CEN/CLC/TC 5/WG 1 - Navigation and positioning receivers for road applications

This document shall be considered as a complementary standard to EN 16803-2 that is intended to assessment of the performances of a GBPT placed in real-life or simulated road environments. This document is instead specifically targeting security attacks such as interferences, jamming, meaconing or spoofing. This document cannot be applied independently from EN 16803-2 that describes in details the general methodology of the assessment procedure.
This document provides normative information necessary to replay in the lab standardized scenarios specifically dedicated to security tests applied to GNSS.
Depending on the case (jamming or spoofing), these scenarios are composed of data sets combining either real life recorded SIS and jamming signals or simulated SIS and spoofing signals. The reason for that will be explained in Clause 6.
Although a high-level categorization of GNSS attacks is given in Annex A, a comprehensive and detailed categorization of possible GNSS attacks is out of the scope of this document.
It is not the aim of this EN to standardize the record procedure neither to define the specific requirements for the generation of the attack scenarios. The record procedure itself and its quality framework for accredited GNSS-specialized laboratories (Lab-A), with the detailed definition of standardized attack scenarios, will be totally and precisely described in EN 16803-4 (under preparation). The list of attack scenarios will have to be regularly updated considering the evolution of GNSS technologies, emerging threats, and countermeasures.

Like the other ENs of the whole series, this EN deals with the use of GNSS-based positioning terminals (GBPT) in road Intelligent Transport Systems (ITS). GNSS-based positioning means that the system providing position data, more precisely Position, Velocity and Time (PVT) data, comprises at least a GNSS receiver and, potentially, for performance improvement, other additional sensor data or sources of information that can be hybridized with GNSS data.
This new EN proposes testing procedures, based on the replay of data recorded during field tests, to assess the basic performances of any GBPT for a given use case described by an operational scenario. These tests address the basic performance features Availability, Continuity, Accuracy and Integrity of the PVT information, but also the Time-To-First-Fix (TTFF) performance feature, as they are described in EN 16803-1, considering that there is no particular security attack affecting the SIS during the operation. This EN does not cover the assessment tests of the timing performances other than TTFF, which do not need field data and can preferably be executed in the lab with current instruments.
"Record and Replay" (R&R) tests consist in replaying in a laboratory environment GNSS SIS data, and potentially additional sensor data, recorded in specific operational conditions thanks to a specific test vehicle. The dataset comprising GNSS SIS data and potential sensor data resulting from these field tests, together with the corresponding metadata description file, is called a "test scenario". A dataset is composed of several data files.
This EN 16803-3 addresses the "Replay" part of the test scenario data set. It does not address the "Record" part, although it describes as informative information the whole R&R process. This "Record" part will be covered by EN 16803-4 under preparation.
Although the EN 16803 series concerns the GNSS-based positioning terminals and not only the GNSS receivers, the present release of this EN addresses only the replay process of GNSS only terminals. The reason is that the process of replaying in the lab additional sensor data, especially when these sensors are capturing the vehicle’s motion, is generally very complex and not mature enough to be standardized today. It would need open standardized interfaces in the GBPT as well as standardized sensor error models and is not ready to be standardized. But, the procedure described in the present EN has been designed to be extended to GBPT hybridizing GNSS and vehicle sensors in the future.
This EN 16803-3 does not address R&R tests when specific radio frequency signals simulating security attacks are added to the SIS. This case is specifically the topic of EN 16803-3.
Once standardized assessment tests procedures have been established, it is possible to set minimum performance requirements for various intelligent transport applications but it makes sense to separate the assessment tests issue from minimum performance requirements, because the same test procedure may be applicable to many applications, but the minimum performance requirements typically vary from one application to another. So, this EN does not set minimum performance requirements for any application.

EN 16803-1 addresses the final stage of the performance management approach, i.e. the assessment of the whole Road ITS system performance equipped with a given Positioning System, using the Sensitivity analysis method.
EN 16803-1 addresses the identification and the definition the positioning performance features and metrics required for Positioning System assessment.
This document gives definitions of the various items to be considered when specifying an Operational scenario and provides a method to compare finely two environments with respect to their effects on GNSS positioning performance.
This document gives definition of the most important terms used all along the document and describes the architecture of a Road ITS system based on GNSS as it is intended in this standard.
This document does not address:
-   the performance metrics to be used to define the Road ITS system performance requirements, highly depending on the use case and the will of the owner of the system;
-   the performance requirements of the various kinds of Road ITS systems;
-   the tests that are necessary to assess Positioning System performances (Record and Replay tests for this purpose will be addressed by prEN 16803-2 and prEN 16803-3.

