On March 12, 2021, many of our GP-Probes installed across Africa, Southern Europe, Western Asia, and Southern Asia quite in parallel detected spoofing of the GPS system. The customers’ infrastructure was swapped to Galileo or/and GLONASS.
Depending on the region, the incident’s duration was from an hour to 2.5 hours, мostly from 16:00 to 19:30 UTC. We realized that such widespread spoofing was impossible. Therefore, we conducted an investigation concerning the cause.
The Causes of Spoofing Detection
We analyzed the raw data in our databases and determined that the cause of spoofing detection was the anomalous signal behavior of GPS satellite PRN 20. The pseudorange was measured with a huge error:
We use mathematical models and a neural network that detects and classifies anomalies in raw GNSS data from different sources. This signal pattern of GPS satellite PRN 20 was perceived by the system as a non-coherent spoofing attack. According to the system settings, our users’ infrastructures were notified about GPS spoofing in real-time and responded according to a predefined scenario.
With RabbitMQ, the system latency does not exceed three seconds.
We don’t have the same time:
- reported outage UTC time from 04:54 to 11:25 UTC
- detected incorrect signal from 16:00 to 19:30 UTC (depending on the region)
To confirm the findings, we checked RINEX data from RTK base stations:
Alas, the data from the base stations only contains qualified signals. We do not know what pseudorange the receivers measured. However, we can admit with absolute confidence that the satellite was in the zenith for these base stations and should have been well-defined.
- We cannot explain the reason for this signal behavior of satellite PRN 20. It is probably related to the U.S. COAST GUARD NAVIGATION CENTER outage report.
- We have not found confirmation of our findings regarding the malfunction of the GPS satellite PRN 20 on any official resources.
- One faulty satellite will not affect your GNSS-dependent infrastructure. Nevertheless, problems transpire; we all remember the dramatic week-long outage of Galileo in July 2019. You had better be protected from such trouble in real-time and not just rely on official reports.