Sfdwhf

A Journey Through Space and Time

Simulate Bitwise Cyclic Tag

Why do we use polarized capacitor?

Chess with symmetric move-square

Why doesn't Newton's third law mean a person bounces back to where they started when they hit the ground?

declaring a variable twice in IIFE

Can I interfere when another PC is about to be attacked?

Can an x86 CPU running in real mode be considered to be basically an 8086 CPU?

Schwarzchild Radius of the Universe

Is there a familial term for apples and pears?

If Manufacturer spice model and Datasheet give different values which should I use?

Should I join an office cleaning event for free?

Closed subgroups of abelian groups

Why is this code 6.5x slower with optimizations enabled?

Calculus Optimization - Point on graph closest to given point

What would happen to a modern skyscraper if it rains micro blackholes?

How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect?

How to make payment on the internet without leaving a money trail?

Circuitry of TV splitters

Do airline pilots ever risk not hearing communication directed to them specifically, from traffic controllers?

The magic money tree problem

Concept of linear mappings are confusing me

How do we improve the relationship with a client software team that performs poorly and is becoming less collaborative?

XeLaTeX and pdfLaTeX ignore hyphenation

What is GPS' 19 year rollover and does it present a cybersecurity issue?

Why would GPS availability be reduced by high demand (or solar eclipse)?How does GPS receiver synchronize time with GPS satellites?Does GPS spoofing ever come from space? How are spoofings usually detected?How far up have satellites used a GNSS for positioning, and how does the precision degrade with altitude?Does GPS work at ISS?How does GPS receiver synchronize time with GPS satellites?How does GPS work exactly?Why are the GPS constellation satellites in such a high orbit?How does GPS module gets time even before a fix?What is the magnetic equatorial anomaly and how is GAGAN unique in its ability to compensate?TLE and RINEX gps differencesWhat are RAIM Service Outage, RNP and EnRoute on GPS DOP maps? What does the red line mean?Does GPS spoofing ever come from space? How are spoofings usually detected?

2

1

$begingroup$

The NPR new item and audio podcast The Global Positioning System Resets talks about a 19 year cycling of something in the GPS system, but it's not clear what it is.

Every 19 years, the Global Positioning System resets a measure of time built into its program. The latest rollover is Saturday and NPR's Scott Simon asks cybersecurity expert Frank Cilluffo about it.

It's Y2K for GPS. The Global Positioning System was designed with a limit for the number of weeks it could count. Every 19 years, the program reaches that limit and the count resets. That happens tonight. What might happen tonight? Frank Cilluffo is director of the McCrary Institute for Critical Infrastructure Protection and Cyber Systems. He joins us now from the campus of Auburn University. Thanks so much for being with us.

1. What is it exactly that cycles or "rolls over" every 19 years?


2. Is it in any way analogous to y2k?


3. Is there any cybersecurity issue associated with the rollover more subtle than GPS simply not working for some users? For example, is there some hacking potential associated with this moment?

gps gnss

share|improve this question

edited 2 hours ago

uhoh

asked 2 hours ago

uhohuhoh

40.5k18149511

$endgroup$

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  potential close-voters; there are several good questions and answers here about the details of how the GPS constellation of satellites and their receivers on Earth work. See for example How does GPS receiver synchronize time with GPS satellites? as well as Does GPS spoofing ever come from space? How are spoofings usually detected? and especially Why would GPS availability be reduced by high demand (or solar eclipse)? This question is on topic!
  $endgroup$
  – uhoh
  6 mins ago
  

  
  
  
  

add a comment | 

2

1

$begingroup$

The NPR new item and audio podcast The Global Positioning System Resets talks about a 19 year cycling of something in the GPS system, but it's not clear what it is.

Every 19 years, the Global Positioning System resets a measure of time built into its program. The latest rollover is Saturday and NPR's Scott Simon asks cybersecurity expert Frank Cilluffo about it.

