> root@spoof-rig:~# gps-sdr-sim -e brdc.nav -l 51.XXXX,-1.XXXX,50 -o spoof.bin && echo 'synthetic constellation ready'<span class="cursor-blink">_</span>_
This is our third article on drone security, and it addresses the most fundamental vulnerability in autonomous UAV operations — the one that cannot be patched with a firmware update or mitigated with a stronger Wi-Fi password. It targets the navigation system itself.
An autonomous drone follows a pre-programmed flight path. It knows where it is because it receives signals from GPS satellites. It compares its GPS position against its programmed waypoints and adjusts its heading, speed, and altitude to follow the route. The entire autonomy model depends on a single assumption: that the GPS signals the drone receives are genuine.
Civilian GPS signals are unencrypted and unauthenticated. Any device that transmits a signal matching the GPS specification, at sufficient power, on the correct frequency, will be accepted by a civilian GPS receiver as a legitimate satellite. The receiver has no mechanism to distinguish between a real signal from a satellite at twenty thousand kilometres and a synthetic signal from equipment on the ground at fifty metres.
This is GPS spoofing — the transmission of counterfeit satellite navigation signals to deceive a receiver into calculating an incorrect position. On this engagement, we demonstrated that an autonomous security patrol drone could be subtly redirected from its programmed patrol route by manipulating the GPS signals it received — without accessing the aircraft's network, without touching its controller, and without triggering any alarm in its flight management system.
GPS spoofing involves the transmission of radio signals on protected frequencies. In the United Kingdom, transmission on GNSS frequencies without authorisation is an offence under the Wireless Telegraphy Act 2006, and interference with satellite navigation services may constitute an offence under the Space Industry Act 2018. This assessment was conducted within a shielded, underground environment in a controlled area. This was under a specific exemption obtained by the client through the appropriate regulatory channels, within a shielded test environment that prevented any signal leakage beyond the test area, and with no possibility of affecting real GNSS services, other aircraft, or any navigation system outside the controlled environment. (It was 250 ft beneath the surface after all.) The methodology described in this article should not be replicated without equivalent regulatory authorisation and signal containment measures.
We state this explicitly because GPS spoofing is not a standard penetration testing technique. It involves regulated radio transmission, potential interference with safety-of-life services, and aviation safety implications. The assessment was conducted at the client's request, with extensive planning, regulatory engagement, and physical containment measures that are not typical of a standard security assessment.
The client was a logistics company operating a large distribution centre that handled high-value goods — electronics, pharmaceuticals, and luxury items. The site had experienced repeated incidents of perimeter intrusion and cargo theft. As part of a security upgrade programme, they had deployed an autonomous drone patrol system — a commercial drone-in-a-box solution that launched, flew a pre-programmed perimeter patrol route, streamed live video to the security control room, and returned to its docking station to recharge, all without human intervention.
The system flew scheduled patrols every two hours during darkness, covering a three-kilometre perimeter fence route. The drone carried a thermal camera for intruder detection and a spotlight for deterrence. It had become the centrepiece of the site's out-of-hours security posture — reducing reliance on manned patrols and providing consistent, repeatable coverage.
The client wanted to understand the resilience of the patrol system against deliberate interference. They had considered signal jamming — which would cause the drone to execute a failsafe return-to-home — but had not considered spoofing, which is more subtle and more dangerous because the drone continues to fly normally, believing it is on its correct route.
We were engaged to assess whether the patrol drone's navigation could be manipulated through GPS spoofing, and what the consequences would be for the site's security posture.
Before describing the attack, it is necessary to understand why civilian GPS is vulnerable. The Global Positioning System was designed in the 1970s by the United States Department of Defence. It provides two services: a military signal (P(Y) code) that is encrypted and authenticated, available only to authorised military receivers; and a civilian signal (C/A code) that is open, unencrypted, and available to all receivers.
Every civilian GPS receiver — in every smartphone, every car, every drone, every survey instrument — uses the C/A code. The signal structure is publicly documented. The satellite ephemeris data (orbital parameters) is publicly broadcast. The modulation scheme, the frequency (L1: 1575.42 MHz), and the pseudo-random noise codes for each satellite are all public knowledge.
