Root Cause Analysis of the Delhi ATC / GPS Interference Incident

[A_Gupta]

[A_Gupta]

[A_Gupta]

[A_Gupta]

Worldwide GNSS RFI map

https://rfi.stanford.edu/?date=2025-11- ... atmap=true

[Cyrano]

My 2 cents counter intuitive argument -
We are doing it!! testing our capability to spoof GPS and other signals so that any projectile coming this way and depending on these tech (GPS etc) can be fooled!!

At the risk of crashing commercial flights full of passengers? Don't think so.

[Amber G.]

I have been following the above discussion (with very little knowledge) and the conclusion that it is some sort of spoofing of GPS signals that is causing problems. I presume that the receiver has some sort of protection that rejects signals from certain sources, for example, the source should be several hundred miles above earth (ie LEO altitude) and moving at the sort of speed that a satellite should. This would eliminate ground level spoofing.

Satellite based (especially LEO based) would be a bit more difficult. Of course if this is not already done, it would take time to achieve.

Please tell me that I have totally misunderstood the problem.

No, you haven’t misunderstood — you’re assuming the GPS receiver checks whether a signal “looks like” it’s coming from a satellite.
But civilian GPS receivers actually do not have that protection.

Long answer (iSkip details if one is familiar):

As said before in earlier posts, civil GPS signals are unencrypted and unauthenticated. A civilian GPS receiver simply locks onto the strongest, cleanest signal that matches the expected GPS code. It does not verify:

- whether the signal came from space,
- whether the satellite is moving at 3 km/s,
- whether the signal angle is correct.

This is why ground-level spoofing is very easy and is the method used in most real-world incidents (Black Sea 2017, Iran 2011, Korea 2012+, Israel, China port spoofing, Moscow VIP protection bubbles, etc.).
(I am looking at one public academic data -- about ~100 spoofing type events reported in the world on single day on Nov 7)

A ground spoofer just transmits a GPS-like signal that is slightly stronger than the real one (which is extremely weak when it reaches Earth). The receiver quietly switches to the fake signal without any alarm. No “special satellite simulation” is needed—just power and timing accuracy.
(A spoofer on the ground simply transmits a fake GPS-like signal that is, the same PRN code as a real satellite, slightly stronger (even +1 or +2 dB is enough), with a timing offset that gradually “pulls” the receiver’s position away --- All this is very well known - and people are aware of this)

(LEO- or satellite-based spoofing is possible but extremely rare because it requires:
orbital assets, high power, precise timing, national-level capability.)

In contrast, vicinity-based spoofing (portable, vehicle-mounted, rooftop-mounted) is:
(cheap, easy to build, widely seen in conflict zones, effective over a few km to tens of km, very hard for civilians to detect.)

That’s why most experts believe the Delhi/Mumbai interference is not jamming (which is broadband and noisy) but coherent spoofing (which is clean and “looks like GPS”).
Again, civilian receivers do not reject these signals because they lack authentication.

[Amber G.]

Worldwide GNSS RFI map

https://rfi.stanford.edu/?date=2025-11- ... atmap=true

Thanks. A few days ago I have written .. shared this to be sent to DGCA, AAI CNS, NTRO SIGINT, etc specialists to jointly assess patterns and attribution using this path.. including ..
- Stanford GPS Laboratory (ADS-B anomaly mapping)
- TU Munich, KAIST, MIT LL, Eurocontrol Experimental Centre (These groups’ publications can help India rapidly build an indigenous detection pipeline along with some iIndian institutes who already most likely working with DGCA - joined analysis will be very useful)

We know that we collect ADS-B data from multi-station receivers (AAI/IAF already operate several).I have requested them to begin continuous ADS-B analytics.. More of this I may post later .

[Amber G.]

xpost:

Not surprising there are companies specializing in tracking this gps interference info world wide. Here is an interesting map of GPS Interference and GPS Spoofing world wide. Ukraine is in the middle of it no surprise and so is west of the border of Amritsar into Pakistan area effecting Delhi.
Low level gps interference seem to exist through out our airspace (the background hexagons) and seems to be just another thing that Pilots have to deal with. Not seeing much interference in Mumbai area.
One surprising hotspot is Turkeye and also to our south Myanmar.
Wanted to share. This is not real time so you have to choose the dates you want to see the data tracked.
https://infinidome.com/gps-jamming-map/.
It would be interesting to track this also during periods of Military exercises.

[Amber G.]

My 2 cents counter intuitive argument -
We are doing it!! testing our capability to spoof GPS and other signals so that any projectile coming this way and depending on these tech (GPS etc) can be fooled!!

At the risk of crashing commercial flights full of passengers? Don't think so.

- Yes, India does test its own EW / GNSS-spoofing capabilities — every serious military does. But those tests are never conducted in civilian air corridors and definitely not in a way that risks commercial traffic.
(Military GNSS-jamming/spoofing tests are always done in controlled zones
India already has designated EW test range in Pokhran, Chandan, Chandipur, Andaman EW ranges etc
..These are NOTAM-protected before trials, with civilian air routes rerouted)

-- As said before, Civil GNSS signals are unencrypted and very easy for any third party to spoof simply by transmitting a stronger signal—there is nothing exotic about it. The pattern we’re seeing globally matches opportunistic spoofers..

