Considerations for secure and resilient satellite architectures

Willis, John M.; Mills, Robert F.; Mailloux, Logan O.; Graham, Steve

doi:10.1109/cyconus.2017.8167508

Cited by 7 publications

(2 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This section presents a brief overview of commercial satellite general components and architecture to fully understand the diversity of potential suppliers that support the architecture. Willis et al (2017) describe a notional satellite as being similar to an industrial control system, made up of systems within systems connected via buses. The main elements within the architecture are propulsion, thermal, power, attitude, and data handling subsystems.…”

Section: Commercial Satellite Components/architecturementioning

confidence: 99%

Securing Commercial Satellites for Military Operations: A Cybersecurity Supply Chain Framework

Fleming

Reith

Henry

2023

iccws

View full text Add to dashboard Cite

The increased reliance on commercial satellites for military operations has made it essential for the Department of Defense (DoD) to adopt a supply chain framework to address cybersecurity threats in space. This paper presents a satellite supply chain framework, the Cybersecurity Supply Chain (CSSC) Framework, for the DoD in the evaluation and selection of commercial satellite contracts. The proposed strategy is informed by research on cybersecurity threats to commercial satellites, national security concerns, current DoD policy, and previous cybersecurity frameworks. This paper aims to provide a comprehensive approach for safeguarding commercial satellites used by the DoD and ensuring the security of their supporting components. Inspired by the National Institute of Standards and Technology (NIST) 800-171 requirements and the DoD’s future Cybersecurity Maturity Model Certification (CMMC) process, the two-part framework significantly streamlines the NIST requirements to accommodate small businesses. It also extends key NIST requirements to commercial-off-the-shelf (COTS) suppliers. The CSSC Framework complements the CMMC certification process by addressing the need for cybersecurity requirements for all subcontractors supporting a commercial space asset. The framework incorporates a scoring process similar to CMMC scoring, granting points to a subcontractor for meeting the cybersecurity requirements outlined by the framework. In addition, the framework creates a space architecture overview that details the overall bid score and establishes a matrix based on individual requirements. This model and matrix allow DoD acquisition personnel to closely analyze each contract bid, comparing the subcontractor's strengths and weaknesses to other bidders. The CSSC Framework will allow the DoD to apply NIST standards to subcontractors who do not meet the requirements for CMMC certification.

show abstract

Section: Commercial Satellite Components/architecturementioning

confidence: 99%

Securing Commercial Satellites for Military Operations: A Cybersecurity Supply Chain Framework

Fleming

Reith

Henry

2023

iccws

View full text Add to dashboard Cite

show abstract

“…Whilst government regulations, academic work, and recent reports by organizations such as GOES have drawn attention to space data link security more generally, these focus on securing the telecommand or internal bus rather than the Payload Data Downlink (PDD) [11], [64], [45]. To the best of our knowledge only one academic paper considers satellite systems spoofing outside of GNSS, and this only in a theoretical scenario of internet hijacking [44].…”

Section: Introductionmentioning

confidence: 99%

Firefly: Spoofing Earth Observation Satellite Data through Radio Overshadowing

Salkield,

Köhler,

Birnbach

et al. 2023

Proceedings 2023 Workshop on Security of Space and Satellite Systems

View full text Add to dashboard Cite

Data from Earth Observation satellites has become crucial in private enterprises, research applications, and in coordinating national responses to events such as forest fires. These purposes are supported by data derived from a variety of satellites, some of which do not secure the wireless downlink channel effectively. This opens the door for modern adversaries to conduct spoofing attacks by overshadowing the signal with commercially available radio equipment.In this paper, we assess the vulnerability of current Earth Observation systems to spoofing attacks conducted at the physical layer. The effect of these attacks is amplified since the data is received at dedicated ground stations and distributed to hundreds of downstream systems, which are themselves not designed with security in mind. Specifically, we take NASA's live forest fire detection system as a case study, and demonstrate that the attacker can achieve arbitrary manipulation of fires in the derived dataset to trigger false emergency responses or mislead crisis analysis. We also assess the attack surface presented by ground station software which implicitly trusts data from the RF port. Against the NASA system we uncover several new vulnerabilities that can be exploited to stealthily deny service.We conclude with a discussion of physical-layer countermeasures to detect and defend against spoofing, which can be implemented in existing deployments at the ground station.

show abstract

Position and Time Augment System Security Management Technology for SGIN Based on Consortium Blockchain

Liu

Lei³

et al. 2022

Lecture Notes in Electrical Engineering

View full text Add to dashboard Cite

Considerations for secure and resilient satellite architectures

Cited by 7 publications

References 20 publications

Securing Commercial Satellites for Military Operations: A Cybersecurity Supply Chain Framework

Securing Commercial Satellites for Military Operations: A Cybersecurity Supply Chain Framework

Firefly: Spoofing Earth Observation Satellite Data through Radio Overshadowing

Position and Time Augment System Security Management Technology for SGIN Based on Consortium Blockchain

Contact Info

Product

Resources

About