COMPUTER IMPLEMENTED METHOD FOR DETECTING GLOBAL NAVIGATION SATELLITE SYSTEM SIGNAL SPOOFING, A DATA PROCESSING APPARATUS, A COMPUTER PROGRAM PRODUCT, AND A COMPUTER-READABLE STORAGE MEDIUM

Abstract

A computer-implemented method is for detecting Global Navigation Satellite System (GNSS) signal spoofing. The method includes storing sample sequences of the predictable part and of the unpredictable part of a GNSS signal at a GNSS receiver. The predictable part includes predictable bits and the unpredictable part includes unpredictable bits. The value of the unpredictable bits from which the unpredictable sample sequences are extracted is verified. A first and a second partial correlation between the unpredictable, respectively predictable, sample sequences and a locally stored GNSS signal replica are computed. A predefined metric from the complex valued partial correlations is calculated. The predefined metric is compared with a predefined threshold value. In a zero-delay replay attack, the spoofer estimates the unpredictable bits introduced by a GNSS authentication protocol and introduces distortion into the signal. Detecting this distortion indicates whether the signal under analysis is being spoofed or is authentic.

Claims

1. A computer-implemented method for detecting Global Navigation Satellite System(GNSS) signal spoofing, the method comprising: a) digitizing, acquiring and tracking, at a receiver, a GNSS signal from at least one GNSS satellite, the GNSS signal comprising a predictable part and an unpredictable part, wherein the predictable part comprises predictable bits and the unpredictable part comprises unpredictable bits; b) storing, by the receiver, a sample sequence $y_{pred}^{\ast }\left(n\right)$ of the predictable part and a sample sequence $y_{unpred}^{\ast }\left(n\right)$ of the unpredictable part of the GNSS signal; c) verifying, by the receiver, the a value of the unpredictable bits from which the unpredictable sample sequences are extracted; d) computing, by the receiver, a first partial correlation B′.sub.unpred(k) between the unpredictable sample sequences and a locally stored GNSS signal replica x(n) and a second partial correlation B′.sub.pred(k) between the predictable sample sequences and the locally stored GNSS signal replica x(n) by: ${B^{\prime }}_{unpred}\left(k\right)={\displaystyle {.Math.}_{n=1}^{samples}{y}_{unpred}^{\ast }\left(n\right)\ast x\left(n\right);\text{and}}$ ${B^{\prime }}_{pred}\left(k\right)={\displaystyle {.Math.}_{n=1}^{samples}{y}_{pred}^{\ast }\left(n\right)}\ast x\left(n\right),$ and removing a sign of the first partial correlation and the second partial correlation by B .sub.unpred,pred (k) =b(k)B′.sub.unpred,pred(k) where b (k) is the value of the bit; e) calculating, by the receiver, a predefined metric R from the first and the second partial correlation, the predefined metric R being: $R_3=\left|\frac{1}{N_b}{\displaystyle {.Math.}_{k=1}^{N_b}\left(B_{unpred}\left(k\right)-B_{pred}\left(k\right)\right)}\right|;\text{and}$ f) comparing the predefined metric with a predefined threshold value to detect GNSS signal spoofing.

2. The method according to claim 1, wherein step b) comprises: storing, as an unpredictable sample sequence $y_{unpred}^{\ast }\left(n\right),$ a sample sequence $y_{beg}^{\ast }\left(n\right)$ of a beginning part of an unpredictable bit and storing, as a predictable sample sequence $y_{pred}^{\ast }\left(n\right),$ a sample sequence $y_{end}^{\ast }\left(n\right)$ of a later part, of the unpredictable bit; or storing, as an unpredictable sample sequence $y_{unpred}^{\ast }\left(n\right),$ a sample sequence $y_{beg}^{\ast }\left(n\right)$ of the beginning part of an unpredictable bit and storing, as a predictable sample sequence $y_{pred}^{\ast }\left(n\right),$ a sample sequence $y_{end}^{\ast }\left(n\right)$ of a predictable bit.

3. The method according to claim 1, wherein W.sub.u,d is the a duration of a single one of the stored unpredictable sample sequences and W.sub.p,d is the a duration of a single one of the stored predictable sample sequences.

4. The method according to claim 3, wherein W.sub.u,d and/or W.sub.p,d are greater than 0.05 ms, and smaller than 1 ms.

5. The method according to claim 1 wherein step b) comprises storing sample sequences representing at least a part of at least 50 bits for the unpredictable sample and/or for the predictable sample.

