L’illustration ci-dessous est une carte heuristique qui présente les services spécialisés de la communauté du renseignement du 1er cercle. Cette cartographie est mise à jour des derniers changements en matière de chefs de service notamment. L’axe des temps relatif à la DPR intègre le lien vers le rapport public 2020-2021 relatif à l’activité des services de renseignement. Ce dernier rapport effectue notamment un focus particulier sur le renseignement territorial.
Après, l’alliance des entreprises françaises du newspace sous le nom de « Alliance NewSpace France« , au tour de l’écosystème français des smallsats et des nanosatellites de se réunir.
C’est ce qu’a réussi à faire Hemeria, l’industriel toulousain spécialisé dans la conception, la production et la maintenance de systèmes spatiaux et de défense, en réunissant ce lundi 11 octobre 2021 à la Cité de l’espace de Toulouse, une trentaine d’acteurs français des nanosatellites (smallsats), lors de la « Small Sat Day ».
La liste des acteurs présents (clients, partenaires, institutions étatiques, financiers, startups) : ACB, Aerospace Valley, Airbus Defence and Space, Alliance NewSpace France, ANYWAVES, ArianeGroup, ARIANESPACE, Arianeworks, Astreos, Bpifrance CLS Group (Collecte Localisation Satellites), CLUB GALAXIE, CNES, CNRS (Centre National de la Recherche Scientifique), COMAT, CDE (Commandement De l’Espace), CS GROUP, DGA (Direction Générale de l’Armement), Euroconsult, EREMS, Exotrail, Hybridpropulsion, Infinite Orbits, IRT AESE – Saint Exupéry, Kinéis, La French Fab, Leanspace SAS, LISI AEROSPACE, Loft Orbital, MECANO ID, Secrétariat Général pour l’Investissement, Newspace Factory, Nex Afrika, Nimesis Technology, ONERA – The French Aerospace Lab, Parangon European Partners, PROMÉTHÉE NewSpace, La Région Occitanie / Pyrénées-Méditerranée, Share Myspace, Sodern, SOTEREM, SPACEBEL, STEEL ELECTRONIQUE, SYRLINKS, Telnet, Thales Alenia Space, ThrustMe, TRAD, Tests & Radiations, USpace, Venture Orbital System
Hemeria conçoit et fabrique des équipements et systèmes à forte intensité technologique et sécurité de fonctionnement pour deux marchés exigeants : l’industrie spatiale et la dissuasion française.
L’occasion pour Hemeria d’annoncer qu’elle vient d’être sélectionnée par l’Etat et le CNES dans le cadre du Programme d’Investissements d’Avenir (PIA) pour le développement d’une Plateforme nanosatellite.
Plus concrètement, il s’agit de réaliser une plateforme générique, modulaire, multimissions, pour des missions civiles, militaires ou scientifiques d’ici à 2024 dans un objectif de créer une filière française des nanosatellites sur un marché en forte croissance, largement dominé par les Américains.
Les nanosatellites et les smallsats correspondent au marché des satellites de moins de 500 kg qui a explosé en l’espace de quelques années. Près de 14.000 petits satellites devraient être envoyés en orbite dans les dix prochaines années.
Face à un marché concentré autour de quelques acteurs américains, la concurrence est rude pour les projets européens. Il était temps de réagir.
Dernières minutes
HEMERIA vient de rejoindre le GIE Défense NBC en tant qu’acteur majeur et reconnu de l’excellence de l’Industrie Française de la Défense et de la Protection NRBCE (Nucléaire, Radiologique, Biologique, Chimique et Explosifs).
Le GIE Défense NBC a pour mission de promouvoir à l’international les savoir-faire, les technologies, les produits et les services des entreprises françaises du domaine NRBCE.
Connect by CNES est une structure du CNES (Centre National d’Études Spatiales), l’agence spatiale française. Elle a mis en place un parcours de formation pour devenir Ambassadeurs du Spatial. Ayant moi-même suivant cette formation et étant désormais officiellement Ambassadeur du Spatial, je vous livre ci-dessous mon retour d’expérience.
✅ Je vous conseille vivement cette formation. Elle est gratuite et ouverte au grand public. Elle livre les concepts essentiels des outils et des solutions spatiales, et dresse un panorama des applications attendues à court/moyen terme.
✅ Elle est composée de multiples modules et de sessions d’échanges sur différents sujets (géolocalisation, télécommunication, imagerie par satellite, space business, …), avec des experts du CNES.
