Python implementation of an anti-replay method for Galileo OSNMA using sample-level partial-correlation metrics

Galileo’s Open Service Navigation Message Authentication (OSNMA) strengthens civil GNSS against spoofing by authenticating the E1-B I/NAV navigation message [1]. Nevertheless, OSNMA is a data-level mechanism and does not inherently guarantee the freshness of range observables. A sophisticated advers...

Descripción completa

Detalles Bibliográficos
Autor: García Suárez, Pedro
Tipo de recurso: tesis de maestría
Fecha de publicación:2026
País:España
Institución:Departament de Salut de la Generalitat de Catalunya (DS)
Repositorio:O2, repositorio institucional de la UOC
OAI Identifier:oai:openaccess.uoc.edu:10609/154002
Acceso en línea:https://hdl.handle.net/10609/154002
Access Level:acceso abierto
Palabra clave:GNSS authentication
Galileo OSNMA
spoofing
anti-replay
SCER
partialcorrelation detector
unpredictable symbols
sample-level detection
Open source software -- TFM
Programari lliure -- TFM
Descripción
Sumario:Galileo’s Open Service Navigation Message Authentication (OSNMA) strengthens civil GNSS against spoofing by authenticating the E1-B I/NAV navigation message [1]. Nevertheless, OSNMA is a data-level mechanism and does not inherently guarantee the freshness of range observables. A sophisticated adversary may therefore attempt near-zero-delay Security Code Estimation and Replay (SCER) attacks by estimating unpredictable symbol content on the fly and re-radiating a forged signal with minimal delay [2]. This real-time estimation constraint inevitably introduces transient chip-level inconsistencies at the beginning of each symbol [2, 3], which can be exploited for detection. This thesis proposes a sample-level, software-only anti-replay detector based on within-symbol partial correlations for Galileo E1-B. The detector compares an early window—where SCER artifacts are expected—against a reference window later in the same symbol. To operate under OSNMA’s unpredictability, the receiver applies a realistic wipe-off strategy using an internal sign estimate derived from full-symbol correlation, enabling coherent aggregation over multiple symbols. Evidence is accumulated into global decision statistics, focusing on the R2 and R3 metrics proposed in [3]. The approach is implemented in a modular Python chip-level simulator including signal generation, an SCER spoofer model with running sign estimation, an AWGN channel, and the partial-correlation detector. Performance is assessed through Monte Carlo simulation with quantile-based threshold calibration under nominal reception and split-based validation to avoid optimistic bias, and is reported in terms of achieved false-alarm probability, detection probability under SCER, and ROC/AUC behavior. The results show that both R2 and R3 can be calibrated in a stable and interpretable manner, and that detection performance improves sharply with evidence accumulation, highlighting a clear latency–performance trade-off for practical OSNMA-enabled anti-replay monitoring.