6. The method according to claim 1, wherein the predefined threshold is based on a cumulative density function of the metric R under the hypothesis that the GNSS signal is authentic.

7. The method according to claim 6, wherein the predefined threshold is set to a value leading to a false alarm probability of 0.02.

8. The method according to claim 1, wherein step f) comprises authenticating the GNSS signal when no signal spoofing is detected by: authenticating the GNSS signal when its predefined metric is below the predefined threshold; and detecting GNSS signal spoofing when its predefined metric is above the predefined threshold.

9. The method according to claim 1, wherein step a) comprises receiving GNSS signals from at least four different GNSS satellites, the GNSS signals comprising spreading codes and satellite data, the satellite data including the unpredictable part; and wherein the method further comprises: g) calculating, by the receiver, the GNSS signals’ time of arrival from the spreading codes; and h) calculating, by the receiver, a position, velocity and time by demodulating the satellite data.

10. The method according to claim 9, wherein step f comprises authenticating the GNSS signal when no signal spoofing is detected by: authenticating the GNSS signal when the predefined metric is below the predefined threshold; and detecting GNSS signal spoofing when its the predefined metric is above the predefined threshold, and wherein steps g) and h) are performed only when at least four GNSS signals from at least four different GNSS satellites have been authenticated.

11. The method according to claim 1, wherein step b) comprises storing the sample sequence $y_{unpred}^{\ast }\left(n\right)$ of the unpredictable part of the GNSS signal based on randomly selected unpredictable bits; or wherein step d) comprises calculating the first partial correlation B′ .sub.unpred(k) between the unpredictable sample sequences and a locally stored GNSS signal replica x(n) based on a randomly selected subset of the unpredictable sample sequences.

12. A data processing apparatus, comprising means for carrying out the method of claim 1.

13. A non-transitive computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of claim 1.

14. A non-transitive computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of claim 1.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0029] The invention will be further explained by means of the following description and the appended figures.

[0030] FIG. 1 shows a representative example of a spoofing attack for one satellite.

[0031] FIG. 2 shows a flow-chart representing a GNNS signal spoofing detection method according to the present invention.

[0032] FIGS. 3A to 3C illustrate three different kinds of zero-delay SCER attacks.

[0033] FIG. 4 shows the detection probability versus the number of unpredictable bits for a false alarm probability of 0.02. On the top plot, the user and spoofer receive signals at the same power. On the bottom plot, the spoofer has a 3-dB advantage.

[0034] FIG. 5 shows the detection probability versus the number of unpredictable bits for a false alarm probability of 0.02. The spoofed signal is received at 3 dB more power than the real signal.

[0035] FIG. 6 shows the detection probability versus the number of unpredictable bits for false alarm probability of a 0.02 and for a different length of windows (window length of 0.125 ms for the top plot and window length of 0.500 ms for the bottom plot). The spoofer has a 3-dB advantage with respect to the user.

[0036] FIG. 7 shows a comparison between the probability density function (top plot) and the probability of false alarm (bottom plot) under the null-hypothesis of the metric R.sub.3 and the probability of false alarm P.sub.ƒa obtained from Monte Carlo simulations and the theoretical one based on the Rayleigh expression.

DESCRIPTION OF THE INVENTION

[0037] The present invention will be described with respect to particular embodiments and with reference to certain drawings but the invention is not limited thereto but only by the claims. The drawings described are only schematic and are non-limiting. In the drawings, the size of some of the elements may be exaggerated and not drawn on scale for illustrative purposes. The dimensions and the relative dimensions do not necessarily correspond to actual reductions to practice of the invention.

[0038] Furthermore, the terms first, second, third and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a sequential or chronological order. The terms are interchangeable under appropriate circumstances and the embodiments of the invention can operate in other sequences than described or illustrated herein.

[0039] Moreover, the terms top, bottom, over, under and the like in the description and the claims are used for descriptive purposes. The terms so used are interchangeable under appropriate circumstances and the embodiments of the invention described herein can operate in other orientations than described or illustrated herein.

[0040] Furthermore, the various embodiments, although referred to as “preferred” are to be construed as exemplary manners in which the invention may be implemented rather than as limiting the scope of the invention.

