Intrustion Detection in Space
What is the current cybersecurity state of your satellite?
​
This is an increasingly relevant question posed to satellite operators as the satellites become a more integral part of important business, government and military operations, globally. The increasing deployment of satellites, use of common technologies across platforms and limited consideration of cybersecurity within satellites are elevating the potential for attacks and intrusions into systems and operations that may not have been too concerned with this question in the past.
​
In response, there is a need for a multifaceted push within the industry for standards, architectures, practices and tools to allow the designers of new satellite missions to understand the cyber threats and to select cost-effective solutions to help manage the satellite's health and cybersecurity state.
​
How would we even know if a satellite was hacked?
​
In some scenarios, satellites can be held for ransom or caused to de-orbit, which would be immediately noticeable. In other scenarios, an attacker could subtly alter the satellite's functionality to corrupt its output or modify it in the attacker’s favor. Without an obvious impact, would the industry be able to detect an on-board compromise and the resulting loss of integrity? How could this subtle integrity corruption impact the daily satellite services that we rely on?
​
There is a gap in the current market for onboard intrusion-detection solutions to address this issue. While terrestrial systems have many cybersecurity solutions available for deployment, almost nothing exists for space. This alone should be the call to arms that the satellite industry needs to take cybersecurity more seriously.
​
This paper explores this subject, explaining:
​
-
Why satellites are important
-
What an attacker can do to cause disruptive and consequential effects
-
Why a company should protect its satellite
-
How to do that effectively
