The SBAS Integrity Concept Standardised by

ICAO. Application to EGNOS

Benoit Roturier(DGAC/STNA), Eric Chatre(DGAC/STNA), Javier Ventura-Traveset (ESA)
roturier_benoit@stna.dgac.fr, chatre_eric@stna.dgac.fr, Javier.Ventura-Traveset@esa.int

it is quite difficult to a non specialist to properly

BIOGRAPHY understand this important concept.
B. Roturier graduated as a CNS systems engineer from Therefore, since the SBAS integrity concept is quite
Ecole Nationale de l’Aviation Civile (ENAC), Toulouse in specific and new, some kind of complementary
1985 and obtained a PhD in Electronics from Institut information to the SARPs was felt desirable. This paper
National Polytechnique de Toulouse in 1995. After 3 years tries to address this concern and will also illustrate how the
in charge of Instrument Landing Systems at DGAC/STNA integrity is being managed through the European EGNOS
(Service Technique de la Navigation Aérienne) and 9 years SBAS project.
of teaching and research activities on CNS systems at
ENAC, B. Roturier is currently in charge of GNSS I. INTRODUCTION
Navigation subdivision at STNA and is involved in
several projects including GPS/ABAS, EGNOS and The integrity service of ICAO compliant GNSS systems
Galileo. may currently be provided by the three normalised
augmentations known under the terms ABAS (Airborne
Eric Chatre graduated as an electronics engineer in 1992 Based Augmentation System), GBAS (Ground Based
from the ENAC (Ecole Nationale de l’Aviation Civile), Augmentation System) and SBAS (Satellite Based
Toulouse, France. Since 1994, he has been working with Augmentation System) [1]. ABAS integrity concept relies
the Service Technique de la Navigation Aérienne (STNA) on the single observation through the airborne user
in Toulouse on implementation of satellite navigation in receiver of redundant pseudo range information, while
civil aviation. He is involved in the development of GBAS (resp. SBAS) integrity elaboration relies on the use
EGNOS and in the definition phase of Galileo. He is also of a single (resp. a network) of ground reference stations.
participating in GNSS standardization activities in
EUROCAE, RTCA forums and is currently the chairman In addition to integrity service, GBAS and SBAS also
of ICAO GNSSP technical group. provide to the user differential corrections to improve the
precision in a restricted area around a single reference
Dr. Javier Ventura-Traveset holds a MS in Telecom. station for GBAS and over a wide area defined by a
Engineering from the Polytechnic Univ. of Catalonia network of reference stations for SBAS.
(Barcelona, Spain, 1988); a M.S.E in Signal Processing by
Princeton University (Princeton, NJ, USA) in 1992; and a Finally, the SBAS geo satellites also transmit a ranging
PhD in Electrical Engineering by the Polytechnic of Turin navigation signal similar to a GPS satellite.
(Italy) in 1996. Since March 1989, he is working at the
European Space Agency (ESA) involved in mobile, fix, Therefore, the SBAS integrity service which is addressed
earth observation and satellite navigation programs; he is here should protect the user from both:
currently the Principal System Engineer of the EGNOS q failures of GPS/GLONASS/GEO satellites (drifting
SBAS Project. Dr. Ventura-Traveset holds 4 patents and or biased pseudo ranges) by detecting and excluding
has co-authored over 100 technical papers. He is member faulty satellites through the measurement of GPS
of ION and Senior-member of the IEEE. signals with the network of reference ground stations
ABSTRACT q transmission of erroneous or inaccurate differential
There have been a lot of debates, within the International corrections. These erroneous corrections may in turn
Civil Aviation Organisation (ICAO) GNSS Panel be induced from either:
(GNSSP) group of experts, on the proper way to ensure q undetected failures in the ground segment,
SBAS user safety while at the same time respecting the
high availability requirement. The group finally validated q processing of reference data corrupted by the
a method at the GNSSP Seattle meeting in June 2000 noise induced by the measurement and
which is reproduced in the GNSS Standards And algorithmic process.
Recommended Practices (SARPs) to be published in
November 2001. However, if the technical relevant This last type of failure, which may occur when the system
information for a SBAS system designer to implement the is in a nominal state (no GPS/GLONASS/GEO satellite
SBAS integrity concept is fully described in the SARPs, failure, no ground segment/user equipment failure) is
only the strict necessary information is reported there and usually known as “fault free case”. Protection of the user
 against noise effects has been quite demanding during the AWOP work has been used as input by GNSSP to define
process of definition and validation of the ICAO SBAS the high level integrity requirements summarised in Fig. 2.
integrity concept. In fact, the potential for such non
integrity events generated in fault free conditions is
inherent to data measurement and processing, to provide
Typical Time Integrity Hor. Vert.
users with basic and precise correction messages and is
operation to alert alert
thus a permanent risk which has to be carefully managed.
Alar limit limit
This has involved the definition of statistical error bounds
m
called horizontal or vertical protection levels (HPL or
VPL) which will be discussed in depth in section V. En-route 5 mn 1-10-7/h 4 NM N/A
Before dwelling in depth into the details of the elaboration En-route 15 s 1-10-7/h 2 NM N/A
of adequate parameters to protect users from non integrity
events which might occur from system failure (section IV) En-route, 15 s 1-10-7/h 1 NM N/A
or noise (section V), we will recall integrity requirements Terminal
(section II) and integrity definitions (section III).
NPA 10 s 1-10-7/h 0.3 NM N/A
II. INTEGRITY REQUIREMENTS
APV I 10 s 1-2x10-7/app 0.3 NM 50 m
The elaboration of a high level fault tree for all phases of
flight leading to a given objective in term of Target Level APV II 6s 1-2x10-7/app 40.0 m 20 m
of Safety (TLS) 1 and further decomposition for a number
of phases of flight into aircraft, airborne database and CAT I 6s 1-2x10-7/app 40.0 m 15 - 10 m
signal in space (SIS) contribution to this risk has been
Figure 2. ICAO SARPs high level integrity requirements
provided by the ICAO All Weather Operational Panel
(AWOP) [2], [3]. on SIS

