Jun He,Yahui Li,Han Zhang,Changqing An,Jilong Wang

DOI: https://doi.org/10.1109/iscc61673.2024.10733564

2024-01-01

Abstract:BGP has been threatened by prefix hijacking attacks due to the lack of authentication mechanisms. In recent years, many ASes have begun to participate in RPKI deployment to improve Internet security jointly. Some researchers have studied how to measure the actual deployment of ROV globally, but such works suffer from the shortcomings of small measurement coverage and insufficient accuracy. Therefore, we propose RO-VGD, a ROV measurement method based on graph difference. We collect routing path data from the control plane and data plane. Then, we rely on prefix reachability and propagation edges for ROV inference. The results show that about half of the tested ASes have ROV filtering behaviors. In addition, our method can be extended to the ROV measurement of IXPs. Through validation and analysis, we prove that our method leads to convincing results and, at the same time, has a broader coverage and better applicability than other existing methods.

Lancheng Qin,Li Chen,Dan Li,Honglin Ye,Yutian Wang

DOI: https://doi.org/10.14722/ndss.2024.24214

2024-01-01

Abstract:BGP hijacking is one of the most important threats to routing security.To improve the reliability and availability of inter-domain routing, a lot of work has been done to defend against BGP hijacking, and Route Origin Validation (ROV) has become the best current practice.However, although the Mutually Agreed Norms for Routing Security (MANRS) has been encouraging network operators to at least validate announcements of their customers, recent research indicates that a large number of networks still do not fully deploy ROV or propagate illegitimate announcements of their customers.To understand ROV deployment in the real world and why network operators are not following the action proposed by MANRS, we make a long-term measurement for ROV deployment and further find that many non-compliant networks may deploy ROV only at part of customer interfaces, or at provider or peer interfaces.Then, we present the first notification experiment to investigate the impact of notifications on ROV remediation.However, our analysis indicates that none of the notification treatments has a significant effect.After that, we conduct a survey among network operators and find that economical and technical problems are the two major classes of reasons for non-compliance.Seeking a realistic ROV deployment strategy, we perform large-scale simulations, and, to our surprise, find that not following MANRS Action 1 can lead to better defence of prefix hijacking.Finally, with all our findings, we provide practical recommendations and outline future directions to help promote ROV deployment.

Jiamei Lv,Yi Gao,Wei Dong

DOI: https://doi.org/10.1109/PADSW.2018.8644951

2018-01-01

Abstract:For network operators, knowing the problems in their networks before users complain can help improve their Quality-of-Experience (QoE) and bring great commercial value. However, accurate measurement of the internal performance of a network generally requires the deployment of additional dedicated instrumentation in the network. Another possible approach is to use network tomography technique to infer these internal states from measurements obtained from the edge of the network. However, network tomography usually requires that the network topology and the path of each probe are known. In this paper, using a sparse crowdsourced measurement dataset from mobile users to varies types of network resources, we build a BRAS (broadband remote access server)-level QoE model to help the network operator locate network problems quickly. By reasonably mining the intrinsic correlation among the measurement data, the proposed scheme is able to model the user QoE accurately and achieve an accuracy of 97%.

Yanbiao Li,Hui Zou,Yuxuan Chen,Yinbo Xu,Zhuoran Ma,Di Ma,Ying Hu,Gaogang Xie

2024-12-09

Abstract:On top of the Resource Public Key Infrastructure (RPKI), the Route Origin Authorization (ROA) creates a cryptographically verifiable binding of an autonomous system to a set of IP prefixes it is authorized to originate. By their design, ROAs can protect the inter-domain routing system against prefix and sub-prefix hijacks. However, it is hard for the state-of-the-art approach, the maxLength-based ROA encoding scheme, to guarantee security and scalability at the same time when facing various authorization scenarios. To this end, we propose a novel bitmap-based encoding scheme for ROAs to provide flexible and controllable compression. Furthermore, the hybrid ROA encoding scheme (h-ROA) is proposed, which encodes ROAs based on maxLength and bitmap jointly. This approach ensures strong security, provides flexibility and significantly improves system scalability, enabling it to effectively handle various authorization patterns. According to the performance evaluation with real-world data sets, h-ROA outperforms the state-of-the-art approach $1.99 \sim 3.28$ times in terms of the encoding speed, and it can reduce the cost of a router to synchronize all validated ROA payloads by $43.9\% \sim 56.6\%$.