[0041] FIG. 1 shows a representative example of a spoofing attack for one satellite 10 and table 1 below provides a definition of each parameter indicated in FIG. 1. The Global Navigation Satellite System (GNSS) satellite 10 broadcasts its GNSS signal which are received both by the spoofer 20 and the GNSS receiver 30. The spoofer 20 then generates and broadcasts its own GNSS signal in order to take control of the GNSS receiver 30.

TABLE-US-00001 Parameter definition for spoofing zero-delay attack on GNSS signals including unpredictable symbols Variables Definition [00016]$C/N_0{}_s^r$ C/N.sub.0 of the real signal received by the spoofer. [00017]$C/N_0{}_d^r$ C/N.sub.0 of the real signal received by the user. [00018]$C/N_0{}_d^s$ C/N.sub.0 of the spoofed signal received by the user. W.sub.s Time while the spoofer does not know the value of the unpredictable bit. N.sub.b Number of unpredictable bits used in spoofing detection techniques. W.sub.b,d Duration of the partial cross-correlation used at the beginning of the bit. W.sub.e,d Duration of the partial cross-correlation used at the end of the bit.

[0042] In general, spoofing detection is a binary hypothesis testing problem, which can be modelled under two hypotheses, namely the spoofer is present (H.sub.1) or absent (H.sub.0), as:

[00019]$y\left(n\right)=\left\{\begin{array}{c}{\displaystyle \underset{p=1}{\overset{N_{sat}}{.Math.}}{A}_{p}b\left(n-{\tau }_p\right)c\left(n-{\tau }_p\right)e^{j\left(2\pi f_{d,p}+{\phi }_p\right)}+}\\ {\displaystyle \underset{l=1}{\overset{N_{spof}}{.Math.}}{\beta }_l\tilde{b}\left(n-{\tau }_l\right)c\left(n-{\tau }_l\right)e^{j\left(2\pi f_{d,l}+\phi l\right)}+\omega \left(n\right)}\left(H_1\right)\\ {\displaystyle \underset{p=1}{\overset{N_{sat}}{.Math.}}{A}_{p}b\left(n-{\tau }_p\right)c\left(n-{\tau }_p\right)e^{j\left(2\pi f_{d,p}+{\phi }_p\right)}}+\omega \left(n\right)\left(H_0\right)\end{array}\right)$

where y(n) is the received signal, N.sub.sat is the number of satellites, A.sub.p is the signal amplitude, β.sub.l is the amplitude of the spoofing signal, b(n, - τ.sub.p) is the unpredictable bit, c(n - τ.sub.p) is the pseudorandom noise code, f.sub.d,p is the Doppler frequency, φ.sub.p is the phase, N.sub.spof is the number of satellites used to perform the spoofing attack, b̃(n - τ.sub.l) is the unpredictable bit transmitted by the spoofer and ω(n) is additive white Gaussian noise.

[0043] As the present invention is mainly focused on zero-delay Security Code Estimation and Replay (SCER) attacks, we assume that the spoofer uses a f.sub.d,l = ƒ.sub.d,p and τ.sub.l = τ.sub.p but A.sub.p and φ.sub.p can be different from β.sub.l and φ.sub.l. We assume that our spoofer can control the spoofed signal amplitude β.sub.l and make it equal to A.sub.p in some cases, but it cannot align the carrier phase measurement to the real one, as aligning carrier phase measurements requires a very high level of accuracy. There are two further model assumptions. Firstly, we assume that the receiver is tracking authentic signals at the start of the attack, i.e. the receiver starts up and performs acquisition in a controlled environment. Although spoofing at acquisition is a relevant case, most of the time GNSS receivers are in the tracking stage. Secondly, we assume that, in the zero-delay SCER attack, the spoofer does not force signal reacquisition. A spoofer forcing reacquisition to take control of the loops would need the signal to be lost for more than one minute to properly estimate the unpredictable bits from the onset. Moreover, in these conditions, taking control of the loops would lead to cycle slips, which may be detected by the GNSS receiver.

[0044] As described above, the inventors realized that the weakness of zero-delay attacks is that the signal transmitted by the spoofer includes some errors in the first part of the unpredictable bits. In order not to be detected easily by the target receiver, the spoofer can mainly perform three kinds of attacks, namely an estimated value attack, a random value attack, and a zero value attack as illustrated in FIGS. 3A to 3C.

