It was an incident that caught broadcasters, telecoms operators and financial trading networks on the hop.
On Tuesday 26 January, a scheduled operation to remove the oldest GPS satellite from service caused an error in the time signal broadcast by the remaining satellites in the network. For more than five hours, the time broadcast by the GPS network was 13 microseconds short of standard Universal Co-ordinated Time (UTC).
Thirteen microseconds may not sound like much, but for systems that rely on precise time, it’s a huge deal. Here in the UK, the BBC admitted that the glitch caused widespread problems in its digital radio network. On forums frequented by precision timing professionals, there were reports of financial trading systems cancelling orders. And Chronos Technologies, a manufacturer of timing receivers, told Inside GNSS it had fielded many calls from people who were experiencing problems.
The critical role of precise time
Precise time is a critical element in the operation of all kinds of widely-distributed networks, from digital television and radio broadcast networks to mobile phone networks and power grids. Among other things, it’s used to synchronise activity across the network, ensuring a smooth, uninterrupted flow of data or electricity.
Fast-moving financial trading systems also rely on precise time to establish the order in which transactions occurred, whose trade has precedence over whose, and which price was correct at any given moment.
To maintain smooth operations, organisations like these need a precise, continuous, reliable and stable source of reference time to synchronise with.
In the past, they might have purchased that reference time from an organisation that maintains a caesium atomic clock, such as NIST. But today, it’s much easier (not to mention cheaper) to get a continuous flow of precise time directly from the GPS system, using a specialist GPS timing receiver.
Incident shows GPS time is not infallible
Since 1992, GPS has been an incredibly reliable source of precise time, thanks to the atomic clocks carried by each satellite in the constellation.
But as the events of last weekend have shown, GPS time isn’t completely infallible. A press release from the US Air Force eventually revealed that the timing glitch was caused by a software issue during a planned operation to remove an ageing satellite from service:
“Further investigation revealed an issue in the Global Positioning System ground software which only affected the time on legacy L-band signals. This change occurred when the oldest vehicle, SVN 23, was removed from the constellation.
While the core navigation systems were working normally, the coordinated universal time timing signal was off by 13 microseconds which exceeded the design specifications. The issue was resolved at 6:10 a.m. MST, however global users may have experienced GPS timing issues for several hours.”
While this is the first time this has happened to GPS, it’s not the first incident of its kind. In 2014, a faulty software update uploaded to the Russian GLONASS satellite network by its ground control segment caused the network to broadcast false data for up to 10 hours, making GLONASS unusable for timing, positioning or navigation during the glitch.
Organisations must be aware of the risks
System errors in satellite networks are extremely rare, but this incident highlights the risks involved, and the corresponding need to build resilience or redundancy into precision timing systems, especially where they’re used to manage critical infrastructure.
A 2013 report by the US Government Accountability Office found that GPS receivers are now fundamental to smooth operations in most of the 16 critical infrastructure sectors deemed to play a vital role in the nation’s security, economy and health.
If not appropriately hardened, those receivers are not only at risk from system errors, but also from other sources of disruption to navigation satellite signals – like jamming, atmospheric interference and deliberate spoofing.
Manufacturers and users of GPS-based precision timing systems should therefore:
- Stay informed and up to date on emerging threats to GPS time signals
- Conduct regular risk assessments to pinpoint any GPS-related vulnerabilities in their systems
- Ensure adequate mitigation / back-up / alerting measures are in place
- Thoroughly test systems in a wide range of possible GPS disruption scenarios
While ample help is available for the second two points on this list, the first two remain challenging, since information about specific threats is hard to come by.
As GPS increasingly becomes the “invisible utility”, relied upon by the majority of critical infrastructure segments, there’s a growing need for a facility to report threats and disruptions. Access to a central register of information would enable power utilities, telecoms networks, transport infrastructure providers and many more to be aware of specific threats to GPS time signals, and take steps to ensure they don’t impact critical operations.
Guy Buesnel is Market Segment Leader – Robust Position Navigation and Timing at Spirent Communications