An autonomous GNSS anti-spoofing technique

open3siIn recent years, the problem of Position, Navigation and Timing (PNT) resiliency has received significant attention due to an increasing awareness on threats and the vulnerability of the current GNSS signals. Several proposed solutions make uses of cryptography to protect against spoofing. A limitation of cryptographic techniques is that they introduce a communication and processing computation overhead and may impact the performance in terms of availability and continuity for GNSS users. This paper introduces autonomous non cryptographic antispoofing mechanisms, that exploit semi-codeless receiver techniques to detect spoofing for signals with a component making use of spreading code encryption.openCaparra, Gianluca; Wullems, Christian; Ioannides, Rigas T.Caparra, Gianluca; Wullems, Christian; Ioannides, Rigas T

'It's pathological': Exploring gaps in the whole-systems approach for managing operations and safety risk at a fully automatic rail level crossing

There are 23,500 level crossings in Australia. In these risky environments, it is important to understand what human factor issues are present and how road users and pedestrians engage with crossings. On-site observations were performed over a 2-day period at a 3-track active crossing. This was followed by 52 interviews with level crossing users. Over 700 separate violations were recorded, with representations in multiple categories (e.g. going through flashing lights >2s after starting flashing; stopping on crossing). Time stamping revealed that the crossing was active for 59% of the time in some morning periods and trains could take up to 4-min to arrive following first activation. Users experienced frustration due to delays caused by the frequency of trains, which increased likelihood of risk-taking. Analysis of interview data identified themes associated with congestion, safety, and violations. This work offers insight into context specific issues associated with active level crossing protection

A spoofing detection method for civilian L1 GPS and the E1-B Galileo Safety of Life service

This paper describes an effective method for signal-authentication and spoofing detection for civilian GNSS receivers using the GPS L1 C/A and the Galileo E1-B Safety of Life service. The paper discusses various spoofing attack profiles and how the proposed method is able to detect these attacks. This method is relatively low-cost and can be suitable for numerous mass-market applications. This paper is the subject of a pending patent

Towards the adoption of low-cost rail level crossing warning devices in regional areas of Australia: A review of current technologies and reliability issues

This paper discusses major obstacles for the adoption of low cost level crossing warning devices (LCLCWDs) in Australia and reviews those trialed in Australia and internationally. The argument for the use of LCLCWDs is that for a given investment, more passive level crossings can be treated, therefore increasing safety benefits across the rail network. This approach, in theory, reduces risk across the network by utilizing a combination of low-cost and conventional level crossing interventions, similar to what is done in the road environment. This paper concludes that in order to determine if this approach can produce better safety outcomes than the current approach, involving the incremental upgrade of level crossings with conventional interventions, it is necessary to perform rigorous risk assessments and cost-benefit analyses of LCLCWDs. Further research is also needed to determine how best to differentiate less reliable LCCLWDs from conventional warning devices through the use of different warning signs and signals. This paper presents a strategy for progressing research and development of LCLCWDs and details how the Cooperative Research Centre (CRC) for Rail Innovation is fulfilling this strategy through the current and future affordable level crossing projects

Engineering Trusted Location Services and Context-aware Augmentations for Network Authorization Models

