Positioning, Navigation, and Timing | Cybersecurity and Infrastructure Security Agency CISA

Positioning, Navigation, and Timing (PNT) is necessary for the functioning of the nation’s critical infrastructure. Whether for civil, commercial, or military use, nearly all sectors rely on accurate PNT information to provide services. However, the ubiquitous use of the Global Positioning Navigation (GPS) as the primary source of PNT information makes these sectors vulnerable to adversaries seeking to cause harm by disrupting or manipulating the GPS signal.

CISA, through the National Risk Management Center (NRMC), works with government and industry partners to strengthen the security and resiliency of the national PNT ecosystem from the risks of both intentional and unintentional threats.

Overview

Positioning, Navigation, and Timing (PNT) is necessary for the functioning of the nation’s critical infrastructure. Whether for civil, commercial, or military use, nearly all sectors rely on accurate PNT information to provide services. However, the use of the Global Positioning Navigation (GPS) as the primary, and in many cases, the sole source of PNT data makes these sectors vulnerable to the intentional or unintentional disruption of the GPS signal. Complicating matters, advances in technologies have made the ability to broadcast mock GPS signals relatively simple, further placing PNT dependent systems at risk.

One of CISA’s top priorities is understanding how PNT is used across all National Critical Functions (NCFs), and how the functions that are dependent on PNT services can become more secure and resilient. This understanding will inform CISA’s risk reduction efforts, such as the creation of a Conformance Framework for GPS Receivers and supporting the National Institute of Standards and Technology (NIST) as they develop PNT profiles. The conformance framework will establish key parameters for assessing the security and resilience of GPS receivers. Partnering with equipment manufacturers, end users and other federal agencies, DHS will develop a common lexicon that defines security expectations for the industry. These standards will enable end users to better understand PNT receiver capabilities, which in turn enables users to make better informed risk decisions.

As alternate PNT services emerge, DHS will work with industry to understand how their adoption impacts critical infrastructure and the NCFs. Additionally, CISA will continue to lead DHS efforts to work with federal partners and the critical infrastructure community to promote the responsible use of GPS and other PNT sources.

Executive Order 13905

On February 12, 2020, the Executive Order (E.O.) 13905 on Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing (PNT) Services was signed. The goal of the E.O. was to identify and promote the responsible use of PNT services by the Federal Government and critical infrastructure owners and operators.

The E.O. directs the federal government and critical infrastructure owners and operators to take actions to identify and promote the responsible use of PNT services. DHS is well positioned to execute the PNT EO. In 2018, the DHS Secretary signed into action the DHS PNT strategy which synchronizes interagency PNT efforts across the Department to build resilience by enhancing coordination and collaboration within DHS and the private sector.

This E.O. is a major step forward to addressing risk to this capability; focusing not only on more secure sources of PNT, but more secure systems that rely on PNT data.

Read the full E.O.

Resources

2021 Federal Radionavigation Plan
Best Practices for Improved Robustness of Time and Frequency Sources in Fixed Locations
CISA Insights: Global Positioning System (GPS) Interference
DHS S&T's GPS Receiver Allow List Development Guide
DHS Statement on the PNT Executive Order
Epsilon Algorithm Suite: These algorithms provide end-users basic spoofing detection capabilities (e.g., detecting inconsistencies in position, velocity, and clock observables commonly provided by GPS receivers) without any modifications to the existing GPS receiver.
Paper on Improving the Operation and Development of GPS Equipment Used by Critical Infrastructure
PNT Integrity Library: This library provides users a method to verify the integrity of Global Navigation Satellite System (GNSS)-based PNT sources. It provides a scalable framework for GNSS-based PNT manipulation detection that offers varying levels of protection based on the available data.
Radio Frequency Interference Best Practices Guidebook
Report on PNT Backup and Complementary Capabilities to the GPS
Time - The Invisible Utility: two quick reference guides designed for organization leaders (corporate level) and IT professionals and staff (technical level) on the importance of accurate and resilient timing.
- Corporate-level fact sheet (for organization leaders)
- Technical-level fact sheet (for IT and staff)
Resilient PNT Conformance Framework (Version 2.0)
Resilient PNT Reference Architecture
Time Guidance for Network Operators, Chief Information Officers, and Chief Information Security Officers
Understanding Vulnerabilities of Positioning, Navigation, and Timing (PNT) fact sheet

Additional Resources

These are voluntary resources regarding the proper use of GPS receivers and security recommendations for systems that use GPS.

Please note: These resources are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide warranties of any kind regarding this information, nor does it endorse any commercial product, service, or subjects of analysis. Any references to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by DHS.

For questions or comments, email NRMC@hq.dhs.gov.

Contact Us

For questions or comments, email NRMC@hq.dhs.gov.