It's Y2K for GPS. The Global Positioning System was designed with a limit for the number of weeks it could count. Every 19 years, the program reaches that limit and the count resets. That happens tonight. What might happen tonight? Frank Cilluffo is director of the McCrary Institute for Critical Infrastructure Protection and Cyber Systems. He joins us now from the campus of Auburn University. Thanks so much for being with us.

1. What is it exactly that cycles or "rolls over" every 19 years?


2. Is it in any way analogous to y2k?


3. Is there any cybersecurity issue associated with the rollover more subtle than GPS simply not working for some users? For example, is there some hacking potential associated with this moment?

gps gnss

share|improve this question

edited 2 hours ago

uhoh

asked 2 hours ago

uhohuhoh

40.5k18149511

$endgroup$

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  potential close-voters; there are several good questions and answers here about the details of how the GPS constellation of satellites and their receivers on Earth work. See for example How does GPS receiver synchronize time with GPS satellites? as well as Does GPS spoofing ever come from space? How are spoofings usually detected? and especially Why would GPS availability be reduced by high demand (or solar eclipse)? This question is on topic!
  $endgroup$
  – uhoh
  6 mins ago
  

  
  
  
  

add a comment | 

$begingroup$

The NPR new item and audio podcast The Global Positioning System Resets talks about a 19 year cycling of something in the GPS system, but it's not clear what it is.

Every 19 years, the Global Positioning System resets a measure of time built into its program. The latest rollover is Saturday and NPR's Scott Simon asks cybersecurity expert Frank Cilluffo about it.

It's Y2K for GPS. The Global Positioning System was designed with a limit for the number of weeks it could count. Every 19 years, the program reaches that limit and the count resets. That happens tonight. What might happen tonight? Frank Cilluffo is director of the McCrary Institute for Critical Infrastructure Protection and Cyber Systems. He joins us now from the campus of Auburn University. Thanks so much for being with us.

1. What is it exactly that cycles or "rolls over" every 19 years?


2. Is it in any way analogous to y2k?


3. Is there any cybersecurity issue associated with the rollover more subtle than GPS simply not working for some users? For example, is there some hacking potential associated with this moment?

gps gnss

share|improve this question

edited 2 hours ago

uhoh

asked 2 hours ago

uhohuhoh

40.5k18149511

$endgroup$

share|improve this question

edited 2 hours ago

uhoh

asked 2 hours ago

uhohuhoh

40.5k18149511

share|improve this question

edited 2 hours ago

uhoh

asked 2 hours ago

uhohuhoh

40.5k18149511

asked 2 hours ago

uhohuhoh

40.5k18149511

asked 2 hours ago

uhohuhoh

40.5k18149511

1 Answer
1

active

oldest

votes

2

$begingroup$

The field in the protocol that specifies the week number is a 10-bit value. In most computers, when an (unsigned) integer exceeds its maximum value, it wraps around to zero. This is roughly similar to Y2K, though is more like the upcoming year 2038 problem (but with weeks instead of seconds). This 10-bit value will wrap around, and the GPS system will hold the same time value as it held back in 1999.

Yes, this can cause some security issues. Many people use GPS signals as a way to tell time instead of its traditional use with geolocation. Accurate time is extremely important for security, such as for verifying that a certificate is valid and has not expired. If an operating system exclusively uses GPS to calibrate its internal clock, this rollover could, if handled improperly in firmware, result in certificate validation errors or even the failure to check for security updates. See also How important is local time for security?.

share|improve this answer

edited 55 mins ago

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  To double check, a GPS receiver unit without properly updated software (or firmware) could return a properly formatted yet incorrect value for GPS time, and this problem is independent of the quality of the geolocation data?
  $endgroup$
  – uhoh
  20 mins ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @uhoh Correct. If that invalid time is used for purposes that require accurate time for security, this could result in a security issue.
  $endgroup$
  – forest
  18 mins ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks! fyi Does GPS spoofing ever come from space? How are spoofings usually detected? is somewhat security-related.
  $endgroup$
  – uhoh
  5 mins ago
  