Context-aware computing has been a rapidly growing research area, however its uses have been predominantly targeted at pervasive applications for smart spaces such as smart homes and workplaces. This research has investigated the use of location and other context data in access control policy, with the purpose of augmenting existing IP and application-layer security to provide fine-grained access control and effective enforcement of security policy. The use of location and other context data for security purposes requires that the technologies and methods used for acquiring the context data are trusted. This thesis begins with the description of a framework for the analysis of location systems for use in security services and critical infrastructure. This analysis classifies cooperative locations systems by their modes of operation and the common primitives they are composed of. Common location systems are analyzed for inherent security flaws and limitations based on the vulnerability assessment of location system primitives and the taxonomy of known attacks. An efficient scheme for supporting trusted differential GPS corrections is proposed, such that DGPS vulnerabilities that have been identified are mitigated. The proposal augments the existing broadcast messaging protocol with a number of new messages facilitating origin authentication and integrity of broadcast corrections for marine vessels. A proposal for a trusted location system based on GSM is presented, in which a model for tamper resistant location determination using GSM signaling is designed. A protocol for association of a user to a cell phone is proposed and demonstrated in a framework for both Web and Wireless Application Protocol (WAP) applications. After introducing the security issues of existing location systems and a trusted location system proposal, the focus of the thesis changes to the use of location data in authorization and access control processes. This is considered at both the IP-layer and the application-layer. For IP-layer security, a proposal for location proximity-based network packet filtering in IEEE 802.11 Wireless LANs is presented. This proposal details an architecture that extends the Linux netfilter system to support proximity-based packet filtering, using methods of transparent location determination through the application of a pathloss model to raw signal measurements. Our investigation of application-layer security resulted in the establishment of a set of requirements for the use of contextual information in application level authorization. Existing network authentication protocols and access control mechanisms are analyzed for their ability to fulfill these requirements and their suitability in facilitating context-aware authorization. The result is the design and development of a new context-aware authorization architecture, using the proposed modifications to Role-based Access Control (RBAC). One of the distinguishing characteristics of the proposed architecture is its ability to handle authorization with context-transparency, and provide support for real-time granting and revocation of permissions. During the investigation of the context-aware authorization architecture, other security contexts in addition to host location were found to be useful in application level authorization. These included network topology between the host and application server, the security of the host and the host execution environment. Details of the prototype implementation, performance results, and context acquisition services are presented

Low cost railway level crossings

The Cooperative Research Centre (CRC) for Rail Innovation is conducting a tranche of industry-led research projects looking into safer rail level crossings. This paper will provide an overview of the Affordable Level Crossings project, a project that is performing research in both engineering and human factors aspects of low-cost level crossing warning devices (LCLCWDs), and is facilitating a comparative trial of these devices over a period of 12 months in several jurisdictions. Low-cost level crossing warning devices (LCLCWDs) are characterised by the use of alternative technologies for high cost components including train detection and connectivity (e.g. radar, acoustic, magnetic induction train detection systems and wireless connectivity replacing traditional track circuits and wiring). These devices often make use of solar power where mains power is not available, and aim to make substantial savings in lifecycle costs. The project involves trialling low-cost level crossing warning devices in shadow-mode, where devices are installed without the road-user interface at a number of existing level crossing sites that are already equipped with conventional active warning systems. It may be possible that the deployment of lower-cost devices can provide a significantly larger safety benefit over the network than a deployment of expensive conventional devices, as the lower cost would allow more passive level crossing sites to be upgraded with the same capital investment. The project will investigate reliability and safety integrity issues of the low-cost devices, as well as evaluate lifecycle costs and investigate human factors issues related to warning reliability. This paper will focus on the requirements and safety issues of LCLCWDs, and will provide an overview of the Rail CRC projects

Towards Context-Aware Security: An Authorization Architecture for Intranet Environments

We introduce a context-aware authorization architecture that is designed to augment existing network security protocols in an intranet environment. It describes the architecture components, the proposed extensions to RBAC that facilitate context-aware access control policy, details of the prototyped implementation, and a number of performance results

Signal authentication and integrity schemes for next generation global navigation satellite systems

This paper describes a number of techniques for GNSS navigation message authentication. A detailed analysis of the security facilitated by navigation message authentication is given. The analysis takes into consideration the risk of critical applications that rely on GPS including transportation, finance and telecommunication networks. We propose a number of cryptographic authentication schemes for navigation data authentication. These authentication schemes provide authenticity and integrity of the navigation data to the receiver. Through software simulation, the performance of the schemes is quantified. The use of software simulation enables the collection of authentication performance data of different data channels, and the impact of various schemes on the infrastructure and receiver. Navigation message authentication schemes have been simulated at the proposed data rates of Galileo and GPS services, for which the resulting performance data is presented. This paper concludes by making recommendations for optimal implementation of navigation message authentication for Galileo and next generation GPS systems