[0045] An estimated value attack is illustrated in FIG. 3A. The spoofer tries to estimate the unpredictable bit sample by sample and introduces this estimation in the spoofed signal. By doing so, the first part of the bit would contain several changes of sign because it is not feasible to obtain a reliable estimation of the bit, but after a reasonable number of samples, the spoofer provides the real value of the unpredictable bit.

[0046] A random value attack is illustrated in FIG. 3B. The spoofer introduces a random value of 1 or -1 at the beginning of the bit during a short period of time and when the spoofer has a reliable estimation of the unpredictable bit value, it is included in the rest of the bit.

[0047] A zero value attack is illustrated in FIG. 3C. The spoofer introduces a value of 0 at the beginning of the bit during a short period of time and when the spoofer has estimated the unpredictable bit value, it is included in the rest of the bit.

[0048] Notice that in FIGS. 3A, 3B and 3C, the period while the spoofer generates a random value or zero is the parameter W.sub.s defined in Table 1.

[0049] FIG. 2 shows a flow-chart representing a GNSS signal spoofing detection method 100 according to the present invention. In step 110, the GNSS receiver digitizes, acquires and tracks a GNSS signal from at least one GNSS satellite, the GNSS signal comprising a predictable part and an unpredictable part, wherein the predictable part comprises predictable bits and the unpredictable part comprises unpredictable bits. Methods for digitizing, acquiring and tracking GNSS signals are known in the art and will not be described further.

[0050] In step 120, the receiver stores a sample sequence

[00020]$y_{pred}^{\ast }\left(n\right)$

of the predictable part and a sample sequence

[00021]$y_{unpred}^{\ast }\left(n\right)$

of the unpredictable part of the one or more tracked GNSS signals. In the embodiment described below, the stored sequences are part of the same unpredictable bit. In other words, the initial part of the unpredictable bit is stored as an unpredictable sample sequence

[00022]$y_{unpred}^{\ast }\left(n\right)=y_{beg}^{\ast }\left(n\right)$

and the end part of the unpredictable bit is stored as a predictable sample sequence

[00023]$y_{pred}^{\ast }\left(n\right)=$

[00024]$y_{end}^{\ast }\left(n\right).$

As described above, although the predictable sample sequence is obtained from an unpredictable bit, the non-initial part (i.e. not the beginning part) of the unpredictable bit is typically correctly estimated by the spoofer and it is therefore considered predictable.

[0051] In step 125, the receiver verifies the value (i.e. the bit values) of the unpredictable part of the signal, i.e. the value of the unpredictable bits from which the unpredictable sample sequences are extracted. More specifically, although usually all unpredictable bit values will be verified, it will be readily appreciated that the method according to the invention only requires that at least the unpredictable bit values of which a sample sequence is stored are verified. This may save computing resources in the receiver. This unpredictable part verification can be performed by a GNSS authentication protocol such as the OSNMA functionality in Galileo.

[0052] In step 130, the receiver computes a first partial correlation between the unpredictable sample sequences and a locally stored GNSS signal replica and a second partial correlation between the predictable sample sequences and the locally stored GNSS signal replica. Preferably, step 130 only occurs after the unpredictable bits have been verified in step 125.

[0053] The computation of the partial correlations is done in step 132 using the following equations:

[00025]${B^{\prime }}_{unpred}\left(k\right)={\displaystyle {.Math.}_{n=1}^{samples\_b}{y}_{unpred}^{\ast }}\left(n\right)x_{unpred}\left(n\right);\text{and}$

[00026]${B^{\prime }}_{pred}\left(k\right)={\displaystyle {.Math.}_{n=1}^{samples\_e}{y}_{pred}^{\ast }\left(n\right)x_{pred}\left(n\right),}$

where

[00027]$y_{unpred}^{\ast }\left(n\right)$

and

[00028]$y_{pred}^{\ast }\left(n\right)$

are the unpredictable and the predictable samples during W.sub.u,d and W.sub.p,d respectively, of the received signal in one code period, x.sub.unpred(n) and x.sub.pred(n) are the corresponding local replicas, and samples_u and samples_p indicate the total number of unpredictable, respectively predictable, stored samples. Please note that samples_u and samples_p need not be the same. In this way, the partial correlations represent the initial part and the last part of the unpredictable bit.

[0054] In subsequent step 134, B.sub.unpred(k) and B.sub.pred(k) are defined which correspond to the partial cross-correlation after removing the sign of the unpredictable bit by

[00029]$B_{unpred}\left(k\right)=b\left(k\right){B^{\prime }}_{unpred}\left(k\right);\text{and}$

[00030]$B_{pred}\left(k\right)=b\left(k\right){B^{\prime }}_{pred}\left(k\right),$

where b(k) is the value of the unpredictable bit (1, -1).