TLS III. INTEGRITY DEFINITIONS

10-8 per approach
(with exposure time = 150 seconds)
The provisions for integrity in the SARPs are complex for
Accident/Incident ratio
10-1
a non expert, but also are the definitions of non integrity
events and three levels of definitions may be identified
10-7
(per 150 s) which are further discussed in this section.
Incident Continuity risk per approach Incident Integrity risk per approach III.1 High level definition of integrity
5.10-8 5.10-8

Pilot risk reduction Pilot risk reduction The high level definition of integrity in the SARPs is ([1]
§A.1):
Loss of continuity Loss of integrity
1.10-4 3,5.10-7
(per 150 s) (per 150 s) A measure of the trust which can be placed in the
Aircraft Non Aircraft Aircraft Database Non Aircraft (SIS)
correctness of the information supplied by the total system.
2.10-5
(per 150 s)
8.10-5
(per 150 s)
1.10-7
(per 150 s)
0,5.10-7
(per 150 s)
2.10-7
(per 150 s)
Integrity includes the ability of a system to provide timely
and valid warnings to the user (alerts).
Fault Free Case (SIS) Ground System (SIS)
1.10-7 1.10-7
(per 150 s) (per 150 s) It has to be noted that the integrity requirement in Fig. 2
includes both an alert limit in horizontal and vertical
Figure 1. Fault tree allocation for SBAS APV I, II and Cat
dimensions and an allocated time to warn the user.
I operations
Moreover, the integrity is often specified by its inverse,
The fault tree for approach with vertical guidance (APVI,II integrity risk, as in Fig. 1. The integrity risk may be
and Category 1 approach type) corresponding to the most defined as the probability of providing a signal that is out
demanding operations supported by SBAS derived from of tolerance without warning the user in a given period of
AWOP work is shown in Fig. 12 . time.

This paper will focus on Non Aircraft, signal in space The out of tolerance condition is defined in the SARPs in
(SIS) integrity risk corresponding to the bottom right part the user position domain. Although it might seem obvious
allocations of Fig. 1. from the high level definition of integrity given above that
a non integrity event corresponds to the situation obtained
when any user navigation system error (NSE) in horizontal
or vertical dimensions is superior to Horizontal or Vertical
1
The top TLS objective is that the probability of accident leading to hull Alert Limit (HAL or VAL), while not providing timely
loss should be inferior to 1.5 10-7 per flight and valid warnings to the user, the definition which has
2
The AWOP 2.10-7 figure for SIS integrity risk by approach (150 s) has been retained in the SARPs is a little bit more conservative
been further decomposed by GNSSP into a 10-7/approach allocation for (as shown in [4]), and is described in the next section.
the ground system integrity risk and a 10-7/approach allocation for the
fault free case. The above situation (NSE > HAL or VAL) is often
referenced as “Hazardously Misleading Information
case.
III.2 Non integrity event definition applicable to the If a SBAS is SARPs compliant as defined in section II.2,
ground system designer: then a user applying the above test will be protected to the
required level.
This definition (in the most demanding case of APVII or
Cat I) may be found in [1] §B.3.5.7.5.1 :
“Given any valid combination of active data, the III.4 Example
probability of an out-of-tolerance condition for longer
than 5.2 consecutive seconds shall be less than 2 x 10-7 The three above discussed integrity tests (HMI, MI and
during any approach, assuming a user with zero latency. system unavailable) appear more explicitly in figure 3:
An out-of-tolerance condition is defined as a horizontal
error exceeding the HPLSBAS or a vertical error exceeding System
MI and System
HMI unavailable
the VPLSBAS (as defined in B.3.5.5.6).” unavailable