✅ C’est une formation très complète, enrichissante, sur des sujets très techniques. Elle offre une vue d’ensemble des usages du spatial, de ses avantages, et des solutions existantes dans les domaines de la santé, l’environnement, la mobilité… On y découvre l’ampleur du sujet ainsi que tous les domaines que peut couvrir le spatial et que l’on n’imagine pas forcément.
✅ Au final, je recommande cette formation à toute personne intéressée par le secteur du spatial et tout ce qu’il peut apporter.
Si à votre tour, vous souhaitez devenir Ambassadeur du spatial, et aider le CNES à relayer leurs messages auprès du grand public, alors inscrivez-vous à la formation. Et si vous êtes suffisemment assidu, vous aurez le droit à un beau diplôme comme celui-ci :
Les vidéos ci-dessous sont issues directement du parcours de formation. Elles sont mises régulièrement à jour. En vous inscrivant, vous aurez accès aux dernières versions accompagnées de supports de qualité.
Formation Ambassadeurs // Présentation de Connect by CNES
Formation Ambassadeurs // Imagerie Spatiale, principe de fonctionnement
Find below the new Space Cyber Security Watch No 6 (october 3, 2021). In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.
wolfSSL Cybersecurity Software Solutions – wolfSSL is an embedded, lightweight cybersecurity software package for satellite applications. wolfSSL has a long history of providing cryptographic security for defense systems and, more recently, secure boot and secure communications for satellite systems. FIPS 140-2 available.
Opportunity: ESA Secure Satcom for Safety and Security (4S) – For technologies, products, systems and end-to-end infrastructures development. Secure Next Generation SatCom will help to increase the resilience of telecommunication infrastructure.
How Microsoft is taking cloud-powered innovation beyond Earth with Azure Space – The space community is growing rapidly and Microsoft’s Space team is developing capabilities and services to meet its needs for extended connectivity across the world, simulated digital space environments, and ways for dealing with the huge amount of data generated from satellites.
More work needed on space stability and security – The U.S. Space Force and Space Development Agency are fielding resilient and assured space capabilities and working to counter hostile space activity
Cyberspace and outer space are new frontiers for national security – What do cyberspace and outer space have in common? As we make clear in a new report to the Department of Defence, both are new frontiers for national security that blur traditional ideas about borders, sovereignty and defence strategy
Space EA Systems delivers satellite-enabled quantum-proof cybersecurity and innovation – Space EA’s new post-quantum encryption network defeats quantum’s destructive effect against security, while enabling satellite architectures and communication networks the ability to harness quantum’s power for DoD and commercial clients in the space sector
How AWS is opening up space with the cloud – With AWS Ground Station, don’t go spending millions of dollars building ground station infrastructure, pay by the minute for only what you use, and invest your money back in the business or the mission end of your space capability
DoD To Update Satellite Cyber Rules For Megaconstellations – Space Force’s is to allow for « increased trust in industry » to assess their own systems’ cybersecurity needs, « while doing due diligence » in reviewing whether those assessments are reliable
Space jam: why the military is prioritising cybersecurity for space – As military and civilian capabilities increasing rely on space-based assets, space and cybersecurity experts speak about the potential effects of a cyberattack against them and how to offer protection
CybExer and Spaceit To Offer Satellite Operations Cyber Exercises – A cooperation between Spaceit and CybExer, a NATO-awarded cybersecurity company developing and maintaining cyber security training platforms, to offer satellite operations related cyber exercises
Report published by the NASA Office of Inspector General in May 2021 [PDF] – investigating how ready the organisation is from a cybersecurity perspective. This audit found that during the last four years, NASA had experienced more than 6,000 cyber incidents, and 1,785 in 2020 alone. With some 3,000 websites and 42,000 publicly accessible datasets, perhaps that’s not surprising
October 6–8, 2021 : New online course : Understanding Cybersecurity in the Space Domain – The Space Domain Cybersecurity (SpaDoCs) Framework provides a comprehensive and systematic model for understanding and tackling cybersecurity in the space domain. This online course examines the practical issues of developing and sustaining a secure cyber environment through all phases of the space mission lifecycle. At the conclusion of the course, you will be able to formulate inputs and issues to a cybersecurity assessment plan for a given space domain scenario.
Past Events
July 20, 2021 : Space ISAC TableTop Exercise: Pandora’s Gambit
August 17, 2021 : Members Session: Uncovering the Hidden Value of Your Threat Data with Neal Dennis from Cyware, Space ISAC Fellow Brent Meyer, and additional presenters
September 7-9, 2021 : Joint Air & Space Power Conference 2021 – Delivering NATO Air & Space Power at the Speed of Relevance. The security challenges to NATO did not just get put ‘on hold’ as our individual countries turned inward to battle the existential threat to survival at home. Indeed, the global pandemic also presented an opportunity to NATO’s near-peer adversaries to manoeuvre and attempt to gain an advantage.