[0055] In step 140, the receiver computes one or more from a number of predefined metrics R using the partial correlations after sign removal. Several metrics are described below.

[0056] An intuitive way of detecting spoofing would be to compare the satellite code gain based on several unpredictable bits to that obtained from various predictable bits as suggested in Fernández-Hernández, Ignacio, and Gonzalo Seco-Granados. “Galileo NMA signal unpredictability and anti-replay protection” 2016 International Conference on Localization and GNSS (ICL-GNSS), IEEE, 28 Jun. 2016. One manner to perform this comparison (i.e. the gain comparison) is computing the ratio of N.sub.b sums of partial correlations. Then, the absolute value of the ratio between the two metrics is computed:

[00031]$R_1=\left|\frac{{\displaystyle .Math.{}_{k=1}^{N_b}{B}_{unpred}\left(k\right)}}{{\displaystyle .Math.{}_{k=1}^{N_b}{B}_{pred}\left(k\right)}}\right|.$

[0057] If the spoofer is present, R.sub.1 should be close to 0; but if the spoofer is absent, it should be close to 1. However, one drawback of the metric R.sub.1 is that it can provide any value in H.sub.1 if the received signal includes the spoofed signal and the authentic one with different values of phase, which different phase value behavior is best represented in the complex part of the complex valued partial correlations.

[0058] In order to solve this problem, the present invention relies on four other metrics R.sub.2-R.sub.5 that are based on comparing the complex valued partial correlations rather than the real valued gain. A first metric R.sub.2 is:

[00032]$R_2=\left|\frac{{\displaystyle .Math.{}_{k=1}^{N_b}{B}_{unpred}\left(k\right)}}{{\displaystyle .Math.{}_{k=1}^{N_b}{B}_{pred}\left(k\right)}}-1\right|.$

[0059] The idea behind R.sub.2 is that, if the spoofer is absent, R.sub.2 is close to 0, but if the spoofer is present, R.sub.2 is larger. This facilitates the definition of the detection threshold.

[0060] An additional metric is R.sub.3, which consists in computing the mean of the difference between the initial and final partial correlations:

[00033]$R_3=\left|\frac{1}{N_b}{\displaystyle {.Math.}_{k=1}^{N_b}\left(B_{unpred}\left(k\right)-B_{pred}\left(k\right)\right)}\right|.$

[0061] If R.sub.3 is a large value, the spoofer is present. However, if R.sub.3 is a small value, the spoofer is absent.

[0062] Another interesting metric R.sub.4 deals with the comparison of the carrier-to-noise (C/N.sub.0) estimate of the initial part of an unpredictable bit to the estimate of other parts of the signal that are considered predictable. To estimate the C/N.sub.0, the well-known Narrow-band Wide-band Power Ratio (NWPR) estimator may be used. Basically, it requires evaluating the ratio between the signal wideband power WBP to its narrowband power NBP:

[00034]$\text{NP}\text{=}\frac{\text{NBP}}{\text{WBP}},$

where

[00035]$\text{WBP}\text{=}\left({\displaystyle {.Math.}_{k=1}^{N_b}{\left|B_x\left(k\right)\right|}^2}\right)\text{and NBP}\text{=}\left({\left|{\displaystyle {.Math.}_{k=1}^{N_b}{B}_x\left(k\right)}\right|}^2\right)$

with B.sub.x(k) being the partial correlation of any part of the bit, e.g. the initial part and the end part of the unpredictable bit. Finally, the carrier-to-noise (C/N.sub.0) estimate can be estimated as:

[00036]$\widehat{C/N_0}=10{\log }_{10}\left(\frac{1}{T_{coh}}\frac{\text{NP-1}}{N_b-\text{NP}}\right),$

where T.sub.coh is the coherent integration time to compute the partial correlations. The predefined metric R.sub.4 is based on the difference of C/N.sub.0 estimates of the predictable and unpredictable parts of a bit:

[00037]$R_4=\left|{\widehat{C/N}}_{0_{beg}}-{\widehat{C/N}}_{0_{end}}\right|.$

[0063] The spoofing attack can be detected using this metric since, if the spoofing attack is absent, the metric above must be a value close to 0 while, if the spoofer attack is present, the magnitude of this metric must provide larger values.