Cryptography and Security

Yingying Su,Dan Li,Li Chen,Qi Li,Sitong Ling

DOI: https://doi.org/10.14722/ndss.2024.24368

2024-01-01

Abstract:Although Resource Public Key Infrastructure (RPKI) is critical for securing inter-domain routing, we find that its key component, the RPKI Repository, is under studied.We conduct the first data-driven analysis of the existing RPKI Repository infrastructure, including a survey of worldwide AS administrators and a large-scale measurement of the existing RPKI Repository.Based on the findings of our study, we identify three key problems.Firstly, misbehaving RPKI authorities can easily manipulate RPKI objects, and Internet Number Resources holders (INRs holders) and Relying Parties (RPs) can neither prevent malicious behaviors of misbehaving authorities nor hold them accountable.Secondly, RPKI Repository is sensitive to failures: An attack or downtime of any repository Publication Point (PP) will prevent RPs from obtaining complete RPKI object views.Finally, we identify scalability issues with the current RPKI Repository, which are expected to worsen with the further deployment of Route Origin Authorization (ROA).To address these problems, we propose dRR, an architecture that enhances the security, robustness, and scalability of the RPKI Repository while being compatible with standard RPKI.By introducing two new entities: Certificate Servers (CSs) and Monitors, dRR forms a decentralized federation of CSs, which enables the RPKI Repository to proactively defend against malicious behavior from authorities and to tolerate PPs' failures.dRR is also scalable for future large-scale deployment.We present the design of dRR in detail and implement a prototype of dRR on a global Internet testbed spanning 15 countries.Experimental results show that, although new security features are introduced, dRR only incurs negligible latency for certificate issuance and revocation.The throughput of certificate updates achieved by dRR is 450 times higher than the current maximum RPKI certificate update frequency.

Yihao Jia,Ying Liu,Gang Ren,Lin He

DOI: https://doi.org/10.26599/tst.2018.9010025

2018-01-01

Tsinghua Science & Technology

Abstract:IP source address spoofing is regarded as one of the most prevalent components when launching an anonymous invasion, especially a Distributed Denial-of-Service (DDoS) attack. Although Source Address Validations (SAVs) at the access network level are standardized by the Internet Engineering Task Force (IETF), SAV at the inter-Autonomous System (AS) level still remains an important issue. To prevent routing hijacking, the IETF is constructing a Resource Public Key Infrastructure (RPKI) as a united trust anchor to secure interdomain routing. In this study, we creatively use the RPKI to support inter-AS SAV and propose an RPKI-based Inter-AS Source Protection (RISP) mechanism. According to the trust basis provided by the RPKI, RISP offers ASes a more credible source-oriented protection for the IP addresses they own and remains independent of the RPKI. Based on the experiments with real Internet topology, RISP not only provides better incentives, but also improves efficacy and economizes bandwidth with a modest resource consumption.

Man Zeng,Xiaohong Huang,Pei Zhang,Dandan Li,Kun Xie

DOI: https://doi.org/10.1109/tdsc.2024.3371644

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Resource Public Key Infrastructure (RPKI) defends against BGP prefix hijacking by signing Route Origin Authorizations (ROAs) and filtering malicious BGP routes with ROAs. However, RPKI's low deployment weakens its defense against prefix hijacking. In the absence of a large fraction of Autonomous Systems (ASes) signing ROAs, the incentive to use filtering to eliminate hijacked prefixes commensurately decreases. There is a cyclic dependency here because reduced filtering in turn lessens the incentive for non-adoptees to become adoptees. Previous studies on RPKI deployment are mainly from the measurement perspective or focus on the deployment of large Internet Service Providers (ISPs). The above circular dependency problem inside the RPKI has not been fully studied. To improve RPKI's defense, this paper studies the circular dependency problem from an evolutionary game theory perspective. We model the strategy evolution of ASes choosing to deploy signing alone, deploy filtering alone, or deploy both signing and filtering. The results show that when the deployment rates of signing and filtering reach a certain range, the evolution can reach an ideal deployment state at a faster speed. Therefore, to increase the probability of evolution reaching the ideal deployment state, we propose RPKIN to widen this interval and reduce the minimum deployment rate required for signing and filtering.

computer science, information systems, software engineering, hardware & architecture

