P3536 - Space System Cybersecurity Design Standard Working Group

The Project

MOTIVATION

The cybersecurity of space systems is a growing concern, given their complexity and critical role in supporting Earth’s infrastructure. However, the lack of industry-wide standards poses a significant challenge.

A multitude of actors within the space community share the need for a standard. At the ASCEND 2022 conference, over 40 co-authors published a Call to Action, emphasizing the importance of addressing this issue.

To ensure consistent cybersecurity practices and global safety, it is crucial to establish comprehensive regulations and standards for space systems. The complexity of space missions and the need for international cooperation further amplify the urgency for harmonized rules.

To address this challenge, five subcommittees will collaborate on developing a comprehensive standard. They will define cybersecurity requirements, identify threats and vulnerabilities, and recommend appropriate controls and countermeasures for each segment of a space mission.

PROCESS

This standard focuses on deriving functional technical requirements that can be used to implement protection techniques for space system segments, subsystems, components, and or low-level components. Organizations formally document mission failure modes of interest that have been aligned with mission objectives. Existing design artifacts are then identified as references to create technical system boundaries for each failure mode of interest.  Space system attack surface, threat techniques, and protection techniques are developed then validated for technical traceability to the failure modes of interest. The outcome of the process is the formal documentation of new functional technical requirements informed by a standardized approach.

The standard currently being developed by the P3536 Working Group implements a system-of-systems technical engineering process, where complex space systems are engineered into secure blocks. This engineering process is not a post-deployment technical security guideline.

Space systems are composed of complex interconnected subsystems. This standard provides normative guidelines for secure engineering based on space mission objective primary failure modes of interest. This technical standard can be applied to space missions regardless of unique technical security requirements.

 

SCOPE and SUBCOMMITTEES

  • The Space Segment subcommittee is responsible for defining the cybersecurity requirements for satellite payloads, including communication, imaging, and other systems. It will also address the cybersecurity challenges related to orbital positioning systems such as GPS and Galileo and onboard computer systems. This subcommittee will ensure that a mission’s space segment is secure from potential cybersecurity threats.
  • The Link Segment subcommittee is responsible for addressing the cybersecurity challenges related to communication systems between the ground and space. This includes ground-to-space communication systems, such as antennas and transceivers, and space-to-ground communication systems. The subcommittee will also address the cybersecurity requirements for data encryption/decryption systems to secure data transmissions between the ground and space.
  • The Ground Segment subcommittee is responsible for addressing the cybersecurity challenges related to ground-based systems. This includes ground stations, command and control systems, data processing systems, network infrastructure, and cybersecurity systems such as firewalls and intrusion detection systems. In addition, the subcommittee will work to ensure that the ground segment of a mission is secure from potential cybersecurity threats.
  • The User Segment subcommittee is responsible for addressing the cybersecurity challenges related to end-user devices and ground-based communication systems. This includes satellite phones, tablets, base stations, towers, and other software applications such as navigation and remote sensing. The subcommittee will ensure that a mission’s user segment is secure from potential cybersecurity threats.
  • The Integration Layer subcommittee is responsible for addressing the cybersecurity challenges related to the integration of all segments of a space mission. This includes application programming interfaces (APIs), data links such as Ethernet and USB, and integration and testing systems such as simulators and emulators. The subcommittee will work to ensure that the integration layer of a mission is secure from potential cybersecurity threats and that all mission segments work together seamlessly to achieve mission objectives.