[0064] A final metric R.sub.5 only uses the phases of the initial and final partial correlations:

[00038]$\begin{array}{c}{R}_5=\left.‖atan2\left({\displaystyle {.Math.}_{k=1}^{N_b}im\left(B_{unpred}\left(k\right)\right),{\displaystyle {.Math.}_{k=1}^{N_b}re\left(B_{unpred}\left(k\right)\right)}}\right)-\right)\\ \left(atan2\left({\displaystyle {.Math.}_{k=1}^{N_b}im\left(B_{pred}\left(k\right)\right),{\displaystyle {.Math.}_{k=1}^{N_b}re\left(B_{pred}\left(k\right)\right)}}\right)\right.‖.\end{array}$

[0065] If the presence of the spoofed signal modifies the phase of the received signal, the spoofer can be detected using this metric.

[0066] In step 150, the receiver compares the predefined metric R with a predefined threshold value to detect GNSS signal spoofing. In practice, the threshold is set in such a way that a predefined false alarm probability is obtained, e.g. a false alarm probability of 0.02 or any other desired value. It will be readily appreciated that the threshold values (and the corresponding false alarm probabilities) may be different for each of the above described metrics R. For example, for metric R.sub.3, the threshold may be set to a value leading to a false alarm probability of 0.02 and the signal may be authenticated in step 152 when metric R.sub.3 is below the threshold and may be considered as a spoofed signal in step 154 when metric R.sub.3 is above the threshold.

[0067] In general, the predefined threshold value is linked to the false alarm probability P.sub.ƒa = 0.02 and may be determined for each metric R by deriving cumulative density function of the metric R under the null hypothesis (i.e. the spoofer is absent). A more detailed example is described below.

[0068] The method illustrated in FIG. 2 further includes step 160 where the receiver calculates the GNSS signals time of arrival from the spreading codes and step 170 where the receiver calculates its position, velocity and time by demodulating the satellite data. This is normally done by using GNSS signals from at least four different GNSS satellites, each GNSS signal comprising spreading codes and satellite data, the satellite data including the unpredictable part. Preferably, steps 160 and 170 are only done after the GNSS signals from at least four satellites have been authenticated in step 150.

[0069] It will be readily appreciated that, in other embodiments, the predictable sample sequence may be obtained from other parts of the signal, for example from (parts of) predictable bits and/or from other parts (i.e. not the initial or end part) of unpredictable bits.

[0070] A spoofer knowing beforehand which unpredictable bits, and which parts of them, are to be correlated, could exploit this advantage. First, because it could implement a random value attack with a variable power, depending on the success or failure of the previous guess; and second, because it could alter the predictable correlations to spoof the detector. Both advantages can be mitigated by the randomization of the correlations. In other words, in some embodiments, not all stored sample sequences need to be used in the calculation of the metrics R. For example, a randomized number of unpredictable bits are not used. This improves the robustness of the detection capability of the GNSS signal spoofing method, especially in case the spoofer is expecting this kind of defence.

[0071] It will be appreciated that the above description focussed on a single spoofing signal for only one satellite. However, the method may readily be used for detecting multiple spoofing signals at the same time. In fact, since, as illustrated below, the method according to the present invention is able to detect a single spoofing signal, it will operate even better for detecting spoofing in case the spoofer wants to consistently spoof a full PVT solution as this would require successfully spoofing multiple satellite signals at the same time.

[0072] In what follows, a performance analysis is presented on the different metrics under the presence of zero-delay attacks where the R.sub.1 metric is used to as a baseline comparison representative of the prior art and where the R.sub.2-R.sub.5 represent the invention. What follows are the results of the simulation of the spoofing detection capabilities of the proposed R.sub.1-R.sub.5 metrics under the most relevant attack situations. The results presented constitute the most difficult-to-detect spoofing scenarios, in terms of spoofing power advantage and type of attack. The spoofing simulation parameters are presented in table 2 below. Regarding the attack types, out of the three attacks previously described, we focus on the estimated value attack to carry out the simulations presented, as it provides an upper bound for the required number of unpredictable bits compared to the other two attacks. This attack consists in estimating the unpredictable bit sample by sample and introducing this estimation in the spoofed signal. The estimation of the unpredictable bit carried out by the spoofer can be easily performed at the tracking stage by using the following expression as

[00039]$\widehat{b}\left(m\right)=sign\left(Re\left\{{\displaystyle {.Math.}_{n=1}^m{y}_{beg}^{*}\left(n\right)x_{beg}\left(n\right)}\right\}\right).$

[0073] By doing so, the spoofer obtains an estimation of the bit for each m.

