Sunday 22 December 2024

Home
About Us
About Us
Contact Us
Contact Us
English
- Français (French)

Welcome! Log into your account

your username

your password

Forgot your password? Get help

Politique de confidentialité

Password recovery

Recover your password

your email

A password will be e-mailed to you.

Space & Cybersecurity Info

Home
News
Satellite
Launcher
SpaceX
About Us
Contact Us

Home Blog Page 9

Introduction to Cybersecurity for Commercial Satellite Operations: Draft NISTIR 8270

François Quiquet

24 July 2021

Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation. However, cyber-related threats to space assets and supporting infrastructure pose increasing risks to the economic promise of emerging markets in space.

NIST is seeking comments on Draft NISTIR 8270, Introduction to Cybersecurity for Commercial Satellite Operations, which describes cybersecurity concepts with regard to crewless, commercial space operations. The document is an information reference for managing cybersecurity risks and considering how cybersecurity requirements might coexist within space vehicle system requirements. NIST is specifically interested in feedback on the document’s overall approach, the example use case, and the identified controls for the use case. (Note that the use case is only notional for illustrative purposes and is not intended to be a set of specific cybersecurity recommendations.)

A public comment period is open through August 13, 2021. Based on feedback for this publication, NIST will also consider the utility of publishing similar reports discussing other areas of space operations as needed. See the publication details for a copy of the draft and instructions for submitting comments.

Some figures in the draft

Update (22 july 2021)

Comment Period Extended for Draft NISTIR 8270, Introduction to Cybersecurity for Commercial Satellite Operations

NIST has extended the due date to October 13, 2021, for providing comments on Draft NISTIR 8270, “Introduction to Cybersecurity for Commercial Satellite Operations.” A copy of the draft and instructions for submitting comments are available here.

CNSSI 1253 and NIST released the Space Platform Overlay

François Quiquet

23 July 2021

The CNSSI 1253 (Committee on National Security Systems Instruction No. 1253) has released (Attachment 2) the Space Platform Overlay as a companion of the NIST SP 800-53 controsl guide.

Space Overlay is a set of specific guidances and requirements for space. Space Overlay can be used as Security Baseline on some space systems studies.

But what is a security controls overlay ?

My explanation about an overlay is that an overlay is a customisation of security controls applied to a specific domain, in this case to space domain, which uses the NIST 800-53 controls.

To be more precise : “A specification of security controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.”

Thank’s to NIST for this explanation about security controls overlay (more here). Basically, the overlay completes the baseline.

Florent Rizzo from Cyberinflight written an article with a mindmap of the Space Overlay to have a better overview.

Space Overlay Overview (Copyright Cyberinflight – Florent Rizzo)

Brandon Bailey from Aerospace also written a White Paper (Translating Security Principles for Space Systems to Existing Standards) than mentioned the Space Overlay. The following is an extract from this text (Download Paper – PDF – 15 pages – Oct 1, 2020)

Government programs and/or organizations have attempted to take portions of NIST governance and apply it to space systems. The most notable attempt at this was with CNSSI 1253 and the generation of the space overlay.
The space overlay was an attempt to take an existing control set and create an overlay specific for the spacecraft as well as the launch vehicle. Overlays take something that exists (CNSSI 1253 / NIST 800-53) and determine what applies and does not apply.
The space overlay takes the existing control set and articulates what could be applicable to the spacecraft. The important distinction in this approach is the approach is not risk or threat-informed and is very generic in nature.
The space overlay has a purpose, but a better approach which aligns with the direction NIST is moving toward in revision 5 of 800-53 is creating a spacecraft baseline.
The baseline approach starts from a clean sheet of paper and establishes a specific baseline. With this approach, designers/engineers will take the master catalog (i.e., CNSSI 1253 / NIST 800-53 and all the enhancements) and generate their Program/Mission baseline.
While baseline generation can be labor intensive, it will result in tailored controls/requirements for a particular mission.
In an effort to promote a threat-informed baseline approach, the engineers need to understand the applicable threats to aid in control derivation.
To accomplish this, a generic threat library can be used to help identify the threats needing mitigated

The following is an extract ftom the Space Platform Overlay

“This overlay applies to information technology (IT) components of unmanned space platforms that support national security missions, during the life cycle phase of the space platform when it is operating in space (whether experimental1 or operational). This overlay does not apply to ground or user segments or to the launch segment, nor does it address the space platform while it is in development or testing on the ground. The assumptions made in this section about the applicable unmanned space platforms do not necessarily hold true for manned space platforms or the launch, user, or ground segments.”

The main problème with the Space Overlay (which is a great document btw) is that is does not covers the development and testing phases, it only covers pre-op, launch and after launch phases. As mentionned in the document, Space Platform Overlay does not apply to ground or user segments or to the launch segment, nor does it address the space platform while it is in development or testing on. It only apply on unmanned space platforms.

How to address the ground issue ?

We are lucky because Brandon Bailey addressed this issue in the “Re-defining Success of Ground Cyber Assessments” presentation.

From the MITRE Att&CK framework and the right TPPs (Tactics, Technics and Procedures), Brandon Bailey built a specific Ground System TTPs to list some attack paths based on known TTPs used by hackers.

Example Ground System TTPs (Copyright Brandon Bailey)

Need to go futhermore ?

To go futhermore the concept of MITRE ATT&CK framework applied on specific domain, you can also have a look on the MITRE ATT&CK for ICS Matrix.

The MITRE ATT&CK for ICS Matrix is an overview of the tactics and techniques described in the ATT&CK for ICS knowledge base. It visually aligns individual techniques under the tactics in which they can be applied.

The MITRE ATT&CK for ICS matrix (Source: https://collaborate.mitre.org/attackics/index.php/Main_Page )

Below is the mapping of Stuxnet attack on the ATT&CK for ICS matrix (Than’ks to Airbus Cybersecurity). “Mapping Stuxnet to the ATT&CK for ICS matrix, as shown in figure 3, quickly shows how complex this attack was. Business risk owners can now identify which techniques to focus on if they need to minimise the risk from strikes like Stuxnet.”

Mapping of Stuxnet on the ATT&CK for ICS matrix (Source: https://airbus-cyber-security.com/mitre-attck-for-ics-everything-you-need-to-know/)

Space Cyber Security Watch N°4 (June 14, 2021)

François Quiquet

13 June 2021

PDF VERSION IS AVALAIBLE HERE

Find below the new Space Cyber Security Watch N°4 (June 14, 2021). In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.