Vertical NSE or VPL or VAL

MI
VAL
The Horizontal and Vertical Protection Level (HPL and
VPL) are elaborated within the user receiver (cf [1]
B.3.5.5.6) at each epoch by combining ground transmitted
parameters, aircraft parameters and geometry of the user
with respect to satellites used in the position calculation. VPL
They will be further discussed in section V.
This definition (NSE > HPL or VPL) is often referenced as
“Misleading Information (MI)” case.
It has to be used by a SBAS system designer to prove by Vertical NSE
simulation and/or tests that the SBAS design is SARPs
compliant with respect to integrity requirements. It is also
Time
a high level requirement for the calculation of ground
Figure 3. Example of the different non-integrity definitions
parameters used in XPL elaboration by a SBAS system
and tests
designer, as further discussed in section V.3.
However, since this definition implies the knowledge of
the NSE, a standard user may obviously not apply this out Another practical representation of these different cases is
of tolerance test to raise a flag in case of non-integrity obtained through a 2D plot of the Vertical Position Error
event. (VPE) against the VPL where each pixel corresponds to a
measurement epoch as in Fig. 4. These results correspond
to 5 hours recording and may be obtained with a test
III.3 Non integrity event definition applicable to a receiver at a known location, using Eurocontrol Pegasus or
SBAS standard user: ESA-ESPADA tools for example.

The test to be done at user level to check the correctness of Fig. 4 illustrates the trade off between integrity and
transmitted data is defined in SARPs ([1] §B.3.5.8.4.2): availability. The diagonal traces the limit between the safe
operation of the system (left side) and the unsafe
“The receiver shall compute and apply horizontal and conditions (right side). The EGNOS System Test Bed is
vertical protection levels defined in B.3.5.5.6” shown to be safe in the nominal test conditions of Fig. 4,
with an availability of APV-II above 99.5% for this
This definition is not really explicit (!), but more may be
specific test period.
found in the guidance material section ([1] §C.6.4.4):
Fig. 5, obtained with ESA-ESPADA SW indicates for the
“… If the computed HPL exceed the Horizontal Alert Limit
same period of time Availability across Europe of APV-II
(HAL) for a particular operation, SBAS integrity is not
(VAL=20 metres). It shows the encouraging result that
adequate to support that operation. The same is true for
despite the low number of reference stations of the
precision approach and APV operations, if the VPL
EGNOS Test bed (8 against 34 of future operational
exceeds the vertical alert limit (VAL).”
EGNOS), service volume coverage is very good across
This test (HPL or VPL > HAL or VAL), which is Europe.
implemented at each epoch, allows to declare the SBAS
“system unavailable” for a given level of operation since
in this case the probability of an MI (and HMI) event is
high. Note that xPL and xAL (x stands either H or V) are
now known by the user.
It may also be noted from Fig. 4 that the best way to tune q Failures issued from the ground system hardware,
SBAS integrity parameters would be to have the cloud of software design or corruption of data through the
pixels located parallel to the diagonal and just above it in Wide Area Network connecting the ground elements.
the safe area. This would mean that for a given vertical
position error, the associated VPL would be just slightly
higher, therefore impacting at the minimum the system IV.1 Faulty GPS/GLONASS satellites
availability while respecting integrity.
When such a failure occurs, the ground segment will
provide the appropriate corrections along with the
parameters allowing XPL calculation, unless the error gets
too large in which case the faulty satellite is flagged with a
”don’t use” status. When the error is not significantly
large, the user equipment will process these data and the
only impact will be on system availability and continuity
through XPL inflation at user level.
In EGNOS system, specific modulation distortion failures
(evil waveforms) are also managed through Signal Quality
Monitoring (SQM) defined in [1] using specific Reference
and Integrity Monitoring Stations type C (RIMS C).
IV.2 Corruption of data through geo link