[0074] A variant of this attack consists in estimating the bit sample by sample, and after that, transmitting the estimation of the bit by using a scalar factor, depending on the level of confidence of the attacker. This sub-case has also been analyzed and it does not significantly differ from the standard estimated value attack.

[0075] We also assess the cases in which the spoofer has a C/N.sub.0 advantage of up to 5 dB with respect to the receiver. Concerning the relative power between the spoofed and real signal, we assess the cases of same power, and +3 dB power for the spoofed signal. The results are tested for AWGN channels, with a realistic number of visible GPS and Galileo satellites. In the simulation, we use a threshold value leading to a false alarm probability equal to 0.02 because it provides a good benchmark for comparing the various metrics.

TABLE-US-00002 Parameterization of spoofing simulations Zero-delay Attack type Estimated value attack [00040]$C/N_{\text{0}}{}_s^r$ 0 dB advantage; + 3 dB advantage; + 5 dB advantage with respect to [00041]$C/N_{\text{0}}{}_d^s$ Same power as [00042]${C/N_0}_d^r$ [00043]${C/N_0}_d^r$ ; ; +3 dB with respect to[00044]${C/N_0}_d^r$ W.sub.b,d ; W.sub.e,d 0.125 ms; 0.25 ms; 0.5 ms. Channel model AWGN Signals model 5 Galileo as per spoofed. E1B-E1C Eq. (1). signals Only and 8 GPS signals ;one Galileo satellite is P.sub.fa 0.02

[0076] In all cases, the spoofing detection probability P.sub.d is measured for different number of bits N.sub.b under different combinations of these parameters.

[0077] FIG. 4 shows the probability of detecting the spoofing attack vs the number of unpredictable bits for a false alarm probability of 0.02, with a 250-ms correlation per bit. These figures are based on the estimate value attack and consider that the user receives both the real and spoofed signals. On the top figure, the spoofer receives the signal from the satellite with the same power as the user, whereas on the bottom figure the spoofer receives the signal with higher power (3 dB) than the user. The figure shows that the R.sub.2 and R.sub.3 techniques provide the best performances. When the spoofer has an advantage of 3 dB with respect to the user’s receiver, the R.sub.2 and R.sub.3 detectors can detect the spoofing attack with a detection probability of 0.9 using 200 and 220 bits, respectively. However, if the spoofer receives the signal with the same power as the user receiver, the user receiver can detect the spoofing attack using 100 and 120 bits approximately using the R.sub.2 and R.sub.3 techniques, respectively. Note that the R.sub.1 metric performs poorer than all other metrics and especially with a low number of unpredictable symbols N.sub.b.

[0078] The previous simulation considers that the user receives the signal from the spoofer and the satellite with the same power. Nevertheless, for the plot of the top of FIG. 5, we assume that the user receives the signal transmitted by the spoofer with 3 dB more than the one transmitted by the satellite. In this scenario, the user receiver can detect the spoofing attack more easily than in the previous simulation. When the spoofer has an advantage of 3 dB with respect to the user’s receiver and the user receives the same signal power from the spoofer and the satellite, the R.sub.3 metric needs 200 bits to detect the spoofing attack for a detection probability of 0.9 (FIG. 4, bottom plot). However, when the user receives the signal from the spoofer with 3 dB more than the one transmitted from the satellite, R.sub.3 only requires 65 bits to detect the spoofing attack for a detection probability of 0.9 (FIG. 5). In these conditions, the best detector is R.sub.3. It is worth mentioning that in this simulation the performance of R.sub.1 is not so poor due to the fact that the user’s receiver receives more power from the spoofer than the satellite.

[0079] In FIG. 6, we analyse how the performance of the detectors is affected by the use of different lengths of the windows used to compute the partial correlations: 0.125 ms (top) and 0.500 ms (bottom). Note that the case with a window length of 0.250 ms is illustrated in the bottom plot of FIG. 4. These correlations, while much shorter than the standard 4-ms Galileo E1 codes, ensure that there is sufficient gain for detection, even in case of cross-correlation noise from other satellites. The results show that R.sub.3 provides very similar performance for different window lengths used to compute the partial correlations, while the others are more sensitive to this parameter. The metric R.sub.2, which also exhibits promising performance in certain situations, is affected by the window length. If the window length is appropriate, it can offer very good performance. However, whether the time window is too short or large, this technique suffers some degradation in the detection probability.

