U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

GPS Receiver Allow List Development Guide

Body

Historically, Global Positioning System (GPS) receivers have been considered single-purpose appliances like radios that required very focused, application-specific hardware but placed less emphasis on software. In contrast, today’s receivers are implemented and integrated as embedded software applications distributed over general purpose processors with special GPS hardware.

The GPS Allow List Development Guide presents a software assurance approach as a means of addressing potential vulnerabilities and increasing reliability of Global Positioning System (GPS) receivers. This guide is part of S&T’s emphasis on a cybersecurity-based approach for Positioning, Navigation, and Timing (PNT) resilience and can also help with the implementation of data-related requirements in the Resilient PNT Conformance Framework.

The approach utilizes input data validation based on allow list constraints to minimize the processing of malformed navigation messages entering a GPS receiver. An example allow list is used for the navigation data fields documented in the interface specification for a GPS signal. Some benefits, limitations, and caveats of the approach are further discussed in the guide. Example allow lists are also presented to illustrate the concept. This guidance is provided for navigation device developers seeking to create, implement, and verify GPS allow lists customized to their systems.  

Attachment Ext. Size Date
DHS-GPS Allow List Development Guide v1.1 PDF 475.58 KB 11/09/2022
Last Updated: 11/15/2022
Was this page helpful?
This page was not helpful because the content