Long Pan,Jiahai Yang,Lin He,Zhiliang Wang,Leyao Nie,Guanglei Song,Yaozhong Liu

DOI: https://doi.org/10.48550/arxiv.2210.13088

2022-01-01

Abstract:Active Internet measurements face challenges when some measurements require many remote vantage points. In this paper, we propose a novel technique for measuring remote IPv6 networks via side channels in ICMP rate limiting, a required function for IPv6 nodes to limit the rate at which ICMP error messages are generated. This technique, iVantage, can to some extent use 1.1M remote routers distributed in 9.5k autonomous systems and 182 countries as our"vantage points". We apply iVantage to two different, but both challenging measurement tasks: 1) measuring the deployment of inbound source address validation (ISAV) and 2) measuring reachability between arbitrary Internet nodes. We accomplish these two tasks from only one local vantage point without controlling the targets or relying on other services within the target networks. Our large-scale ISAV measurements cover ~50% of all IPv6 autonomous systems and find ~79% of them are vulnerable to spoofing, which is the most large-scale measurement study of IPv6 ISAV to date. Our method for reachability measurements achieves over 80% precision and recall in our evaluation. Finally, we perform an Internet-wide measurement of the ICMP rate limiting implementations, present a detailed discussion on ICMP rate limiting, particularly the potential security and privacy risks in the mechanism of ICMP rate limiting, and provide possible mitigation measures. We make our code available to the community.

Wenjie Xu,Deliang Chang,Xing Li

2019-01-01

Abstract:BGP is the default inter-domain routing protocol in today's Internet, but has serious security vulnerabilities [1]. One of them is (sub)prefix hijacking. IETF standardizes RPKI to validate the AS origin but RPKI has a lot of problems [2] [3] [4] [5], among which is potential false alarm. Although some previous work [4] [2] points it out explicitly or implicitly, further measurement and analysis remain to be done. Our work measures and analyzes the invalid prefixes systematically. We first classify the invalid prefixes into six different types and then analyze their stability. We show that a large proportion of the invalid prefixes very likely result from traffic engineering, IP address transfer and failing to aggregate rather than real hijackings.

Li Tang,Yin Huai,Jin Zhou,Hao Yin,Zhen Chen,Jun Li

DOI: https://doi.org/10.4304/jcm.4.9.714-723

2009-01-01

Abstract:As the rapid proliferation of multimedia communications has been significantly challenging the Internet on providing a high-quality transporting service to achieve desirable audio and video user experience, overlay routing is proposed as a practical technique to complement some inherent deficiencies of the current IP routing service. While many research and realistic systems have proven the effectiveness of overlay routing on improving end-to-end (E2E) performance, this paper performs a measurement study on the potential benefits of open router s, a novel promising technical concept emerging recently, to boost overlay routing for multimedia communications. Based on analysis of a large amount of measurements collected between more than 200 PlanetLab sites over the world, our results show that when being deployed appropriately, even a small number of open routers will be able to remarkably enhance overlay routing’s ability of improving E2E performance for multimedia communications. Accordingly, several practical heuristics for selecting suitable places to deploy open routers are proposed and comparatively evaluated based on real Internet topological and routing data.

Tomas Hlavacek,Haya Shulman,Niklas Vogel,Michael Waidner

2023-03-21

Abstract:IP prefix hijacks allow adversaries to redirect and intercept traffic, posing a threat to the stability and security of the Internet. To prevent prefix hijacks, networks should deploy RPKI and filter bogus BGP announcements with invalid routes. In this work we evaluate the impact of RPKI deployments on the security and resilience of the Internet. We aim to understand which networks filter invalid routes and how effective that filtering is in blocking prefix hijacks. We extend previous data acquisition and analysis methodologies to obtain more accurate identification of networks that filter invalid routes with RPKI. We find that more than 27% of networks enforce RPKI filtering and show for the first time that deployments follow the business incentives of inter-domain routing: providers have an increased motivation to filter in order to avoid losing customers' traffic. Analyzing the effectiveness of RPKI, we find that the current trend to deploy RPKI on routeservers of Internet Exchange Points (IXPs) only provides a localized protection against hijacks but has negligible impact on preventing their spread globally. In contrast, we show that RPKI filtering in Tier-1 providers greatly benefits the security of the Internet as it limits the spread of hijacks to a localized scope. Based on our observations, we provide recommendations on the future roadmap of RPKI deployment. We make our datasets available for public use [<a class="link-external link-https" href="https://sit4.me/rpki" rel="external noopener nofollow">this https URL</a>].