Articles
Papers
Videos
Webinars
Podcasts
Past Events
Upcoming Events

Articles

May 2021

(FR) Open source : les devs d’Ingenuity et de Perseverance s’associent à une entreprise de drones pour créer une architecture ouverte. Une société qui conçoit des moteurs de précision utilisés dans l’exploration de Mars et de la Lune fait équipe avec une société d’architecture de drones open source. Maxon dont la technologie permet à l’hélicoptère autonome Ingenuity et au rover Perseverance d’explorer Mars, annonce un partenariat stratégique avec Auterion, la société qui construit un avenir open source et software defined pour les flottes de drones d’entreprise.
(EN) Open source: Mars explorer developer teams with drone company on open architecture. The future of drones is open source. But Is Open Source Software More Secure?
(EN) Europe picks EuroQCI satellite quantum communications consortium. “The key element is the possibility of using quantum technologies to exchange encryption keys, guaranteeing complete communication security in management of vast quantities of data”
(FR) Un consortium d’acteurs européens du numérique conçoit le futur Internet quantique de l’UE. La distribution de clé quantique (QKD – Quantum key distribution) sera le premier service à utiliser ce réseau. Le service QKD transmettra des clés de chiffrement par le biais de canaux de communication quantique sur des liaisons terrestres en fibre optique et des liaisons laser spatiales.
(FR) Risque spatial : Axa XL s’associe au français SpaceAble. Axa XL annonce avoir signé un partenariat avec la start-up française SpaceAble afin d’améliorer la couverture des opérateurs de satellites via la collecte, le traitement et la modélisation de données spatiales.
(EN) SpaceX, OneWeb and the ‘Mega’ Effect of Mega-Constellations on International Space Law. For instance, OneWeb’s satellites have been launched from the Russian spaceport Vostochny Cosmodrome since 2019: however, the Russian government did not allow OneWeb to provide internet connectivity services in Russia, citing national security concerns
(EN) Viasat to Integrate Encryptor into Link 16 LEO Spacecraft. Viasat plans to integrate its In-line Network Encryptor (INE) into the Link 16-capable Low Earth Orbit (LEO) satellite that it is developing for the U.S. Air Force Research Laboratory.
(EN) New Space Players Take Stock of Headline-Grabbing Security Breaches. New Space panel discussion at CyberSat Digital.
(EN) CyberSatDigital Speakers: “Red-Teaming” Helps Industry Understand, Detect Evolving Threats. Red team exercises – or, simulated cyber attack scenarios run by internal IT groups and/or external third parties – can help satellite companies keep pace with constantly evolving cyberattacks, according to speakers on CyberSatDigital’s opening panel
(EN) Laying the IT Groundwork for a Crowded Space Economy. If we want to make sure the space economy takes off, we must lay a reliable terrestrial groundwork now. That means putting an IT architecture in place that’s simple, safe, secure, and scalable to accomplish several objectives simultaneously.
(EN) Septentrio Receiver Authenticates Galileo’s First End-to-End Encrypted signals. Septentrio, a company based in Belgium that designs GPS/GNSS positioning technology, announced that its receiver has successfully authenticated navigation data of the first OSNMA-encrypted GNSS satellite signal.
(EN) Cybersecurity Influencers React to Space Policy Directive 5. The directive has been well-received among space cybersecurity influencers who believe this will lead to a much more secure environment for satellite communications.
(EN) SpiderOak Wins US Air Force SBIR Contract for OrbitSecure. Privacy technology company SpiderOak has won a U.S. Air Force small business contract to adapt its OrbitSecure protocol to military use. OrbitSecure is an Intelligence, Surveillance, and Reconnaissance (ISR) collection security system that can manage spacecraft and payloads when multiple parties are involved.

June 2021

(EN) House bill would designate space as critical infrastructure. Let’s do this! Space needs to be designated Critical Infrastructure
(EN) General Atomics Partners with Space Development Agency to Conduct Space-to-Air Optical Communication Experiment. SDA and General Atomics have expanded the Laser Interconnect and Networking Communication System (LINCS) program to include space-to-air optical communication demonstrations. SDA and GA will now establish and evaluate links between space and an airborne MQ-9 Reaper, in addition to the planned space-to-space and space-to-ground activities. This experiment leads to a fight where airborne assets can fly without relying on radio frequency, providing Low Probability of Intercept/Low Probability of Detection and increasing capabilities for warfighters around the world!
(EN) SDA & DARPA: June Demos To Prove Optical Sat Link Capability. “Getting a laser beam on a spacecraft to point to a laser receiver on another spacecraft accurately enough with the right power levels, the right waveforms, etc.,– it’s not an easy thing,” said General Atomics VP Nick Bucci.
(EN) General Atomics to Demo SDA Space-to-Air Optical Communication. General Atomics‘ electromagnetic systems group has received a contract to demonstrate optical communication between a low-Earth orbit satellite and an unmanned aerial vehicle for the Space Development Agency.
(EN) SpaceChain Sends Ethereum Cryptocurrency Tech into Space. SpaceChain has successfully sent a blockchain-enabled payload into space on Thursday aboard a SpaceX Falcon 9 rocket launched from NASA‘s Kennedy Space Center.
(EN) US Military Places a Bet on LEO for Space Security. U.S. Defense Department agencies are working with a who’s-who of military contractors, commercial satellite operators, and technology companies to finally demonstrate the feasibility of a proliferated constellation of satellites in Low-Earth Orbit (LEO).
(EN) Hacking space: How to pwn a satellite. Hacking an orbiting satellite is not light years away – here’s how things can go wrong in outer space
(EN) Momentus Reaches National Security Agreement, Co-Founders Divest from Company. Momentus has made a concrete step forward with a after a turbulent few months dealing with U.S. national security concerns with the business. The in-space transportation company announced Wednesday that it has signed a National Security Agreement (NSA) with the U.S. Department of Defense and Department of the Treasury on behalf of the Committee on Foreign Investment in the United States (CFIUS).

Papers

(EN) Autonomous Cyber Capabilities under International Law : New Book on autonomous cyber capabilities under International Law now available in CCDCOE Library
(EN) On Detecting Deception in Space Situational Awareness (James Pavur, Ivan Martinovic). This paper has been accepted for the 16th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2021), 7-11 June 2021, Virtual event. This paper offers one of the first considerations of defense techniques against SSA deceptions. Building on historical precedent and real-world SSA data, they simulate an attack whereby an SSA operator seeks to disguise spy satellites as pieces of debris.
(EN) New ESPI Yearbook edition. The Yearbook on Space Policy is an annual publication of the European Space Policy Institute (ESPI). p.93 you can find a small section on GSaaS (Ground Station as a Service).
(EN) An overview of protected satellite communications in intelligent age. Our focus is placed on the critical technologies and practical applications, and finally discuss remaining challenges and look forward to the future research directions. It is undoubted that the protected SatCom is one of the most important systems in military communications, both now and in the future.

Videos

(EN) Locked Shields 2021. Several Space ISAC members participated in Locked Shields 2021 and threats to space injects were considered because of their involvement. The largest and most complex international live-fire cyber defence exercise in the world, Locked Shields 2021 was organised by NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) from April 13th to 16th. The exercise included new cyber-physical systems and integrated technical and strategic elements, enabling participating nations to practice the entire chain of command in solving a large-scale a cyber incident. This year was unique from other iterations of Locked Shields in that for the first time the organisers will also be participating remotely rather than gathering in Tallinn as they have done in previous years.
(EN) Space Iceland May meeting with Berenike Vollmer, researcher on Cybersecurity Gaps.
(EN) CYSAT ’21: C. Beek & E. Carroll “Space 4.0: Another cybercriminal portal?”. Space 4.0 encompasses all recent trends such as GSaaS, SataaS or edge computing making modern satellites (almost) an extension of the cloud!
(EN) On Detecting Deception in Space Situational Awareness. Presentation Video from James Pavur (Oxford University) for ACM ASIACCS 2021

Webinars

(EN) (to review) DevSecOps: An essential path for protecting intelligent space systems (Thursday June 10). DevSecOps has advanced as a critical methodology for how manufactures develop software, from the development of code to its deployment into production

Podcasts

(EN) Mars Goes to Shell. About this Episode : Tim Canham, Mars Helicopter Operations Lead at NASA’s JPL joins us again to share technical details you’ve never heard about the Ingenuity Linux Copter on Mars. And the challenges they had to work around to achieve their five successful flights.
(EN) Space Policy Pod: Episode 21 with Sean O’Keefe (Former Administrator, NASA). Given the current real-world challenges confronting all of us, AIAA has joined the MITRE Corporation and the U.S. Chamber of Commerce to produce this podcast series to examine events and ideas affecting the space sector.

Past Events

June 3, 2021 : Efficiently Integrating Software and Digitalisation Technologies to Optimise and Enhance the Space Technology Manufacturing Chain
June 8-10, 2021 : ACM ASIACCS 2021 with James Pavur
June 7-8, 2021 : Global Space & Technology Convention (GSTC) 2021 | SSTL. GSTC is Asia’s Premier Space & Technology event, bringing you the latest technology news, what’s hot in the satellite scene and space technology updates. Over 10 years in the making, GSTC has taken up a crucial role in highlighting how space technology and satellite communications will shape our lives here in Asia. From learning how satellite communication and data can transform urban cities, to its applications in maritime surveillance, security and IoT.

