Global navigation satellite systems (GNSSs) provide accurate positioning and timing services in a large gamut of sectors, including financial institutions, Industry 4.0, and Internet of things (IoT). Any industrial system involving multiple devices interacting and/or coordinating their functionalities needs accurate, dependable, and trustworthy time synchronization, which can be obtained by using authenticated GNSS signals. However, GNSS vulnerabilities to time-spoofing attacks may cause security issues for their applications. Galileo is currently developing new services aimed at providing increased security and robustness against attacks, such as the open service navigation message authentication (OS-NMA) and commercial authentication service (CAS). In this paper, we propose a robust and secure timing protocol that is independent of external time sources, and solely relies on assisted commercial authentication service (ACAS) and OS-NMA features. We analyze the performance of the proposed timing protocol and discuss its security level in relation to malicious attacks. Lastly, experimental tests were conducted to validate the proposed protocol.
Keywords: CAS; GNSS; OSNMA; security; timing.