In 2024 and 2025, GPS spoofing and jamming incidents in the Persian Gulf and Baltic Sea became persistent, documented events. Shipping vessels were reporting positions dozens of kilometres from where they actually were. Aviation authorities were issuing notices about degraded GNSS environments across entire regions. And somewhere in the middle of all this, consumer and enterprise mobile apps — delivery platforms, navigation tools, ride-hailing services — were quietly failing in ways their developers had never tested for.
The problem nobody was testing
Most mobile apps treat the GPS signal as a trusted oracle. They read Location.getLatitude(), trust the accuracy field, and build product logic on top of it. Very few teams ask: what happens when the accuracy field lies? What happens when the device reports high confidence in a position that’s 8 km off? What happens when GPS drops to zero satellites mid-journey and the app has to decide whether to fall back to network location, freeze the UI, or silently break?
These aren’t hypothetical edge cases any more. They’re documented incidents happening in active shipping lanes, near conflict zones, and — increasingly — in ordinary urban environments where local interference sources cause short-duration but high-impact disruptions.
The tooling for testing this simply didn’t exist. You could write a unit test with a mock Location object. You could manually poke coordinates into an emulator. But you couldn’t replay a real spoofing incident against your app’s actual location stack and measure how it responded.
What SensorChaos does
SensorChaos is a CLI tool that injects GPS jamming, spoofing, and signal degradation directly into Android and iOS debug builds by replaying real-world incident data. You point it at a device, pick a scenario, and it feeds fabricated sensor data into your app via a lightweight agent library — bypassing the hardware entirely while keeping your app’s real location and sensor processing stack active.
After the scenario runs, you get a resilience report: a score, the maximum position error observed, the number of signal loss events, and whether your accuracy assertions held.
How it works technically
Android
The Android agent (ChaosContextWrapper) intercepts getSystemService(Context.LOCATION_SERVICE) and returns a proxied LocationManager backed by Android’s TestProvider API. For motion sensors, a ChaosSensorManager proxy wraps every SensorEventListener and replaces SensorEvent.values[] in place before forwarding. A TCP server on port 19847 accepts JSON Lines commands from the CLI via ADB port-forward:
{"cmd":"location","lat":25.197,"lng":55.274,"accuracy_m":5.0,"satellites":12}{"cmd":"sensor","type":"accelerometer","values":[0.0,0.0,9.81]}iOS
The iOS agent uses Objective-C method swizzling to intercept the same APIs at the framework boundary. CLLocationManager.setDelegate: and the location property getter are swizzled so every delegate callback and direct property read goes through the injector. CMMotionManager start-update methods and CMAltimeter are wrapped similarly. The agent is started by calling SensorChaos.start() in the app’s AppDelegate or @main struct, before any location or motion managers are created.
On iOS Simulator the TCP port is accessible directly at 127.0.0.1:19847 from the Mac host. On real devices, one idb forward command forwards the port.
The CLI
The CLI reads a scenario JSON file, validates it against the schema, then ticks through the timeline — linearly interpolating between keyframes at 1 Hz and streaming the resulting state to the agent. Scenarios are just JSON: a baseline, a timeline of injection states, and metadata. They’re easy to write, share, and version-control alongside your test suite.
14 scenarios, two platforms
SensorChaos ships with 14 scenarios: 8 GNSS scenarios covering the most impactful documented interference patterns (Gulf spoofing, Gulf jamming, Baltic drift, Baltic jamming, urban canyon multipath, tunnel transit blackouts, accuracy field lies, GPS flicker) and 6 multi-sensor scenarios combining GPS degradation with IMU noise, magnetometer interference, barometer anomalies, and WiFi loss.
All 14 scenarios run on both Android and iOS.
Start testing today
All plans start with a 14-day free trial — no credit card required. Install the CLI, add the agent to your debug build, and run your first scenario in under 5 minutes.