Yikes, I cannot imagine not trusting the
nav instruments. Does blue side up still work?
Tony P apapandrea@cfl.rr.com
Life is Good
In God We Trust
Commercial Flights Are Experiencing
'Unthinkable' GPS Attacks and Nobody Knows What to Do
New "spoofing" attacks
resulting in total navigation failure have been occurring above the Middle East
for months, which is "highly significant" for airline safety.
Commercial air crews are reporting
something “unthinkable” in the skies above the Middle East: novel “spoofing”
attacks have caused navigation systems to fail in dozens of incidents since
September.
In late September, multiple commercial flights near Iran went astray after
navigation systems went blind. The planes first received spoofed GPS signals,
meaning signals designed to fool planes’ systems into thinking they are flying
miles away from their real location. One of the aircraft almost flew into
Iranian airspace without permission. Since then, air crews discussing the
problem online have said it’s only gotten worse, and experts are racing to
establish who is behind it.
OPSGROUP,
an international group of pilots and flight technicians, sounded the alarm about the incidents in September and began to collect data
to share with its members and the public. According to OPSGROUP, multiple
commercial aircraft in the Middle Eastern region have lost the ability to
navigate after receiving spoofed navigation signals for months. And it’s not
just GPS—fallback navigation systems are also corrupted, resulting in total
failure.
According to OPSGROUP, the activity is centered in three regions: Baghdad, Cairo,
and Tel Aviv. The group has tracked more than 50 incidents in the last five weeks, the group said in a November
update, and identified three new and distinct kinds of navigation spoofing
incidents, with two arising since the initial reports in September.
While GPS spoofing is not new, the
specific vector of these new attacks was previously “unthinkable,” according to
OPSGROUP, which described them as exposing a “fundamental flaw in avionics
design.” The spoofing corrupts the Inertial Reference System, a piece of
equipment often described as the “brain” of an aircraft that uses gyroscopes,
accelerometers, and other tech to help planes navigate. One expert Motherboard
spoke to said this was “highly significant.”
“This immediately sounds unthinkable,”
OPSGROUP said in its public post about the incidents. “The IRS (Inertial
Reference System) should be a standalone system, unable to be spoofed. The idea
that we could lose all on-board nav capability, and have to ask [air traffic
control] for our position and request a heading, makes little sense at first
glance— especially for state of the art aircraft with the latest avionics.
However, multiple reports confirm that this has happened.”
Signal jamming in the Middle East is
common, but this kind of powerful spoofing is new. According to Todd Humphreys,
a UT Austin professor who researches satellite communications,
extremely powerful signal jammers have been present in the skies near Syria
since 2018. “Syria was called ‘the most aggressive electronic warfare environment on the planet’ by the head of [U.S. Special Operations
Command],” Humphreys told Motherboard.
Humphreys directs the Radionavigation
Laboratory at UT, which developed software that’s used by a powerful receiver
on the International Space Station that’s used to study global navigation satellite signals from low-earth orbit.
Today, Humphreys and the team of graduate students in his lab are constantly
studying the signals in the region.
“Apart from run-of-the-mill jamming
(e.g., with chirp jammers), we have captured GPS spoofing signals in our radio trawling,”
he said. “But, interestingly, the spoofing signals never seemed to be complete.
They were either missing key internal data, or were not mutually consistent,
and so would not have fooled a GPS receiver. They seemed to be aimed at denial
of service rather than actual deception. My students and I came to realize that
spoofing is the new jamming. In other words, it is being used for denial of
service because it's more effective for that purpose than blunt jamming.”
There is currently no solution to this problem,
with its potentially disastrous effects and unclear cause. According to
OPSGROUP’s November update, “The industry has been slow to come to terms with
the issue, leaving flight crews alone to find ways of detecting and mitigating
GPS spoofing.”
If air crews do realize that something
is amiss, Humphreys said, their only recourse is to depend on air traffic
control.
“The GPS and IRS, and their redundant
backups, are the principal components of modern aircraft navigation systems,”
Humphreys said. “When their readings are corrupted, the Flight Management
System assumes an incorrect aircraft position, Synthetic Vision systems show
the wrong context, etc. Eventually, if the pilots figure out that something is
amiss, they can revert to [VHF omnidirectional range]/ [distance measure
equipment] over land. But in several recent cases, air traffic control had to
step in and directly provide pilots ‘vectors’ (over an insecure communications
channel) to guide them to their destination. That's not a scalable solution.”
Humphreys called the new spoofing
attacks “highly significant.”
“If the pilot figures out what's going
on and ignores the GPS and the corrupted IRS, then the spoofing's effect is
limited to denial of service,” Humphreys said. “But an important distinction
with GPS jamming is that whereas jamming denies GPS, it doesn't corrupt the
IRS. Spoofing does, which is highly significant as regards airline safety.”
“It shows that the inertial reference
systems that act as dead-reckoning backups in case of GPS failure are no backup
at all in the face of GPS spoofing because the spoofed GPS receiver corrupts
the IRS, which then dead reckons off the corrupted position,” he told
Motherboard. “What is more, redundant GPS receivers and IRSs (large planes have
2+ GPS receivers and 3+ IRS) offer no additional protection: they all get
corrupted.”
Humphreys and others have been sounding the alarm about an attack like this occurring for the past 15 years. In
2012, he testified by Congress about the need to protect GNSS from spoofing.
“GPS spoofing acts like a zero-day exploit against aviation systems,” he told
Motherboard. “They're completely unprepared for it and powerless against it.”
According to Humprheys, the reports
from OPSGROUP beginning in September were “the first clear case I know of in
which commercial aircraft were flying off course due to GPS spoofing.”
The entities behind the novel spoofing
attacks are unknown, but Humphreys said that he and a student have narrowed
down possible sources. “Using raw GPS measurements from several spacecraft in
low-Earth orbit, my student Zach Clements last week located the source of this
spoofing to the eastern periphery of Tehran,” he said.
Iran would not be the only country
spoofing GPS signals in the region. As first reported by Politico, Clements was the first to identify spoofing most likely
coming from Israel after Hamas’ Oct. 7 attacks. “The strong and persistent
spoofing we're seeing over Israel since around October 15 is almost certainly
being carried out by Israel itself,” Humprheys said. “The IDF effectively
admitted as much to a reporter with Haartz.” Humphreys said at the time that
crews experiencing this GPS spoofing could rely on other onboard instruments to
land.
Humphreys said the effects of the
Israeli spoofing are identical to those observed in late September near Iran.
“And these are the first clear-cut cases of GPS spoofing of commercial aircraft
ever, to my knowledge,” he said. “That they happened so close in time is surprising,
but possibly merely coincidental.”
+++++++++++++++++++++++++++++++++++++++++++++
DELTA CAPT SETS RECORD:
No comments:
Post a Comment