Networking and Internet Architecture,Cryptography and Security

Hong He,ShengZhong Yuan,Baowen Xu

DOI: https://doi.org/10.1109/SPCA.2006.297604

2007-01-01

Abstract:Computing routing information (RI) on-demand is very practical to improve QoS because Internet is dynamic and the pre-computation of RI is often a waste of resources. But on-demand computation means only a small amount of RI are new and need to be updated in RI table (RIT) in each computation. In order to save the bandwidth of transmitting RITs, we design a multi-agent cooperative system, in which one monitoring agent initiatively checks up the RIT in succession and acquires the new updated information, delivers to other routers. The dispose agent receives the new RI and updates local RIT. The simulation experiment proves that the method is highly effective and practical

Umar Draz,Sana Yasin,Tariq Ali,Amjad Ali,Zaid Bin Faheem,Ning Zhang,Muhammad Hasan Jamal,Dong-Young Suh

DOI: https://doi.org/10.3390/s21175968

2021-09-06

Abstract:The Internet of Underwater Things (IoUTs) enables various underwater objects be connected to accommodate a wide range of applications, such as oil and mineral exportations, disaster detection, and tracing tracking systems. As about 71% of our earth is covered by water and one-fourth of the population lives around this, the IoUT expects to play a vital role. It is imperative to pursue reliable communication in this vast domain, as human beings' future depends on water activities and resources. Therefore, there is a urgent need for underwater communication to be reliable, end-to-end secure, and collision/void node-free, especially when the routing path is established between sender and sonobuoys. The foremost issue discussed in this area is its routing path, which has high security and bandwidth without simultaneous multiple reflections. Short communication range is also a problem (because of an absence of inter-node adjustment); the acoustic signals have short ranges and maximum-scaling factors that cause a delay in communication. Therefore, we proposed Rotational Orbit-Based Inter Node Adjustment (ROBINA) with variant Path-Adjustment (PA-ROBINA) and Path Loss (PL-ROBINA) for IoUTs to achive reliable communication between the sender and sonobuoys. Additionally, the mathematical-based path loss model was discussed to cover the PL-ROBINA strategy. Extensive simulations were conducted with various realistic parameters and the results were compared with state-of-the-art routing protocols. Extensive simulations proved that the proposed routing scheme outperformed different realistic parameters; for example, packet transmission 45% increased with an average end-to-end delay of only 0.3% respectively. Furthermore, the transmission loss and path loss (measured in dB) were 25 and 46 dB, respectively, compared with other algorithms, for example, EBER2 54%, WDFAD-BDR 54%, AEDG 49%, ASEGD 55%, AVH-AHH-VBF 54.5%, and TANVEER 39%, respectively. In addition, the individual parameters with ROBINA and TANVEER were also compared, in which ROBINA achieved a 98% packet transmission ratio compared with TANVEER, which was only 82%.

Wei Liang,Jingping Bi,Yiting Xia,Chengchen Hu

DOI: https://doi.org/10.1109/GLOCOM.2011.6133970

2011-01-01

Abstract:BGP dictates routing between autonomous systems with rich policy mechanisms in today's Internet. Operators translate high-level policy objectives into low-level router configurations without a comprehensive understanding of the actual effects on the network behavior, leaving the routing management an error-prone and time-consuming procedure. A fundamental question is: how to verify the intended routing principles against the actual routing effects of an ISP? In this paper, we develop a Routing Policy Inference Model (RPIM) as the first step towards addressing this fundamental issue. RPIM extracts various policy patterns from the BGP routing tables and translates them into high-level policy objectives of the ISP using a grouping and matching technique. Our work bridges the gap between the high-level policy objectives and the actual routing effects, which provides network operators with a novel approach to verify their policy design principles, thus facilitating the routing management. We evaluate our approach by extensive simulations using the Internet AS-level topology from CAIDA and the real routing data from the Abilene network. Simulation results show that RPIM achieves over 78.94% average inference accuracy in our suggested optimal threshold range. We also verify RPIM on several operating ISPs by the registered policies in an Internet Routing Registry (IRR). A representative case study on AS3292 demonstrates that RPIM effectively infers high-level policy objectives from routing data.