[0080] The conclusion from the simulation analysis is that the R.sub.2-R.sub.5 metrics (which are based on the complex valued partial correlations) perform markedly better than the R.sub.1 metric which is based on the gain (i.e. a real value obtained from the complex valued partial correlations). Furthermore, out of the proposed metrics, R.sub.3 is one that performs best, and that it is robust enough against all situations, provided that it accumulates enough energy from sufficient bits. With a sufficient number of bits, on the order of 200, the detector can detect a spoofing attack with a probability higher than 90%, even when the spoofer has a power advantage over the user receiver.

[0081] One remaining aspect of the implementation of the method is defining the unpredictable parts, symbols, or bits, of the GNSS signal. The current Galileo OSNMA protocol aims at authenticating the satellite navigation data. We have considered a baseline use case of OSNMA of 2 MACK (Message Authentication Code and Key) blocks, 20-bit MACs, 96-bit keys, and 4 MACs per block. This configuration allows the receiver to have 80 unpredictable bits per 15-second MACK block, without taking into account the KEYs bits, and around 160 in a similar time, if the first 80 bits of the key are considered unpredictable. We can conclude that, even in the case that the key is predictable, the detector can be based on 30 or 45 seconds (i.e. 2 or 3 MACK blocks), in order to obtain 160 or 240 unpredictable bits. In light of the results of the simulation, we can see that, even in advantageous cases for the spoofer, (some of) the metrics can work. A receiver could decide to wait for two Galileo I/NAV subframes, for 60 seconds in total, providing 320 unpredictable bits, in order to increase confidence in the metric.

[0082] Since the R.sub.3 metric seems the most promising metric to detect GNSS spoofing, in what follows an example is given on the computation of its detection threshold y. The spoofer detection boils down to the comparison between the metric R.sub.3 and a detection threshold to distinguish whether the user’s receiver is being spoofed or not. The detection threshold is affected by the individual probability of false alarm:

[00045]$P_{fa}=1-cd{f}_{R_3}\left(\gamma \left|H_0\right)\right)$

where cdƒ.sub.R3(y|H.sub.0) is the cumulative density function of the metric of R.sub.3.

[0083] The probability of false alarm requires the knowledge of the cumulative density function of R.sub.3 under the null hypothesis H.sub.0 (i.e. the spoofer is not present). When the spoofer is not present, the R.sub.3 metric is very similar to Rayleigh distribution. This occurs because the value of the partial correlations at the beginning and the end of bit (or another predictable part of the signal) have practically the same constant value to which Gaussian noise is added. As such, the term inside the absolute value can be considered as a zero-mean complex Gaussian noise and the metric R.sub.3 has a Rayleigh distribution. Exploiting the relation between the Rayleigh distribution and the underlying Gaussian variable, the mean of the Rayleigh distribution can be obtained from the standard deviation of the partial correlations in the predictable part B.sub.end(k). That is, the mean of the Rayleigh distribution is equal to

[00046]${\sigma }_B\sqrt{\pi /2},$

where σ.sub.B is the variance of B.sub.end(k).The detection threshold γ can thus be defined as

[00047]$\gamma =cd{f}_{R_3}^{-1}\left(1-P_{fa}\left|H_0\right)\right).$

[0084] FIG. 7 compares the theoretical and simulated probability density function (top plot) and the probability of false alarm (bottom plot) under the null-hypothesis of the metric R.sub.3. The figure shows that the metric R.sub.3 is indeed well approximated by a Raleigh distribution.

[0085] It will be readily appreciated that the above example of how to compute the threshold value for metric R.sub.3 in order to have the desired probability of false alarm may also be applied to other metrics. Moreover, other threshold values may be used which are not linked to a false alarm probability and/or which are not based on cumulative density function of the metric.

[0086] Although the method according to the present invention has been described by reference to the Galileo OSNMA protocol, the invention should not be considered as limited thereto and the proposed method can also be applied to other protocols.

[0087] Although aspects of the present disclosure have been described with respect to specific embodiments, it will be readily appreciated that these aspects may be implemented in other forms within the scope of the invention as defined by the claims.