The objective is to analyse the security issues that can occur at the GNSS SIS level. In order to do so, a full taxonomy of the GNSS SIS attacks are proposed and GNSS SIS attack security model are elaborated and classified. Security metrics for the validation of the GBPT robustness performances are defined.
The proposed methodology for this technical report consists in three distinct steps that are described hereunder:
I. The first step consists in providing a full taxonomy of the possible GNSS Signal in Space attacks (voluntary or not) to be considered and identify their impact at GBPT level;
II. The second step consists in regrouping narrow sets of previouslyidentified GNSS SIS attacks into security attack models. For each security attack model, an assessment of the dangerousness based on beforehand identified key parameters and methodology will be provided;
III. The third step consists in providing definition of performance objectives, security control, security metrics, and a specific procedure for a robustness evaluation of a GBPT against the identified security attack models at step II.
The results will benefit to the EN16803-3 "Assessment of security performances of GNSS based positioning terminals"

This document regards the test procedures for assessment of robustness to security attacks.
Starting from the definition of security attacks taxonomy and security metrics, this TR aims to:
1. Specify test facilities to be used in the tests of GPBT. This comprises both hardware and software equipment.
2. Define relevant test scenarios applicable to security performances. Also the field test needed for validation of scenarios will be properly described.
3. Define end-to-end test procedures comprising experimental validation of the whole test chain.
The results will benefit to the operational basis of EN16803-3 "Assessment of security performances of GNSS based
positioning terminals".

The purpose is to define the tests to be performed in order to evaluate the performances of road applications’ GNSS-based positioning terminal (GBPT). To fully define the tests, this task will address the test strategy, the facilities to be used, the test scenarios (e.g. environments and characteristics, which shall allow the comparison of different tests), and the test procedures. The defined tests and process will be validated by performing various in-field tests. The defined tests focus essentially on accuracy, integrity and availability as required in the statement of work included in the invitation to tender.
This document will benefit to:
- The consolidation of EN 16803-1: "Definitions and system engineering procedures for the establishment and assessment of performances"
- The elaboration of EN 16803-2: "Assessment of basic performances of GNSS-based positioning terminals"
- The elaboration of EN 16803-3: "Assessment of security performances of GNSS based positioning terminals".

This document constitutes the main deliverable from WP1.1 of the GP-START project. It is devoted to a thorough review of the metrics defined in EN 16803-1 and proposes a performance classification for GNSS-based positioning terminals within designed for road applications. It will serve as one of the inputs to the elaboration of prEN 16803-2:2019 and prEN 16803-3:2019.
This document should serve as a starting point for discussion within CEN/CENELEC/JTC 5/WG1 on a consolidated set of performance metrics and associated classification logic. The proposals and conclusions appearing in this document are therefore only preliminary.

This document is written in the frame of WP1.3 of GP-START project. It discusses several models to provide synthetic data for PVT tracks and the ways to analyse and compare the tracks to ensure these are similar to the reality.

Scope of this NWI is to give keys and to propose methods to GNSS-specialized laboratories, enabling them to design and produce valuable scenario using the "record and replay" technique in order to assess GNSS-based positioning system.
Already published parts (1-2-3) are mainly dedicated to respectively :
-Definitions and system engineering procedures for the establishment and assessment of performances
-Assessment of basic performances of GNSS-based positioning terminals
-Assessment of security performances of GNSS-based positioning terminals
Part4- Definitions and system engineering procedures for the design and validation of test scenarios- will be based on outcomes from GPSTART2 (SA-CEN/2018-12) which was funded by EC to tackle this specific focus (among others).

EN 16803-1 addresses the final stage of the performance management approach, i.e. the assessment of the whole Road ITS system performance equipped with a given GBPT, using the Sensitivity analysis method.
EN 16803-1 addresses the assessment of GBPT performance, since it identifies and defines the positioning performance features and metrics to be used in the definition of the GBPT performance requirements.
This EN gives definitions of the various items to be considered when specifying an Operational scenario and provides a method to compare finely two environments with respect to their effects on GNSS positioning performance.
This EN gives definition of the most important terms used all along the document and describes the architecture of a Road ITS system based on GNSS as it is intended in this standard.
This EN does not address:
-   the performance metrics to be used to define the Road ITS system performance requirements, highly depending on the use case and the will of the owner of the system;
-   the performance requirements of the various kinds of Road ITS systems;
-   the tests that are necessary to assess GBPT performances (field tests for this purpose will be addressed by EN 16803-2  and EN 16803-3).