Galileo OSNMA: the latest GNSS anti-spoofing technique

Today, GNSS time is used to synchronize telecom and energy grids, while precise positioning is used to navigate drones and self-driving cars, as well as to automate agricultural and construction machinery. As new use cases pop-up on regular basis our reliance on GNSS grows globally. This means that having a secure spoof-proof communication channel between satellite and receiver becomes increasingly important to ensure trustworthy or Assured PNT (Positioning, Navigation, and Time) especially in critical and industrial applications.

To further improve transmission reliability, the European GNSS system, Galileo, has developed the OSNMA anti-spoofing service, which allows secure end-to-end transmission from Galileo satellites to OSNMA-enabled GNSS receivers. OSNMA (Open Service Navigation Message Authentication) will soon be available free of charge to users and has recently moved into the final testing phase. As ESA’s long-term partner, Septentrio has been contributing to the design and testing of the Galileo system since its inception 20 years ago. Today Septentrio is playing a key role in the OSNMA testing efforts, with its receivers being the first to authenticate live OSNMA test signals.

Securing GNSS receivers against jamming and spoofing
OSNMA is one component of a vast array of technologies that protect GNSS receivers from interference. Both jamming and spoofing are a type of radio interference, which happen when weak GNSS signals are overpowered by stronger radio signals on the same frequency. Jamming is a kind of “white noise” interference, causing accuracy degradation or even loss of positioning.

Spoofing is a more sophisticated form of interference which fools a receiver into calculating a wrong location. During a spoofing attack, a nearby radio transmitter sends fake GNSS signals to the target receiver. For example, a cheap SDR (Software Defined Radio) can fool a smartphone into showing its current location on top of Mount Everest!

You might have caught some spoofing events presented in the recent news. For example, C4ADS, an NGO conducting data-driven analysis of conflict and security matters, concluded that Russia has been extensively using GNSS spoofing to divert aerial drones from entering airspace in the vicinity of governmental figures, airports and sea ports [2].

Highly secure anti-spoofing protection with OSNMA
OSNMA secures Galileo signals against spoofing by enabling authentication of navigation data, which carries information about satellite location. Navigation data security is important because any modification of this information would result in erroneous positioning calculation.

OSNMA makes use of a hybrid Symmetric/Asymmetric cryptography technique. A secret key on the satellite is used to generate a digital signature. Then both signature and key are appended to the navigation data and transmitted to the receiver. OSNMA is designed to be backwards compatible, so that positioning without OSNMA will still work.

Authentication with OSNMA-enabled receivers
A sophisticated algorithm within the OSNMA-enabled receiver uses a public key to check the authenticity of the transmitted key. It then uses the transmitted key and the digital signature to check the authenticity of the navigation data. If a satellite signal is flagged as spoofed, it is excluded from the positioning calculation.

OSNMA is one piece of the puzzle comprising a sophisticated interference defense system, such as AIM+ (see image below). For example, AIM+ can also detect spoofing by searching for signal anomalies, such as unusually high power. It also works together with RAIM+ integrity algorithm to ensure range (distance to satellite) validity by comparing ranging data from various satellites.

AIM+ won’t even be fooled by an advanced GNSS signal generator, i.e. Spirent GSS9000. Even with realistic power levels and valid navigation data, AIM+ still identifies the simulated signal as “not authentic”.

Other advanced anti-spoofing techniques such as using a dual-polarized antenna are being developed today, read more about this method here.

Future-proof receivers for today and tomorrow
OSNMA is already being implemented today to secure synchronization of telecom networks, in the GSA-led ROOT project, with Septentrio as a key partner. In the framework of this project, the mosaic-T GNSS module, equipped with AIM+ technology, provides resilient and accurate timing solution to mission critical infrastructure. Various global players such as Airbus are the first to try out OSNMA authentication of live Galileo signals with specialized Septentrio GNSS receivers.

The American GPS system is also developing their own authentication mechanism called Chimera. Future-proof GNSS receivers are designed in such a way that allows users to take advantage of OSNMA, Chimera and other GNSS value-added services as soon as they become publicly available. Integrating future-proof receivers in high-accuracy solutions, allows companies to be the first to market with products or services offering the latest in PNT resilience.

www.septentrio.com