Upcoming Events

June 14, 2021 : Secure Connectivity Initiative. You want to hear where we stand on the Secure Connectivity Initiative and how NewSpace made in Europe can contribute? Don’t miss the opportunity to listen to European Commissioner Thierry Breton’s dialogue with start-ups and SME on ways and means to inject NewSpace concepts and technologies into the Secure Connectivity Initiative!
June 15, 2021 : Keeping Secrets in Space: Exploring the Unique Challenges of Cybersecurity in Space Systems. Our voices may not travel in the vacuum of space, but some of our most sensitive secrets do. As the United States continues to increase its reliance on space-based systems for national defense and commerce, government and industry must work together to address the unique challenges of securing digital space systems.
June 22, 2021 : 3rd Summit for Space Sustainability. The Summit for Space Sustainability is a high-level, multi-day event focused on developing solutions for space sustainability, hosted by the Secure World Foundation. The last year changed the world dramatically, offering an opportunity to build back or make changes. This year’s Summit for Space Sustainability invites a diverse group of international experts to look across a range of economic, security, and environmental issues to evaluate how space capabilities can be used to meet long-standing and new global challenges.
June 23 – 14, 2021 : Milsatcom USA (online virtual event , USA) – To achieve and maintain overmatch against its adversaries.
June 24, 2021 : NCCoE Satellite Ground Segment Cybersecurity Workshop with
National Institute of Standard and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE)
July 23, 2021 : SpaceTech Symposium: Challenges and Monetization of Space Security and Situational Awareness
September 1 – 3, 2021 : Geopolitics and Global Futures Symposium 2021. The 2021 Geopolitics and Global Futures Symposium is now open for applications! Module 1 is about « The Future of Outer Space Security »
September 7-9, 2021 : Joint Air & Space Power Conference 2021 – Delivering NATO Air & Space Power at the Speed of Relevance. The security challenges to NATO did not just get put ‘on hold’ as our individual countries turned inward to battle the existential threat to survival at home. Indeed, the global pandemic also presented an opportunity to NATO’s near-peer adversaries to manoeuvre and attempt to gain an advantage.
September 7-10, 2021 : 2021 SATELLITE Experience with Satellite Cybersecurity session.
October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.
October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
October 25-29, 2021 : IAF’s IAC 21 in Dubaï – 72nd International Astronautical Congress 2021 (Dubai, United Arab Emirates) will have two security sessions :
- D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
- E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
- Papers have been selected and the program will be published shortly

This work is not exhaustive, so comments and observations are welcome.

Space Cyber Security Watch N°3 – 31 May 2021

François Quiquet

30 May 2021

PDF VERSION IS AVALAIBLE HERE

Find below the new Space Cyber Security Watch No 3. In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.

Attacks on Space Systems
Articles
Papers
Videos
Webinars
Past Events
Upcoming Events

Attacks on Space Systems

(EN) SolarWinds hackers targeted NASA, Federal Aviation Administration networks : “Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private companies. The two agencies were named by the Washington Post”.
(EN) NASA and the FAA were also breached by the SolarWinds hackers
(FR) SolarWinds : la NASA et la FAA parmi les victimes de la cyberattaque

Articles

February 2021

(EN) Red Flag 21-1 integrates space, cyberspace for joint all-domain operations training – Red Flag 21-1 is an exercise with Space-unit participants including blue, red and white players from the United States Space Force, U.S. Army Space and Missile Defense Command, and allied nations combat air forces. During the exercise, they have employed “space electronic warfare capabilities that support full-spectrum national security objectives, along with offensive cyber capabilities across adversary data networks affecting that network’s ability to pass data or function properly”.

March 2021

(EN) Viasat Opens New Cyber Security Facilities in the UK – “Viasat‘s U.K. subsidiary opened a new Network Operations Center (NOC) and Cyber Security Operations Center (CSOC) in Aldershot, United Kingdom. The new facilities will support defense, government, and commercial organizations often targeted by increasingly sophisticated cyberattacks”.
(EN) SecDef briefed on military space programs, threats to satellites – “Defense Secretary last week received a detailed briefing on DoD space programs and national security threats in the space domain. This was his first high-level briefing on space issues since taking office”

April 2021

(EN) DoD space agency: Cyber attacks, not missiles, are the most worrisome threat to satellites – “Cyber and supply chain are two threats that the director of the Space Development Agency (SDA) is concerned about”. He described cyber and supply chain problems as “common mode failures,” which means that even if just a few components or portions of a system are attacked, the whole network would be out of service.

May 2021

(EN) CyberSatDigital Speakers: “Red-Teaming” Helps Industry Understand, Detect Evolving Threats – Red team exercises – or, simulated cyber attack scenarios run by internal IT groups and/or external third parties – can help satellite companies keep pace with constantly evolving cyberattacks, according to speakers on CyberSatDigital’s opening panel on Monday.
(EN) New Space Players Take Stock of Headline-Grabbing Security Breaches – Vice president of Corporate Engineering and Security for Planet, laid out the stark truth of cybersecurity threats during the CyberSat Digital event on Tuesday, May 11. New Space players on the panel took stock of cybersecurity threats in light of the ransomware attack on Colonial Pipeline, which has disrupted the gasoline supply on the East Coast
(EN) NASA OIG: NASA’s Cybersecurity Readiness – Given its high-profile mission and broad connectivity with the public, educational institutions, and outside research facilities, NASA presents cybercriminals a larger potential target than most government agencies.
(EN) SolarWinds hack ‘a big wakeup call,’ NASA’s human spaceflight chief says – NASA leaders know that the space agency, with its huge stores of advanced technical data, is an inviting target for hackers and therefore take significant measures to head them off
(EN) CyberInflight is now a proud member of the Space ISAC – In April 2021, CyberInflight became the first french company of Space ISAC.
(EN) CCSDS Security Working Group – Spring 2021 : CCSDS Spring 2021 Meetings has been hold remotely (17-18 May 2021) in a Virtual format at Huntsville Alabama (USA). Meeting materials can be found here.
(EN) The Space Force needs deterrence and war-winning capabilities – The USSF lacks key elements that are necessary to empower effective deterrence on orbit: sufficient offensive and defensive means to achieve its statutory functions as an armed force. Credible deterrence requires kinetic and non-kinetic capabilities, political will to use those systems, and the clear communication of a specified threat of force linked to a specific action (i.e., attack) that the U.S. wants to prevent. The armed forces behind the threat must be credible in the mind of the adversary.
(EN) Aerospace Cybersecurity Capture The Flag 2021 – During the 2021 RSA Conference, Aerospace Village hosted a Cybersecurity Capture The Flag (CTF). The objective of the Aerospace Cybersecurity CTF is to highlight current cybersecurity issues in the aerospace domain using a friendly competition and teaching environment. During the event, challenges and puzzles are solved and “flags” are retrieved. Congrats to the #AerospaceVillage CTF winner @mztropics. CTF platform is now closed.
(EN) Message from Steve Lee (AIAA) : If you missed the Embry Riddle Aerospace Cybersecurity Capture the Flag (CTF) at SCITECH 2021, or at the RSA Aerospace Village Sandbox on Monday, 17 May–or would like to explore it some more–the CTF is available online at the RSA Sandbox hosted by Aerospace Village. Check out the challenges and test your mad aerospace cybersecurity skillz! Sorry but now, CTF platform is now closed.
(EN) Biden Administration Likely Retaining Trump Doctrine on Cybersecurity in Space – Cybersecurity in space will remain a priority under the Biden administration. Great work from Jaisha Wray and Brian Scott and the crew from the National Space Council.
(EN) MoU Signed Between AIAA + Space ISAC For Collaboration On Space Cybersecurity Concerns – The American Institute of Aeronautics and Astronautics (AIAA) and the Space Information Sharing and Analysis Center (Space ISAC) have entered into a Memorandum of Agreement (MOU) enabling the two organizations to collaborate on aerospace and space cybersecurity endeavors.
(EN) AIAA and Space ISAC team up to defend space from cyber attack – The two organizations will cooperate to build the knowledge foundations of space cybersecurity. The Space ISAC brings cybersecurity situational awareness and operational excellence and AIAA offers its long history of convening and promoting aerospace expertise, knowledge, and leadership.
(EN) Germany affirms the creation of its Space Command under the responsibility of the Bundeswehr – Germany is following the trend to centralize its military space activities. By fall 2021, the German armed forces are set to establish a Space Command under the responsibility of the German Air Force (PDF – 27 pages – In German)
(EN) CYSAT ’21, a space cybersecurity conference – Full Keynotes and Presentations have been released in videos
(FR) La guerre de l’espace renforce l’activité du Centre spatial de Toulouse – Le campus du CNES à Toulouse va accueillir le nouveau commandement de l’espace qui opérera les moyens spatiaux de la défense nationale. Celui-ci réunira 400 personnes dans un bâtiment dédié en 2025, formées par le CNES. Sa création a favorisé aussi la venue du futur Centre d’excellence de l’Otan pour le domaine spatial.
(EN) Space Organizations Partner To Boost Cybersecurity – Two prominent aerospace industry groups are cooperating on cyber information sharing, awareness, education, and outreach to improve the security of space operations. The agreement between the American Institute of Aeronautics and Astronautics and the Space Information Sharing and Analysis Center comes at a time when recent cyber incidents in other industries have highlighted a deficit of info sharing.
(EN) JUST IN: Space Force Wants More Cyber Teams – The Space Force is in talks with Cyber Command and the Air Force to bring more specialized cyber personnel into the fold, said the deputy commander of Space Operations Command
(EN) The Space Platform Overlay – Have you heard about Space Platform Overlay ? Government programs and organizations have attempted to take portions of NIST governance documents and apply it to space systems. Space Platform Overlay takes the existing control sets (such as the CNSSI No. 1253 and the NIST 800-53 Rev. 5) and articulates what could be applicable to the spacecraft.
(EN) EUSPA, the new EU Agency for the Space Programme – The adoption of the Regulation establishing the new EU Space Programme on April 27 marks a new beginning for the EU Space Programme and for the European GNSS Agency (GSA), which has now officially evolved into EUSPA, with an expanded mandate and new responsibilities.
(EN) It’s official: EUSPA – EU Agency for the Space Programme is here (Video) – EUSPA provides safe and performant space services, enabling synergies, EU innovation, sustainability, and security. Under the EU Space Regulation, EUSPA’s mandate includes EU Space Programme security accreditation.
(EN) EUSPA: We are hiring – The Security Department is loooking for Security Risk Engineer, Service Facilities Security Engineer, Service Security Engineer