October 1st, 2021 : 1ère édition du Colloque international Galilei – le spatial & le cyberspatial de défense, Etat des lieux & Prospectives Spatiaux et Cyberspatiaux, qui se tiendra à Lyon
October 5 – 7, 2021 : ESA Software Product Assurance Workshop 2021. There will be one full day of ECSS training, followed by 3 days of interesting presentations and discussions on various topics. Registration here
October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity. The CyberSatGov Agenda is Here!
Security in LEO: Can the US Government Trust it?
Solarwinds, Colonial Pipeline: Impact on Satellite Cybersecurity
Supply Chain Risk Management: Keeping It Secure
Blackjack 2022: Prime Time is Fast Approaching
Cloud and Data Processing: Space Systems Applications and Threats and Vulnerabilities Management
Value Of Space: How Space Systems’ Critical Infrastructure Will Apply to Future National Critical Functions
October 19-20, 2021 : 2nd annual Value of Space Summit – The Space Information Sharing and Analysis Center (Space ISAC) and The Aerospace Corporation are pleased to host the 2021 Value of Space Summit, a 2-day virtual community event to convene a variety of perspectives from across the space enterprise.
October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
Papers have been selected and the program will be published shortly
November 8, 2021 : COMET CYBersécurité du CNES – Journée « Menaces « cybersécurité » et secteur spatial » à Toulouse et en distanciel.
DEF CON Aerospace Village is a researcher led, non-profit whose mission is to build a diverse community focussed on the security of everything from airports, air traffic management, aircraft and space.
The Challenge: The aerospace ecosystem is a cornerstone of the global infrastructure and economy. While passenger safety is at an all-time high, the increasing adoption of connected technologies exposes aircraft, airports, satellites, and the interdependent aerospace ecosystem to new types of risks. The consequences of a cybersecurity failure in a ground, air, or space-based system can impact human life and public safety; a crisis of confidence in the trustworthiness of air travel and space operations can undermine economic and (inter)national security.
The Aerospace Village is a unique community that bridges the gap across security researchers, the aerospace industry, public sector, academia and all.
At Virtual DEF CON 29 this year the Aerospace Village is full of talks, virtual workshops and CTFs that will have something for you to get involved in irrespective of your experience level, or what bit of the aerospace world you are interested in.
In this article, we will focus on the space cybersecurity videos recorded at the DEF CON 29 Aerospace Village held on 6-7 August in Las Vegas. All sessions were online and hybrid.
Deep Space Networking 2021 Workshops
This training session includes three Wireshark analysis sessions of Green Data transmission (with data loss), simple Red Data transmission, and Red Data transmission/retransmission after data loss.
To know more about these workshops and to download file, check here.
Part I: Ground Control to Major Licklider: Analyzing LTP
Part II: Build an LTP-Analysis Wireshark Profile
Part III: An Outage in Space — Take the LTP Wireshark Challenge
AIAA Cubesat Hacking Workshop
AIAA CubeSat Hacking Workshop is learning laboratory intended to demonstrate satellite operations cybersecurity defense and hacking principals and techniques to participants of all levels of cybersecurity proficiency, through hand-on instruction conducted by space systems experts. Participants will learn and practice hacking techniques on a simulated, remotely accessible CUBESAT system.
To know more about these workshops and to download file, check here.
Find below the new Space Cyber Security Watch No 5 (August 31, 2021). In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.
North Korea-linked hackers accessed South’s rocket developer – Hackers linked to North Korea broke into the network of a South Korean aerospace company that holds confidential rocket propulsion technologies developed for the nation’s first indigenous space launch vehicle KSLV-2
CNSSI 1253 and NIST released the Space Platform Overlay – The CNSSI 1253 (Committee on National Security Systems Instruction No. 1253) has released (Attachment 2) the Space Platform Overlay as a companion of the NIST SP 800-53 controsl guide. Space Overlay is a set of specific guidances and requirements for space. Space Overlay can be used as Security Baseline on some space systems studies.
Satellite Cyberattacks and Security: Technical Study – Satellites are crucial for everyday life and their importance is only set to grow in the future. These factors make them attractive targets to different groups including industry competitors, criminals, hacking activists, nation states, or military forces.
For hackers, space is the final frontier – As the commercial space industry heats up, security experts worry about cyberattacks. Gregory Falco is interviewed alongside Erin M. Miller for this excellent piece on space cybersecurity.
