Monitoring for Attacks on the Satellite
New technology and capabilities are always developed before cyber security concerns can be addressed and the reduced ability to do significant changes to a satellite means that vulnerabilities in a satellite will likely exist for its entire lifetime. Contrast this with the 'patch Tuesday' paradigm of terrestrial systems, where new bundles of security patches are released predictably every week as a means of handling the incessant rate of fixes, and the problem with the relatively static nature of satellite software comes into focus.
Simplicity can be a good defence for cyber security but this doesn’t necessarily apply to satellites any more. Satellite software started out as minimal pieces of code required to perform basic health checks on hardware systems and automated functions. Modern software, though, is increasingly complicated and now allows for shared use and dynamic assignment of satellite resources. What we've seen in terrestrial environments is that larger software inevitably brings more bugs while increased functionality inevitably introduces unintended access methods. Satellites are becoming increasingly more complex.
In terrestrial environments, standards and technologies exist to address cyber threats. These can be applied to the ground segment component of satellite systems, which are essentially just data centers, similar to other IT environments. However, there is a gap in the cyber defence capabilities available specifically for satellites: none of the traditional cyber security protective tools exist in the market today for satellites.
This is an increasingly relevant question posed to satellite operators as the satellites become a more integral part of important business, government and military operations, globally. The increasing deployment of satellites, use of common technologies across platforms and limited consideration of cybersecurity within satellites are elevating the potential for attacks and intrusions into systems and operations that may not have been too concerned with this question in the past.
In response, there is a need for a multifaceted push within the industry for standards, architectures, practices and tools to allow the designers of new satellite missions to understand the cyber threats and to select cost-effective solutions to help manage the satellite's health and cybersecurity state.
Download our whitepaper to learn more about the gap in monitoring for attacks on satellites in space and how to get closer to the ultimate goal of Zero Trust for satellite cyber security.