(EN) Committee Leaders Request GAO Review of Cybersecurity Risks at NASA – “NASA’s portfolio of major projects includes satellites equipped with advanced sensors to study the Earth, telescopes intended to explore the universe, and spacecraft to transport humans and cargo beyond low-Earth orbit,” said Committee Members in the letter. “As each project represents significant investments in innovative technology, they could also be attractive targets to malicious actors.”
(EN) Congress asks GAO to investigate NASA cybersecurity – The bipartisan leadership of the House Science Committee has asked the Government Accountability Office (GAO) to investigate NASA’s cybersecurity activities amid growing concerns about hacking of government computer systems.
(EN) CYSEC joins the Gaia-X initiative, a digital alliance for space – The project aims at the next generation of Europe’s data infrastructure, a secure, federated system that meets the highest standards of digital sovereignty while promoting innovation. CYSEC contributes to this project with CYSEC ARCA Trusted OS, a solution to the challenge of securing data-in use, with full-stack protection.
(FR) L’opération “AsterX 2021” dans le No d’Avril 2021 du magazine “Air Actualités” – Vous partirez à la découverte de l’espace à travers « AsterX 2021 ». Premier exercice militaire spatial se déroulant à Toulouse, vous rencontrerez les acteurs de cet événement (à lire bientôt en ligne).
(FR) Le Tableau de Bord Spatial (TBS) dans le No d’Avril 2021 du magazine “Air Actualités” – Ce nouveau numéro vous emmènera aussi dans les coulisses du fonctionnement du tableau de bord spatial (TBS) – (à lire bientôt en ligne).

Papers

(EN) NASA’ S Office of Audits – CYBERSECURITY READINESS 2021 – (PDF – 38 pages)
(EN) The Future of Security in Space: A Thirty-Year US Strategy – An Atlantic Council Report. A Must-Read (PDF – 105 pages)
(EN) UBC researchers publish paper on risks of mega-constellations – (PDF – 8 pages)

Videos

(FR) Le Journal de la Défense « Maîtriser l’espace, le nouveau défi des armées » – Ce No du JDEF consacré au spatial est à visionner sur la chaîne parlementaire (LCP).
- Ce documentaire révèle les enjeux internationaux ancrés derrière l’exploration spatiale : recueillir des renseignements, surveiller le terrain, communiquer et naviguer; l’accès à l’espace peut être source de conflit.
- Tourné au CSG et au CST, avec une forte participation CSO, ce film de 20 minutes est également disponible en replay sur la chaîne YouTube du Ministère des Armées.
- Au programme de ce film :
  - Du rôle terrestre, maritime et aérien, des forces armées en Guyane pour protéger le centre spatial installé à Kourou;
  - Au rôle du Centre Nationale des Etudes Spatiales à Paris et Toulouse,
  - En passant par les technologies d’intelligence artificielle ou de défense militaire
(EN) French TV Broadcast : Defence & Space – Mastering space, the new challenge for armies

Webinars

(EN) June 16, 2021 : Space Resilience for Automakers – Space ISAC and the Center for Automotive Research (@cargroup) are putting on a webinar on Space Resilience for Automakers on 16 June at 12 MDT!
(EN) June 1, 2021 : Reducing Space Threats: A Resolution, Volume 2 – In response to UN Resolution 75/36, UN Member States and other key stakeholders were invited to submit their views on threats to space sustainability, what could be norms of behaviour, and how the multilateral community should move forward.

Past Events

(EN) May 25 – 28, 2021 : CyCon 2021, the 13th International Conference on Cyber Conflict – Adapting to the new reality, CyCon 2021 will provide a virtual meeting point for decision-makers, opinion-leaders, law and technology experts from the governments, military, academia and industry. CyCon is organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
(EN) “Cyber, Space, Cubed” panel at the CyCon2021 – Erin M. Miller (Executive Director, Space ISAC) and Ryan Speelman (Principal director for the Cyber Security Subdivision at the Aerospace Corporation) hold a session at CyCon 2021 for the “Cyber, Space, Cubed” panel.
(EN) James Pavur at the CyCon2021 – James Pavur hold a session by presenting his new paper “On Small Satellites, Big Rockets, and Cyber Trust”, as part of a panel NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)’s CyCon2021 conference. Definitely check it out if you’re interested in launch vehicle and CubeSat cyber security.

Upcoming Events

(EN) June 1 – 3, 2021 : MilSat Symposium 2021 – Next-Generation Space Defense
(EN) June 1 – 3, 2021 : 5th ESA CubeSat Industry Days – Join Mathieu Bailly (CYSEC SA). If you’re curious to understand why cybersecurity matters even for smallsats missions and what they have up to at CYSEC SA, join them LIVE on June 2nd!
(FR) 4 et 5 juin 2021 : Hackathon spatial unique en France avec DefInSpace
(EN) June 8 – 9, 2021 : Military Space USA (online virtual event , United Kingdom) – To support the warfighter through transformation and innovation within the US approach to space
(EN) June 22 – 24, 2021 : 3rd-annual Summit for Space Sustainability (Future Space Sustainability Leaders) – Secure World Foundation (SWF) is gearing up for the third-annual Summit for Space Sustainability, to be held virtually June 22-24, 2021.
- Secure World Foundation is holding a Future Space Sustainability Leaders Essay Contest as part of our 2021 Space Sustainability Summit! Get your essays in by May 25th to have a chance at $1,000! More details and the topics can be found here.
(EN) June 23 – 14, 2021 : Milsatcom USA (online virtual event , USA) – To achieve and maintain overmatch against its adversaries.

(EN) September 1 – 3, 2021 : Geopolitics and Global Futures Symposium 2021. The 2021 Geopolitics and Global Futures Symposium is now open for applications! Module 1 is about « The Future of Outer Space Security »
(EN) October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.
(EN) October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
(EN) October 25-29, 2021 : IAF’s IAC 21 in Dubaï – 72nd International Astronautical Congress 2021 (Dubai, United Arab Emirates) will have two security sessions :
- D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
- E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
- Papers have been selected and the program will be published shortly

This work is not exhaustive, so comments and observations are welcome.

Space Cyber Security Watch N°2 – 17 May 2021

François Quiquet

17 May 2021

PDF VERSION AVALAIBLE HERE

Find below the Space Cyber Security Watch No 2. In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats …

This work is not exhaustive, so comments and observations are welcome.