  
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function () {
return StackExchange.using("mathjaxEditing", function () {
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
});
});
}, "mathjax-editing");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "508"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fspace.stackexchange.com%2fquestions%2f35362%2fwhat-is-gps-19-year-rollover-and-does-it-present-a-cybersecurity-issue%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

2

$begingroup$

The field in the protocol that specifies the week number is a 10-bit value. In most computers, when an (unsigned) integer exceeds its maximum value, it wraps around to zero. This is roughly similar to Y2K, though is more like the upcoming year 2038 problem (but with weeks instead of seconds). This 10-bit value will wrap around, and the GPS system will hold the same time value as it held back in 1999.

Yes, this can cause some security issues. Many people use GPS signals as a way to tell time instead of its traditional use with geolocation. Accurate time is extremely important for security, such as for verifying that a certificate is valid and has not expired. If an operating system exclusively uses GPS to calibrate its internal clock, this rollover could, if handled improperly in firmware, result in certificate validation errors or even the failure to check for security updates. See also How important is local time for security?.

share|improve this answer

edited 55 mins ago

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  To double check, a GPS receiver unit without properly updated software (or firmware) could return a properly formatted yet incorrect value for GPS time, and this problem is independent of the quality of the geolocation data?
  $endgroup$
  – uhoh
  20 mins ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @uhoh Correct. If that invalid time is used for purposes that require accurate time for security, this could result in a security issue.
  $endgroup$
  – forest
  18 mins ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks! fyi Does GPS spoofing ever come from space? How are spoofings usually detected? is somewhat security-related.
  $endgroup$
  – uhoh
  5 mins ago
  
  
  

  
  
  
  

add a comment | 

2

$begingroup$

The field in the protocol that specifies the week number is a 10-bit value. In most computers, when an (unsigned) integer exceeds its maximum value, it wraps around to zero. This is roughly similar to Y2K, though is more like the upcoming year 2038 problem (but with weeks instead of seconds). This 10-bit value will wrap around, and the GPS system will hold the same time value as it held back in 1999.

Yes, this can cause some security issues. Many people use GPS signals as a way to tell time instead of its traditional use with geolocation. Accurate time is extremely important for security, such as for verifying that a certificate is valid and has not expired. If an operating system exclusively uses GPS to calibrate its internal clock, this rollover could, if handled improperly in firmware, result in certificate validation errors or even the failure to check for security updates. See also How important is local time for security?.

share|improve this answer

edited 55 mins ago

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  To double check, a GPS receiver unit without properly updated software (or firmware) could return a properly formatted yet incorrect value for GPS time, and this problem is independent of the quality of the geolocation data?
  $endgroup$
  – uhoh
  20 mins ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @uhoh Correct. If that invalid time is used for purposes that require accurate time for security, this could result in a security issue.
  $endgroup$
  – forest
  18 mins ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks! fyi Does GPS spoofing ever come from space? How are spoofings usually detected? is somewhat security-related.
  $endgroup$
  – uhoh
  5 mins ago
  
  
  

  
  
  
  

add a comment | 

$begingroup$

The field in the protocol that specifies the week number is a 10-bit value. In most computers, when an (unsigned) integer exceeds its maximum value, it wraps around to zero. This is roughly similar to Y2K, though is more like the upcoming year 2038 problem (but with weeks instead of seconds). This 10-bit value will wrap around, and the GPS system will hold the same time value as it held back in 1999.

Yes, this can cause some security issues. Many people use GPS signals as a way to tell time instead of its traditional use with geolocation. Accurate time is extremely important for security, such as for verifying that a certificate is valid and has not expired. If an operating system exclusively uses GPS to calibrate its internal clock, this rollover could, if handled improperly in firmware, result in certificate validation errors or even the failure to check for security updates. See also How important is local time for security?.

share|improve this answer

edited 55 mins ago

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

$endgroup$

share|improve this answer

edited 55 mins ago

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 1 hour ago

forestforest

1214

New contributor

forest is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 1 hour ago

forestforest

1214