Growing awareness of the vulnerabilities of GNSS signals — weak, unencrypted and easily jammed or spoofed — have made GNSS less important to steering the driverless vehicle. What’s up with that?
So, will GNSS become unnecessary in the car of the future? Probably not.
First, no one method of navigation is foolproof, and today, GNSS is our primary method of navigating our cars. It is a cost-effective, accurate way of determining position in real time, and with the integration of inertial navigation sensors to handle cases when GNSS is intermittently unavailable, it is improving.
Second, it is not just the car itself that needs to know its location for navigation, but also others outside the car. Ride-sharing apps like Uber and Lyft, car-sharing, usage-based insurance apps, dynamic toll charging, and parking apps all depend on knowing where the car is at all times. GNSS offers sufficient accuracy for all these apps by providing location coordinates. Therefore, a GNSS receiver will most likely remain in the car.
Recall, however, that one of the weaknesses of GNSS is its open, unencrypted format. It is becoming increasingly easier to spoof these signals. Car-sharing, usage-based insurance and dynamic toll charging apps all create a monetary incentive for fraud that can be implemented with a spoofer. For example, a car in a car-sharing network can report a fake position indicating that it is safely parked in a secure area — while in reality, a thief is busy driving it away.
Let’s assume that all wireless connections to and from the car are secure. This is a reasonable assumption, although recently there have been demonstrations of carjacking via unsecure remote links. Standard SSL encryption, similar to what is used to enter credit card information on the internet, works well here. We have both the awareness and the technology now to prevent such carjackings from ever reoccurring.
However, even if communication links are secure, a GNSS spoofer in the car can fool the GNSS receiver into reporting a fake “safe” position right as it is being stolen. The same is true for insurance or toll apps. And the fraud does not have to be sophisticated. A simple, low-cost jammer can deny proper position just long enough to skirt payment. A secure location method is needed.
What would an ideal signal for localizing a driverless car look like?
Though accuracy is always important, the signal used for localization does not have to be as accurate as GNSS is today. Accuracy to 10s of meters is sufficient for all these applications needing fraud protection since it would not be used for steering the car, but rather, only localization. It can also be used in tandem with GNSS to authenticate a reported position when a GNSS signal is available.
Such a signal is available today, worldwide: STL (Satellite Time and Location). Carried on the Iridium satellites, it is a special purpose signal that is more than 30 dB stronger than GNSS and encrypted for anti-spoof protection. Decoding of this signal is available via a subscription model to users.
Here’s how it would work using a car-sharing example. A group of people subscribe to a car-sharing service that provides X number of cars to serve Y number of people, where X is less than Y. The service optimally schedules people when and where a car will be available. The service provider needs to know the whereabouts of the cars at all times to maximize utilization of the fleet, so every car has a GNSS receiver in it.
But to ensure the authenticity of these reports, they also have a secure localization receiver. This receiver is assigned a unique ID that is authorized to decode the encrypted signal. (Eventually, we expect this receiver and GNSS to converge into one device much the way multi-GNSS receivers operate today).