GPS spoofing: a cyber security threat to in car navigation & AVs
Autonomous Vehicle technology is advancing quickly with variants of the technologies becoming available in more new makes and models. But many drivers and authorities remain unaware of the susceptibility of these systems to cyberattacks by criminals who can use low cost equipment to spoof GPS.
Whilst recent research conducted in association with YouGov shows that consumer awareness of the threat is relatively low, concerns over cyberattacks could impact the rates of adoption for autonomous vehicles or vehicles with autonomous driver assistance systems (ADAS).
Manuel del Castillo, GNSS industry specialist, explains all you need to know about GPS spoofing and its potential impact to the automotive industry.
GPS spoofing - a definition
GNSS spoofing are attacks to the vehicle’s satellite positioning system (often referred to as GPS*). They involve broadcasting fake satellite signals that can override legitimate signals, confusing the GNSS receiver, causing the in-car systems to incorrectly position the vehicle.
Consumer awareness of spoofing and its impact to AVs ?
In our recent YouGov survey, 82% of those surveyed believe GPS spoofing could have a detrimental effect on road safety as assisted driving applications and autonomous vehicles become increasingly available. The risk of an accident to AV users and the risk of harm to other road users and pedestrians in the survey, were rated as top concerns associated with GPS spoofing.
The dangers of a GPS spoofing attack - explained
During a GPS spoofing attack, the spoofer can disrupt the computed location, speed and heading of the victim’s receiver, causing vehicles to think they are in a different location and even potentially provide false information about road conditions, traffic, or obstacles. Autonomous vehicle systems rely on a complex sensor set for collision avoidance and lane-keeping, but in certain circumstances, spoofing GNSS signals can cause the vehicle to miscalculate its position, causing it to change lanes or speed. This puts passengers, pedestrians, and other vehicles at risk, even causing the ability to disrupt multiple autonomous vehicles simultaneously.
Can spoofing be eradicated?
As the hardware and software tools required for spoofing become cheaper and accessible online, eradicating the threat becomes very difficult. From July 2024, all newly manufactured cars under ISO/SAE 21434 are responsible for providing higher levels of cybersecurity across their supply chain. It is therefore vital that OEMs and their suppliers adopt a rigorous cybersecurity approach. This includes protection against spoofing cyberattacks to advanced driving assistance systems (ADAS).
Some effective strategies that could help mitigate these risks for automakers include:
Employing multiple sensor technologies to help cross validate and ensure accurate positioning and navigation
Employ robust anti-spoofing techniques that can help protect autonomous vehicles against GPS spoofing attacks
Encryption and authentication
Working with third parties to consider innovative new technologies including next generation GNSS receivers
Addressing the growing challenge of security - now and in the future
Management procedures need to be in place to mitigate any potential security gaps, including mitigating the GPS spoofing threat. The answer lies in changing the way that traditional GNSS receivers interpret satellite signals.
The solution lies in an innovative software that can be embedded in existing GNSS receivers to transform them into S-GNSS receivers. Using machine learning algorithms and advanced physics, their performance can be boosted on vehicles, on smartphones and on wearables, making them more accurate, reliable and more resilient to spoofing attacks.
GPS is the most famous of the four Global Navigation Satellite Systems and one of the marvels of the modern world. A GNSS constellation consists of a number of satellites that circle the globe to provide position, time and velocity information to end users worldwide.