Addressing Vulnerabilities in Positioning, Navigation and Timing (PNT) Services

The need for precision in networks, particularly those that support critical infrastructure, has never been more acute. Positioning, Navigation, and Timing (PNT) services have become indispensable, enabling precise synchronization and coordination across various sectors such as telecommunication, transportation, energy and finance. At its core, PNT relies on signals from global navigation satellite systems (GNSS) like GPS, Galileo, and GLONASS to provide accurate location and timing information. These signals are essential for a wide range of applications, from guiding aircraft and ships to synchronizing financial transactions and power grid operations. However, the widespread dependence on GNSS signals also exposes critical infrastructure to vulnerabilities and risks, making it susceptible to disruptions caused by signal jamming, “spoofing” and other forms of interference.These vulnerabilities stem from their reliance on radio frequency transmissions, which can be easily disrupted or manipulated by malicious actors. For example, GPS jamming involves the transmission of interference signals that overpower legitimate GNSS signals, causing receivers to lose lock and fail to provide accurate positioning and timing information. Similarly, GPS spoofing involves the transmission of false signals that mimic legitimate GNSS signals, leading receivers to calculate incorrect positions or timestamps. These vulnerabilities pose significant risks to critical infrastructure, as they can disrupt essential services, compromise safety and even facilitate cyberattacks targeting sensitive systems. As such, enhancing the resilience of PNT services has become a top priority for governments, industry stakeholders and cybersecurity experts alike, necessitating the development of robust solutions capable of mitigating these risks and ensuring the integrity of critical infrastructure operations.Why Addressing PNT Vulnerabilities is Now CriticalRecent incidents have underscored some of the vulnerabilities inherent in PNT services, particularly in critical sectors like aviation. In May 2024, Reuters reported on a sharp increase in GPS jamming and spoofing in regions close to conflict zones such as Ukraine. There are wide reports of incidents increasing around the Baltic States as the technology is used to divert enemy drones. This is a problem for modern airliners which, while equipped with an array of sensors to monitor their position, still rely to a large degree on GPS. If spoofing or jamming occurs, GPS may need to be switched off altogether and will, in most cases, need to remain off for the duration of the flight. This can lead to significant delays in take-offs and landings. Lauri Soini, a Finnair pilot and Finnish Pilots Association Safety and Security Committee Chair, said, GPS jamming “now occurs in an area extending from Poland across the Baltic States to the Swedish and Finnish coasts, affecting low altitude and maritime traffic.”The National Business Aviation Association (NBAA) has also reported an uptick in incidents of GPS disruption. Pilots are reporting navigation errors, flight deviations and compromised safety during critical phases of flight, all due to spoofing and jamming. The implications also extend beyond individual flights to broader airspace management and traffic control systems, where accurate and reliable PNT services are indispensable for ensuring the safe and efficient flow of air traffic.Aviation is not the only sector where GPS jamming and spoofing is a concern. Maritime vessels rely heavily on GPS and other PNT systems for navigation, route planning and collision avoidance. GPS-based timing and synchronization are also integral to the operation of transportation networks, including railways, highways and public transit systems. The internet and telecommunications networks, including cellular networks and satellite communications systems also rely on precise timing and synchronization for seamless connectivity and data transmission. The technology also underpins the synchronization of power grids, smart meters and other critical components in the energy sector.Put simply, the risks inherent to PNT vulnerabilities are profound and far-reaching.Government Mandates and Emerging Industry StandardsUnderstanding the criticality of PNT resilience, governments are now taking action and introducing several mandates and frameworks to ensure higher standards of reliability and security. Notably, the US government’s Executive Order 13905 emphasizes the need for the responsible use of PNT services to strengthen national resilience:“The national and economic security of the United States depends on the reliable and efficient functioning of critical infrastructure. Since the United States made the Global Positioning System available worldwide, positioning, navigation, and timing (PNT) services provided by space-based systems have become a largely invisible utility for technology and infrastructure, including the electrical power grid, communications infrastructure and mobile devices, all modes of transportation, precision agriculture, weather forecasting, and emergency response. Because of the widespread adoption of PNT services, the disruption or manipulation of these services has the potential to adversely affect the national and economic security of the United States. To strengthen national resilience, the Federal Government must foster the responsible use of PNT services by critical infrastructure owners and operators.”This order outlines specific actions for enhancing the security and resilience of critical infrastructure by mitigating risks associated with the disruption or manipulation of PNT services.Supporting these mandates, several frameworks and standards have been established to guide organizations in enhancing their PNT systems. The NIST 8323.1 Cybersecurity Framework for PNT Profile, developed by the National Institute of Standards and Technology, offers a comprehensive approach to assessing and mitigating cybersecurity risks specific to PNT services. It outlines a set of cybersecurity activities, desired outcomes and informative references tailored to the unique characteristics and requirements of PNT operations.Similarly, the IEEE Resilient PNT P1952 Standard focuses on establishing resilience requirements for PNT systems. Developed by the Institute of Electrical and Electronics Engineers, this standard defines a framework for assessing the resilience of PNT services against a range of threats and hazards. It addresses key aspects such as system architecture, redundancy and interoperability, ensuring that PNT solutions can continue to operate effectively in challenging environments.In addition to these guidance frameworks, the DHS Resilient PNT Conformance Framework and CISA Federal PNT Services Acquisition Guidance play pivotal roles in promoting the resilience and security of PNT services. The DHS framework offers a structured approach to evaluating and certifying the resilience of PNT solutions, providing organizations with clear criteria for assessing their capabilities and identifying areas for improvement. The CISA guidance outlines best practices and procurement strategies for acquiring reliable and secure PNT services, guiding federal agencies in selecting vendors and solutions that meet their specific needs and security requirements. Together, these frameworks and guidance documents form a comprehensive toolkit for enhancing the resilience and security of PNT services, safeguarding critical infrastructure and national security interests.VIAVI Portfolio of Solutions for Assured PNTVIAVI’s SecurePNT™ with SecureTimeSM Services represents a major advancement in safeguarding critical infrastructure against the vulnerabilities inherent in traditional GPS and GNSS systems. By integrating Fugro AtomiChron® atomic clock technology, VIAVI provides a highly accurate and stable timing reference for PNT synchronization, ensuring resilience against external threats such as signal jamming, spoofing and interference. This solution offers a comprehensive approach to enhancing the integrity and reliability of PNT services, addressing the evolving security challenges faced by telecommunications, transportation, energy, public safety and defense sectors.Included in the portfolio is the CLAW GPS Simulator, which provides a synthetic GPS signal during the staging phase of network deployments. In this phase, RAN and Core equipment may be placed indoors for testing without access to an external GPS antenna. The CLAW GPS Simulator offers a temporary solution, ensuring that the RAN operates seamlessly and allows for uninterrupted testing and validation of PNT services.It also includes the PNT-6200 Series, which comprises a range of time and frequency reference solutions designed to enhance the resilience and reliability of PNT services in telecommunications networks. This offers precise timing synchronization, frequency stability and signal distribution capabilities, ensuring that critical network infrastructure remains synchronized even in challenging environments. By leveraging the PNT-6200, operators can deploy resilient PNT infrastructure that meets the stringent requirements of modern networks, supporting the seamless operation of critical services and applications.Recent events, such as geopolitical conflicts, along with the modernization of network infrastructure and the precision it requires, have made PNT resilience an agenda-topping issue. VIAVI SecurePNT™, now enhanced with Fugro AtomiChron® SecureTimeSM technology, offers a way to meet this challenge head-on, allowing networks to be deployed with uninterrupted connectivity while safeguarding critical infrastructure against emerging threats. For more information, click here.