EGNOS has implemented the following techniques

defined in ICAO SARPs [1] to minimise at the lowest
possible level the risk of data corruption through the geo
link:
q convolutional encoding adding a bit to each
Figure 4. EGNOS testbed integrity test example for APVII. information bit, allowing Forward Error Correction
(FEC) at the receiver level and providing a high level
of robustness to channel burst errors.
q 24 bit Cyclic redundancy check (CRC) providing a
very low probability of undetected error within a
message.
Bit to bit comparison of transmitted messages in the
ground segment is also realised. The impact of errors
induced by this type of failures at user level should
therefore be very low.
IV.3 Hardware, Software and Wide Area Network
failure
No recommendation exists in the SARPs on the design of
the ground segment. The SBAS system designer has to
demonstrate that the probability of undetected failures
transmitted through the SIS will be inferior to the integrity
risk allocation for ground system failures given in Fig. 1.
Due to space restriction, it is not possible to go into details
in this paper of ESA recommended techniques to provide
Figure 5: EGNOS test bed availability test example for
the required integrity level for EGNOS. Some important
APVII
features are listed below:
IV GROUND SYSTEM INTEGRITY
q Two independent processing chains, one checking the
The ground system integrity risk allocation shown at the other, fed by two different reference stations (RIMS
bottom of Fig. 1 (10-7/app in case of APV and Cat I A and B) developed by separate manufacturers to
operations) should cover: avoid common modes of failure are implemented

q Failures on navigation code and data transmitted by q Specific and independent RIMS –C network for evil
GPS/GLONASS satellites (including evil waveforms). waveform detection

q Corruption of data to be transmitted to the user, q Software integrity is managed through appropriate
through the geo satellites. design methodology (based on DO178B Standards).
q A complementary set of integrity mechanisms which q The residual pseudo range error of a tropospheric
are automatic safety devices (no actions of operators correction model, characterised by a variance σtropo
required as the time to alarm requirements does not which is defined by a standard model in the SARPs
allow it) and they are independent of the EGNOS
Since all these individual pseudo range errors are
monitoring & control,
supposed to be characterised by independent, zero mean,
q All data transported over the EGNOS Wide Area normal distributions, the global residual pseudo range
Network is protected by a 32 bit CRC. error for the ith ranging source (σi ) may also be
The interested reader might consult [5] for example for characterised by a zero mean normal distribution whose
variance is:
more details.
The undetected failures from the ground segment could σ 2 i = σ 2 i, flt + σ 2 i,UIRE + σ 2i ,air + σ 2 i,tropo (1)
introduce corrupted data in the transmitted messages. If
the integrity requirement is not met, the user will Where σi,flt may be straightforwardly derived from σUDRE
obviously not be protected against such failures by the through a tedious calculation given in SARPs ([1]
XPL algorithms. To fulfil the integrity requirements, the B.3.5.5.6.2) to take into account degradation parameters in
ground system shall reduce the probability of failure of case of missed SBAS messages.
each critical function and shall be able to detect this kind
From (1), and for a given user to ranging sources
of failures with a global probability of missed detection
geometry, it is quite straightforward to derive the vertical
(Pmd) defined by:
protection level (VPL) equation by 4 :
Pmd ground monitor = Integrity requirement / Pr failure ground
1) going from the pseudo range variance domain
segment
through the position variance domain (this is
V FAULT FREE CASE INTEGRITY necessary because the integrity definitions are all in
the position domain)
V.1 The XPL algorithms
2) by scaling the position domain variance to the
To protect the user against misleading information (MI) integrity requirement.
due to data corrupted by the noise induced by the
measurement and algorithmic process when the system is The first step is straightforward since it is well known that
in a nominal state (no GPS/GLONASS/GEO satellite the position domain residual error can be considered as a
failure, no ground segment/user equipment failure), it has linear combination of pseudo range errors used in the
been shown that SARPs require the elaboration by the navigation solution. Therefore the variance in the position
ground segment of two different parameters used in the domain residual error is a linear combination of σi 2 and is
XPL computation. These parameters give an indication on also representative of a zero mean Normal law:
the error uncertainty, which is modelled by:
N

q the variance (σUDRE ) of a zero-mean normal σ 2Vposition = ∑ sV2 ,iσ i2 (2)

distribution which describes the user differential i=1
range errors (UDRE) for each ranging source after Where SV,i are geometrical parameters defined in [1], [6].
application of fast and long-term corrections, and
The second step is obtained by multiplication of the
excluding atmospheric effects and receiver errors,
position domain variance by a factor K that propagates this
q the variance (σUIRE ) of a zero-mean normal variance to a level compatible with the integrity
distribution which describes the L1 residual user requirement. The VPL equation is then simply:
ionospheric range error (UIRE) for each ranging
N

