Presentation is loading. Please wait.

Presentation is loading. Please wait.

GNSS Vulnerabilities Mitigation for Timing Applications

Published byOddvin Thorbjørnsen Modified over 5 years ago

Similar presentations

Presentation on theme: "GNSS Vulnerabilities Mitigation for Timing Applications"— Presentation transcript:

1 GNSS Vulnerabilities Mitigation for Timing Applications
GNSS Protection 9 Layer Model GNSS Vulnerabilities Mitigation for Timing Applications Omer Sharar – Focus Telecom

2 GNSS Vulnerabilities - Jamming
Common GNSS jammers available online: Critical Infrastructures, both Commercial & Defense, are totally GPS dependent A good, Rubidium based atomic clock (like the MAC) helps maintain good holdover which is a great short term solution for jamming BUT even the greatest Rb based timing system will not comply with today’s stringent timing requirements for a long time without GPS DIY GPS jammer diagram:

3 GNSS Vulnerabilities- Spoofing
A spoofing attack tricks the receiver with false position / time Could cause SEVERE damage for any network

4 Introducing: The GNSS Protection 9-Layer Model
The Front-End Layer: GPSdome front-end protection APTS PTP The Mask Layer: Configurable Antenna Elevation Mask The Cutoff Layer: External GPS Switch The Firewall Layer: BlueSky GPS Firewall The Receiver Layer: GNSS Multiple constellation The Management Layer: TimePictra The Network Layer: PTP with APTS The Holdover Layer: ePRTC / Rb / OCXO 1 The Client Layer: DomainTime II 2 3 4 5 6 7 8 9

5 Layer 1: The Front-end Layer – GPSdome
Standalone, retrofit, dual antenna module Applies CRPA, null steering algorithm Rejects disruptions by nullifying their energy Compatible with any GPS system Introduces minimal latency to RF signal (50ns) Deterministic fixed delay Qualified by INPL

6 Layer 2: The Mask Layer A SW configurable option of Microsemi timing systems receivers Allows for rejection of lower-elevation satellites Allows for protection from multi-path Allows for rejection of spoofing attempts

7 Layer 3: The Cutoff Layer – Focus Telecom’s GPS Switch
An external, standalone module which cuts off the GNSS feed to the receiver and the DC back to the antenna Minimizes exposure to GNSS With 2 modes of operation: Remote controlled: remotely turned on or off from control center Preprogrammed: Disconnected GPS for X hours/days, then connect for Y hours/days

8 Layer 4: The Firewall Layer – Microsemi’s BlueSky GPS Firewall
Microsemi’s BlueSky GPS FW assures correct GPS data and autonomous time scale Analyzes GPS data and flags anomalies according to IS-GPS-200H with user configurable abilities When anomaly is flagged, GNSS is cut off and hardened GPS data is synthesized allowing the receiver to continue working uninterrupted Optional external input from atomic standard enables extended holdover and enhanced detection capabilities Validated GNSS data “Hardened” GPS data

9 Layer 5: The Receiving Layer
A multiple-constellation GNSS receiver receives satellites from more than a single constellation Allows for more satellites in view Allows for sanity checks of constellation Avoids dependency on US owned GPS system More resistant to narrow-band jamming

10 Layer 6: The Management Layer – Microsemi’s TimePictra NMS
Monitor all sync elements in the network Allows for comparison between multiple units geographically apart Allows to track anomalies e.g. shifting position in stationary units Allows for statistical data of satellite reception trends Provides gauges on time quality the network provides (PTP)

11 Layer 7: The Holdover Layer – From OCXOs to ePRTC
Optimal time HO is achieved Microsemi’s ePRTC (ITU-T G and G.811.1) Better than PRTC (100ns) to UTC for over 2 weeks without GPS Microsemi’s Rb technology (MAC and XPRO) provides for optimal local holdover (<1uS and 24 hours) Patented temperature-compensation technology allows for <25uS holdover with an OCXO

12 Layer 8: The Network Layer – PTP with APTS
Backup network edge timing from Core IEEE 1588 PTP with APTS (Assisted Partial Timing Support) allows for accurate source of time Implementation of Microsemi’s APTS at the network edge compensates for network asymmetry of 30 different paths from the Core When GNSS is not available, a fallback on PTP will not compromise accuracy at the network edge

13 Layer 9: The Client Layer – Microsemi’s DomainTime II
Time Management system (for IT NTP/PTP networks) Monitors time all the way to the client Implemented on the DC, DTII SW could receive time from multiple sources and compare them for inconsistencies With auditing capabilities, the accuracy of each client could be measured, recorded and analyzed

14

Download ppt "GNSS Vulnerabilities Mitigation for Timing Applications"

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.

MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.
1 1588v2 modules of time synchronization with frequency layer support draft-su-tictoc-1588v2-time-sync-modules-00 IETF 75 th, Stockholm TICTOC WG

1 1588v2 modules of time synchronization with frequency layer support draft-su-tictoc-1588v2-time-sync-modules-00 IETF 75 th, Stockholm TICTOC WG
NetClock Time Synchronization Solutions Public Safety Market.

NetClock Time Synchronization Solutions Public Safety Market.
ATN/GNSS Seminar Varadero, Cuba 6 to 9 May 2002 GNSS spectrum and signal vulnerability issues Presentation 5.2 by V. Iatsouk, GNSS Panel Secretary ANB/ICAO.

ATN/GNSS Seminar Varadero, Cuba 6 to 9 May 2002 GNSS spectrum and signal vulnerability issues Presentation 5.2 by V. Iatsouk, GNSS Panel Secretary ANB/ICAO.
Kyland-USA Product Introduction, Overview & Comparison KY-3000EM (Multi-Lingual) KY-2000EM Managed Industrial Ethernet Switch Din-Rail Copyright © KUSA,

Kyland-USA Product Introduction, Overview & Comparison KY-3000EM (Multi-Lingual) KY-2000EM Managed Industrial Ethernet Switch Din-Rail Copyright © KUSA,
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Chapter 6 FM Circuits.

Chapter 6 FM Circuits.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
TICTOC Problem Statement TICTOC BOF IETF68 Stewart Bryant Yaakov (J) Stein )

TICTOC Problem Statement TICTOC BOF IETF68 Stewart Bryant Yaakov (J) Stein )
Module 10: Monitoring ISA Server 2004. Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
GPS: Global Positioning System  The Geographer’s best friend!  You can say with confidence… “I’m not lost!, I’m never lost!”* *Of course, where everybody.

GPS: Global Positioning System  The Geographer’s best friend!  You can say with confidence… “I’m not lost!, I’m never lost!”* *Of course, where everybody.
Advances In Millimeter Wave Measurements Banded Differential and Pulse Measurements.

Advances In Millimeter Wave Measurements Banded Differential and Pulse Measurements.
Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.

Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.
 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
7.5 Intrusion Detection Systems Network Security / G.Steffen1.

7.5 Intrusion Detection Systems Network Security / G.Steffen1.

Similar presentations

Ads by Google