List of new Articles
Some good Papers
Webinars and past events to review
Upcoming Events
Past Events

List of new Articles

January 2021

(EN) Space Cybersecurity: How Lessons Learned on Earth Apply in Orbit, an article by George Platsis
(EN) Cyber is perhaps the most challenging part about space interaction, an article by Prof. Gregory Falco, a space system security researcher. His research entitled Cybersecurity Principles for Space Systems was highly influential in the recent Space Policy Directive-5.

February 2021

(EN) Protecting the new frontier: Seven perspectives on aerospace cybersecurity, an article by Simon Handler. The following video is on the same subject : Aerospace Cybersecurity – Protecting the New Frontier
(EN) NATOs Mission-Critical Space Capabilities under Threat: Cybersecurity Gaps in the Military Space Asset Supply Chain by Berenike Vollmer

April 2021

(FR) Rhea remporte un contrat pour développer le Centre d’excellence en cybersécurité de l’ESA
(EN) The Importance of Space Security, an article on Linkedin by Charles Alexi
(EN) Space Command moves for tighter cyber integration. U.S. Space Command is launching a dedicated joint cyber center for better integration with U.S. Cyber Command.
(EN) On National Security | Is space-as-a-service a viable option for the DoD?
(EN) Open source goes to Mars. A new Mars 2020 Helicopter Mission badge has been placed on the GitHub profile of every developer who contributed to the specific versions of any open source projects and libraries used by Ingenuity.

May 2021

(EN) How commercial space stations could become the final frontier for data and cybersecurity
(EN) Space Security Challenge 2021: Hack-A-Sat 2 is back to hack an on-orbit US satellite
(EN) Report of the Secretary-General on reducing space threats through norms, rules and principles of responsible behaviors (2021). By resolution 75/36, the General Assembly Encouraged Member States to study existing and potential threats and security risks to space systems.
(EN) Summary of SpaceX Software AMA. The SpaceX software team conducted recently a Ask-Me-Anything (AMA) session where they answered to all questions about some of the fun projects they have worked on this past year. This thread is a summary. The complete thread is here.
(EN) Space Force Looks to Boost Cyber Defenses of Satellites with Acquisition Reorganization. The ongoing restructuring of Space Force acquisition authorities is designed in part to ensure proper cybersecurity testing and monitoring of new programs as they are developed and deployed,
(EN) Christopher Stanley said on Twitter that Starlink started a security bug bounty program on Bugcrowd. The Starlink page on Bugcrowd is avalaible here. You can earn between $100 and $25,000.
(EN) CISA Launches a Space Systems Critical Infrastructure Working Group. Read more at CISA
(EN) Space Security Governance: ORF Submission on UNGA Resolution. Observer Research Foundation (ORF), a public policy think tank based in New Delhi, India wishes to submit its views on the UN General Assembly Resolution 75-36, “Reducing Space Threats Through Norms, Rules and Principles of Responsible Behaviours.”
(EN) Space Attacks Open Database Project. The goal of this project is to reference the latest known Space Attacks in order to maintain an up to date Database with the contribution of the Community.

Some good Papers

(EN) Space Threat Assessment 2021 (Aerospace Security). The purpose of this annual report from the CSIS Aerospace Security Project is to aggregate and analyze publicly available information on the counterspace capabilities of other nations, primarily China, Russia, Iran, North Korea, and India
(EN) Mitigating Cyber Security Risk in Satellite Ground Systems. Satellite ground systems represent an often neglected aspect of cyber security when dis-cussing Air Force and Department of Defense cyber vulnerabilities. An increasing amount of cyber security research and attacks focus on space ground systems in the form of satellite control, satellite communications terminal hacking, and GPS spoofing. Public evidence exists demonstrating nation-state adversary willingness and intent for attacking these systems.

Webinars and past events to review

(EN) SEC_LAB: A Secure Communications Testbed for Space Missions (Space-Ground Data Link Security) by Mr. Marcus Wallum (Operations Data Systems Engineer at ESA)
(FR) Replay du Webinaire sur la présentation de DefInSpace 2021, un Hackathon unique en France
(EN) What Technologies Can Secure GPS?
(EN) Securing Software-Defined Satellites. Bringing these new designs together in complex systems, never tested before, comes with risks and challenges. One way of addressing these complexities is by employing the same strategy used by NASA and Google self-driving cars – simulation and digital twins.
(EN) Space Island’s monthly meeting on “Cybersecurity gaps in the military Space Asset Supply Chain” by Berenike Vollmer, researcher on Cybersecurity Gaps
(EN) Inaugural Space Cybersecurity Symposium (5 May 2021) with NIST, the Department of Commerce and the U.S. Department of Homeland Security. To learn about the latest cyber threats to space infrastructure, existing space cybersecurity policies, and industry cybersecurity experience and mitigation strategies. Slides presentation and video are avalaible.
(EN) CCDCOE virtual launch of a new e-volume “Cyber Threats and NATO 2030: Horizon Scanning and Analysis“

Upcoming Events

(EN) May 17 – 21, 2021 : Webinar Series on Norms, Rules and Principles of Responsible Behaviour in Outer Space
(EN) June 1 – 3, 2021 : MilSat Symposium 2021 – Next-Generation Space Defense
(FR) 4 et 5 juin 2021 : Hackathon spatial unique en France avec DefInSpace
(EN) June 8 – 9, 2021 : Military Space USA (online virtual event , United Kingdom) – To support the warfighter through transformation and innovation within the US approach to space
(EN) June 23 – 14, 2021 : Milsatcom USA (online virtual event , USA) – To achieve and maintain overmatch against its adversaries.
(EN) September 1 – 3, 2021 : Geopolitics and Global Futures Symposium 2021. The 2021 Geopolitics and Global Futures Symposium is now open for applications! Module 1 is about “The Future of Outer Space Security”
(EN) October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.

Past Events

(EN) May 10 – 12, 2021 : CyberSatDigital – How to identify bad actors, neutralize risks, and thwart threats on our assets in the satellite ecosystem.

Space Security Challenge 2021: Hack-A-Sat 2 is back to hack an on-orbit US satellite

François Quiquet

8 May 2021

The U.S. Air and Space Forces in collaboration with the security research community opened registration May 4 for the qualification round of the second annual Space Security Challenge: Hack-A-Sat satellite hacking challenge.

This virtual competition enables security researchers of all levels to focus their skills and creativity on solving cyber security challenges of space systems and incentivizes innovation in securing these systems.

The Space Security Challenge 2021: Hack-A-Sat 2 begins with a Qualification Event that takes place June 26, 10 a.m. EDT – June 27, 4 p.m. EDT. Teams will compete in a Jeopardy-style format, earning points based on speed and accuracy, for a chance to win one of ten prize packages that include $10,000.

The top eight teams from the qualifying round advance to an attack and defense Capture-the-Flag-style Hack-A-Sat 2 Final event, in which teams defend their satellite system while employing offensive measures on their opponent’s systems. Geared toward security researchers who have more advanced technical knowledge of space systems, this final event takes place Sept. 17, 6 p.m. EDT – Sept. 19, 6 p.m. EDT. The top-three-finishing teams receive $50,000 for first place, $30,000 for second place and $20,000 for third place.

Last year’s Hack-A-Sat 1, the inaugural Space Security Challenge, drew more than 2,000 teams made up of more than 6,000 individuals, who were able to connect, learn and hone their skills in this first-of-its-kind, fully-immersive contest experience. Among these teams were the world’s best hackers, who, during the final round, championed a first-of-its-kind on-orbit satellite hacking challenge.

“The first Hack-A-Sat was a tremendous success in bringing together a diverse group of government, commercial, and private organizations and individuals to test and develop cybersecurity solutions for our unique space networks,” said Lt. Gen. John F. Thompson, U.S. Space Force’s Space and Missile Systems Center commander.

As satellites provide the entire world with needed data transmission for capabilities like GPS and credit card transactions, the Departments of the Air & Space Force embraces the benefit of ethical hacking to advance cyber and space technology for both the military and industry.

“The security and cyber-resiliency of our on-orbit systems is an absolute necessity as we look to ensure the peaceful development of the global commons of space over the coming decades,” Thompson said. “This required a multitude of specialties, so partnerships across the entire professional cybersecurity spectrum are vital to developing the next-generation of secure space systems.”

