Resilience of 5G Positioning: optimization Framework, Physical Layer Security, and Experimental Validation

The advent of 5th Generation (5G) positioning, standardized within rd Generation Partnership Project (3GPP), has intro- duced high-accuracy and low-latency localization capabili- ties, enabling a wide range of safety-critical applications such as autonomous vehicles, healthcare, and emergency manage- ment. Despite major advances in accuracy and latency, the re- silience and security of 5G positioning remain underexplored. This gap is critical, as without trustworthy location informa- tion even the most accurate systems cannot be deployed in any safety-critical scenarios. This dissertation addresses this challenge by investigating re- silience of 5G positioning making three main contributions, involving optimization framework, physical-layer security, and experimental validation. First, we introduce an optimization problem that formulates the localization process as a multi- objective optimization problem, jointly addressing accuracy, latency, resilience, and resource efficiency. To support this analysis, we developed a 3GPP-compliant location manage- ment function and integrated it into an end-to-end testbed, enabling experimental results that provide valuable insights into the trade-offs of the optimization problem. Second, we develop a comprehensive analysis of the 5G threat landscape, identifying physical-layer attacks as a critical challenge for positioning integrity. In particular, we investigate spoofing attacks on timing-based localization methods by examining both the underlying estimation process and the attacker’s abil- ity to manipulate time-of-arrival measurements. To mitigate such threats, we propose two complementary detection strate- gies: a simple approach exploiting intrinsic signal properties, and a semi-supervised learning for anomaly detection based on Gaussian mixture model. Simulation results in standard- compliant scenarios demonstrate that both techniques signif- icantly improve detection performance. Third, building on the simulation study, we provide experimental validation in which, to the best of our knowledge, we demonstrate the first successful meaconing/replay attack on an entire 5G frame using an end-to-end 5G testbed composed by commercial- off-the-shelf and software-defined radio devices. The results show that timing estimates can be stealthily manipulated while preserving an active communication link, thereby exposing a critical physical-layer vulnerability with potentially far reach- ing implications for the security of 5G positioning. This at- tack poses a threat not only to current 5G deployments but also to emerging paradigms as integrated sensing and com- munication, where we demonstrate its impact on sensing per- formance. Overall, this dissertation highlights that resilience and secu- rity are fundamental, not peripheral, requirements for critical applications. These applications depend on positioning ser- vices that must remain reliable even under challenging con- ditions, including intentional malicious actions, making ro- bustness and trustworthiness essential.