Critical Communications: Enabling Resilient PNT in the Face of High-Risk Vulnerabilities Inherent in Traditional GPS and GNSS Systems

Aerospace communication channels have always been strictly regulated with multiple international directives in place to prevent interference. Recent years have seen these networks increase in complexity, with position, navigation and timing (PNT) becoming essential across military and commercial applications.

In this article, VIAVI Solutions’ Nino De Falcis examines the role of PNT in enabling secure and defense-in-depth communications, the inherent vulnerabilities in the global navigation satellite systems (GNSS) on which they rely, and how to address these risks.

Position, navigation, and timing (PNT) services have become indispensable for the safe functioning of a wide variety of essential services across sectors such as transportation, AI hyperscale data centers, telecommunications, energy, finance and defense. These services rely on highly accurate and secure signals to facilitate everything from guiding aircraft and maritime vessels to synchronizing financial transactions and ensuring the stability of power grids.

Recognizing the criticality of PNT resilience, governments worldwide are taking proactive steps to bolster the reliability and security of these services. Regulatory measures, mandates and frameworks are being introduced to minimize vulnerabilities and enhance resilience. For example, the US government’s Executive Order 13905 emphasizes the need for the responsible use of PNT services to strengthen national resilience. This order outlines specific actions for enhancing the security and resilience of critical infrastructure by mitigating risks associated with the disruption or manipulation of PNT services.

Frameworks and Standards for PNT Security
To support these mandates, various frameworks and standards have been developed to guide organizations in enhancing their PNT systems:

NIST 8323.1 Cybersecurity Framework for PNT Profile: Developed by the National Institute of Standards and Technology, this framework offers a comprehensive approach to assessing and mitigating cybersecurity risks specific to PNT services. It outlines a set of cybersecurity activities, desired outcomes and informative references tailored to the unique characteristics and requirements of PNT operations.

IEEE Resilient PNT P1952 Standard: Developed by the Institute of Electrical and Electronics Engineers (IEEE), this standard defines a framework for assessing the resilience of PNT services against threats and hazards, addressing key aspects such as system architecture, redundancy and interoperability.

DHS Resilient PNT Conformance Framework: Developed by the Department of Homeland Security, this framework provides a structured approach to evaluating and certifying the resilience of PNT solutions

CISA Federal PNT Services Acquisition Guidance: This guidance, issued by the Cybersecurity and Infrastructure Security Agency (CISA), helps federal agencies acquire resilient PNT services while ensuring compliance with national security directives.

EU NIS2 Compliance of Verified GNSS Data Stream: This new EU directive covers cybersecurity and compliance requirements.

UK Royal Institute of Navigation PNT Resilient Initiatives: From PNT best practices and resilience checklist to PNT guidance, various initiatives are shared to protect critical infrastructure operations from PNT disruption.

Together, these frameworks and guidance documents form a comprehensive toolkit for enhancing the resilience and security of PNT services, safeguarding critical infrastructure and national security interests.

High-Risk Vulnerabilities Posing Significant Risks to Critical Infrastructure
PNT services predominantly rely on signals from global navigation satellite systems (GNSS) such as GPS (United States), Galileo (European Union), and GLONASS (Russia). However, as a single source of failure, GNSS is inherently vulnerable to various threats that can compromise accuracy and reliability.

Of particular concern is the susceptibility of GNSS signals to intentional interference, notably jamming and spoofing. Jamming involves the transmission of radio waves that overpower the genuine GNSS signals, effectively denying access to positioning data. Spoofing is the transmission of counterfeit signals designed to mislead receivers and have them report false location or timing data. Meaconing is a sophisticated spoofing attack, whereby the signal is recorded and then played back, making it extremely difficult to detect and mitigate. Other malicious threats include cyberattacks on network timing targeting NTP/PTP protocols and GPS/GNSS receivers.

GNSS signals are also vulnerable to naturally occurring phenomena. These include multi-path errors, which are caused by signal reflections off buildings and geographic features. Similarly, ionospheric effects, particularly prevalent at certain latitudes and during solar storms, can induce signal delays.

Recent incidents highlight some of the vulnerabilities inherent in PNT services, particularly in critical sectors like aviation. In May 2024, Reuters reported on a sharp increase in GPS jamming and spoofing in regions close to conflict zones such as Ukraine – causing problems for modern airliners that still rely to a large degree on GPS. In extreme cases, pilots have been forced to disable GPS systems entirely, leading to flight delays and operational challenges.

The National Business Aviation Association (NBAA) has also reported an uptick in incidents of GPS disruption. Pilots report navigation errors, flight deviations and compromised safety during critical phases of flight due to spoofing and jamming.

Such disruptions emphasize the urgent need for critical infrastructure operators to take steps to reinforce resilience and reliability.

Strategies to Improve PNT Resilience
Protecting these vital services is possible but requires a multi-layered approach, with robust signal authentication and multiple data sources being a key protection.

The use of multiple timing sources – adding alternative GNSS (altGNSS) from low-earth orbit satellites and enhanced GNSS (eGNSS) from geostationary satellites to information from traditional GNSS constellations – makes it more difficult for attackers to disrupt a system and use jamming techniques. For example, VIAVI’s new SecurePNT™ EdgeGM™ 7000 series integrates advanced resiliency from multi-orbit space and terrestrial sources and high-speed Grandmaster clock capabilities – enabling it to authenticate, verify, qualify and learn from multiple timing sources.

Multiple timing sources also help safeguard against timing failures in 5G networks, which depend on Precision Time Protocol (PTP) and GNSS signals to synchronize to sub-microsecond accuracy. In 5G Open RAN architecture, multiple components including Radio Units (RUs), Distributed Units (DUs) and Central Units (CUs) rely on highly accurate timing for network efficiency and performance.

Redundant timing sources from PTP grandmasters or atomic clocks help ensure the reliability of critical applications like 5G, where even microsecond-level timing errors can cause packet loss, lower throughput and handover failures – resulting in degraded performance and user experience.

Advanced antenna systems can also play a crucial role, employing sophisticated signal processing to identify and mitigate interference, whether it’s intentional jamming or unintentional disruption. These systems can filter out spurious signals, ensuring that receivers lock onto the authentic GNSS transmissions.

As for natural vulnerabilities, enhanced algorithms that mitigate against multipath errors and atmospheric effects are being developed and are now starting to be implemented. These algorithms combine data from multiple sources, such as inertial sensors and terrestrial radio-navigation systems, and incorporate sophisticated signal processing techniques and atmospheric models to improve accuracy.

Conclusion
A wide range of critical services rely on GPS and other PNT systems – from navigation, route planning and collision avoidance for aviation, maritime vessels, railways and public transit systems to telecommunications networks and the synchronization of power grids, smart meters and other critical components in the energy sector.

As reliance on PNT services continues to grow, ensuring their resilience has become a top priority for governments and industries worldwide. With increasing threats from jamming, spoofing, and natural disruptions, a multi-faceted approach is essential.

Alternative PNT sources delivering an accurate and stable timing reference offers a way to meet this challenge head-on, allowing networks to be deployed with uninterrupted connectivity while safeguarding critical infrastructure against emerging threats.

By Nino De Falcis, Senior Director, Global PNT Business Development, VIAVI Solutions