Registration for the Qualifying Event is open to the public. To register, find rules and eligibility, and sign up to stay informed about all contest updates, visit hackasat.com.

Les start-ups et PME spatiales s’allient pour positionner la filière NewSpace française en leader mondial

François Quiquet

7 May 2021

Une nouvelle alliance française dans le newspace vient de se créer. Alliance NewSpace France fait l’annonce de sa création ci-dessous. Il s’agit d’une initiative lancée par une vingtaine de PME et start-ups spatiales françaises, pour faire rayonner la filière dans le monde entier et créer des leaders du secteur spatial de demain. L’Alliance est ouverte à tous les acteurs du NewSpace.

Les entreprises françaises du NewSpace se réunissent sous la bannière de l’Alliance NewSpace France pour atteindre une masse critique afin de faire rayonner l’incroyable dynamique des start-ups spatiales françaises.

Arrivée d’acteurs privés, accélération, innovations, nouvelles technologies, nouvelles applications, nouveaux acteurs : le secteur spatial est aujourd’hui en profonde mutation. Cette révolution, appelée “NewSpace” est portée par des start-ups, entreprises, laboratoires et organisations diverses dans le monde entier.

La mission de l’Alliance NewSpace France est de fédérer l’ensemble des acteurs de la filière NewSpace sur le territoire Français pour faire rayonner au niveau national et mondial son savoir-faire.

« En France, nous portons des innovations majeures sur l’intégralité du secteur spatial, avec toute la chaîne de valeur du satellite, allant du lancement au traitement des données, en passant par son lancement, et même du tourisme spatial », explique Stanislas Maximin, Président de la nouvelle Alliance.

Des objectifs ambitieux pour permettre à la France de rester sur le devant de la scène

L’Alliance NewSpace représente une vingtaine de membres, plus de 700 employés et plusieurs dizaines de millions d’euros d’investissement en 2020. Elle renforce le positionnement des acteurs de la filière en améliorant leur visibilité, en renforçant l’investissement, en favorisant les co-développements, en saisissant les opportunités d’affaires à l’international. Sa mission : défendre les valeurs, les besoins et les attentes de la filière en France et en Europe.

La France dispose d’un terreau institutionnel et industriel fertile, la positionnant au cœur de l’écosystème aérospatial mondial. Cependant, son avenir dépend des nouvelles initiatives qui émergent et se développent très rapidement.

« Le NewSpace est synonyme d’agilité pour répondre au plus vite à un marché dynamique en pleine mutation. Une coopération ouverte au niveau français est sans conteste un facteur de succès pour faire face à une compétition mondiale qui se renforce. Cette initiative propose une approche constructive face à cet enjeu. » note Giao-Minh Nguyen, Vice-Président de l’Alliance.

Porter une vision transverse du secteur centrée sur la coopération

Si la participation et le support déjà existant des institutions et du gouvernement sont nécessaires au bon développement de la filière, Stanislas Maximin précise :

« Nous sommes convaincus que l’innovation doit être au service des marchés, des besoins et de la vision des entreprises. Elle doit émaner des acteurs qui prennent les risques et qui innovent. Ainsi, l’Alliance se veut être une plateforme fertile pour encourager les interactions, les projets et les idées entre les entreprises du NewSpace. »

Objectif : mettre en commun les besoins et les attentes, faciliter le développement de projets dans la filière, se diversifier et attaquer de nouveaux marchés internationaux.

Stanislas Maximin (Venture Orbital), Président

Pour en savoir plus : Compte Twitter de l’Alliance NewSpace France

Space Cyber Security Watch N°1 – 3 May 2021

François Quiquet

2 May 2021

PDF VERSION AVALAIBLE HERE

Find below the first Space Cyber Security Watch of the Space Cyber Security Community. In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats …

For this first Space and Cyber Security Watch, we catch up on the news since the beginning of the year.

I would like to thank Coreteam members of the Space Cyber Security Community for their help in this work (Stephane, Teodor, Yohann, Florent, Julien)

This work is not exhaustive. So comments and observations are welcome.

News of the latest Attacks on Space Systems
List of new Articles
CYSAT’21
Space ISAC (Space Information Sharing and Analysis Center)
SPD-5 : National Space Policy Directive 5 aka « Cybersecurity Principles for Space Systems »
AsterX: First french military exercise in space
War in Space
Some good Papers
Videos
Webinars to review
Podcasts
Upcoming Events

News of the latest Attacks on Space Systems

(EN) Attack on JAXA: Chinese military seen behind Japan cyberattacks, a hacker group linked to the PLA conducted attacks on nearly 200 companies and research institutes in Japan, including the Japan Aerospace Exploration Agency.
(EN) SpaceX seemingly takes steps to protect telemetry data after leak
(EN) How Amateur Radio Fans Decoded SpaceX’s Telemetry & Engineering Video
(EN) SpaceX employee admits security fraud, insider trading on dark web

List of new Articles

January 2021

(EN) Hacking Satellites with $300 – Worth of TV Gear, by Jack Berning

February 2021

(EN) It’s time to declare space systems as critical infrastructure, a Politico article

March 2021

(EN) Securing the twins: Space and cyber can’t exist without each other … Space and cyber represent critical infrastructure twins, born of the same era, that also represent the next warfighting domains

April 2021

(FR) “Cyberespace : une intersection redoutable ? , un article paru dans le magazine DSI (Défense & Sécurité Internationale), rédigé par le chef d’escadron S. M., les capitaines A. E. et D. R., stagiaires de l’EMSST, le capitaine T. W., stagiaire du CEMSAir, officiers suivant le mastère spécialisé « Conduite des opérations et gestion des crises en cyberdéfense ».
(EN) The vulnerability of satellite communications by Thorsten Stremlau
(EN) The United States is to launch a dedicated joint cyber center to promote integration between US Space Command and US Cyber Command by Sarah Coble
(EN) DoD space agency: Cyber attacks, not missiles, are the most worrisome threat to satellites – SDA director Derek Tournear: It doesn’t matter if I have one satellite or if I have 1,000 satellites, a cyber attack could taken them all out
(EN) Conjunction risk drives need for information sharing (op-ed)
(EN) Cybersecurity for smallsats – 5 key concepts explained
(EN) Space jam: Researchers and satellite start-ups meet to discuss celestial cybersecurity
(FR) Merci « Perseverance » ! Le logiciel libre arrive sur Mars, un article d’Aurélie Jean dans le Point
(EN) #LORCALive: Cybersecurity to Play a Key Role in Supporting Growing Space Sector

CYSAT’21

(EN) CYSAT’21 – The 1st European executive event dedicated to cybersecurity for the space industry
(EN) CYSAT ’21, a space cybersecurity conference : Full Keynotes and Presentations

Space ISAC (Space Information Sharing and Analysis Center)

(EN) Space ISAC Selects Cyware for Automated Threat Sharing
(EN) Space ISAC announces initial operating capability for threat information sharing
(EN) ISAC Ventures Into Space Information Sharing, a great article on Space ISAC information sharing from AFCEA’s Signal Magazine!
(EN) Space ISAC Podcast Episode #1: What is Space ISAC? feat. Erin Miller, Executive Director, Space ISAC
(EN) Space Isac has relesased his new newsletter
- Cyware Labs has been selected to provide the organization’s member sharing portal and threat intelligence platform.
- Space ISAC members onboarded and trained on the Cyware platform
- Space ISAC declares Initial Operating Capability
- Preparing to launch the Supply Chain Risk Management Working Group
- Analyst Working Group distributes first Monthly Threat Report to all Space ISAC members

SPD-5 : National Space Policy Directive 5 aka « Cybersecurity Principles for Space Systems »

(EN) On September 4, 2020, U.S. President Donald Trump issued Space Policy Directive 5 (SPD-5), known as the “Cybersecurity Principles for Space Systems”, on the cybersecurity of space systems and their supporting infrastructure

(FR) Le 4 septembre 2020, le Président des États-Unis Donald Trump a promulgué la Space Policy Directive 5 (SPD-5) dite « Cybersecurity Principles for Space Systems » relative à la cybersécurité des systèmes spatiaux et de leurs infrastructures de support

(EN) Fact Sheet : President Donald J. Trump is Establishing America’s First Comprehensive Cybersecurity Policy for Space Systems (PDF – 2 pages)
(EN) Memorandum on Space Policy Directive-5—Cybersecurity Principles for Space Systems | The White House (PDF – 6 pages)
(FR) Note sur la Space Policy Directive 5 (SPD-5) – Cybersecurity Principles for Space Systems
(EN) Establishing Space Cybersecurity Policy, Standards, and Risk Management Practices, a paper written by Brandon Bailey (PDF – 15 pages)

AsterX: First french military exercise in space

(EN) France is conducting its first military space exercise to assess its satellite protection and surveillance capabilities in a now militarised space.

