Sage Journals: Discover world-class research

Abstract

The accelerated evolution in space industry has led to significant changes in the way space projects are conceptualized and executed. With greater reliance on the use of Commercial Off-The-Shelf and terrestrial technologies, space missions have become a major target for cyberattacks. To face these risks, it is crucial to enhance the cyber resilience of space systems through secure architectures that are tailored to the specific needs of each mission and based on a wide range of cyber threats. This article addresses this challenge by providing a holistic approach to building a Defensible Cybersecurity Architecture for New Space Missions. The five-step approach is based on understanding the mission context and (by extension) carrying out a risk analysis, to develop a mission-specific threat model using a cyber threat knowledge base. Within the framework of the generated model, the security architecture is implemented through a prioritized and layered application of security countermeasures according to “Zero-Trust” principles. Finally, monitoring and maintaining are carried out through the collection and analysis of security data, to continuously improve the relevance of the design. In addition, the application of the proposed approach on a FlatSat emulating an Earth-Observation CubeSat demonstrates its effectiveness in securing satellite projects.

Get full access to this article

View all access options for this article.

References

Paikowsky

What is new space? The changing ecosystem of global space activity. New Space, 2017; 5(2):84–88; doi: 10.1089/space.2016.0027.

Manulis

, Bridges

, Harrison

, et al. Cyber security in New Space: Analysis of threats, key enabling technologies and challenges. Int J Inf Secur, 2021; 20(3):287–311; doi: 10.1007/s10207-020-00503-w.

Rose

, Borchert

, Mitchell

, Connelly

. Zero Trust Architecture. National Institute of Standards and Technology: Gaithersburg, MD, USA;, 2020; doi: 10.6028/NIST.SP.800-207.

Davoli

, Kourogiorgas

, Marchese

, et al. Small satellites and CubeSats: Survey of structures, architectures, and protocols. Int J Satell Commun Netw, 2019; 37(4):343–359; doi: 10.1002/sat.1277.

AWS Ground Station. Amazon Web Services, Inc. Available from: https://aws.amazon.com/fr/ground-station/ [Last accessed: September 2, 2022].

Azure Orbital | Microsoft Azure. Available from: https://azure.microsoft.com/en-in/services/orbital/ [Last accessed: September 2, 2022].

Pace

Security in space. Space Policy, 2015; 33:51–55; doi: 10.1016/j.spacepol.2015.02.004.

Vessels

, Heffner

, Johnson

. Cybersecurity risk assessment for space systems. In: IEEE Computer Society, Pasadena, CA, USA. 2019; pp. 11–19; doi: 10.1109/SpaceComp.2019.00006.

Kleiman

Protection of Materials and Structures from Space Environment—ICPMSE Proceedings Series: From Past to Present. In: Protection of Materials and Structures from the Space Environment. Astrophysics and Space Science Proceedings. (Kleiman J. ed.) Springer International Publishing;, 2017; pp. 1–14; doi: 10.1007/978-3-319-19309-0_1.

10.

Veasey

, McCormick

, Hilyer

, et al. Confined Space Entry and Emergency Response. John Wiley & Sons: Hoboken, NJ, USA; 2005.

11.

Martinez

Challenges for ensuring the security, safety and sustainability of outer space activities. J Space Saf Eng, 2019; 6(2):65–68; doi: 10.1016/j.jsse.2019.05.001.

12.

Mastro

, Salotti

, Garofalo

. A method for analog space missions risk analysis. J Space Saf Eng, 2022; 9(2):132–144; doi: 10.1016/j.jsse.2022.02.004.

13.

Bogomolov

, Castrucci

, Comtois

, et al. International space station medical standards and certification for space flight participants. Aviat Space Environ Med, 2007; 78(12):1162–1169; doi: 10.3357/ASEM.2175.2007.

14.

Mailloux

, Span

, Mills

, Young

. A top down approach for eliciting systems security requirements for a notional autonomous space system. In: 2019 IEEE International Systems Conference (SysCon). 2019; pp. 1–7; doi: 10.1109/SYSCON.2019.8836929.

15.

Falco

, Boschetti

A security risk taxonomy for commercial space missions. In: ASCEND 2021. American Institute of Aeronautics and Astronautics. doi: 10.2514/6.2021-4241.

16.

Cui

, Ge

, Gao

. Optimal landing site selection based on safety index during planetary descent. Acta Astronaut, 2017; 132:326–336; doi: 10.1016/j.actaastro.2016.10.040.

17.

Clark

, Curtis

, Rilee

. ANTS: Applying a new paradigm for lunar and planetary exploration. Astrophysics and Space Science Library. 2002; 278:15; doi: 10.1007/978-0-306-47970-0_7.

18.

CCSDS. The Application of Security to CCSDS Protocols. Published online March 2019. Available from: https://public.ccsds.org/Pubs/350x0g3.pdf [Last accessed: September 25, 2022].

19.

CCSDS. Security Architecture for Space Data Systems. Published online November 2012. Available from: https://public.ccsds.org/Pubs/351x0m1.pdf [Last accessed: September 25, 2022].

