Analyzing the Cybersecurity Dangers and Resilience of RTK Modules in Drone Navigation Programs
by DRONELIFE Contributor T. Seth Ford (Drone615, Nashville, TN)
Understanding the GPS and House Financial system Framework
In response to GPS.gov, the official web site for presidency info regarding america’ World Positioning System (GPS), it’s comprised of three segments: the house phase, the bottom phase, and the consumer phase. To additional develop on this conceptual design, in his ebook Terra Calling: Defending and securing the house economic system, Stefan Soesanto describes your entire house administration effort as a multi-domain, multi-sectoral, and multi-asset system throughout the larger house economic system, grouped into 5 elements: 1) House-based belongings, 2) Earth-based management stations, 3) Earth-based communication stations, terminals, and units, 4) House trade, and 5) House economic system provide chain.
As extra satellite-based elements are outsourced to worldwide producers and commercial-off-the-shelf (COTS) choices change into mainstream, offering larger choices for satellite tv for pc operations, these advantages, nevertheless, include new and expanded challenges in stopping and dealing with cyber assaults and downtime brought on by unintentional environmental interactions.
RTK Modules and Their Function in sUAS Operations
One such part makes use of real-time kinematic (RTK) differential positioning, mixed with your entire World Navigation Satellite tv for pc System (GNSS), to boost the positioning, navigation, and timing (PNT) capabilities of small Unmanned Aerial Programs (sUAS) throughout autonomous flight mode. We’re going to focus, briefly, on the variations between RTK modules and internally constructed GPS receivers throughout small uncrewed plane system (sUAS) operations when using an RTK module as the first GPS receiver for autonomous mapping missions.
RTK modules allow a better diploma of worldwide (absolute) accuracy in comparison with the GPS receiver positioned inside a typical enterprise-level industrial Air Automobile (AV) physique/body. That is particularly necessary for land growth mapping missions, the place world accuracy is simply as essential as relative accuracy.
Technical Benefits and Rising Vulnerabilities
RTK modules can monitor multisystem satellite tv for pc L1 and L2 civilian bands over code and provider part alerts, which gives larger accuracy and extra dependable PNT options with minimized impression from electromagnetic interference (EMI), as mentioned by GNSS pioneer Dr. Jan Van Sickle in his fifth version of GPS and GNSS for Land Surveyors (2023). Nevertheless, RTK operates on RTCM 10403.3, aka model 3.3, as an open format and never restricted to a particular receiver kind. This particular model was enhanced to permit communication with all GNSS constellations. This consists of China’s BeiDou and Russia’s GLONASS techniques.
Whereas RCTM 3.3 is a serious improve for industrial operations, it additionally presents potential will increase in cyber vulnerabilities over shared satellite tv for pc constellations. GNSS receivers are sometimes constructed into each the bottom ingredient (handheld controller) and the air ingredient (air car). Each can function on particular constellations, both by design or by consumer settings, however RTK modules sometimes can join with all 4 main constellations (GPS-US. Galileo-EU, GLONASS-Russia, and BeiDou-China) and are selectable with smaller, regional constellations. By default, the extra accessible connection factors, the larger the danger of potential assaults.
Spoofing, Jamming, and the Want for Countermeasures
Within the case of accessing the RTK module to make use of the Air Automobile as a lethal projectile as a substitute of a mapping device, one might spoof an L-band channel and inject false information into the PNT answer, inflicting the sUAS to offer false location reviews. Though there are only a few rumored and unconfirmed reviews of legal hacking particularly via an RTK module, nevertheless distant or unbelievable, the general idea must be additional examined. Of observe, corporations like GPSPATRON produce units and software program to measure, defend, and shield towards jamming and spoofing assaults via counter-spoofing techniques.
Provide Chain Dangers and Regulatory Gaps
One other entrance of assaults can come from RTK {hardware} embedded throughout the manufacturing course of. In his 2019 article Cybersecurity Rules for House Programs, Gregory Falco factors out that penetration assessments into an organization’s digital community usually study the manufacturing course of provide chain for embedded code or product defects supposed to destabilize or hurt the end-product or associated techniques. Cybersecurity can legally be traced again to the efforts, or lack of efforts, as within the case of the Federal Commerce Fee (FTC) v. D-link for insufficient cyber safeguards in 2016. The Authentic Tools Producer (OEM) may be held chargeable for these faults, and may, inside purpose, however rules and requirements are nearly non-existent or at the least have been up till the late Nineteen Nineties when the primary cyberattacks focused GNSS satellites. Since then, cybersecurity growth has been largely reactionary, reasonably than proactive, in addressing points and stopping future occurrences.
Balancing Advantages and Cybersecurity Wants
Briefly, RTK modules make the most of extra frequencies than standard sUAS-built-in GPS receivers, providing enhanced reception functionality and effectivity. Nevertheless, these advantages might not adequately safeguard towards cyber threats as a consequence of non-standardized interoperability protocols and restricted third-party OEM vetting procedures. Whereas the danger of GPS spoofing via RTK modules is minimal, these communication paths could possibly be made safer with larger ranges of safety. Encryption, on the very least, safeguards information from unauthorized entry and ensures the integrity and improved reception charges of the supposed information packets for the supposed consumer
T. Seth Ford is a US Marine Corps fight veteran who flew assault helicopters and small drones in fight zones and assisted in small UAS testing and analysis. Seth holds levels, certificates, and licenses throughout a number of fields and disciplines and is presently in search of an MS in Uncrewed and Autonomous Programs at Embry-Riddle Aeronautical College. He’s the founder and principal pilot of drone615.internet in Nashville, TN.