Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EKF2: Spoofing GPS check #23366

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

EKF2: Spoofing GPS check #23366

wants to merge 1 commit into from
+71 −15

Conversation

haumarco
Copy link
Contributor

@haumarco haumarco commented Jul 5, 2024

Solved Problem

Currently the spoofing state, which gets set by the GPS driver, does not have any effect on the estimator.

Solution

One can now add the spoofing state to the EKF2_GPS_CHECK. For it to fail, the spoofing flag has to be consistently true over a second and vice-versa for it to pass again.
There is now also a event which gets sent once when the first spoofed message arrives. This will notify the user, independent of the settings chosen in EKF2_GPS_CHECK.

@haumarco haumarco requested review from dagar and sfuhrer July 5, 2024 14:18
@haumarco haumarco added the EKF2 label Jul 5, 2024
dagar
dagar reviewed Jul 5, 2024
View reviewed changes
src/modules/commander/HealthAndArmingChecks/checks/estimatorCheck.cpp
@@ -703,6 +719,12 @@ void EstimatorChecks::checkGps(const Context &context, Report &reporter, const s
events::ID("check_estimator_gps_multiple_spoofing_indicated"),
events::Log::Critical, "GPS reports multiple spoofing indicated");

if (!_gps_spoofed) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should be getting this event any time it transitions to spoofed right?

dagar
dagar reviewed Jul 5, 2024
View reviewed changes
src/modules/commander/HealthAndArmingChecks/checks/estimatorCheck.cpp
@@ -450,6 +450,22 @@ void EstimatorChecks::checkEstimatorStatus(const Context &context, Report &repor
events::ID("check_estimator_gps_vert_speed_drift_too_high"),
log_level, "GPS Vertical Speed Drift too high");

} else if (estimator_status.gps_check_fail_flags & (1 << estimator_status_s::GPS_CHECK_FAIL_SPOOFED)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now that we're getting this through the estimator I would delete all the checks directly on vehicle_gps_position spoofing.

The check through the estimator is better because we can decide to ignore it or need through the EKF2_GPS_CHECK bit.

dagar
dagar reviewed Jul 5, 2024
View reviewed changes
src/modules/ekf2/EKF/aid_sources/gnss/gps_checks.cpp
@@ -136,6 +137,29 @@ void Ekf::collect_gps(const gnssSample &gps)

bool Ekf::runGnssChecks(const gnssSample &gps)
{
// Check GPS spoofing
// hysterisis: spoofing needs to be consistent for 1 second before it is declared
constexpr uint64_t hysteresis_gps_spoofing_us = 1e6; // 1 second, hardcoded
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Does GNSS spoofing really require its own dedicated hysteresis (remember we have that on all these checks as a whole as well)
  2. If yes, then let's start using src/lib/hysteresis/hysteresis.h for these to keep it simple. https://github.com/PX4/PX4-Autopilot/blob/ac1effa32a4bc4541481778295d4a0d0c213f86f/src/lib/hysteresis/hysteresis.h

dagar
dagar reviewed Jul 5, 2024
View reviewed changes
src/modules/commander/HealthAndArmingChecks/checks/estimatorCheck.cpp
@@ -450,6 +450,22 @@ void EstimatorChecks::checkEstimatorStatus(const Context &context, Report &repor
events::ID("check_estimator_gps_vert_speed_drift_too_high"),
log_level, "GPS Vertical Speed Drift too high");

} else if (estimator_status.gps_check_fail_flags & (1 << estimator_status_s::GPS_CHECK_FAIL_SPOOFED)) {
message = "Preflight%s: GPS signal spoofed";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one is relevant beyond preflight.

@dagar dagar requested a review from AlexKlimaj July 5, 2024 16:31
@AlexKlimaj
Copy link
Member

Here is a log with an example with false positive spoofing. We probably want spoofing state to be >=2 for a period of time before failing the check.

https://review.px4.io/plot_app?log=8e03bae1-1551-4c93-bf6b-19c22e3c78a1

image
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dagar dagar dagar left review comments

@sfuhrer sfuhrer Awaiting requested review from sfuhrer

@AlexKlimaj AlexKlimaj Awaiting requested review from AlexKlimaj

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
EKF2
Projects
PX4 EKF
Status: 🏗 In progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@haumarco @AlexKlimaj @dagar