Space Resilience for Automakers Webinar presented by CAR (Center for Automotive Research) and with the contribution of Space ISAC, MITRE, Lockheed Martin and Constellation Network (14 june 2021)
September 7-9, 2021 : Joint Air & Space Power Conference 2021 – Delivering NATO Air & Space Power at the Speed of Relevance. The security challenges to NATO did not just get put ‘on hold’ as our individual countries turned inward to battle the existential threat to survival at home. Indeed, the global pandemic also presented an opportunity to NATO’s near-peer adversaries to manoeuvre and attempt to gain an advantage.
October 5 – 7, 2021 : ESA Software Product Assurance Workshop 2021. There will be one full day of ECSS training, followed by 3 days of interesting presentations and discussions on various topics. Registration here
October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity. The CyberSatGov Agenda is Here!
Security in LEO: Can the US Government Trust it?
Solarwinds, Colonial Pipeline: Impact on Satellite Cybersecurity
Supply Chain Risk Management: Keeping It Secure
Blackjack 2022: Prime Time is Fast Approaching
Cloud and Data Processing: Space Systems Applications and Threats and Vulnerabilities Management
Value Of Space: How Space Systems’ Critical Infrastructure Will Apply to Future National Critical Functions
October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
Papers have been selected and the program will be published shortly
This work is not exhaustive, so comments and observations are welcome.
Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation. However, cyber-related threats to space assets and supporting infrastructure pose increasing risks to the economic promise of emerging markets in space.
NIST is seeking comments on Draft NISTIR 8270, Introduction to Cybersecurity for Commercial Satellite Operations, which describes cybersecurity concepts with regard to crewless, commercial space operations. The document is an information reference for managing cybersecurity risks and considering how cybersecurity requirements might coexist within space vehicle system requirements. NIST is specifically interested in feedback on the document’s overall approach, the example use case, and the identified controls for the use case. (Note that the use case is only notional for illustrative purposes and is not intended to be a set of specific cybersecurity recommendations.)
A public comment period is open through August 13, 2021. Based on feedback for this publication, NIST will also consider the utility of publishing similar reports discussing other areas of space operations as needed. See the publication details for a copy of the draft and instructions for submitting comments.
Some figures in the draft
Update (22 july 2021)
Comment Period Extended for Draft NISTIR 8270, Introduction to Cybersecurity for Commercial Satellite Operations
NIST has extended the due date to October 13, 2021, for providing comments on Draft NISTIR 8270, “Introduction to Cybersecurity for Commercial Satellite Operations.” A copy of the draft and instructions for submitting comments are available here.
Space Overlay is a set of specific guidances and requirements for space. Space Overlay can be used as Security Baseline on some space systems studies.
But what is a security controls overlay ?
My explanation about an overlay is that an overlay is a customisation of security controls applied to a specific domain, in this case to space domain, which uses the NIST 800-53 controls.
To be more precise : « A specification of security controls, control enhancements, supplemental guidance, and other supporting information employed during the tailoring process, that is intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems. »
Thank’s to NIST for this explanation about security controls overlay (more here). Basically, the overlay completes the baseline.
Florent Rizzo from Cyberinflight written an article with a mindmap of the Space Overlay to have a better overview.
Space Overlay Overview (Copyright Cyberinflight – Florent Rizzo)
Government programs and/or organizations have attempted to take portions of NIST governance and apply it to space systems. The most notable attempt at this was with CNSSI 1253 and the generation of the space overlay.
The space overlay was an attempt to take an existing control set and create an overlay specific for the spacecraft as well as the launch vehicle. Overlays take something that exists (CNSSI 1253 / NIST 800-53) and determine what applies and does not apply.
The space overlay takes the existing control set and articulates what could be applicable to the spacecraft. The important distinction in this approach is the approach is not risk or threat-informed and is very generic in nature.
The space overlay has a purpose, but a better approach which aligns with the direction NIST is moving toward in revision 5 of 800-53 is creating a spacecraft baseline.
The baseline approach starts from a clean sheet of paper and establishes a specific baseline. With this approach, designers/engineers will take the master catalog (i.e., CNSSI 1253 / NIST 800-53 and all the enhancements) and generate their Program/Mission baseline.
While baseline generation can be labor intensive, it will result in tailored controls/requirements for a particular mission.
In an effort to promote a threat-informed baseline approach, the engineers need to understand the applicable threats to aid in control derivation.