--Airlines already rely on multilayer redundancy (INS, VOR/DME, radar vectors, FMS cross-checks), but GNSS corruption can still cause go-arounds, reroutes, delays, and workload spikes. So no responsible state would intentionally endanger civilian aviation to test capabilities. .

IMO, Events like these actually highlight why authorities emphasize:
- Maintaining proficiency in conventional navigation (VOR/DME/IRS)
-Strictly following loss-of-GNSS procedures
- Prompt pilot reporting when anomalies occur

This is standard aviation safety logic

[Aldonkar]

No, you haven’t misunderstood — you’re assuming the GPS receiver checks whether a signal “looks like” it’s coming from a satellite.
But civilian GPS receivers actually do not have that protection.

Long answer (iSkip details if one is familiar):

As said before in earlier posts, civil GPS signals are unencrypted and unauthenticated. A civilian GPS receiver simply locks onto the strongest, cleanest signal that matches the expected GPS code. It does not verify:

- whether the signal came from space,
- whether the satellite is moving at 3 km/s,
- whether the signal angle is correct.

This is why ground-level spoofing is very easy and is the method used in most real-world incidents (Black Sea 2017, Iran 2011, Korea 2012+, Israel, China port spoofing, Moscow VIP protection bubbles, etc.).
(I am looking at one public academic data -- about ~100 spoofing type events reported in the world on single day on Nov 7)

A ground spoofer just transmits a GPS-like signal that is slightly stronger than the real one (which is extremely weak when it reaches Earth). The receiver quietly switches to the fake signal without any alarm. No “special satellite simulation” is needed—just power and timing accuracy.
(A spoofer on the ground simply transmits a fake GPS-like signal that is, the same PRN code as a real satellite, slightly stronger (even +1 or +2 dB is enough), with a timing offset that gradually “pulls” the receiver’s position away --- All this is very well known - and people are aware of this)

(LEO- or satellite-based spoofing is possible but extremely rare because it requires:
orbital assets, high power, precise timing, national-level capability.)

In contrast, vicinity-based spoofing (portable, vehicle-mounted, rooftop-mounted) is:
(cheap, easy to build, widely seen in conflict zones, effective over a few km to tens of km, very hard for civilians to detect.)

That’s why most experts believe the Delhi/Mumbai interference is not jamming (which is broadband and noisy) but coherent spoofing (which is clean and “looks like GPS”).
Again, civilian receivers do not reject these signals because they lack authentication.

Thank you for your answer Amber G.

I should say I am astounded that civilian aircraft are using GPS based on no verification of signal origin. There could be lives at stake here. I should mention that my last job was part of a very large team working on a military communication system for the UK army and Navy based on Geostationary satellites. As you would expect, the links to the satellites were heavily encrypted as they were open to interception. I suspect that this system has already been replaced as I have been retired some 15 years or so but any satellite based system is vulnerable to such problems.

I hope that the authorities in India are using all means possible to pinpoint the culprits. Drones or even balloons carrying detector electronics as a possible answer but places a heavy personnel workload.

[Tanaji]

This is interesting : AI assures me that aircraft receivers use multiple constellations for navigational accuracy:

Yes. Modern aircraft GNSS (global navigation satellite system) receivers typically use multiple constellations — not just the U.S. GPS — to improve availability, accuracy, and integrity. Commonly used constellations include:

- **GPS (USA)**
- **GLONASS (Russia)**
- **Galileo (EU)**
- **BeiDou (China)**
- **SBAS (augmentation systems)** such as WAAS (USA), EGNOS (Europe), MSAS (Japan) — these provide corrections and integrity info
- **QZSS (Japan, regional)** in receivers certified for that region

Key points:
- Most modern certified avionics and airborne GNSS units are multi-constellation and multi-frequency (e.g., L1/L2/L5 or E1/E5) to meet performance, redundancy, and safety requirements.
- Civil aviation standards (DO-229/RTCA/DO-229 and ICAO SARPs) allow and encourage using multiple constellations; SBAS/GBAS augmentations are used for precision approaches and integrity.
- For safety-critical applications (e.g., Category I/II/III approaches, FMS navigation), receivers must meet certification standards which specify performance and integrity limits; manufacturers combine constellations and augmentation sources to meet those limits.
- Some legacy or inexpensive portable units may still use only GPS, but commercial airliners, business jets, and modern GA avionics generally use multiple GNSS constellations.

So it stands to reason to assume that someone is not just jamming or spoofing US GPS , but everything? Galileo and Glonass has global coverage. I dont know about Beidou. I doubt receivers support Navic..

[Amber G.]

^^^ My quick take (More of it later): -As said before, the pattern does not indicate someone is spoofing all GNSS systems. Almost all aviation-grade receivers use GPS as the primary constellation, even when they also track Galileo/GLONASS/Beidou. Spoofers usually target only the GPS L1 civil signal because --
.. It’s the easiest to spoof — unencrypted, widely understood, and requires only a stronger ground signal.