Ziyuan Wang,Jun Du,Chunxiao Jiang,Zekai Zhang,Yong Ren,Zhu Han

DOI: https://doi.org/10.1109/jiot.2023.3324311

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Autonomous underwater vehicles (AUVs) can function as sensor nodes in Internet of Underwater Things (IoUT), contributing to ocean exploration and monitoring by collecting and transmitting data to the base station. Most of the routing algorithms applied to IoUT require the participation of stationary nodes and seldom consider the fluctuations of network topology, which cannot be directly applied to the IoUT composed of AUVs. The focus of this research is to examine the problem of packet routing in a dynamic AUV-assisted IoUT, with the ultimate goal of ensuring the effective transmission of underwater information. We analyze the transmission pattern of underwater acoustic signals and the consequent communication disruption between AUVs, which helps establish the age of information (AoI) and bit error rate (BER) of data through modeling. A routing algorithm that utilizes the branch and bound (BB) technique has been suggested, alongside the introduction of the value of information (VoI) to enable the joint optimization of the AoI and bit error rate (BER). We describes two nearly optimal heuristic algorithms for networks with a high number of AUVs. The AFA-ACOBB strategy is designed based on the above algorithms and the influence of AUV motion on link reliability is considered. Moreover, we have developed a power regulation mechanism that can effectively minimize the occurrence of network packet loss and energy waste. The simulation results demonstrate that the proposed scheme outperforms certain classically-related schemes in terms of AoI and BER, while simultaneously maintaining superior packet loss rate (PLR) and energy consumption.

XL Zhao,D Pei,L Wang,D Massey,A Mankin,SF Wu,LX Zhang

DOI: https://doi.org/10.1109/dsn.2002.1028887

2002-01-01

Abstract:Network measurement has shown that a specific IP address prefix may be announced by more than one autonomous system (AS), a phenomenon commonly referred to as Multiple Origin AS, or MOAS. MOAS can be due to either operational need to support multi-homing, or false route announcements due to configuration or implementation errors, or even by intentional attacks. Packets following such bogus routes will be either dropped or, in the case of an intentional attack, delivered to a machine of the attacker's choosing.This paper presents a protocol enhancement to BGP which enables BGP to detect bogus route announcements from false origins. Rather than imposing cryptography-based authentication and encryption to secure routing message exchanges, our solution makes use of the rich connectivity among ASes that exists in the Internet. Simulation results show that this simple solution can effectively detect false routing announcements even in the presence of multiple compromised routers, become more robust in larger topologies, and can substantially reduce the impact of false routing announcements even with a partial deployment.

Alberto Signori,Filippo Campagnaro,Fabian Steinmetz,Bernd-Christian Renner,Michele Zorzi

DOI: https://doi.org/10.3390/jsan8040055

2019-11-30

Journal of Sensor and Actuator Networks

Abstract:The Robotic Vessels as-a-Service (RoboVaaS) project intends to exploit the most advanced communication and marine vehicle technologies to revolutionize shipping and near-shore operations, offering on-demand and cost-effective robotic-aided services. In particular, the RoboVaaS vision includes a ship hull inspection service, a quay walls inspection service, an antigrounding service, and an environmental and bathymetry data collection service. In this paper, we present a study of the underwater environmental data collection service, performed by a low-cost autonomous vehicle equipped with both a commercial modem and a very low-cost acoustic modem prototype, the smartPORT Acoustic Underwater Modem (AHOI). The vehicle mules the data from a network of low cost submerged acoustic sensor nodes to a surface sink. To this end, an underwater acoustic network composed by both static and moving nodes has been implemented and simulated with the DESERT Underwater Framework, where the performance of the AHOI modem has been mapped in the form of lookup tables. The performance of the AHOI modem has been measured near the Port of Hamburg, where the RoboVaaS concept will be demonstrated with a real field evaluation. The transmission with the commercial modem, instead, has been simulated with the Bellhop ray tracer thanks to the World Ocean Simulation System (WOSS), by considering both the bathymetry and the sound speed profile of the Port of Hamburg. The set up of the polling-based MAC protocol parameters, such as the maximum backoff time of the sensor nodes, appears to be crucial for the network performance, in particular for the low-cost low-rate modems. In this work, to tune the maximum backoff time during the data collection mission, an adaptive mechanism has been implemented. Specifically, the maximum backoff time is updated based on the network density. This adaptive mechanism results in an 8% improvement of the network throughput.