To accomplish this, a generic threat library can be used to help identify the threats needing mitigated
The following is an extract ftom the Space Platform Overlay
« This overlay applies to information technology (IT) components of unmanned space platforms that support national security missions, during the life cycle phase of the space platform when it is operating in space (whether experimental1 or operational). This overlay does not apply to ground or user segments or to the launch segment, nor does it address the space platform while it is in development or testing on the ground. The assumptions made in this section about the applicable unmanned space platforms do not necessarily hold true for manned space platforms or the launch, user, or ground segments. »
The main problème with the Space Overlay (which is a great document btw) is that is does not covers the development and testing phases, it only covers pre-op, launch and after launch phases. As mentionned in the document, Space Platform Overlay does not apply to ground or user segments or to the launch segment, nor does it address the space platform while it is in development or testing on. It only apply on unmanned space platforms.
From the MITRE Att&CK framework and the right TPPs (Tactics, Technics and Procedures), Brandon Bailey built a specific Ground System TTPs to list some attack paths based on known TTPs used by hackers.
Example Ground System TTPs (Copyright Brandon Bailey)
Need to go futhermore ?
To go futhermore the concept of MITRE ATT&CK framework applied on specific domain, you can also have a look on the MITRE ATT&CK for ICS Matrix.
The MITRE ATT&CK for ICS Matrix is an overview of the tactics and techniques described in the ATT&CK for ICS knowledge base. It visually aligns individual techniques under the tactics in which they can be applied.
The MITRE ATT&CK for ICS matrix (Source: https://collaborate.mitre.org/attackics/index.php/Main_Page )
Below is the mapping of Stuxnet attack on the ATT&CK for ICS matrix (Than’ks to Airbus Cybersecurity). « Mapping Stuxnet to the ATT&CK for ICS matrix, as shown in figure 3, quickly shows how complex this attack was. Business risk owners can now identify which techniques to focus on if they need to minimise the risk from strikes like Stuxnet. »
Mapping of Stuxnet on the ATT&CK for ICS matrix (Source: https://airbus-cyber-security.com/mitre-attck-for-ics-everything-you-need-to-know/)
Find below the new Space Cyber Security Watch N°4 (June 14, 2021). In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.
(FR) Open source : les devs d’Ingenuity et de Perseverance s’associent à une entreprise de drones pour créer une architecture ouverte. Une société qui conçoit des moteurs de précision utilisés dans l’exploration de Mars et de la Lune fait équipe avec une société d’architecture de drones open source. Maxon dont la technologie permet à l’hélicoptère autonome Ingenuity et au rover Perseverance d’explorer Mars, annonce un partenariat stratégique avec Auterion, la société qui construit un avenir open source et software defined pour les flottes de drones d’entreprise.
(FR) Un consortium d’acteurs européens du numérique conçoit le futur Internet quantique de l’UE. La distribution de clé quantique (QKD – Quantum key distribution) sera le premier service à utiliser ce réseau. Le service QKD transmettra des clés de chiffrement par le biais de canaux de communication quantique sur des liaisons terrestres en fibre optique et des liaisons laser spatiales.
(FR) Risque spatial : Axa XL s’associe au français SpaceAble. Axa XL annonce avoir signé un partenariat avec la start-up française SpaceAble afin d’améliorer la couverture des opérateurs de satellites via la collecte, le traitement et la modélisation de données spatiales.
(EN) SpaceX, OneWeb and the ‘Mega’ Effect of Mega-Constellations on International Space Law. For instance, OneWeb’s satellites have been launched from the Russian spaceport Vostochny Cosmodrome since 2019: however, the Russian government did not allow OneWeb to provide internet connectivity services in Russia, citing national security concerns
(EN) Viasat to Integrate Encryptor into Link 16 LEO Spacecraft. Viasat plans to integrate its In-line Network Encryptor (INE) into the Link 16-capable Low Earth Orbit (LEO) satellite that it is developing for the U.S. Air Force Research Laboratory.
(EN) Laying the IT Groundwork for a Crowded Space Economy. If we want to make sure the space economy takes off, we must lay a reliable terrestrial groundwork now. That means putting an IT architecture in place that’s simple, safe, secure, and scalable to accomplish several objectives simultaneously.
(EN) SpiderOak Wins US Air Force SBIR Contract for OrbitSecure. Privacy technology company SpiderOak has won a U.S. Air Force small business contract to adapt its OrbitSecure protocol to military use. OrbitSecure is an Intelligence, Surveillance, and Reconnaissance (ISR) collection security system that can manage spacecraft and payloads when multiple parties are involved.
