Broadcast Data Authentication Concepts For Future Sbas Services

The Satellite Based Augmentation Systems (SBAS) are primarily designed to provide Safety of Life (SoL) services as defined in ICAO SARPs [1] (Standards And Recommended Practices). SBAS systems exploits satellite transmission from the geostationary orbit and they broadcast corrections and integrity data for GNSS constellations such as GPS. The SBAS data allows prompt reaction to GNSS malfunction and improve the overall navigation accuracy thus allowing aeronautic receivers to compute a protection level, bounding the residual position error with the required level of confidence.SBAS signals are broadcast from the GEO orbit and designed to be received on ground surface with a strength comparable to those of GNSS signals. This guarantees the compatibility at receiver level, however the very low power (e.g. around -158 dBW) makes signals weak against interference: replication, potential malicious alteration or forging can be easily achieved. In particular, the broadcast of non-authentic SBAS data messages can have a detrimental impact on receiver operations, because the navigation solution could be affected even if the received GNSS signal is not spoofed.The European Commission is exploring the possibility of improving the resilience of the SBAS service against cybersecurity threats through the authentication of SBAS messages broadcast by the GEO satellites. This would enable receivers to verify that the received SBAS messages are authentic and not altered. With this objective, the EC is financing the SPARC (Simulation Platform for Authentication Reliable Concept) project to identify viable solutions for the authentication of SBAS data.This paper presents four authentication solutions viable to protect the SBAS data service, developed in the SPARC project. The solutions consider the DFMC SBAS service still under definition, and protect the SBAS L5 data. One of them is designed to broadcast messages within the standard data stream, with a clear impact on the available bandwidth and the overall performance. The others exploit a quadrature channel, not currently available, providing higher bandwidth at a cost of a higher power to be transmitted by the SBAS payload.In this paper, the performance indicators of the solutions are presented considering the nominal AWGN conditions compared with a reference case, which is the standards service without authentication. This approach has been specifically chosen in order to measure the impact on the SBAS service itself. Additionally, a performance assessment under spoofing attack have been done and the detection and false-alarm rejection capabilities are reported.