20.

CCSDS. CCSDS Cryptographic Algorithms. Published online 2019. Available from: https://public.ccsds.org/Pubs/352x0b2.pdf [Last accessed: September 25, 2022].

21.

Kerckhoffs

Military cryptography. “La cryptographie militaire.” Journal des sciences militaires [Military Science Journal] [in French], 1883; 1:5–83.

22.

CCSDS. Security threats against space missions, Informational Report, Issue 3. Published online February 2022. Available from: https://public.ccsds.org/Pubs/350x1g3.pdf [Last accessed: September 25, 2022].

23.

Shea

Appendix S: Concept of Operations Annotated Outline. NASA. Published October 18, 2019. Available from: www.nasa.gov/seh/appendix-s-concept-of-operations [Last accessed: October 5, 2022].

24.

Durham

, Gallo

. Integration risks for the international space station and orbital space plane. In: 2004 IEEE Aerospace Conference Proceedings (IEEE Cat. No. 04TH8720). IEEE;, 2004; pp. 504–511; doi: 10.1109/AERO.2004.1367632.

25.

Kapalidis

, Maple

, Bradbury

. Cyber risk management in satellite systems. In: Living in the Internet of Things (IoT 2019), London, UK. 2019; pp. 1–8; doi: 10.1049/cp.2019.0139.

26.

Lightman

, Suloway

, Brule

. Satellite Ground Segment: Applying the Cybersecurity Framework to Assure Satellite Command and Control. National Institute of Standards and Technology;, 2022; doi: 10.6028/NIST.IR.8401.ipd.

27.

Healey

Holism and Nonseparability in Physics. Published online July 22, 1999. Available from: https://stanford.library.sydney.edu.au/archives/fall2014/entries/physics-holism/ [Last accessed: September 5, 2022].

28.

Oakley

JG.

Cybersecurity for Space: Protecting the Final Frontier. Apress: Berkeley, CA, USA; 2020.

29.

Force

JT.

Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. National Institute of Standards and Technology;, 2018; doi: 10.6028/NIST.SP.800-37r2.

30.

ISO/IEC. ISO/IEC 27005:2018 Information technology—Security techniques—Information security risk management | ISO | download. Published online 2018. Available from: https://www.iso.org/fr/standard/75281.html [Last accessed: September 1, 2022].

31.

Home |

CVE

. Available from: https://www.cve.org/ [Last accessed: September 8, 2022].

32.

Kott

, Lange

, Ludwig

Approaches to Modeling the Impact of Cyber Attacks on a Mission. Published online October 11, 2017. doi: 10.48550/arXiv.1710.04148.

33.

Park

, Kim

, Hong

, et al. Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling. SAE International;, 2018; doi: 10.4271/2018-01-0014.

34.

Threat Modeling. EC-Council Logo. Available from: https://www.eccouncil.org/threat-modeling/ [Last accessed: September 14, 2022].

35.

Deane

, Kraus

The Official (ISC)2 CISSP CBK Reference, 6th Edition. Sybex: Indianapolis; 2021.

36.

Schwartau

Time Based Security. Interpact Pr: Seminole, Fla; 1999.

37.

Andriole

SJ.

Technology Due Diligence: Best Practices for Chief Information Officers, Venture Capitalists, and Technology Vendors. IGI Global; 1AD. Available from: https://www.igi-global.com/book/technology-due-diligence/ www.igi-global.com/book/technology-due-diligence/976 [Last accessed: September 20, 2022].

38.

IriusRisk Community. Available from: https://www.iriusrisk.com/community [Last accessed: September 20, 2022].

39.

CWE—Common Weakness Enumeration. Available from: https://cwe.mitre.org/ [Last accessed: September 22, 2022].

40.

MITRE ATT&CK^®. Available from: https://attack.mitre.org/ [Last accessed: September 2, 2022].

41.

Data quality scoring · rabobank-cdc/DeTTECT Wiki. GitHub. Available from: https://github.com/rabobank-cdc/DeTTECT [Last accessed: September 28, 2022].

42.

CISA. Best Practices for MITRE ATT&CK^® Mapping. Published online June 2021.

43.

The Cubesat Space Protocol. Published online October 2, 2022. Available from: https://github.com/libcsp/libcsp [Last accessed: October 6, 2022].

44.

The Cubesat Space Protocol. Published online May 15, 2023. Available from: https://github.com/libcsp/libcsp [Last accessed: May 19, 2023].

45.

Garbis

, Chapman

. Zero Trust Security: An Enterprise Guide. Apress; 2021. doi: 10.1007/978-1-4842-6702-8.

46.

Lee

, Jeong

, Kim

. OTIDS: A Novel Intrusion Detection System for In-vehicle Network by Using Remote Frame. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST). 2017; pp. 57–5709; doi: 10.1109/PST.2017.00017.

47.

ATT&CK^® Navigator. Available from: https://mitre-attack.github.io/attack-navigator/ [Last accessed: September 28, 2022].

A Holistic Approach to Build a Defensible Cybersecurity Architecture for New Space Missions

Abstract

Get full access to this article

References