(EN) General Atomics Partners with Space Development Agency to Conduct Space-to-Air Optical Communication Experiment. SDA and General Atomics have expanded the Laser Interconnect and Networking Communication System (LINCS) program to include space-to-air optical communication demonstrations. SDA and GA will now establish and evaluate links between space and an airborne MQ-9 Reaper, in addition to the planned space-to-space and space-to-ground activities. This experiment leads to a fight where airborne assets can fly without relying on radio frequency, providing Low Probability of Intercept/Low Probability of Detection and increasing capabilities for warfighters around the world!
(EN) SDA & DARPA: June Demos To Prove Optical Sat Link Capability. « Getting a laser beam on a spacecraft to point to a laser receiver on another spacecraft accurately enough with the right power levels, the right waveforms, etc.,– it’s not an easy thing, » said General Atomics VP Nick Bucci.
(EN) General Atomics to Demo SDA Space-to-Air Optical Communication. General Atomics‘ electromagnetic systems group has received a contract to demonstrate optical communication between a low-Earth orbit satellite and an unmanned aerial vehicle for the Space Development Agency.
(EN) US Military Places a Bet on LEO for Space Security. U.S. Defense Department agencies are working with a who’s-who of military contractors, commercial satellite operators, and technology companies to finally demonstrate the feasibility of a proliferated constellation of satellites in Low-Earth Orbit (LEO).
(EN) Momentus Reaches National Security Agreement, Co-Founders Divest from Company. Momentus has made a concrete step forward with a after a turbulent few months dealing with U.S. national security concerns with the business. The in-space transportation company announced Wednesday that it has signed a National Security Agreement (NSA) with the U.S. Department of Defense and Department of the Treasury on behalf of the Committee on Foreign Investment in the United States (CFIUS).
(EN) On Detecting Deception in Space Situational Awareness (James Pavur, Ivan Martinovic). This paper has been accepted for the 16th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2021), 7-11 June 2021, Virtual event. This paper offers one of the first considerations of defense techniques against SSA deceptions. Building on historical precedent and real-world SSA data, they simulate an attack whereby an SSA operator seeks to disguise spy satellites as pieces of debris.
(EN) New ESPI Yearbook edition. The Yearbook on Space Policy is an annual publication of the European Space Policy Institute (ESPI). p.93 you can find a small section on GSaaS (Ground Station as a Service).
(EN) An overview of protected satellite communications in intelligent age. Our focus is placed on the critical technologies and practical applications, and finally discuss remaining challenges and look forward to the future research directions. It is undoubted that the protected SatCom is one of the most important systems in military communications, both now and in the future.
Videos
(EN) Locked Shields 2021. Several Space ISAC members participated in Locked Shields 2021 and threats to space injects were considered because of their involvement. The largest and most complex international live-fire cyber defence exercise in the world, Locked Shields 2021 was organised by NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) from April 13th to 16th. The exercise included new cyber-physical systems and integrated technical and strategic elements, enabling participating nations to practice the entire chain of command in solving a large-scale a cyber incident. This year was unique from other iterations of Locked Shields in that for the first time the organisers will also be participating remotely rather than gathering in Tallinn as they have done in previous years.
(EN) Mars Goes to Shell. About this Episode : Tim Canham, Mars Helicopter Operations Lead at NASA’s JPL joins us again to share technical details you’ve never heard about the Ingenuity Linux Copter on Mars. And the challenges they had to work around to achieve their five successful flights.
(EN) Space Policy Pod: Episode 21 with Sean O’Keefe (Former Administrator, NASA). Given the current real-world challenges confronting all of us, AIAA has joined the MITRE Corporation and the U.S. Chamber of Commerce to produce this podcast series to examine events and ideas affecting the space sector.
June 7-8, 2021 : Global Space & Technology Convention (GSTC) 2021 | SSTL. GSTC is Asia’s Premier Space & Technology event, bringing you the latest technology news, what’s hot in the satellite scene and space technology updates. Over 10 years in the making, GSTC has taken up a crucial role in highlighting how space technology and satellite communications will shape our lives here in Asia. From learning how satellite communication and data can transform urban cities, to its applications in maritime surveillance, security and IoT.
Upcoming Events
June 14, 2021 : Secure Connectivity Initiative. You want to hear where we stand on the Secure Connectivity Initiative and how NewSpace made in Europe can contribute? Don’t miss the opportunity to listen to European Commissioner Thierry Breton’s dialogue with start-ups and SME on ways and means to inject NewSpace concepts and technologies into the Secure Connectivity Initiative!
June 15, 2021 : Keeping Secrets in Space: Exploring the Unique Challenges of Cybersecurity in Space Systems. Our voices may not travel in the vacuum of space, but some of our most sensitive secrets do. As the United States continues to increase its reliance on space-based systems for national defense and commerce, government and industry must work together to address the unique challenges of securing digital space systems.
