Signal spoofing was once considered a niche and unlikely risk for commercial users of global navigation satellite systems (GNSS). Transmitting fake GNSS signals to force a receiver into reporting an inaccurate time and position could only be done by radio frequency (RF) experts, and needed expensive equipment. For that reason, almost all spoofing incidents documented prior to 2015 were conducted either for academic research or for nation state-level electronic warfare.Since 2015, however, the emergence of low-cost, software-defined RF signal generators, combined with a growing awareness of spoofing as a powerful disruption technique, has seen the number of incidents increase. At the same time, commercial organizations are becoming more reliant on GNSS-based positioning, navigation and timing (PNT) systems, making spoofing a growing threat to safety-critical and liability-critical operations.
This paper will review the threat to users of commercial GNSS receivers from spoofing at the RF level. It will set out how developers and integrators of GNSS receivers can assess the risks to their products and to their end-users’ operations,and will provide advice on implementing and testing spoofing detection and mitigation measures.