In recent years, there has been an ever growing dependence on GNSS for applications in sectors ranging from telecommunications, energy transmission and distribution, to financial services and transportation. As this dependence has increased, so too have risks of intentional interference or spoofing of GNSS signals from adversaries with the intent of causing damage or obtaining illegitimate advantage. The growing interest in GNSS has brought the European Union to develop its own system, Galileo, which recently became operational. The GNSS signal generation is based on public parameters, and to the present date none of the systems provides any means to verify its authenticity or cryptographic integrity. To answer the arising concerns about GNSS security, the European Commission has recently announced that Galileo will offer Navigation Message Authentication (NMA) as a protection against falsified signals, i.e., the so called spoofing attacks. In some scenarios, the attacker can be the very owner of the receiving device, that aims, for instance, at deceiving a monitoring system. These attacks, that go under the name of self-spoofing, have thus become a concern for GNSS based applications. Such scenarios represent some of the most demanding requirements for protection against GNSS spoofing. The implementation of NMA techniques serves the purpose of making this kind of attacks more difficult, too. Two representative applications were considered in the definition of a baseline spoofing scenario and its respective assumptions: satellite-based Vessel Monitoring Systems (VMS) and smart digital tachographs. Satellite-based VMS' were introduced to protect fisheries from illegal fishing, using GNSS for enforcement. Requirements for VMS' specify acceptable position errors and associated confidence intervals, the contents and frequency of transmissions to a Fishing Monitoring Centre (FMC) that allow authorities to react in a timely manner to non compliant behaviour. Today, such measures include the use of tamper-resistant hardware and cryptographic mechanisms to provide protection against vessel owners attempting to tamper or interfere with the device; however, it is only a matter of time before malicious owner resort to GNSS spoofing as a threat to the present enforcement mechanism. The return on investment for defeating the VMS and illegally fishing in closed areas can be significant and can substantially outweigh the costs associated with conducting a spoofing attack. Digital tachographs record the activities of professional drivers including rest and driving hours, increasing road safety, ensuring minimum working conditions and guaranteeing fair competition for EU transport companies. An EU regulation prescribes requirements for construction, testing, installation, operation and repair of tachographs and their components addresses the use of GNSS, remote early detection of possible manipulation or misuse, interfaces with intelligent transport systems and security mechanisms. This paper considers as a baseline a GNSS receiver implementing defences based on the utilisation of Galileo Open Service authentication. In terms of fulfilling its primary task of protecting the integrity of the navigation message, a generic NMA scheme might simply be characterized by its key features, including the number of cryptographic bits inserted in the message, the equivalent security of the scheme, and the period of time over which a complete signature is broadcast. The equivalent security of the scheme indicates the difficulty in performing a brute-force attack on the underlying cryptographic primitives. The number of cryptographic bits inserted will directly influence the availability of the scheme, based on the ability of the receiver to correctly recover all of the bits, and is generally proportional to the equivalent security of the scheme. The period over which the data is broadcast will influence the latency experienced by the receiver in asserting the authenticity of the navigation data, and should therefore be commensurate with, and aligned with, the period over which the protected navigation data is broadcast. When considering the indirect use of the NMA data as a means of anti-spoofing, or range protection, one more feature must be considered: the conditional Shannon entropy of the cryptographic data given the previously transmitted messages. If the data are unknown at the time of broadcast, then one might assume that the adversary must first observe the genuine signal, before creating a counterfeit one. The likelihood of an adversary simply guessing the true value of the cryptographic data is related to the number of bits in question, and the a priori probability of guessing each bit. A common measure of this is the Shannon entropy. When the number of bits is high, then it is very unlikely that the adversary can readily produce a counterfeit signal, without first observing the genuine one. Of course, once the genuine signal is observed, a perfect replica can easily be made. This fact constrains somewhat the degrees of freedom of the counterfeit signals, in that they might only be broadcast in delay with respect to the genuine signals. It might be argued that this itself represents some defence against spoofing. This paper aims at evaluating the efficacy of symbol-level techniques for the mitigation of spoofing attacks. The paper will first analyse the state of the art of both GNSS spoofing attacks and anti-spoofing mechanisms. Theoretical and experimental analysis will be presented in order to investigate the possible increase in the complexity that is required for a successful attack, thanks the adoption of NMA, as well as the intrinsic limitations and weaknesses of these techniques
