Project Members: Jahshan Bhatti and Todd Humphreys


Summary: Techniques are developed to estimate the time difference of arrival (TDOA) for multiple GNSS interference signals transmitted from moving platforms. The goal of this work is to enable rapid and accurate location of radio interference sources in the GNSS bands. The techniques presented can be implemented at a central fusion station with access to digitized data from a distributed sensor network. Although there exist standard techniques for estimating TDOA, this paper will focus on the special challenges presented by the need to locate multiple dynamic radio interference sources transmitting in frequency bands allocated to satellite-based navigation and timing systems. 

Despite its marvelous success over the last three decades, GPS has an Achilles heel: its weak signals are an easy target for jamming. A single well-placed handheld 1-Watt jammer built with off-the-shelf parts or purchased from an online supplier could deny GPS use across the entire Manhattan borough of New York City. Worse yet, an attacker could both disrupt GPS and evade location by deploying multiple low-power jammers on mobile platforms, perhaps jamming only intermittently. He could, for example, surreptitiously attach jammers to a dozen New York City taxicabs, thereby sowing navigation confusion and disrupting GPS-based time synchronization across the city. This is an easy, inexpensive, and effective attack against which civil GPS users currently have no adequate defense. Other GNSS systems are similarly vulnerable. 

The deepening dependence of the civil infrastructure on GNSS -- especially for timing synchronization -- and the potential for financial gain or high-profile mischief makes civil GNSS jamming a gathering threat. A system for detecting and quickly locating intentional or unintentional man-made radio frequency (RF) interference in the GNSS bands is essential to counteract such attacks when they happen and to deter them beforehand. 

The most accurate technique for interference location is based on principles of long-baseline radio interferometry [1,2]. The waveform transmitted by the interference source is digitized at several separate monitoring stations and data from the stations are brought together for cross-correlation. In the current work, both traditional time-domain cross-correlation techniques and more accurate super-resolution cross-spectral techniques will be employed between pairs of stations to locate the source along a hyperbola of revolution. Multiple such measurements between different pairs of stations reveal the source´s location. 

To aid in this work, a software platform will be created to simulate the digitized samples received at any number of monitor stations for any number of interfering sources, each of which may be moving. The simulator will include other significant effects that make practical TDOA estimation challenging in this scenario: (1) Time and frequency biases and frequency instability in the clocks at each monitor station; (2) ambient in-band GNSS signals, (3) spreading losses, and (4) the coarse quantization and minimal sampling rates required to respect practical data throughput limitations. In addition, the simulator will consider a range of waveforms from wideband white noise to continuous wave for the hypothetical interference sources. 

Ambient in-band GNSS signals are both an asset and a challenge for TDOA estimation of GNSS interference signals. If the interference signal power is not too high, then the ambient GNSS signals can be tracked in the data sets from separate base stations to enable exact data alignment and extended coherent cross-correlation. In effect, the ambient GNSS signals define a virtual atomic frequency reference at each monitor station. On the other hand, in this same power regime the GNSS signals will produce strong cross-correlation peaks that will confuse the TDOA estimation algorithms and degrade their accuracy. Some researchers have addressed this problem by removing GNSS signals with a notch filter [3], but this prevents detection of GNSS-like jamming signals. A better approach will be to track and then carefully remove each GNSS signal -- the same technique used in [4] to isolate the Galileo signals from GPS signals in the Galileo spreading-code cracking effort. 

[1] K. G. Gromov, GIDL: Generalized Interference Detection and Localization System. PhD thesis, Stanford University, March 2002. 

[2] A. Thompson, J. Moran, and G. Swenson, Interferometry and Synthesis in Radio Astronomy. Wiley, 1986. 

[3] J. Lindstrom, D. M. Akos, O. Isoz, and M. Junered, "GNSS interference detection and localization using a network of low-cost front-end modules," in Proceedings of the ION GNSS Conference, Institute of Navigation, 2007. 

[4] M.L. Psiaki, T.E. Humphreys, S. Mohiuddin, S.P. Powell, A.P. Cerruti, and P.M. Kintner, Jr., "Searching for Galileo," Proceedings of the ION GNSS 2006, Sept. 26-29, 2006, Fort Worth, TX, pp. 1567-1575.