Unmanned aerial vehicles (UAVs) have found numerous applications and are expected to bring fertile business opportunities in the next decade. Among various enabling technologies for UAVs, wireless communication is essential and has drawn significantly growing attention in recent years. Compared to the conventional terrestrial communications, UAVs’ communications face new challenges due to their high altitude above the ground and great flexibility of movement in the 3-D space. Several critical issues arise, including the line-of-sight (LoS) dominant UAV-ground channels and induced strong aerial-terrestrial network interference, the distinct communication quality-of-service (QoS) requirements for UAV control messages versus payload data, the stringent constraints imposed by the size, weight, and power (SWAP) limitations of UAVs, as well as the exploitation of the new design degree of freedom (DoF) brought by the highly controllable 3-D UAV mobility. In this article, we give a tutorial overview of the recent advances in UAV communications to address the above issues, with an emphasis on how to integrate UAVs into the forthcoming fifth-generation (5G) and future cellular networks. In particular, we partition our discussion into two promising research and application frameworks of UAV communications, namely UAV-assisted wireless communications and cellular-connected UAVs, where UAVs are integrated into the network as new aerial communication platforms and users, respectively. Furthermore, we point out promising directions for future research.

Accessing From the Sky: A Tutorial on UAV Communications for 5G and Beyond

The theory and practice of unmanned aerial vehicle UAV capture and control via Global Positioning System GPS signal spoofing are analyzed and demonstrated. The goal of this work is to explore UAV vulnerability to deceptive GPS signals. Specifically, this paper 1 establishes the necessary conditions for UAV capture via GPS spoofing, and 2 explores the spoofer's range of possible post-capture control over the UAV. A UAV is considered captured when a spoofer gains the ability to eventually specify the UAV's position and velocity estimates. During post-capture control, the spoofer manipulates the true state of the UAV, potentially resulting in the UAV flying far from its flight plan without raising alarms. Both overt and covert spoofing strategies are considered, as distinguished by the spoofer's attempts to evade detection by the target GPS receiver and by the target navigation system's state estimator, which is presumed to have access to non-GPS navigation sensor data. GPS receiver tracking loops are analyzed and tested to assess the spoofer's capability for covert capture of a mobile target. The coupled dynamics of a UAV and spoofer are analyzed and simulated to explore practical post-capture control scenarios. A field test demonstrates capture and rudimentary control of a rotorcraft UAV, which results in unrecoverable navigation errors that cause the UAV to crash.

Unmanned Aircraft Capture and Control Via GPS Spoofing

A transformation is underway in electric power and energy systems (EPESs) to provide clean distributed energy for sustainable global economic growth. Internet of Things (IoT) is at the forefront of this transformation imparting capabilities, such as real-time monitoring, situational awareness and intelligence, control, and cyber security to transform the existing EPES into intelligent cyber-enabled EPES, which is more efficient, secure, reliable, resilient, and sustainable. Additionally, digitizing the electric power ecosystem using IoT improves asset visibility, optimal management of distributed generation, eliminates energy wastage, and create savings. IoT has a significant impact on EPESs and offers several opportunities for growth and development. There are several challenges with the deployment of IoT for EPESs. Viable solutions need to be developed to overcome these challenges to ensure continued growth of IoT for EPESs. The advancements in computational intelligence capabilities can evolve an intelligent IoT system by emulating biological nervous systems with cognitive computation, streaming and distributed analytics including at the edge and device levels. This review paper provides an assessment of the role, impact and challenges of IoT in transforming EPESs.

Review of Internet of Things (IoT) in Electric Power and Energy Systems

Global navigation satellite signals can be spoofed by false signals, but special receivers can provide defenses against such attacks. The development of good spoofing defenses requires an understanding of the possible attack modes of a spoofer and the properties of those modes that can be exploited for defense purposes. Sets of attack methods and defense methods are described in detail. An attack/defense matrix is developed that documents which defense techniques are effective against the various attack techniques. Recommendations are generated to improve the offerings of commercial off-the-shelf receivers from the current situation, a complete lack of spoofing defenses, to a situation in which various levels of defense are present, some that add significant security for relatively little additional cost and others that add more security at costs that start to become appreciable.

