• ACTIVITYFeasibility Study
  • STATUSOngoing
  • THEMATIC AREAInfrastructure & Smart Cities, Transport & Logistics, Safety & Security, Maritime and Aquatic

Objectives of the service

GNSS Jamming and Spoofing attacks pose a severe risk for all services based on GNSS. 

Due to this risk, this project performs a feasibility study on the injection of space-recorded raw data into the existing proprietary algorithm called CMCU (Central Machine learning Computation Unit), making the possibility of having a worldwide detection system for GNSS Jamming and Spoofing a reality.

The flexibility of the Machine Learning Algorithms inside of the CMCU allows the combination of ground and space recorded raw signals uniquely, providing a powerful tool to end-users whose services and processes depend on reliable GNSS signals.

During the last few years, GNSS attacks has received considerable media attention, and the with current geopolitical situation makes the need for countermeasures, key for any GNSS dependent businesses. The main goals of the system are to enable quick identification of the attack and support decision-makers in their assessments of events.

Use Case 1 considers an API (Application Programming Interface) for end-users, allowing them to receive automated alerts of events in the area of interest, while Use Case 2 implements a web interface with an interactive map, allowing end-users to get historical information regarding events in a particular area.

Users and their needs

The service is oriented toward two main user communities worldwide

  1. Companies providing added value services to their customers based on GNSS reference stations (e.g. GNSS corrections).

  2. Maritime users (maritime fleet operators and users that operate maritime testbeds).

The service added value for end-users is:

  1. Risk reduction when using external receiver networks. 

  2. Savings due to reliability and savings in reduced time for troubleshooting their infrastructure

  3. Savings in KPIs infractions.

  4. Savings in maintenance costs.

  5. Historical information for decision-making support to the design of new routes (to maritime vessels fleets operators).

Service/ system concept

RESIST is set to be a service to add robustness to GNSS services. The product will evaluate the presence of human attacks on the GNSS signal. The CMCU (Central ML Computation Unit), based on Machine Learning (ML) implements the core of the system to analyse the satellite recorded raw data and allows the detection of GNSS attacks.

RESIST shall act as the means to implement a worldwide GNSS attacks detector. The system is intended to operate on a real-time basis and offers a range of services.

The high-level blocks associated with the RESIST are detailed in Figure 2 High-level blocks of the RESIST system. 


Raw data will be collected from a satellite provider. Signals are recorded from a LEO constellation and given to the core of the RF Analytics to analyse them.

The input handler is composed by:

  • Satellite data ingestion functions: The data provided by the LEO constellation operators will need to be received and managed by the RF Analytics system. These functionalities will implement the external ICD towards the data provider, as agreed with the different providers. 

  • Data Transformation functions: Depending on the provider, the signal can be formatted in different ways. In order to perform the evaluation in the Data Processor function an initial pre-processing and format adaptation is required.

  • Internal secure reporter functions: This function will implement the internal ICDs between the Input Handler functionalities and the data processor. Allowing the reception of the data by the CMCU, along with the distribution of the geolocation data to the next functional blocks. Based on the geolocation, the CMCU processing will be sorted in a way that those critical areas (Use Case 1) shall be computed with priority against the areas from the Use Case 2.


To evaluate the input data, the processing in this block is split. The geographical information related to the record of the signals is needed to be estimated. Next, the raw data is evaluated by the CMCU, the core algorithm of the system. It will analyse the presence of a Jamming/Spoofing attack and report the results in a database.

  • Geolocation service functions: Groups of functionalities associated to the geolocation estimation of the signal originator.

  • CMCU: The raw data, is evaluated by the CMCU, the main algorithm of the system. It will analyse the presence of a

Jamming/Spoofing attack and report the results in a database.

  • Results aggregation layer: Groups of functionalities responsible for the evaluation of the output from the CMCU algorithm. This component sorts the data adding metadata to deliver this information to the user. 

  • Reporting Database: Groups of functionalities associated to the store and transmission of the aggregation layer information. The information will contain:

    • Timestamp: Time when the evaluation is made.

    • Latitude and Longitude: Geographic position of the reporting signal.

    • RFI: Radio Frequency Interference 

    • Spoofer: Determines the presence of the spoofer.

    • SVID: Indicates the satellite on which the evaluation has been made.

    • Other


By means of the User Interface, the user is allowed to access to the RESIST core algorithm reports. The interface use will depend on the case of use and the user’s needs.

  • User Management: A group of functionalities dedicated to communicating the web interface with the information obtained by the data management.

  • Event Launcher: In Use Case 1, when an event is detected for a determined location, then it is reported to the user. Raw data of the event may be stored, for forensic analysis and Machine Learning training.

  • Interactive Map: In Use Case 2, the web interface allows to search for reports in the different areas from a map.


The support and control functions group the functionalities related to monitoring and controlling of the RESIST elements and required support functionalities.

  • Backup management functions: Groups the required functionalities for information backup and recovery.

  • Monitoring and control functions: Groups the functionalities associated with monitoring the RESIST operation and performance, modification of the RESIST component variables and configuration, visualization of the different operation and performance variables and operator console.

  • Fault detection and isolation: Groups the set of functionalities which allow failure detection, supporting the identification and isolation of the failed component.


Space Added Value

Using satellite recorded data allows expanding the GNSS threats monitoring networks quickly and reliably on a global scale. 

This Space data usage unblocks the possibility of monitoring areas without close ground infrastructure and reduces the cost of deployment protection techniques. RESIST usage of satellite signals sets the basis for providing a real-time global framework for safe GNSS operations. 

Current Status

The project successfully passed the Kick-Off Meeting in June 2022 and its first Progress Meeting in September 2022. 

The System design was performed and approved, and several workshops with end-users were held to understand their needs and gather feedback about the proposed system and the related system requirements.

The implementation of the proof of concept is currently ongoing.

Prime Contractor(s)

Status Date

Updated: 16 December 2022 - Created: 16 December 2022