Ran Ben Basat,Xiaoqi Chen,Gil Einziger,Shir Landau Feibish,Danny Raz,Minlan Yu

DOI: https://doi.org/10.48550/arXiv.2005.11542

2020-05-23

Networking and Internet Architecture

Abstract:Network-wide traffic analytics are often needed for various network monitoring tasks. These measurements are often performed by collecting samples at network switches, which are then sent to the controller for aggregation. However, performing such analytics without ``overcounting'' flows or packets that traverse multiple measurement switches is challenging. Therefore, existing solutions often simplify the problem by making assumptions on the routing or measurement switch placement. We introduce AROMA, a measurement infrastructure that generates a uniform sample of packets and flows regardless of the topology, workload and routing. Therefore, AROMA can be deployed in many settings, and can also work in the data plane using programmable PISA switches. The AROMA infrastructure includes controller algorithms that approximate a variety of essential measurement tasks while providing formal accuracy guarantees. Using extensive simulations on real-world network traces, we show that our algorithms are competitively accurate compared to the best existing solutions despite the fact that they make no assumptions on the underlying network or the placement of measurement switches.

Shuaicong Yu,Shuying Zhuang,Tao Yu,Changqing An,Jilong Wang

DOI: https://doi.org/10.1145/3646547.3688417

2024-01-01

Abstract:In the era of increasing network-based threats, particularly IP spoofing, Source Address Validation (SAV) is paramount for network security. The effective deployment of Inbound Source Address Validation (ISAV) is crucial yet often inadequate, posing significant risks to Internet infrastructure. This study presents ICMP_Sonar, a measurement system that deploys "rumors" -carefully crafted spoofed ICMP packets-to probe the network's defenses, revealing the "wise" networks with their robust ISAV implementations. ICMP_Sonar introduces two novel approaches that exploit the characteristics of ICMP unreachable messages and ICMP fragment needed messages, and exhibits the advantages of high coverage, fine granularity, low error rates, and the ability to measure in both IPv4 and IPv6. We also evaluate the applicability and security risks of ICMP error messages. Through large-scale measurements, ICMP_Sonar successfully covers 86M IPv4 hosts (0.8M IPv6 hosts), 3.5M IPv4 /24 subnets (24K IPv6 /40 subnets), and 59K IPv4 ASes (8.3K IPv6 ASes), surpassing the state-of-the-art dual-stack method's coverage by 16.2 (51.6), 2.9 (2.34), and 1.7 (1.7) times, respectively. The broad coverage across multiple granularities enables us to capture a more comprehensive and fine-grained view of ISAV deployment. Measurements show that while the percentage of ASes with no ISAV deployment is lower than previously identified, the percentage of ASes with partial ISAV deployment is much higher, indicating significant gaps in overall security. The analysis also reveals that ISAV deployment practices vary across different networks and between IPv4 and IPv6.

An, Xiangdong

DOI: https://doi.org/10.1007/s10291-023-01428-2

2023-03-15

GPS Solutions

Abstract:PPP-RTK is Precise Point Positioning (PPP) using corrections from a ground reference network, which enables single-receiver users with integer ambiguity resolution thereby improving its performance. However, most of the PPP-RTK studies are investigated and evaluated in a static situation or a post-processing mode because of the complexity of implementation in real-time practical applications. Moreover, although PPP-RTK achieves a faster convergence than PPP, it typically needs 30 s or even longer to derive high-accuracy results. We have implemented a real-time PPP-RTK approach based on undifferenced observations and State-Space Representation corrections with a fast convergence of less than 30 s to support autonomous driving of inland waterway vessels. The PPP-RTK performances and their feasibility to support autonomous driving have been evaluated and validated in a real-time inland waterway navigation. It proves the PPP-RTK approach can realize a precise positioning of less than 10 cm in horizontal with a rapid convergence. The convergence time is within 10 s after a normal bridge passing and less than 30 s after a complicated bridge passing. Moreover, the PPP-RTK approach can be extended to outside of the GNSS station network. Even if the location is 100 km away from the border of the GNSS station network, the PPP-RTK convergence time after a bridge passing is also normally less than 30 s. We have realized the first automated entry into a waterway lock for a vessel supported by PPP-RTK and taken the first step toward autonomous driving of inland vessels based on PPP-RTK.

remote sensing