No products in the cart.
Shahed-136 drone GPS jamming immunity and other interesting facts 8
Hi,
So I was watching the news about Ukraine and ended up digging deep into a rabbit hole about the Iranian-made Shahed-136 drones, and particularly about their electronics.
People keep claiming they are GPS-guided, and they can be jammed. But if it was that easy, surely it would be done already – right? Let’s take a look, from an electronics point of view, based on available intelligence data.
​
I found some limited pictures of these drones. Particularly, a few were interesting regarding the GPS setup. Anyone wants to take a look and dig with me, and speculate as to what they are doing?
[This one](https://news.usni.org/2022/11/22/u-s-centcom-reveals-new-on-details-attack-on-oiler-with-iranian-drone) shows a 2×2 array of commercially-available antennas. It looks like the antennas are [Tallysman TW1721](https://www.digikey.bg/en/product-highlight/t/tallysman/tw1721-and-tw1722-wideband-gnss-antenna) and have nothing special, so it is likely that they are using antenna switching behind them to create nulls and zero-out jamming signals (like fox-hunting in amateur radio, except in reverse). If they were able to do that with commercially available receivers, it would be a super interesting project to do ourselves for fun.
​
There is another picture [here](https://storymaps.arcgis.com/stories/7a394153c87947d8a602c3927609f572) that shows a SDR board, using AD9361 transceivers, although I do not know if they use these for GPS reception – I doubt it, I don’t think they would have implemented a SDR GPS receiver – or did they?
Better detailed picture [here](https://en.defence-ua.com/weapon_and_tech/an_advanced_radio_communication_device_on_american_processors_found_in_the_shahed_136-4446.html). They claim it’s the “communication” board. It’s interesting because the PCB doesn’t reveal what frequency they use, and maybe that’s why they used those transceivers (0-6GHz basically). Maybe the antenna would give more info.
​
Also, it seems like people take a high-level look at these boards, but **I don’t see anyone mentioning doing a firmware dump**… flash memory ICs are clearly visible, doing reverse engineering of the firmware of these drones surely would yield interesting results…
Does anyone have more information about these drones? Anything that can be shared publicly? Maybe collectively we can build a better understanding of these drones and help defeat them. As I stated above, it does not seem to me that the efforts to reserve engineer them are digging far enough.
​
Anyway, fascinating stuff. Those drones are far more advanced than what I thought they were. I thought they were using Ardupilot or similar. Instead it looks like proper, advanced avionics. Just the cost of the connectors, and of this PCB, is significant – if the price of these drones is just a few tens of thousands of dollars, I’d say they are competitively priced… I also saw the [servo motors](https://bulgarianmilitary.com/2022/12/06/shahed-136-strikes-ukraine-using-us-servo-drive-and-canadian-antenna/) they are using, they are priced like [$480 each](https://www.servocity.com/hs-1005sgt-servo/)! I know it’s probably significantly cheaper in bulk, but still… it almost seems overkill for a single-use loitering ammunition. Looks like there is a real effort to make these drones reliable.
​
It makes me understand better why defeating these from an electronical warfare perspective is not trivial.
​
Interesting discussions also about how Iran is able to evade sanctions about the supply chain. Anyone working in electronics certainly have dealt with ITAR paperwork and dual-use components at least once. It seems like all this administrative overhead is not super effective.
​
Throwaway account because I don’t want the Russians to poison me or make me jump from a 10th floor window with 5 bullet holes on my back for exposing their stuff and some of their possible weaknesses.
As for getting everything, probably the main way is get China to purchase them and send them over to Iran, and any ICs can be pulled from devices that use them.
You don’t need to zero-out jamming signals, just ignore everything coming from below.
That’s not a drone, that’s a ufo! Just ask anyone in /ufos
I’m guessing that nobody is scrambling to determine what frequency they communicate on because NATO already knows. One doesn’t need to reverse engineer anything when we already monitor the full EM spectrum constantly, and by process of elimination of known radiators and timing, you can nail down what frequency they’re communicating with the drone on.
Most likely they’re pre-programmed with GPS coordinates and aren’t communicating with anything after launch.
It’s interesting that they’re using so many recently made parts from American companies.
I’d imagine it would be much easier for both Iran and Russia to make drones with GLONASS receivers instead of GPS specifically (although GPS is often a catch-all term, GNSS is the proper term), or maybe even Beidou if they’ve got support from China.
Idk, maybe if you already knew the location of existing emitters, that would serve as reference point. How do we know that there isn’t someone on the ground emitting critical guidance, even if it’s a domestic cell tower
Didn’t the Iranians capture a U.S.-made drone a long time ago by spoofing GPS or something like that? I imagine they learned everything they could from that.
It has been a few years since i was reading about GPS signal spoofing. IIRC at that time the way they were determining genuine vs false GPS signals based on using the fact that the satellites all use helical antennas which produce a RH polarized signal and give specific time of transmit data.
So (in an ideal situation) a receiver with both a RH and LH receiving antenna will receive a RH signal directly from the satellite on the RH antenna and then it will receive the same signal reflected off objects with the LH antenna. those will have a time delay depending on the distance of the object(s) which reflected the original time coded signal.
Then by comparing the time separation, direction and strength of the RH (direct) vs LH (reflected) signals received, and then comparing the same data from multiple satellites you can, with some accuracy calculate the direction and distance of the transmission of original signals…and thus determine which original signals are not coming from where they claim to be.
In environments where there are many reflected signals and there is little time separation between the reflected and original signal it is very difficult but in a vehicle like a drone, over non-urban areas, it is not hard to determine real from false GPS signals.
Or at lest that is what I understood the authors to be explaining…are there newer or better techniques?