∑
source after application of ionospheric corrections.
This variance is determined from the variance (σGIVE )
VPLSBAS = KV sV2 ,iσ i2 (3)
i =1
of an ionospheric model based on the broadcast grid
ionospheric vertical error (GIVE) 3 . The derivation of K, which not very explicit in the SARPs,
The other potential errors to affect user integrity in is given in section V.2.
nominal conditions considered by GNSSP are: V.2 Derivation of K factors for XPL computations
q aircraft pseudo range errors due to the combination of First it is important to note that the probability of missed
receiver and aircraft multipath (ground multipath is detection of a MI event associated to the XPL algorithm
not considered here). This error is well characterised (PmdXPL) has to be expressed per sample (per each XPL
by a zero mean normal distribution whose variance computation). In order to establish the link between this
σair is given by the sum of SARPs modelled variance Pmd and the integrity requirement, it is necessary to make
of receiver and aircraft multipath error.

4
3 The derivation of horizontal parameters proceeds in a similar way.
More precise definitions of the ground segment elaborated parameters
σUDRE and σGIVE may be found in [1], §C.6.4.6 and C.6.4.7.
assumptions on the number of independent sample per
time unit.
For example if there are n independent samples/operation,
and the integrity requirement for this operation is 10- x, the
Pmd to be specified for the XPL will be:
σ
Pmd XPL = 10 -x / n (4)

Therefore in order to establish the appropriate value of K, Pmd/2 Pmd/2

it is necessary to first determine the number of
independent samples per time unit. Based on ionospheric
0
corrections, 360 s has been adopted as a reasonable
-Kσ 0 Kσ
assumption to ensure independence. Using this value, it is
Figure 6. Evaluation of K for a zero mean normal law
possible to compute the required probability of missed
distribution of residual position errors
detection associated to HPL for each phase of flight.
V.3 Discussion on zero mean, normal distribution
q En route to NPA: the requirement is 0.5.10-7/h
assumption
Pmd HPL = 0.5.10-7 * 360 / 3600 ~ 5*10 -9 per sample As stated in the SARPs ([1] §C.6.4.5):
challenging tasks for an SBAS provider is to determine
q APV I, II, Cat I: The apportionment between HPL and UDRE and GIVE variances such that the protection level
VPL has been chosen such that the continuity of integrity requirements are met without impacting
service is maximised. Since there is a conformable availability. The performance of individual SBAS depends
margin on the horizontal position (larger alert limit on the network configuration, geographical extent and
and better accuracy performance), the integrity density, the type and quality of measurements used and the
allocation has been minimised. The following Pmd algorithms used to process the data.”
have been chosen ([1],[6]) for HPL and VPL (a
decorrelation time of 360s implies that during the An important item in the background of this statement is
approach (150s) there is only one independent that the variances representative of the ground system
sample): residual errors for each ranging sources have to be derived
from zero mean Normal laws for the XPL computation to
Pmd HPL = 10-9 per sample., Pmd VPL = 10 -7 per sample be valid. It has been shown in the previous section that this
assumption is important in several steps of the XPL
Using appropriate statistical laws for the distribution of algorithm elaboration.
residual position errors, it is now possible to compute the
K factor that scales the variance to a level compatible with However in practice the distribution of individual
the integrity requirement. K is determined from a Rayleigh pseudorange residual error, although in practice not very
distribution for En route to NPA applications since the different from Normal laws, may not have Normal tails, or
protection has to be bi-dimensionnal. For APVI, II and not have a zero mean, or sufficient data to demonstrate the
Cat. I applications, two uni-dimensional k factors are distribution may not be available.
determined from a Normal distribution corresponding to
When this issue was first investigated in the aviation
the lateral (crosstrack) and vertical protections.
community, the idea was that overbounding the individual
Looking at Fig. 6, it may be seen that the value of K may arbitrary error distributions contributing to the position
be directly calculated from the knowledge of the domain error by zero mean normal distributions5 would
cumulative distribution function (cdf) of the relevant allow to overbound the distribution of total error with a
statistical law. zero mean normal distribution which could then be used in
the XPL algorithm.
q For en route to NPA applications, the value for K is
therefore: However further inspection revealed that this idea might
not be valid for any individual error distribution. It was
KH NPA = Rayleigh cdf -1(1-5*10 -9) = 6.18. shown [7] that a sufficient condition for the above
overbounding strategy to hold was that each initial error
q For precision approach (PA) applications (APV I, II,
distribution was not necessarily normal but unimodal and
Cat 1), the K values for lateral and vertical protections symmetric. Still, it was not possible to ensure that for any
are:
SBAS this condition would be true, since the ground
segment architecture is not specified in the SARPs.
KV PA = Normal cdf -1(1-10 -7/2) = 5.33