GNSS Spoofing and Detection

Monitoring the “physics” of cyber-physical systems to detect attacks is a growing area of research. In its basic form, a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements to identify potentially false control commands or false sensor readings. In this article, we review previous work on physics-based anomaly detection based on a unified taxonomy that allows us to identify limitations and unexplored challenges and to propose new solutions.

/pdf/a-survey-of-physics-based-attack-detection-in-cyber-physical-24a7a65a1a.pdf

A Survey of Physics-Based Attack Detection in Cyber-Physical Systems

Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks

Test results are presented from over-the-air civil GPS spoofing tests from a non-negligible stand-off distance. These tests were performed at White Sands Missile Range (WSMR) against two systems dependent on civil GPS, a civilian unmanned aerial vehicle (UAV) and a GPS time-reference receiver used in “smart grid” measurement devices. The tests against the civil UAV demonstrated that the UAV could be hijacked by a GPS spoofer by altering the UAV’s perceived location. The tests against the time-reference receiver demonstrated the spoofer’s capability of precisely controlling timing from a distance, which means a spoofer could manipulate measurements used for smart grid control without requiring physical access to the measurement devices. Implications of spoofing attacks against each of these systems are also given. Recommendations are presented for regulations regarding GPS receivers used in critical infrastructure applications. These recommendations include creating a certification process by which receivers are declared spoof-resistant if they are able to detect or mitigate spoofing attacks in a set of canned scenarios. The recommendations also call for a mandate that only spoof-resistant receivers be used in applications classified by the Department of Homeland Security (DHS) as national critical infrastructure.

Evaluation of Smart Grid and Civilian UAV Vulnerability to GPS Spoofing Attacks

Cross-correlation of unknown encrypted signals between two Global Navigation Satellite System (GNSS) receivers is used for spoofing detection of publicly-known signals. This detection technique is one of the strongest known defenses against sophisticated spoofing attacks if the defended receiver has only one antenna. The attack strategy of concern overlays false GNSS radio-navigation signals on top of the true signals. The false signals increase in power, lift the receiver tracking loops off of the true signals, and drag the loops and the navigation solution to erroneous but consistent results. Hypothesis testing theory is used to develop a codeless cross-correlation detection method for use in inexpensive, narrowband civilian GNSS receivers. The detection method is instantiated by using the encrypted military Global Positioning System (GPS) P(Y) code on the L1 frequency in order to defend the publicly-known civilian GPS C/A code. Successful detection of spoofing attacks is demonstrated by off-line processing of recorded RF data from narrowband 2.5 MHz RF front-ends, which attenuate the wideband P(Y) code by 5.5 dB. The new technique can detect attacks using correlation intervals of 1.2 s or less.

/pdf/gps-spoofing-detection-via-dual-receiver-correlation-of-22av0bf8y9.pdf

GPS Spoofing Detection via Dual-Receiver Correlation of Military Signals

A receiver-autonomous non-cryptographic civil GPS antispoofing technique called the vestigial signal defense (VSD) is defined and evaluated. This technique monitors distortions in the complex correlation domain to detect spoofing attacks. Multipath and spoofing interference models are developed to illustrate the challenge of distinguishing the two phenomena in the VSD. A campaign to collect spoofing and multipath data is described, which specific candidate VSD techniques can be tested against. Test results indicate that the presence of multipath complicated the setting of an appropriate spoofing detection threshold.

/pdf/an-evaluation-of-the-vestigial-signal-defense-for-civil-gps-4kz4lt977p.pdf

Daniel P. Shepard

Papers

Unmanned Aircraft Capture and Control Via GPS Spoofing

Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks

Evaluation of Smart Grid and Civilian UAV Vulnerability to GPS Spoofing Attacks

GPS Spoofing Detection via Dual-Receiver Correlation of Military Signals

An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing