At NAVITEC 2018 Fraunhofer IIS presented some test results obtained during a test campaign carried on in Vietnam in 2017 in collaboration with the former BELS project. You can see Mr. Alexander Rügamer presenting yesterday, December the 6th, at ESA-ESTEC in the Netherlands.
Title: Server based Galileo PRS Processing to Ensure Secure Position and Time Information
Authors: Mr. Alexander Rügamer, Mr. Daniel Rubino , Mr. Xabier Zubizarreta , Mr. Daniel Meister , Dr. Fabio Garzia, Dr. Felber Wolfgang (Fraunhofer IIS, Nuremberg, Germany)Abstract: Galileo Public Regulated Service (PRS) is a special, cryptographically protected satellite navigation service intended for governmental authorized users. The access to PRS is regulated by decision No 1104/2011/EU of the European Parliament and of the Council and controlled by each member state. Thanks to the cryptographically protected Galileo PRS, the manipulation of a PRS obtained time and position is hardly possible. This enables the realization of many demanding or security critical applications that could not be operated using conventional GPS or Galileo open services (OS). However, in general, PRS receivers will never be as inexpensive as mass market OS receivers: PRS receivers require a security module (SM) that implements the cryptographic functionalities as well as key management. Especially keying and accountability of the PRS receivers make the user handling more complex. Lastly, PRS receivers are per definiti on not mass market products since they are only available for selected, governmental authorized users. An alternative to these conventional PRS receivers with integrated SM are server based or remote processing PRS receivers: The general idea is to “outsource” the PRS signal processing to a secure server environment, in compliance with the existing regulatory framework. The user terminal itself samples only raw data from the signal in space (SIS) and forwards it to the server, where the PRS information inc luded in the raw samples is processed. Since only a few milliseconds per measurement are used for a PRS PVT calculation, these measurements are also referred to as “snapshots”. Consequently, the PRS is only used in a “passive”, non real time way. Under the jurisdiction of the responsible competent PRS authority (CPA), the service provider running the PRS server decides if and which information is returned to the governmental authorized user. This leads to certain advantages over conventional Galileo PRS receivers within integrated SM: Firstly, end users do not have to care about any PRS security requirement since their user receiver or terminal does not include any PRS assets. Only the service provider is concerned with them. Secondly, the Galileo PRS security cannot be breached by the usersince the user terminal does not contain any PRS relevant methods or information. Lastly, as the end user device is a plain data grabber without SM, low size, weight, power, and costs (SWaPC) devices in selected “mass” markets can be realized.This paper describes the architecture and proof of concept implementation with real world experiments of a PRS server and its user terminal. Three measurement campaigns are outlined in which the Galileo OS information serves as the reference time to enable a PRS snapshot PVT. The user terminal consists of a PRS capable antenna and an in house developed data recorder. This so called “Flexiband” simultaneously samples the Galileo E1 and E6 signal bands with over 40 MHz of bandwidth and incorporates a commercial uBlox receiver module for an instantaneous reference. The uBloxUBX protocol data output is embedded in the recorded raw E1/E6 data stream in a way that the uBlox GNSS synchronized pulse per second (PPS) signal can be used as a time reference within the stream. The PRS server is installed in a secure laboratory at Fraunhofer IIS, Germany. It consists of a modified PRS receiver, keyed with operational PRS keys, receiving and processing the PRS GNAV messages in parallel tothe recording campaigns. For example, it provides the PRS secured ephemeris data for the PRS PVT computation. The second element of the PRS server is a so called “Security Module (SM) Token” connected via a PCIe adapter to the server. This SM Token implements the PRS NAVSEC and is used to provide PRSPseudo Random Noise (PRN) codes for a specific satellite and time. Using the OS time information of the recordings, the PRS server requests the PRS PRN codes from the SM Token and the secure GNAV ephemerides from the modified PRS receiver. Then, a snapshot PRS PVT is generated from the raw samples: Depending on the configuration of the data recorder, a dual band E1/E6 full BOC, a single band full BOC or a single side band only acquisition is carried out with certain refinement steps to derive precise pseudorange information. Thanks to the non repeating PRS PRN codes with absolute time reference, the time of transmission is directly known with unambiguous code phase, in contrast to OS snapshot positioning where one has to resolve them first. Consequently, at least four satellites are required for a 3D PRS PVT snapshot fix, instead of five for an OS snapshot 3D PVT. The PRS PVT can then be compared to a reference OS PVT, e.g. to detect potential spoofing or to PRS approve the OS PVT. The first measurements were taken from a static roof antenna on the building of Fraunhofer IIS, Germany. With a very high sampling rate (81 MHz), the full accuracy potential of snapshot based PRS PVT is demonstrated. The second measurements are Galileo OS/PRS SIS snapshots from a car measurement drivein a dynamic scenario. With the emulation of different front end bandwidth/sampling rates/resolutions, the dependency of the accuracy and availability on the front end parameters can be demonstrated. Finally, SIS data recorded in a measurement campaign in Hanoi, Vietnam, is used for PRS positioning, demonstrating the huge potential of server based PRS processing, enabling a secure PRS PVT from areas where PRS receivers would usually not be placed. The paper concludes with the outline of possible applications for server based Galileo PRS snapshot positioning, e.g. for privacy protected localization and authentication of position and time of measurements, both using Galileo PRS and the next steps towards an autonomous PRS snapshot PVT service. The results show the real world proof of concept of both the PRS sampling and processing method as well as the PRS server environment setup at Fraunhofer IIS.Acknowledgment:Parts of this work has been carried out within the DIRACU project, funding code 50NP1601, sponsored by the national program for PRS of the Federal Ministry of Transport and Digital Infrastructure (BMVi). The test and measurement campaign at the NAVIS centre in Hanoi, Vietnam, has been cofunded by the H2020 BELS project.