This openness is by design — GPS was intended to be universally accessible. But universal accessibility means universal imitability. A software-defined radio (SDR) costing a few hundred pounds, combined with open-source GPS signal simulation software, can generate synthetic GPS signals that are structurally indistinguishable from genuine satellite signals.
| Property | Military GPS (P(Y)) | Civilian GPS (C/A) |
|---|---|---|
| Encryption | Yes — encrypted with classified keys | No — signal structure is public |
| Authentication | Yes — receiver verifies signal origin | No — receiver accepts any conforming signal |
| Spoofing resistance | High — cannot generate valid signals without keys | None — valid signals can be generated with commodity hardware |
| Availability | Military and authorised government only | All civilian receivers including all commercial drones |
The drone patrol system used a civilian GPS receiver. It had no access to military GPS. It had no alternative navigation source that could independently verify its GPS-derived position. It trusted the signal. The signal could be forged.
GPS spoofing against a moving target — an airborne drone — is more complex than spoofing a stationary receiver. The attack must be gradual. If the spoofed position suddenly jumps — for example, if the receiver instantaneously reports a location one hundred metres from its real position — the flight controller's internal consistency checks may detect the discontinuity and reject the position fix or trigger a failsafe.
The technique is gradual displacement: the attacker first transmits signals that match the drone's true position (synchronisation), then slowly introduces a positional offset — a few metres per second — that shifts the drone's perceived position relative to its actual position. The drone's flight controller responds by adjusting its heading to track its programmed waypoints relative to its perceived position, which causes it to physically deviate from its intended route.
The critical subtlety is in Phase 4. The drone reports its position based on its GPS receiver. Its GPS receiver reports the spoofed position — the position the attacker wants it to believe it occupies. The drone's telemetry, transmitted to the security control room, shows a normal patrol along the correct route. The drone's physical position — its actual location in the sky — is different. The security team sees a drone flying its normal patrol. They have no indication that the drone is actually flying a different route, leaving a section of the perimeter unmonitored.
The demonstration was conducted within a shielded test environment — a purpose-designed facility that prevents RF signals from propagating beyond the test area. The drone was placed in a controlled flight configuration. We generated synthetic GPS signals using open-source simulation software and a software-defined radio, and transmitted them within the shielded environment.
We demonstrated three attack scenarios.
All three scenarios succeeded. The route displacement scenario — the most operationally relevant — demonstrated that an eighty-metre lateral shift could be achieved in forty seconds without triggering any alert in the flight management system. The telemetry reported to the security control room showed a normal patrol. The drone's actual position was eighty metres from its intended route.
The altitude manipulation scenario produced a partial detection — the barometric altimeter disagreed with the GPS altitude, and the flight controller logged a sensor discrepancy warning. However, the drone did not execute a failsafe; it continued flying. Modern flight controllers use sensor fusion — combining GPS, barometric, and inertial data — but the fusion algorithms typically weight GPS heavily, and a gradual discrepancy may be resolved by the algorithm in favour of the GPS data rather than triggering a failsafe.
The geofence evasion scenario was the most concerning from a regulatory perspective. Geofences are safety boundaries programmed into the drone to prevent it from flying outside its approved operating area. The geofence is enforced using the GPS position. If the GPS position is spoofed, the geofence cannot protect against the drone being displaced beyond its approved boundary.
The autonomous patrol drone's GPS receiver accepted counterfeit satellite signals without detection, allowing the aircraft's perceived position to be displaced by 80 metres from its actual position. The security control room telemetry showed a normal patrol. The drone's actual flight path was shifted, leaving a section of the perimeter unmonitored. No alert was generated.
The purpose of the drone patrol was to provide consistent, reliable coverage of the distribution centre's perimeter — a three-kilometre fence line protecting high-value inventory. The patrol replaced a manned security patrol that followed the same route on foot.
A successful GPS spoofing attack against the patrol drone has operational consequences that extend beyond the immediate displacement.
| Attack Scenario | Operational Consequence | Security Impact |
|---|---|---|
| Route displacement | Drone patrols a parallel route offset from the perimeter fence. Camera and thermal sensor cover ground that is not the perimeter. | Perimeter section unmonitored during patrol window. Coordinated with physical intrusion, provides a timed gap in coverage. |
| Altitude manipulation | Drone flies higher than intended. Thermal detection range and image resolution decrease with altitude. Spotlight effectiveness reduced. | Intruder detection capability degraded. Individual identification impossible at increased altitude. Deterrent effect of spotlight and engine noise reduced. |
| Timing manipulation | Spoofed position causes drone to fly faster or slower relative to its actual route, altering patrol timing and creating predictable gaps. | Attacker can predict exact timing of coverage gaps and synchronise physical intrusion. |
| False confidence | Security control room sees normal telemetry. Patrol appears to complete successfully. No failsafe triggered. No alert generated. | Organisation believes perimeter is monitored when it is not. Reduces likelihood of deploying backup security measures during the attack window. |
The false confidence consequence is the most damaging. A GPS jamming attack — simply overwhelming the GPS signal with noise — would cause the drone to lose its position fix and execute a failsafe (typically return-to-home or land). The security team would immediately know that the patrol had been disrupted and could deploy alternative measures. Spoofing is more dangerous precisely because it is invisible — the patrol appears to complete normally, and the security team has no reason to suspect that the coverage was compromised.