June 22, 2021 : 3rd Summit for Space Sustainability. The Summit for Space Sustainability is a high-level, multi-day event focused on developing solutions for space sustainability, hosted by the Secure World Foundation. The last year changed the world dramatically, offering an opportunity to build back or make changes. This year’s Summit for Space Sustainability invites a diverse group of international experts to look across a range of economic, security, and environmental issues to evaluate how space capabilities can be used to meet long-standing and new global challenges.
June 23 – 14, 2021 : Milsatcom USA (online virtual event , USA) – To achieve and maintain overmatch against its adversaries.
September 7-9, 2021 : Joint Air & Space Power Conference 2021 – Delivering NATO Air & Space Power at the Speed of Relevance. The security challenges to NATO did not just get put ‘on hold’ as our individual countries turned inward to battle the existential threat to survival at home. Indeed, the global pandemic also presented an opportunity to NATO’s near-peer adversaries to manoeuvre and attempt to gain an advantage.
October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.
October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
Papers have been selected and the program will be published shortly
This work is not exhaustive, so comments and observations are welcome.
Find below the new Space Cyber Security Watch No 3. In this paper, you will find everything that has caught our attention since the last time : news, articles, papers, Space CTI, videos, webinars, events, attacks, podcats … This work is not exhaustive, so comments and observations are welcome.
(EN) SolarWinds hackers targeted NASA, Federal Aviation Administration networks : « Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private companies. The two agencies were named by the Washington Post ».
(EN) Red Flag 21-1 integrates space, cyberspace for joint all-domain operations training – Red Flag 21-1 is an exercise with Space-unit participants including blue, red and white players from the United States Space Force, U.S. Army Space and Missile Defense Command, and allied nations combat air forces. During the exercise, they have employed « space electronic warfare capabilities that support full-spectrum national security objectives, along with offensive cyber capabilities across adversary data networks affecting that network’s ability to pass data or function properly ».
March 2021
(EN) Viasat Opens New Cyber Security Facilities in the UK – « Viasat‘s U.K. subsidiary opened a new Network Operations Center (NOC) and Cyber Security Operations Center (CSOC) in Aldershot, United Kingdom. The new facilities will support defense, government, and commercial organizations often targeted by increasingly sophisticated cyberattacks ».
(EN) SecDef briefed on military space programs, threats to satellites – « Defense Secretary last week received a detailed briefing on DoD space programs and national security threats in the space domain. This was his first high-level briefing on space issues since taking office »
April 2021
(EN) DoD space agency: Cyber attacks, not missiles, are the most worrisome threat to satellites – « Cyber and supply chain are two threats that the director of the Space Development Agency (SDA) is concerned about ». He described cyber and supply chain problems as “common mode failures,” which means that even if just a few components or portions of a system are attacked, the whole network would be out of service.
(EN) New Space Players Take Stock of Headline-Grabbing Security Breaches – Vice president of Corporate Engineering and Security for Planet, laid out the stark truth of cybersecurity threats during the CyberSat Digital event on Tuesday, May 11. New Space players on the panel took stock of cybersecurity threats in light of the ransomware attack on Colonial Pipeline, which has disrupted the gasoline supply on the East Coast
(EN) NASA OIG: NASA’s Cybersecurity Readiness – Given its high-profile mission and broad connectivity with the public, educational institutions, and outside research facilities, NASA presents cybercriminals a larger potential target than most government agencies.
(EN) CCSDS Security Working Group – Spring 2021 : CCSDS Spring 2021 Meetings has been hold remotely (17-18 May 2021) in a Virtual format at Huntsville Alabama (USA). Meeting materials can be found here.
(EN) The Space Force needs deterrence and war-winning capabilities – The USSF lacks key elements that are necessary to empower effective deterrence on orbit: sufficient offensive and defensive means to achieve its statutory functions as an armed force. Credible deterrence requires kinetic and non-kinetic capabilities, political will to use those systems, and the clear communication of a specified threat of force linked to a specific action (i.e., attack) that the U.S. wants to prevent. The armed forces behind the threat must be credible in the mind of the adversary.
(EN) Message from Steve Lee (AIAA) : If you missed the Embry Riddle Aerospace Cybersecurity Capture the Flag (CTF) at SCITECH 2021, or at the RSA Aerospace Village Sandbox on Monday, 17 May–or would like to explore it some more–the CTF is available online at the RSA Sandbox hosted by Aerospace Village. Check out the challenges and test your mad aerospace cybersecurity skillz! Sorry but now, CTF platform is now closed.
