14 DAY TRIAL // Researchers from ETH Zurich, in Switzerland, and UCI, Irvine, in the United States released a paper in which they reveal the results of their experiments done with the purpose of simulating a Global Positioning System (GPS) attack, similar to the one allegedly used by Iran to capture the RQ-170 warplane.
The paper called “On the requirements for successful GPS spoofing attacks,” shows the details of some tests performed by the scientists and the results demonstrate that even though it’s perfectly plausible to pull off such a mission, in practice it’s far more difficult than first believed.
“According to our experiments, the attacker must ensure that his time offset to the system time is less than 75ns. Any greater offset will cause the GPS receiver to lose lock when the spoofing signal is turned on,” reads the study.
“A value of 75ns roughly corresponds to a distance of 22.5m, meaning that the attacker must know his distance from the victim with an accuracy of 22.5m (or better)— a higher offset will cause the victim to lose lock due to the signal (chip phase) misalignment.”
Basically, the attacker would have to know precisely, at any given moment, the position of the victim aircraft, which is not as easy to obtain.
The experts also propose some easy-to-apply countermeasures for which no modifications are necessary to the GPS signal, the satellite infrastructure or the GPS receiver.
For instance, if the attacker possesses a single antenna which he uses in the hit, then installing two GPS receivers on the aircraft is more than enough to prevent an attack.
If the Swiss experts are correct, it can mean two things: the Iranians were really smart and possessed all the necessary knowledge and technology to pull off something like this, or, in reality, they used another unsophisticated method, like shooting the drone down.