(FR) La France mène son premier exercice militaire spatial afin d’évaluer ses capacités de protection de ses satellites et de surveillance dans un espace désormais militarisé.

(EN) France conducts first military exercises in space
(FR) AsterX : ce qu’il faut savoir sur le premier exercice spatial français de l’Histoire
(FR) Guerre de satellites, combattants de l’espace, en quoi consiste l’exercice AsterX ?
(FR) [WebTVAIR] Épisode 34 – AsterX 2021, premier exercice sur l’espace en Europe (Vidéo)
(FR) “Combattants du spatial”: les enjeux d’AsterX, premier exercice militaire spatial français.
(FR) 5 questions sur “AsterX”, le premier exercice militaire de la France dans l’espace (Vidéo)
(FR) Tout comprendre – L’exercice militaire spatial AsterX, une première pour la france

War in Space

(FR) La militarisation de l’espace : quels enjeux pour aujourd’hui et demain ? par Jean-Daniel Testé
(FR) Penser la guerre dans l’espace. Quels fondements conceptuels ? par Patrick Bouhet
(FR) Quel cadre juridique pour les conflits spatiaux de demain ? by Chloé Duffort, doctorante Chaire Défense & Aérospatial, Sciences Po Bordeaux

Some good Papers

(EN) Anti-satellite Missile, interesting paper on India’s ASAT program published by Indian Ministry of Defense (PDF – 52 pages)
(EN) Defense Against the Dark Arts in Space, a report of the CSIS Aerospace Security Project by Todd Harrison, Kaitlyn Johnson, Makena Young (PDF – 53 pages)
(EN) The Future of Security in Space : A Thirty-Year Us Strategy, a report of Atlantic Council. A Must-Read (PDF – 105 pages)
(EN) Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services, a Publication of NIST about Foundational Profile for Secure GPS Use (PDF – 115 pages)
(EN) Cyber Threats and NATO 2030: Horizon Scanning and Analysis (PDF – 267 pages)
(EN) Secure World Foundation – Global Counterspace Capabilities – An Open Source Assessment (PDF – 238 pages)
(EN) Smallsats and mega-constellations for U.S. national security: Some legal aspects (PDF – 121 pages) – See resume here

Videos

(EN) Hacking Satellites with $300 Worth of TV Gear. This student discovered that satellite security isn’t as stable as one may expect. So he decided to hack one.
(EN) Cyber Security in Space: Designing Space Systems for Mission Surety by MITRE
(EN) The United States Space Force Approach to Cybersecurity | SCS 2020, Space & Cybersecurity Symposium 2020 conversation with Lieutenant General John F. Thompson, Commander, Space and Missile Systems Center, Los Angles Air Force Base, CA, USAF.

Webinars to review

(EN) Weinstein Discusses Space Force & Cybersecurity with BU Alumni, a Space and Cybersecurity Webinar
(EN) 2021 PGS Workshop – Sustainability and the Future of Space – Virtual Event Hosted by Florida Tech – Melbourne, Florida
- Safe Space Operations – Link to Recording – Click Here
- Cyber Security – Link to Recording – Click Here
(EN) SGAC Space and Cybersecurity Project Group organized (on April 14, 2021) its 5th webinar featuring Prof. Gregory Falco discussing “Side-stream satellite cyber considerations” and Ms. Alexandra Stickings exploring “Difficulties in defining cyber-attacks in space”.

Podcasts

(EN) Space ISAC Podcast Episode #1: What is Space ISAC? feat. Erin Miller, Executive Director, Space ISAC

Upcoming Events

(EN) Securing Software-Defined Satellites (Wednesday May 5, 2021)
(EN) Inaugural Space Cybersecurity Symposium – on May 5, 2021 (Virtual Event) a conference organized by NIST. This event is jointly hosted by the Department of Commerce (DOC) and Department of Homeland Security (DHS)
(EN) SpaceOps 2021 – The 16th international conference on space operations (3-5 May 2021) will be virtual and free and has a cyber session, with a co-chair from CNES (Centre national d’études spatiales – French national space center)
(EN) IAF’s IAC 21 in Dubaï – 72nd International Astronautical Congress 2021 (25-29 October 2021, Dubai, United Arab Emirates) will have two (yes 2!) security sessions :
- D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
- E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
- Papers have been selected and the program will be published shortly

CYSAT ’21, a space cybersecurity conference : Full Keynotes and Presentations

François Quiquet

30 March 2021

CYSAT ’21 is the first conference in Europe dedicated to satellite and space industry cyber security. It took place from 17 to 19 March 2021 and brought together key players from the European space industry to share challenges and solutions related to cyber risks and cyber security in space.

You will find below the full recording of the 3 days of conferences with all the speakers. The conference programme is available here. The list of speakers is available here.

CYSAT ’21 – Teaser

CYSAT’21 Opening keynote by Elodie Viau (ESA)

CYSAT’21: Massimo Mercati from the European Space Agency (ESA)

CYSAT’21: Patrick Nicolet “How current cybersecurity trends can serve the space industry”

CYSAT’21: Florian Shütz “Switzerland, a leading nation for cybersecurity and space innovation”

CYSAT ’21: Alexandre Karlov “End-to end protection of space assets and data”

CYSAT ’21: Giovanni Pandolfi “Exploiting cybersecurity from the ground (segment) up”

CYSAT ’21: Enrique Fraga Moreira “Keeping the cloud securely attached to the ground (segment)”

CYSAT ’21: Adrien Bécue “The role of quantum technologies in secure communications”

CYSAT ’21: Akash Patel “Democratizing and reliability of data & AI solutions in space”

CYSAT ’21: S. Linden & C. Rückriegel “Security considerations for ground segment cloud platforms”

CYSAT ’21: James Pavur “Adventures in VSAT hacking: lessons for space security”

CYSAT ’21: Vincent Lenders “Secure and fast satellite broadband”

CYSAT ’21: Julien Airaud, “Overview of cybersecurity integration”

About CYSEC

CYSEC is a cybersecurity company based at the EPFL Innovation Park in Lausanne, Switzerland, whose mission is to shorten the time-to-market of innovative services by facilitating their integration into a secured IT environment. By lowering down the barriers to protect data and code, CYSEC enables its customers to benefit from a whole new level of flexibility and agility which is a game-changer today considering the fast-pace at which security and business requirements evolve. For more information, please visit www.cysec.com/space

About AP-Swiss

AP-Swiss is the Ambassador Platform of the European Space Agency’s ARTES Applications programmes in Switzerland. It is a partnership between the European Space Agency (ESA) and the State Secretariat for Education, Research and Innovation (SERI) of the Swiss Confederation. AP-Swiss also supports ESA BIC Switzerland, the ESA Business Incubation center in Switzerland. For more information, please visit www.ap-swiss.ch

CYSAT’21, le 1er événement européen consacré à la cybersécurité de l’industrie spatiale

François Quiquet

4 March 2021

CYSEC, une entreprise suisse spécialisée dans la cybersécurité, co-organise avec AP-Swiss, la plateforme “Ambassadeurs” du programme d’applications de l’Agence Spatiale Européenne (ESA) en Suisse, l’événement CYSAT’21, la première conférence en Europe, consacrée à la cybersécurité des satellites et de l’industrie spatiale.

Un événement entièrement virtuel et en ligne

CYSAT ’21 devait réunir à Davos, en Suisse, du 17 au 19 mars 2021, les principaux acteurs de l’industrie spatiale européenne pour partager les défis et les solutions liés aux cyber-risques et à la cyber-sécurité dans l’espace.

Suite à la crise sanitaire et la poursuivre de la pandémie, l’événement passe entièrement en virtuel et en ligne. Les participants pourront suivre très confortablement les présentations et les discussions en panel via un flux diffusé en direct. La mise en réseau se fera grâce à la plateforme b2match.

Teaser CYSAT’21

Pourquoi un tel événement ?

Pendant des années, les ingénieurs de l’aérospatiale se sont consacrés essentiellement à la construction de satellites fiables, souvent au détriment de la sécurité.

Avec un accès de plus en plus facile à l’espace et l’essor des nouveaux services via l’espace qui collectent par exemple des données, les actifs spatiaux deviennent des cibles attrayantes pour les pirates.

Le moment est venu de construire un écosystème européen capable de répondre aux défis actuels et futurs de la sécurisation de ces actifs stratégiques, des données et des services depuis l’espace afin de garantir leur sécurité et que chaque pays puisse préserver sa souveraineté.

La CYSEC, en partenariat avec AP-Swiss, a souhaité apporter à la communauté spatiale européenne la possibilité d’apprendre, de partager et de se connecter sur le thème de la cybersécurité en réunissant des spécialistes du domaine, des pirates éthiques et des experts, le tout au sein d’un événement d’une durée de trois jours.

Informations pratiques

Le programme de la conférence est disponible ici.
La liste des intervenants est disponible ici.
L’enregistrement en ligne se fait ici.
Plus d’information sur le site de l’événement cysat.eu

A propos de CYSEC

CYSEC est une société de cybersécurité basée au Parc de l’innovation de l’EPFL à Lausanne, en Suisse qui combine une connaissance approfondie de la sécurité et une vaste expérience de l’industrie.

Les équipes de CYSEC sont composées de cryptographes, de spécialistes de la sécurité logicielle et d’ingénieurs en matériel. CYSEC est une société qui peut fournir des solutions de sécurité agiles pour les infrastructures informatiques les plus complexes dans le monde entier et qui est prête à relever le nouveau défi de la cybersécurité.

CYSEC permet à ses clients de bénéficier d’un tout nouveau niveau de flexibilité et d’agilité qui change la donne aujourd’hui, compte tenu de l’évolution rapide des besoins en matière de cybersécurité. Pour plus d’informations, veuillez consulter le site www.cysec.com/space

A propos d’AP-Swiss

AP-Swiss est la plate-forme “Ambassadeursé du programmes d’applications ARTES de l’Agence spatiale européenne en Suisse. Il s’agit d’un partenariat entre l’Agence spatiale européenne (ESA) et le Secrétariat d’État à l’éducation, à la recherche et à l’innovation (SERI) de la Confédération suisse. AP-Swiss soutient également ESA BIC Switzerland, le centre d’incubation d’entreprises de l’ESA en Suisse. Pour plus d’informations, veuillez consulter le site www.ap-swiss.ch

1...8910...12 Page 9 of 12

Select your language

English
Français (French)

Last Posts

My experience and tips after successfully passed the CISM (Certified Information Security Manager) from...

François Quiquet - 15 December 2024 0

🌟 I'm thrilled to share that I've earned the CISM (Certified Information Security Manager) from ISACA. You can view my achievement on Credly. 🌍 This...

How to model an attack on an Industrial Control Systems (ICS)

François Quiquet - 28 October 2024 0

Attacks on OT (Operational Technology) systems are made easier due to the OT/IT convergence. The figure below is showing an example of OT/IT convergence. Attacks on OT...

Space and Satellites Security Conferences at DEF CON 32 (and a little bit Aviation...

François Quiquet - 21 October 2024 0

The videos from the Def Con 32 conference held in Las Vegas from August 8th to 11th are now online. Perfect for keeping busy...

My cybersecurity review from the beginning of 2024

François Quiquet - 27 May 2024 0

What an incredible start to 2024. I've had some incredible opportunities and I've been able to do some really interesting things. I continue my role as...

Very proud to receive the certificate of completion : « Introduction to Cybersecurity in...

François Quiquet - 27 May 2024 0

I’m very proud to receive the following certificate of completion for having successfully completed the training course : « Introduction to Cybersecurity in Space...

Popular Category

Cyber82
News65
Satellite54
Hacking54
United-States39
France33

Description of the Elements of a Satellite Command and Control System

François Quiquet - 18 May 2020 1

In order to be able to analyse the various threats and identify the risks facing a space system, it is necessary to describe precisely...

Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud

François Quiquet - 14 November 2021 4

KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as...

Cartographie des acteurs étatiques du cyber en France

François Quiquet - 6 June 2020 0

Avec l'aimable autorisation de Martial Le Guédard, nous reproduisons ci-dessous sa cartographie au sujet des différents acteurs étatiques évoluant dans le domaine du Cyber...

What are the threats to space systems?

François Quiquet - 18 May 2020 0

In this article, we will try to identify the various threats to space systems. This article is a synthesis of the CSIS (Center for Strategic...

Qu’est-ce que le grand Commandement De l’Espace (CDE) créé par la France pour la...

François Quiquet - 1 June 2020 0

Le Commandement De l’Espace (CDE) a été créé par arrêté le 3 septembre 2019. Il succède au Commandement interarmées de l’espace (CIE). Il rassemble...

Description of the Elements of a Satellite Command and Control System

18 May 2020

Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS...

14 November 2021

Cartographie des acteurs étatiques du cyber en France

6 June 2020

ABOUT US

spacesecurity.info est un magazine en ligne dédié à la sécurité appliquée au domaine spatiale. L’objectif du site est de décrypter l’actualité, les stratégies des gouvernements et des entreprises, d’analyser les tendances du secteur. Notre vocation est d’apporter une expertise dans chacun de deux domaines, la cybersécurité et l’espace et de diffuser auprès du plus grand nombre des informations précises sur la sécurité spatiale et d’approfondir certains sujets incontournable avec toujours une approche professionnelle. Voir la suite

About Us
Contact Us
Privacy Policy

Some figures in the draft

Update (22 july 2021)

But what is a security controls overlay ?

The following is an extract ftom the Space Platform Overlay

How to address the ground issue ?

Need to go futhermore ?

Contents

Articles

Papers

Videos

Webinars

Podcasts

Past Events

Upcoming Events

Contents

Attacks on Space Systems

Articles

Papers

Videos

Webinars

Past Events

Upcoming Events

Contents

List of new Articles

Some good Papers

Webinars and past events to review

Upcoming Events

Past Events

Contents

News of the latest Attacks on Space Systems

List of new Articles

CYSAT’21

Space ISAC (Space Information Sharing and Analysis Center)

SPD-5 : National Space Policy Directive 5 aka « Cybersecurity Principles for Space Systems »

AsterX: First french military exercise in space

War in Space

Some good Papers

Videos

Webinars to review

Podcasts

Upcoming Events

CYSAT ’21 – Teaser

CYSAT’21 Opening keynote by Elodie Viau (ESA)

CYSAT’21: Massimo Mercati from the European Space Agency (ESA)

CYSAT’21: Patrick Nicolet “How current cybersecurity trends can serve the space industry”

CYSAT’21: Florian Shütz “Switzerland, a leading nation for cybersecurity and space innovation”

CYSAT ’21: Alexandre Karlov “End-to end protection of space assets and data”

CYSAT ’21: Giovanni Pandolfi “Exploiting cybersecurity from the ground (segment) up”

CYSAT ’21: Enrique Fraga Moreira “Keeping the cloud securely attached to the ground (segment)”

CYSAT ’21: Adrien Bécue “The role of quantum technologies in secure communications”

CYSAT ’21: Akash Patel “Democratizing and reliability of data & AI solutions in space”

CYSAT ’21: S. Linden & C. Rückriegel “Security considerations for ground segment cloud platforms”

CYSAT ’21: James Pavur “Adventures in VSAT hacking: lessons for space security”

CYSAT ’21: Vincent Lenders “Secure and fast satellite broadband”

CYSAT ’21: Julien Airaud, “Overview of cybersecurity integration”

About CYSEC

About AP-Swiss

Un événement entièrement virtuel et en ligne

Teaser CYSAT’21

Pourquoi un tel événement ?

Informations pratiques

A propos de CYSEC

A propos d’AP-Swiss

Last Posts

Popular Category

Popular posts

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY