21 minute read
Resilient PNT for a Self-Reliant India
18 EXPERT OPINION Resilient PNT for a
Self-Reliant India
Positioning, Navigation and Timing (PNT) encompass a plethora of navigational functions and are a central element of many modern technology systems and devices. However, the latest electronic warfare technology can disrupt communications, navigation and guidance systems, and GNSS signals that rely on accurate PNT data. Therefore, India needs resilient PNT to become self-reliant. By Lt. Col. Gulshan Mehta, Corps of EME, Indian Army
In the present scenario, it is easier than ever to disrupt Global Navigation Satellite System (GNSS) signals, thereby denying the systems that rely on accurate Positioning, Navigation and Timing (PNT) data. PNT is one of the most central elements of modern technology systems and devices, which we depend on an everyday basis. Nearly every critical system around the world banks on these signals and data. When it comes to military systems, failure isn’t an option. Leaders in the Department of Defence are concerned about over-reliance on this one form of technology. If GNSS guidance becomes unavailable, soldiers and drones in the battlefield could be rendered blind and unable to navigate. If that awareness
is lost, even for a minute, the consequences can be disastrous. GNSS also plays an important role in the targeting and guidance systems in missiles. As such, GNSS has become both a strength and a vulnerability. The most important question now is: How can we protect essential systems from interference and denial-of-service attacks?
Electronic warfare
In the current scenario, electronic warfare has become a theatre of furious contention. The Indian Regional Navigation Satellite System (IRNSS), with the operational name NavIC, was developed partly because access to foreign government-controlled GNSS is not guaranteed in hostile situations, as was the case in 1999 when the US denied the Indian request for Global Positioning System (GPS) data in the Kargil region.
Electronic war has three basic elements: probe, attack and protect. Initially, intelligence is gathered by locating enemy electronic signals. On attack, ‘white noise’ jamming disables and degrades systems, including radio and cellphone communications, air defense and artillery radars. Then there is spoofing, which confuses and deceives. When it works, munitions miss their targets. Electronic signals emitted in battlefield can be used to track individuals and equipment.
The latest electronic warfare technology has the capability to disrupt communications, navigation and guidance systems and may also direct lethal blows. It may be used against artillery, fighter jets, cruise missiles, drones and many other equipment. Militaries may also use it to protect their forces. The same has also been observed in the RussiaUkraine war, wherein the simple act of powering up a cellphone has been seen to draw a rain of deathly fire. Similarly, artillery radar and remote controls for unmanned aerial vehicles have invited showers of shrapnel.
Role of drones
In the early days of the war in Ukraine, drones were termed an astonishing source of success against Russian forces. Numerous stories and multiple video clips dominated the media, showing Ukraine's drones demolishing the chaotic Russian advances. However, Russia learned from this humiliation in the first months of the invasion and soon established better organized and fielded electronic warfare and air defense systems.
A Ukrainian intelligence official called the Russian threat “pretty severe” when it came to disrupting reconnaissance efforts and commanders’ communications with troops. Russian jamming of GPS receivers on drones that Ukraine uses to locate the enemy and direct artillery fire is particularly intense “on the line of contact,” he said. Russia jammed GPS from Black Sea to Finland in the ongoing war. The European Aviation Safety Agency (EASA) said the issue was observed in the Russian enclave of Kaliningrad, the Baltics, Eastern Finland, the Black Sea, the Eastern Mediterranean and Northern Iraq.
Lessons from the UkraineRussia war
Many important lessons may be learnt from the Russia-Ukraine war about multidomain warfare, particularly the proliferation of electronic attacks and counter-
IN THE US ALONE, GPS IS APPROACHING USD 1 TRILLION IN TERMS OF ECONOMIC IMPACT AND IS DOUBLING EVERY 2-3 YEARS. BUT IT IS A SINGLE POINT OF FAILURE. THIS HIGHLIGHTS THE NEED FOR RESILIENT PNT.
Gillian Smith
Vice President of Marketing NextNav
measures. While neither side has tapped, nor will hopefully, its most destructive electronic warfare resources in the future, both have employed jamming.
Communication jamming, as well as spoofing, are techniques intended to disrupt satellite communication. The US also accused Russia of interfering with their GPS signals in the ongoing war, which could be due to jamming or possibly spoofing. In early March 2022, Elon Musk-owned SpaceX noted that its Starlink signals that were providing satellite internet to Ukraine, had also been jammed.
In November 2021, Russia admitted to destroying one of its own satellites, implying a threat to target other satellites as well. If Russia were to target GPS satellites, it would cripple not just military capabilities but also much of the entire world’s logistical capabilities. It is therefore evident that there could be both large-scale (hard kill) and
A Russian Krasukha-4 jamming station was captured in Ukraine in March 2022 smaller-scale (jamming/spoofing) threats to the satellite-based navigation system.
Alternatives to GPS
Although GPS is an important component of the national PNT ecosystem, it is far from being the only source of capability for PNT. If GPS disruption makes it difficult to perform a task in an automated way, numerous manual strategies are available, even at the price of reduced efficiency, by using alternative niche technologies. Because of the importance of PNT in the modern economy, a wide range of technologies has been prepositioned, which could either supplement GNSS or provide it with backup.
The UK and the US are seeking alternatives to GPS that do not rely on satellites, among concerns that future wars could be fought by signal jammers without a single shot being fired. Many of these alternative and complementary PNT capabilities are already implemented broadly and some additional technologies are being implemented for public safety or other purposes.
No single system could be an ideal backup for GPS. Some systems, such as the European Union’s Galileo or Russia’s GLONASS are satellite systems very similar to GPS and could be a good substitute under certain circumstances (if GPS alone were spoofed or disrupted by a cyber-attack). However, under other circumstances, such as a solar storm, these similar satellite systems would also be unavailable, as they share the same vulnerabilities as GPS.
Terrestrial systems are divergent to GPS and have different weaknesses. But no single terrestrial system matches GPS on area coverage, on position accuracy, and likely on ubiquitous adoption of low-cost user equipment in the presence of continual, free GPS signals. Any single backup, therefore, will mitigate a GPS outage only for limited users. Modest investments by the government in threat detection could also reinforce private incentives to maintain a robust PNT ecosystem.
NavIC, our own RNSS, is equally vulnerable to space storms and can be disrupted to deny PNT signals. Both GPS and other GNSS constellations that broadcast on multiple frequencies and receivers, which take advantage of Dual Frequency Multi Constellation (DFMC) GNSS, are now becoming commonly available, including in smartphones, which can hop to a secondary constellation in case of disruption in the primary navigation system.
Long Range Navigation or LORAN-C was a timing and radio navigation service that used high-power signals from terrestrial antennas in the 90–110 kilohertz (kHz) band and was intended to provide positioning accurate to within about 460 meters. This level of accuracy was useful to mariners, although it was insufficient for harbor navigation. Still, since the error in repeatability of the position calculation and the relative location with respect to nearby users could be several times better, it was useful for the relative navigation and safety of ships. Enhanced LORAN or eLoran was designed to provide better positioning accuracy using the same transmitter sites and much of the existing Loran-C infrastructure. The eLoran system has been deployed in various countries, including Russia, China and South Korea.
NextNav LLC, USA has developed a system of terrestrial beacons known as the Metropolitan Beacon System (MBS), to provide precise PNT signals to mobile device users in covered areas. MBS consumes significantly less power than GNSS and includes high-precision altitude. NextNav's Urban and Indoor Positioning service TerraPoiNT
is available in the San Francisco Bay Area, in McLean, Virginia, and in other select markets. NextNav’s vertical location service, Pinnacle, is available in more than 4,400 cities nationwide, and the company has partnered with AT&T FirstNet to provide vertical location service for first responders.
Similarly, Locata Corporation, headquartered in Australia, has developed a system of terrestrial beacons to provide PNT signals to dedicated receivers in a localized area. The system can reportedly provide centimeter-level precision in positioning, with under one nanosecond timing synchronization between transmitters without the use of atomic clocks. Locata uses a proprietary signal in the same band as Wi-Fi transmitters and therefore performs similarly to Wi-Fi with respect to signal obstruction and interference. Locata has been awarded a multi-year sole-source contract with the 746th Test Squadron (746 TS) of the United States Air Force to deploy LocataNet and provide positioning information when GPS is jammed across a 2,500 square mile (6,475 sqaure kilometer) area off the White Sands Missile Range in New Mexico.
Pseudolites are terrestrial transmitters that broadcast signals compatible with existing GNSS user equipment on the same carrier frequency using a signal structure that is the same as any other GNSS. A key motivation for such systems is indoor PNT where Space-based signals are not available. Pseudolites can also have much higher signal strength than normal GNSS signals and thus offer greater resistance to jamming.
Although the standards for 5G cellular telephony are not fully established, some of its characteristics can be anticipated. Because of the nature of the technology associated with 5G, the expectation is that there will be a much higher density of transmitter nodes to connect with user devices. These nodes can very well be used to allow devices to use 5G signals to determine their location within one meter or less. This is considerably better than what is now possible with GNSS alone. Moreover, there will be a significant incentive for users and providers to implement such capability. As a terrestrial alternative to GPS, 5G is relevant across a wide range of threats, providing positioning and navigation superior to GNSS as long as base station synchronization remains adequate and timing synchronization can be passed to the 5G cells.
Way forward
Our past experiences have taught us that India cannot solely depend on other countries to provide accurate PNT data. Learning from the Kargil War and the Russia-Ukraine war, policymakers need to consider all the possible PNT threats and not only the larger threats to make policy to develop/acquire a resilient PNT system from a plethora of available options. No PNT source, however, is foolproof; they all have their own strengths and weaknesses. Therefore, the best strategy is to use multiple, diverse PNT sources together that have different failure modes and characteristics so that the vulnerabilities of one source are counteracted by the strengths of another. Algorithms exist that can intelligently select and combine various PNT sources into a composite solution. To support Atmanirbhar Bharat, we require more startups offering effective solutions to a resilient PNT system. Taking preventive measures before facing an attack can sometimes be the best response. The best strategy to protect critical infrastructure is to use multiple, different PNT sources together. The earlier the detection, the quicker and more effective the recovery will be.
HawkEye 360 detected increased GPS interference in and around Ukraine in the months leading up to the Russian invasion. Credit: HawkEye 360
22 INTERVIEW DRDO’s lab for geohazard mitigation
DRDO’s two labs Snow and Avalanche Study Establishment (SASE) and Defence Terrain Research Laboratory (DTRL) have been merged. This merger will help optimize and consolidate resources. The confluence of these two labs has given rise to a new establishment, Defence Geoinformatics Research Establishment (DGRE), which has a focused mandate to address geohazards. The effective and efficient use of limited resources, expertise and knowledge will, therefore, help DRDO meet many requirements of the Indian armed forces.
Preparedness in inhospitable terrain
Efforts must be made to use the latest engineering and technological solutions, and develop new ones, to ensure safe mobility of troops in inhospitable terrain. Avalanche forecasts are being conitinuessly issued for the smooth execution of army operations of the troops. Avalanche-control structures are set up in risk-prone areas to ensure safe movement of vehicles. Also, off-road trafficability maps are provided to the army at regular intervals, along with other geospatial products from time to time.
Predicting geohazards related to climate change
Extreme weather events occurring due to climate change, such as unprecedented precipitation (snowfall/rainfall), often give rise to extreme winter and rainy season, leading to higher frequency of geohazards (avalanches, landslides and debris flow). The forecast for hazards associated with precipitation, such as snow avalanches, can be done using models such as SNOWPACK. Other events too can be predicted and the extent of a disaster reduced by developing early warning systems; DGRE is working on such technologies.
Self-reliance and indigenous solutions
To achieve true self-reliance, DGRE is working towards indigenization of systems and technologies for various activities. Efforts are being made to reduce dependency on foreign-origin components. The development of Global Systems for Mobile Communications-based Automatic Weather Station (GSM-based AWS) is a step towards self-reliance.
Role of geospatial sector in DGRE’s mission
The National Geospatial Policy2021 is a significant attempt at achieving India’s aim of “Atmanirbhar Bharat”, by making data and modern technologies easily available to Indian companies. Under this policy, all geospatial data produced using public funds shall be accessible for scientific, economic and developmental purposes. This will further strengthen the scientific endeavor and development of new technologies in this sector. Further, it will enhance collaboration among various organizations, including DGRE, and reduce the cost of acquiring data, as the data acquired by one agency can be easily used by other agencies without any additional cost burden.
The Defence Research and Development Organisation (DRDO) has merged two of its labs to create the Defence Geoinformatics Research Establishment (DGRE). The new organization will map, forecast, monitor, and help mitigate natural calamities like landslides and avalanches in the Himalayas, says Dr Pramod Kumar Satyawali, Director, DGRE. He also shares his vision for the new establishment with Geospatial Artha.
By Jitendra Choubey Senior Associate Editor jitendra@geospatialworld.net
The role played by geospatial technology in human lives can be observed in the way the world is dealing with some current challenges, such as the COVID-19 pandemic and the ongoing Russia-Ukraine war. Let me speak about the role of robust cybersecurity in geospatial technology.
Why is cybersecurity important?
GIS (Geographic Information System) has a source of information, a network, or media through which information passes. It has a destination where the information will be stored. It has a processor. It has storage. Though it is an information system, it is prone to cyberattacks and this makes the issue of cybersecurity important. So, the attack vector can either attack the source of information network or media storage or the network, including the Cloud, resulting in loss and corruption of data. This is why it is pertinent for cybersecurity to be embedded in geospatial technology.
Promoting Cyber Hygiene and Strengthening Cybersecurity
Cyberspace is a dynamic and complex environment of users, networks, information systems and services. Due to its anonymous and borderless character, cyberspace is vulnerable to various security concerns worldwide. Lt. Gen. Rajesh Pant,
PVSM, AVSM,VSM (Retd.) National Cybersecurity Coordinator, PMO,
Government of India, is responsible for coordinating cybersecurity activities across multiple sectors. Previously, he was the head of the army's cyber training establishment and served in the Army Signals Corps. The three-time Presidential Award winner spoke with Jitendra Choubey on a plethora of issues related to cyberspace policy, the current challenges and the way forward.
The Government of India (GoI) has initiated a number of steps in the last few years to strengthen our cybersecurity and ensure that cyberspace remains safe. GoI approved the national security directive on the telecom sector on December 16, 2020. Under this, all products connected to the telecom network of India have to be procured and adopted from trusted sources — from trusted countries, companies and their related supply chains. Besides, a number of agencies have been created in the past few years to oversee and strengthen cybersecurity in different sectors.
The National Critical Information Infrastructure Protection Centre (NCIIPC) was created as a nodal agency for the protection of critical sectors like transportation; railways; banking, financial services and insurance (BFSI); aviation; and other strategic sectors. The Indian Cyber Crime Coordination Centre
(I4C) was created under the Ministry of Home Affairs to tackle cyber fraud. Under the Ministry of Electronics and Information Technology, the National Cyber Coordination Centre was created for threat prediction. For public awareness on information security and training, the Information Security Education & Awareness (ISEA) center was created. Three years ago, we set up the Defence Cyber Agency, specifically for the defense sector. And under the Ministry of External Affairs, the Cyber Diplomacy Division was created.
Risky foreign suppliers
Most semiconductor devices, such as integrated circuits (ICs and printed circuit boards are manufactured and imported from countries like Taiwan, China, the US, Europe, and South Korea. It then becomes important to keep track of the global supply chain. Malware can either be a type of software or hardware. It could also be a part of the firmware itself. For example, one extra line while manufacturing an IC can compromise user data. Therefore, for both hardware and software, the supply chain needs to be checked and tested.
Infrastructure to check malware
The Mandatory Testing and Certification of Telecom Equipment (MTCTE) was notified by the Government of India on September 5, 2017. Under this scheme, all telecommunications equipment, whether imported or indigenously manufactured, has to be tested and certified against Essential Requirements (ERs) issued by TEC (Telecom Engineering Centre). TEC the technical arm of the Department of Telecommunications (DoT) and the designated agency for testing telecom equipment by designated labs. The responsibility for framing security related requirement and security certifications lies with the Bengaluru-based National Centre for Communication Security (NCCS).
We created the Defence Cyber Agency in November 2019 in the line of cyber command; it is now fully functional. This agency will be converted into a full-fledged command in the future as we are facing challenges like manpower and land allotment.
Cyber deterrence policy
Just like the government’s policy on nuclear weapons (‘no first use’), we too have a ‘no first attack’ policy in place. In cyber deterrence, we have full capability to attack in case any state actor dares to touch us. That is where cyber deterrence comes into play. However, we are not out to harm any country by using offensive cyberattack.