KH PA = Normal cdf -1(1-10 -9/2) = 6.0

These values are in accordance with the K parameters

5
given in the SARPs in section B.3.5.5.6.1. overbounding in the probability density function (pdf) sense then in the
cumulative density function (cdf) sense were successively investigated,
cf. [7]
ICAO GNSSP then finally decided at Seattle meeting in VIII ACRONYMS
June 2000 that since the shape of the error distributions
ABAS Airborne Based Augmentation System
will be very dependant of the SBAS system architecture
and algorithms and no general overbounding method could APV Approach with vertical guidance
be identified, it would be the responsibility of the system
designer to provide a method to compute UDRE and GIVE AWOP All Weather Operation Panel
variances in compliance with the high level 2.10-7/app CDF Cumulative Density Function
requirement given in section III.2. Two detailed work
plans (called Integrity & Continuity work plans) have been CRC Cyclic Redundant Code
launched in the case of EGNOS, specifically, to assess EC European Commission
that methodology in detail for the case of EGNOS own
architecture and algorithms. ECAC European Civil Aviation Conference
EOIG Egnos Operator and Infrastructure Group
EGNOS European Geostationary Navigation
VI SUMMARY Overlay Service
The ICAO validated SBAS integrity concept which will be ESA European Space Agency
published in SARPs in November 2001 has been
summarised in this paper and some examples issued from FEC Forward Error Correction
ESA current design of EGNOS have tried to illustrate how GBAS Ground Based Augmentation System
it may be practically implemented. This paper has tried to
highlight the following items: GEO Geostationary Earth Orbit

q integrity allocation between the different potential GIVE Grid Ionospheric Vertical Error
error contributors, GNSS Global Navigation Satellite System
q difference between the integrity definitions existing in GNSSP GNSS Panel
the SARPs and their domain of application, GPS Global Positioning System
q XPL concept to protect the user in nominal (fault free) HAL Horizontal Alert Limit
conditions,
HMI Hazardously Misleading Information
q final recommendation of GNSSP on the derivation of
ground parameters used in XPL calculation HPL Horizontal Protection Limit
ICAO International Civil Aviation Organisation
The concepts presented in this paper are all described in
the SARPs but they may be disseminated through several MI Misleading Information
sections and also since the SARPs have to be as compact
MOPS Minimum Operational Performance
as possible, the rationale for particular choice of
Specification
parameters or methods is usually not explicit in the
SARPs. NPA Non Precision Approach

Therefore it is the authors wish that this paper might NSE Navigation System Error
contribute to bridge the gap from the SARPs requirements PA Precision Approach
to an exhaustive vision of SBAS integrity issues.
PDF Probability Density Function
RIMS Reference and Integrity Monitoring
VII REFERENCES Stations
[1] ICAO Annex 10, Vol. I Radionavigation Aids, Chap 3. To be SARPs Standard and Recommended Practices
published in November 2001.
[2] ICAO AWOP/15 Report, 15th meeting, Montreal 26 SBAS Satellite Based Augmentation System
September- 12 October 1994. SIS Signal In Space
[3] ICAO AWOP/16 Report, 16th meeting, Montreal 23 June- 4
July 1997. SQM Signal Quality Monitoring
[4] Liu Fan, “Analysis of Integrity Monitoring for The Local
Area Augmentation System Using The GNSS”, PhD. Report, TLS Target Level of Safety
Ohio University, August 1998.
UDRE User Differential Range Error
[5] ESA-EOIG/PTT “Integrity Executive Summary” Draft
document. UIRE User Ionospheric Range Error
[6] RTCA, “Minimum Operational Performance Standards for
Global Positioning System/Wide Area Augmentation System VAL Vertical Alert Limit
Airborne Equipment”, RTCA-DO 229 B, October 6, 1999.
[7] Bruce DeCleene, “Defining Pseudo Range Integrity – VPL Vertical Protection Limit
Overbounding” ION Conference, September 2000 XAL HAL or VAL