- Most receivers still fall back to GPS-derived timing/position, so corrupting GPS alone already causes major nuisance effects (position jumps, RAIM alerts, degraded navigation).
(Spoofing multiple constellations simultaneously is much harder — each uses different frequencies, modulation, and timing)

So no, it does not look like “everything is being spoofed.” The observed symptoms are consistent with GPS-only interference—enough to cause delays, route changes, and pilot workload spikes, but not catastrophic failures, as you said, (because aircraft still have INS, VOR/DME, radar vectors, and cross-checks).

In India, many receivers now support NavIC, but not all—notably older avionics and handheld devices—so they still behave like GPS-dependent units when GPS is corrupted.

---
Meanwhile: Faster ILS deployment shows regulators are serious about giving aircraft a non-GPS fallback, which strengthens resilience (This gives aircraft a , ground-based guidance fallback during GPS disruption — especially when GPS-based RNP approaches are risky.).

Also After similar GPS-interference alerts around Delhi and Mumbai there are alerts of possible GPS signal interference in airspace near Kolkata. (Multiple agencies are now formally coordinating to investigate GPS spoofing: the NSA is involved and it looks like they are tracking patterns across the country, not just in Delhi)

[A_Gupta]

https://www.faa.gov/about/office_org/he ... bng/vormon

The VOR MON program is designed to enable aircraft, having lost GPS service, to revert to conventional navigation procedures. This will allow users to continue through the outage area using VOR station-to-station navigation or to proceed to a MON airport where an Instrument Landing System (ILS), Localizer (LOC) or VOR approach procedure can be flown without the necessity of GPS, Distance Measuring Equipment (DME), Automatic Direction Finder (ADF), or surveillance. Any airport with a suitable instrument approach may be used for landing, but the VOR MON assures that at least one airport will be within 100 Nautical Miles (NM).

[Tanaji]

AmberG,

I am not sure I agree with your reasoning. Aircraft GNSS receivers apparently have been using alternate constellations for a while now. I don’t understand why the receiver would completely report failure or wrong location if the other constellations were not being spoofed. Surely there would be some sort of logic to fallback to the other or decide which one is “correct”. Unless the other constellations are being spoofed as well or there is no coverage.

In other news, Galileo is supposed to have enabled OSNMA which should allow for cryptographic verification to prevent spoofing. Not jamming though.

[Amber G.]

Tanaji-
Aircraft receivers do use multiple constellations, but that doesn’t fully protect against spoofing. As said before, GPS is still the primary feed for most aviation-grade GNSS units, and if GPS is being spoofed with stronger, plausible-looking signals, it can pull the navigation solver off, even if Galileo/GLONASS/NavIC are present.

You don’t need to spoof all constellations — just corrupting the dominant one (GPS) can create nuisance values, inconsistent fixes, RAIM alerts, and loss-of-integrity flags, which is exactly what pilots are reporting.

Also, most aviation receivers are not yet using OSNMA, and its rollout is incomplete. So Galileo authentication doesn’t automatically solve this in current aircraft avionics.

In short: spoofing only GPS is enough to cause interruptions, false positions, or dropouts, even with fallback constellations available.

[Amber G.]

^^^Last weekend I ended up chatting with a student of mine, an electrical engineer who did her aeronautical engineering at MIT, now teaches there, and also flies/teaches flying at the MIT flying club. Her take was interesting: it’s not just GPS that’s vulnerable — a lot of aviation communications (weather data links, ATC info feeds, traffic/position broadcasts, etc.) are not encrypted and are surprisingly easy to spoof or corrupt.

She said that with today’s off-the-shelf tech, injecting “nuisance values” into these channels is not difficult, and small glitches are actually pretty common, especially for private pilots but even occasionally in commercial operations.

Basically, the system works because of redundancy, cross-checks, and pilot training — not because the signals themselves are secure.

(I learned a lot - this was a gathering ,<late>Diwali party where lot of scientists/engineers gathered)

****
PS GPS spoofing is becoming pretty common globally — more than most people realize — and is increasingly a concern in civilian aviation..

• - According to SkAI Data Services, there are now 1,000+ GPS interference events per day globally (spoofing + jamming).
  - The GPSwise white paper reports that in 2024 alone, over 310,000 flights were identified as affected by GPS spoofing.
  - A report submitted to ICAO (2024) showed that in a 7-month period, more than 2,000 GPS jamming/spoofing reports were filed with ATC centers; ~600 of those were classified as spoofing.
  - According to Honeywell, GPS spoofing / jamming is now affecting “over 1,500 flights daily.”

I can go on ... ( or do any googling..)
It's a current, global problem. Aviation (and other industries) must treat GNSS interference with the seriousness it deserves, especially given how many flights rely on satellite navigation.

[Amber G.]

In other news (I may have said it before) - DGCA has accelerated the rollout of a Category I Instrument Landing System (ILS) on Delhi’s Runway 1 (The move is seen as a safety mitigation, especially when GPS-based RNP approaches are vulnerable)In... Delhi is taking GPS spoofing threat seriously .. real-time reporting is mandated, and fallback navigation systems are being fast-tracked.. This is good.