exploring complementary timing technologies, and engaging with industry through outreach events and meetings. Through these sustained efforts, the goal of the program is to increase the resiliency of critical infrastructure to GPS vulnerabilities in the future.
Examples of measures that can be taken to enhance resiliency can be found in the following DHS best practice documents released via the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT):
- Best Practices for Improved Robustness of Time and Frequency Sources in Fixed Locations (PDF, 10 pages, 465.67 KB)
- Improving the Operation and Development of Global Positioning System (GPS) Equipment Used by Critical Infrastructure (PDF, 21 pages, 512 KB)
Publications
Following are S&T resources for critical infrastructure and its stakeholders.
Resilient PNT Conformance Framework
- Provides guidance for defining expected behaviors in resilient PNT equipment.
- Facilitates development and adoption of those behaviors through a common framework that enables improved risk management, determination of appropriate mitigations, and decision making by end-users.
Resilient PNT Reference Architecture
- Incorporates modern cybersecurity principles, such as Zero Trust Architectures, with PNT resilience concepts for the design of Next Generation Resilient PNT Systems.
- Provides implementation examples that map to the Resilient PNT Conformance Framework levels. Intended to help inform system designers.
GPS Receiver Whitelist Development Guide
- Presents a software assurance approach as a means of addressing potential vulnerabilities and increasing reliability of GPS receivers.
- Utilizes input data validation based on whitelist constraints to minimize the processing of malformed navigation messages entering a GPS receiver.
- Describes, proposes, and recommends technical methods that NIST has already implemented, or can potentially implement, to fulfill Section 4, Part (i) of the PNT Executive Order.
- Provides an overview of how timing systems work and defines some basic terminology and specifications.
- Discusses the regulatory timing requirements and GPS timing dependencies of United States critical infrastructure systems operating in the financial, telecommunications, and electric power sectors.
Software
As part of industry engagement, S&T has published the PNT Integrity Library and Epsilon Algorithm Suite to protect against Global Navigation Satellite System (GNSS) spoofing or deceiving a GPS device through false signals. These resources advance the design of PNT systems and increase resilience of critical infrastructure to PNT disruptions.
- Intended for GNSS receiver and GNSS-based timing server Original Equipment Manufacturers (OEMs) for use in future development or integration into existing products and platforms.
- Provides spoofing detection capabilities for GNSS-based PNT sources using available receiver PNT solutions and observables and, when possible, other measurements and data available in the antenna / receiver processing chain.
- Provides scalable framework for GNSS-based PNT manipulation detection that offers varying levels of protection based on the available data.
- Allows additional checks to be added as new threats arise due to the modular nature of the application.
- Includes the PNT Integrity Toolkit, which describes how a perspective end-user of the PNT Integrity Library can assemble a demonstrational toolkit with commercial-off-the-shelf (COTS) hardware.
- Detects inconsistencies in position, velocity, and clock observables commonly provided by GPS receivers.
- Enables an end-user to have basic spoofing detection capabilities without any modifications to the existing GPS receiver.
News
- News Release: DHS S&T Publishes the Resilient PNT Reference Architecture and Update to Conformance Framework
- News Release: DHS S&T Invites Critical Infrastructure Owners and Operators to GPS Spoofing Test Event
Resources
- Capability Maturity Model Fact Sheet
- GNSS Test Vector Suite & Distribution Methodology Fact Sheet
- GPS Equipment Testing for Critical Infrastructure Fact Sheet
- Resilient PNT for Critical Infrastructure Fact Sheet
- Resilient PNT Reference Architecture Implementation Plan Fact Sheet
- Resilient PNT Standard IEEE Conformity Assessment Program Fact Sheet
- GPS.gov: Resilience Through Responsible Use of PNT
- Cybersecurity & Infrastructure Security Agency PNT
- Department of Transportation PNT & Spectrum Management
To learn more about the work DHS S&T is doing to promote resiliency in positioning, navigation, and timing, email GPS4Critical-Infrastructure@hq.dhs.gov.