Protecting Critical Infrastructure - Ports
Introduction
The world relies on infrastructure essential for maintaining health, safety, security and economic welfare. Critical infrastructure comprises the assets that deliver the necessary services. Any disruption to these services would impact the economy, security, and health of societies.
Transportation is a critical sector and, like all other critical infrastructures, it is vulnerable to cyber attacks. Part of that sector are the ports that handle tons of cargo, crucial to the economy. Any disruptions in port operations cause severe delays and losses running into millions of Dollars.
The cranes used in modern ports have sophisticated positioning systems based on GNSS to provide accurate and speedy automation of loading and offloading of cargo.
When GNSS is jammed, the cranes stop working and are unable to load or unload the cargo, resulting in serious delays and significant costs. These extend to ships that are queuing and ultimately the end-user of the goods is affected and the port authority looses significant amounts of money. Jamming can come from trucks in the area, unfriendly ships, friendly or unfriendly people in the area, unintentional interference and others.
Detecting and Characterising Jamming Interference
A port authority contacted Focus Telecom as they were experiencing problems with the crane systems, suspected of being caused by GNSS jamming attacks.
In order to ascertain the extent of the problem, Focus Telecom deployed several GPSensors at strategically selected sites. Site selection is particularly important and requires learning about the application and layout of the port before deployment.
The GPSensors were installed at different locations such as: top of a crane, building rooftops and pole mounted. All units were connected to our infiniCloud via a mobile network connection (4G) to provide 24/7 monitoring of jamming activity and GNSS quality.
The GPSensor uses our OtoSphere™ to detect jamming activity and has the additional benefit of reporting the GNSS signal performance. Our InfiniCloud management system takes the collected data and gives a geographical view that allows the user to determine the extent of the problem, time & location of the attacks as well as reporting of some GNSS metrics.
Data from the GPSensors is sent to infiniCloud every 15 seconds. When there is an event, infiniCloud alerts the user. The user can then analyse each event and take the necessary action.
When analysing the data, we noticed GNSS jamming events took place. Examining the data more deeply enabled us to identify local GNSS jamming events, determine the area of jamming (heat map), perceive direction of a moving jamming source and detect major jamming events that affected the whole area - highly detrimental to the authority’s operational continuity.
Conclusion
Several jamming events led to operations coming to a stand-still for some time. Inactive cranes equal lost money and time.
Thanks to our deployment strategy, we were able to learn about the variety of jamming interference. Coupled with infiniCloud’s push notifications in real-time sent to the control centre, this trial not only showed the user the value of monitoring such a critical site, but also provided important information for the design of a protection solution for crucial GNSS based applications.