In what is being described as a “world first” the Public Regulated Service (PRS) of the new European satellite network Galileo has been delivered via the “cloud”, paving the way for its automated use by emergency and security services and critical national infrastructure (CNI) as the secure position and timing service of choice across Europe.
The ability to access the PRS via the cloud overcomes a major problem for some potential PRS users due to the security protocols that are required when managing the cryptographic keys needed to access the signals.
A Global Navigation Satellite System (GNSS), Galileo is able to work out an individual’s location and time anywhere on the planet. This type of system is able to offer a range services, some of which are open-access while others are secure for users who need additional assurance.
PRS is Galileo’s secure signal, available to government authorized users. Usually those integral to a country’s operation that require location, navigation or timing information to operate. PRS signals are encrypted and decrypted by cryptographic keys which have been stored on the PRS receiver and managed by the PRS user. However, this new system developed by NSL and QinetiQ places these keys in a secure server located in the “cloud”, accessed via the internet, that means that PRS is now available as a service for secure, authenticated position and timing information.
On the 18th May 2016, Ordnance Survey in Southampton successfully demonstrated three different “user scenarios”: an Unmanned Aerial Vehicle (UAV), a surveyor with a GNSS receiver attached to a mobile phone and a static reference receiver. In each scenario, a receiver captured signals from both Galileo open access and PRS signals, and also open GPS signals. The three different users were located around the Ordnance Survey site, simulating routine tasks. The signals captured by their receivers were sent, via cellular 3G links, into the “cloud” to be processed. Position and time was calculated from the open-access signals by servers at the NSL site in Nottingham. The secure PRS signals were decrypted and authenticated by a QinetiQ site in Malvern that was hosting the cryptographic keys. This confirmed the position and timing reported by the open-access signals.
The UAV’s pre-programmed flight path was tracked in near real-time, allowing the operator on the ground to monitor it’s progress. The surveyor was able to navigate using his mobile phone. The static receiver had the timestamps and location verified. In each case, the addition of PRS authentication gave the user a high degree of confidence in the truth of the position and time. This is the first live demonstration of cloud based access to Galileo PRS over the internet. The authenticated position and time was possible despite only a limited Galileo constellation at the present time.
Commenting Nigel Davies, Head of Secured Navigation, QinetiQ, said: “As the number of Galileo satellites continues to grow – 9 are operational, out of a total of 30 planned satellites – the services that can use it will expand dramatically until full operational capability is reached in 2020. The security environment is complex, in particular around the use, storage and distribution of the keys required to access the service. By supplying PRS as a cloud service, QinetiQ and NSL have opened PRS use to a potentially much wider range of users and applications whilst protecting the security of PRS service.”
Neil Ackroyd, Chief Operating Officer, Ordnance Survey, concludes: “Ordnance Survey believes that PRS could enable new opportunities to meet government needs and provide efficiencies. This technology has an interesting future. We were excited to be the first user demonstrator of PRS. OS operates critical GNSS positioning infrastructure in the form of OS Net which is used across government, industry and academia. As the GNSS constellations grow, OS will develop OS Net to support them.“
QinetiQ, NSL and the Ordnance Survey will continue developing this service, with further trials planned for the next 12 months that will bring end users into the project.