Protection of digital infrastructure
We are one of the few countries focusing on critical infrastructure, including the health sector. We created the National Critical Information Infrastructure Protection Centre (NCIIPC). Recently, we conducted the first national cyber exercise, NCX India 2022, which took place from April 18 to April 29, where we got chief information security officers and decision-makers from all critical sector organizations.
First, we trained the officers and decision-makers and then we put them through an exercise where we simulated a ransomware attack on the power sector and the oil sector. Then, a rehearsal was conducted.
We took extra security steps to protect our critical sectors — telecom and power. We formed a sectoral telecom emergency response team, even though there is the Indian Computer Emergency Response Team (CERT-In) — a nodal agency to deal with cybersecurity threats like hacking and phishing. We also created a powerCERT to deal with different verticals in this sector — power generation, distribution, transmission, and grid operation.
Cybersecurity is a global issue
In cybersecurity, there are two verticals: services and products. Services mean audits, education, training, etc. We are self-reliant in all aspects of services within the country so far. However, on the products side, equipment may come from anywhere in the world.
There is a long chain of products starting from endpoint security (end-user devices like desktops, laptops, and mobile devices) to network, and our challenge is to protect every element of this
network. There is Cloud security and data-centered security, and there are various aspects of firewalls, seams, prevention systems, detection systems, and security operation centers. Cybersecurity is a global common like the climate, the pandemic, and the environment. So, global commons require global solutions and we should not be particular about having everything within the country.
Better cyber hygiene
We should not always react to a situation, rather we should try to prevent it. For this, we need to invest more in the education and awareness of our people to make them practice better cyber hygiene. The individual human being is the weakest link in the cyber security chain.
Technically, I can do a lot of things to protect the system but if a human being falls prey to a phishing attack or a malware dropper or some other attack vector, the entire system gets compromised. Our people should be careful while installing various apps on smartphones so that hackers do not take advantage of them. We have started training programs in schools on cybersecurity. Investing in education and awareness is the best endpoint measure to ensure the security of our laptops and phones.
Data sovereignty is national sovereignty
As a nation, we are losing in terms of data value as we are late in shaping our data protection bill. The Ministry of Electronics and Information Technology introduced the Personal Data Protection Bill, 2019, in the Lok Sabha. The Bill seeks to protect the personal data of individuals and establishes a Data Protection Authority for the same. But it is still at a standing committee. We need a data protection framework urgently.
One can recall the case where personal data belonging to 87 million US Facebook users was sent to Cambridge Analytica. Afterwards, Facebook was fined USD 5 billion. It can happen in any country. A lot of companies operating in the EU have been fined under the General Data Protection Regulation of Europe (GDPR).
Unlike the EU, we don’t have any regulations in place to ensure that data stays inside the country. At the very least, personal and sensitive data must stay inside the country. This is part of sovereignty.
The UN has this concept pertaining to the sovereignty of nations. Data of any nation is also sovereign and has to be regulated by the law of the land.
Though biometric Aadhaar data is stored and protected within India, some data centers are located outside the country. This is why we urgently need a data protection framework and bill.
Prepared for hybrid warfare
We held an exercise called the National Cyber Exercise 2022 from April 18 to April 19, which was aimed at seeing how prepared we are. We made two teams from 150 participants from critical sectors like Power and CERT, as well as from private companies. They attacked each other and both had to defend themselves from the other’s attack. One team attacked the computers of the second team while the latter tried protecting itself. The result was encouraging. We are well prepared and the National Security Council Secretariat is doing an excellent job in ensuring that their systems remain safe.
We do have a robust regulatory framework in place, otherwise technology would be prone to misuse. For the cyber security part, we have the IT Act, amended in 2008, which is well crafted. On April 28, 2022, fresh directions were issued under the IT Act 70B, mandating everyone in India to report a cyber incident within six hours of its occurrence. We have also specified that logs need to be maintained for 180 days because we can then review them to find out how the particular malware has entered the system.
We have also laid down guidelines for data centers that are not regulated since we found out that a lot of people hire virtual private servers (VPS) and carry out attacks through these centers. The details of people hiring these virtual private servers are not revealed as these companies are private.