The vulnerability is not a flaw in the drone, the manufacturer, or the patrol system vendor. It is a structural property of civilian GNSS. The civilian GPS signal was designed for open access. It was not designed to resist deliberate deception. Adding authentication to the civilian signal has been discussed for over a decade — the European Galileo system includes an Open Service Navigation Message Authentication (OSNMA) feature — but adoption in consumer and commercial receivers is nascent, and no current commercial drone platform supports authenticated GNSS.
Mitigating GPS spoofing against autonomous drones is challenging because the root vulnerability — the lack of civilian GNSS authentication — cannot be fixed at the user level. The mitigations are compensating controls that reduce the effectiveness of spoofing rather than eliminating the vulnerability.
The most important immediate recommendation is not technical — it is operational: do not rely solely on the drone patrol for perimeter security. The drone patrol should be one layer in a defence-in-depth model that includes fixed CCTV, perimeter intrusion detection sensors (fence vibration, buried cable, IR beams), lighting, and periodic manned patrols. If any single layer can be defeated — and we have demonstrated that the drone layer can be — the remaining layers must be sufficient to detect intrusion independently.
Independent position verification is the most effective technical countermeasure. If the ground station can independently determine the drone's position — using a ground-based radar, a radio direction finder, or a secondary tracking system such as ADS-B — and compare it against the GPS-reported position, a discrepancy would indicate spoofing. The challenge is cost: ground-based drone tracking systems are significantly more expensive than the patrol drone itself.
Multi-constellation GNSS reception (GPS + GLONASS + Galileo + BeiDou) increases the difficulty of spoofing because the attacker must generate coherent synthetic signals for multiple constellations simultaneously, each with different signal structures and orbital parameters. It does not prevent spoofing — a sufficiently capable attacker can spoof multiple constellations — but it raises the technical barrier substantially.
Visual odometry — using the onboard camera to track ground features and derive position changes — provides an independent velocity and displacement measurement that does not rely on GNSS. If the visual odometry indicates the drone is moving in a direction inconsistent with the GPS-reported position change, the discrepancy can trigger an alert. Visual odometry has limitations (it requires illumination and distinct ground features) but it is a sensor source that cannot be spoofed by a radio-based attacker.
Autonomous systems make decisions based on sensor data. If the sensor data is manipulated, the decisions are wrong — but the system does not know they are wrong. It continues to operate, confidently executing its programme, unaware that its perception of reality has been altered.
This is not a flaw unique to drones. It is a fundamental property of any autonomous system that relies on unverified sensor input. Autonomous vehicles trust their GPS. Maritime vessels trust their AIS. Precision agriculture systems trust their GNSS positioning. Any system that acts on unverified satellite navigation data is susceptible to the same class of attack we demonstrated here.
The patrol drone was designed to replace human observation with consistent, automated coverage. It succeeded — in the absence of an adversary. But an adversary who understands the system's dependencies can exploit them. The drone trusted the satellites. We became the satellites. And the perimeter fence was unguarded while the security team watched a screen that said otherwise.
Until next time — stay sharp, stay curious, and remember that trust in a signal is only as strong as the authentication behind it. For civilian GPS, that authentication is: none.
This article describes a GPS spoofing assessment conducted under exceptional circumstances with full written authorisation from the client, within a shielded test environment, and under appropriate regulatory exemptions. GPS spoofing involves the transmission of radio signals on protected GNSS frequencies. In the United Kingdom, unauthorised transmission on GNSS frequencies is an offence under the Wireless Telegraphy Act 2006. Interference with satellite navigation services may constitute offences under the Space Industry Act 2018 and the Aviation Security Act 1982. GPS spoofing that affects aircraft — including unmanned aircraft — may additionally constitute offences under the Air Navigation Order 2016. This assessment methodology should not be replicated without equivalent regulatory authorisation, signal containment measures, and a formal safety case. The techniques described in this article are presented for educational purposes to illustrate a class of vulnerability in autonomous systems that rely on unauthenticated satellite navigation.
Hedgehog Security assesses the resilience of autonomous systems — drones, vehicles, and robotic platforms — against sensor manipulation attacks including GPS spoofing, signal jamming, and telemetry injection. We operate within appropriate regulatory frameworks and controlled environments. If your security depends on a drone knowing where it is, we test whether it actually does.