(EN) MoU Signed Between AIAA + Space ISAC For Collaboration On Space Cybersecurity Concerns – The American Institute of Aeronautics and Astronautics (AIAA) and the Space Information Sharing and Analysis Center (Space ISAC) have entered into a Memorandum of Agreement (MOU) enabling the two organizations to collaborate on aerospace and space cybersecurity endeavors.
(EN) AIAA and Space ISAC team up to defend space from cyber attack – The two organizations will cooperate to build the knowledge foundations of space cybersecurity. The Space ISAC brings cybersecurity situational awareness and operational excellence and AIAA offers its long history of convening and promoting aerospace expertise, knowledge, and leadership.
(FR) La guerre de l’espace renforce l’activité du Centre spatial de Toulouse – Le campus du CNES à Toulouse va accueillir le nouveau commandement de l’espace qui opérera les moyens spatiaux de la défense nationale. Celui-ci réunira 400 personnes dans un bâtiment dédié en 2025, formées par le CNES. Sa création a favorisé aussi la venue du futur Centre d’excellence de l’Otan pour le domaine spatial.
(EN) Space Organizations Partner To Boost Cybersecurity – Two prominent aerospace industry groups are cooperating on cyber information sharing, awareness, education, and outreach to improve the security of space operations. The agreement between the American Institute of Aeronautics and Astronautics and the Space Information Sharing and Analysis Center comes at a time when recent cyber incidents in other industries have highlighted a deficit of info sharing.
(EN) JUST IN: Space Force Wants More Cyber Teams – The Space Force is in talks with Cyber Command and the Air Force to bring more specialized cyber personnel into the fold, said the deputy commander of Space Operations Command
(EN) The Space Platform Overlay – Have you heard about Space Platform Overlay ? Government programs and organizations have attempted to take portions of NIST governance documents and apply it to space systems. Space Platform Overlay takes the existing control sets (such as the CNSSI No. 1253 and the NIST 800-53 Rev. 5) and articulates what could be applicable to the spacecraft.
(EN) EUSPA, the new EU Agency for the Space Programme – The adoption of the Regulation establishing the new EU Space Programme on April 27 marks a new beginning for the EU Space Programme and for the European GNSS Agency (GSA), which has now officially evolved into EUSPA, with an expanded mandate and new responsibilities.
(EN) It’s official: EUSPA – EU Agency for the Space Programme is here (Video) – EUSPA provides safe and performant space services, enabling synergies, EU innovation, sustainability, and security. Under the EU Space Regulation, EUSPA’s mandate includes EU Space Programme security accreditation.
(EN) EUSPA: We are hiring – The Security Department is loooking for Security Risk Engineer, Service Facilities Security Engineer, Service Security Engineer
(EN) Committee Leaders Request GAO Review of Cybersecurity Risks at NASA – “NASA’s portfolio of major projects includes satellites equipped with advanced sensors to study the Earth, telescopes intended to explore the universe, and spacecraft to transport humans and cargo beyond low-Earth orbit,” said Committee Members in the letter. “As each project represents significant investments in innovative technology, they could also be attractive targets to malicious actors.”
(EN) Congress asks GAO to investigate NASA cybersecurity – The bipartisan leadership of the House Science Committee has asked the Government Accountability Office (GAO) to investigate NASA’s cybersecurity activities amid growing concerns about hacking of government computer systems.
(EN) CYSEC joins the Gaia-X initiative, a digital alliance for space – The project aims at the next generation of Europe’s data infrastructure, a secure, federated system that meets the highest standards of digital sovereignty while promoting innovation. CYSEC contributes to this project with CYSEC ARCA Trusted OS, a solution to the challenge of securing data-in use, with full-stack protection.
Ce documentaire révèle les enjeux internationaux ancrés derrière l’exploration spatiale : recueillir des renseignements, surveiller le terrain, communiquer et naviguer; l’accès à l’espace peut être source de conflit.
(EN) June 16, 2021 : Space Resilience for Automakers – Space ISAC and the Center for Automotive Research (@cargroup) are putting on a webinar on Space Resilience for Automakers on 16 June at 12 MDT!
(EN) June 1, 2021 : Reducing Space Threats: A Resolution, Volume 2 – In response to UN Resolution 75/36, UN Member States and other key stakeholders were invited to submit their views on threats to space sustainability, what could be norms of behaviour, and how the multilateral community should move forward.
Past Events
(EN) May 25 – 28, 2021 : CyCon 2021, the 13th International Conference on Cyber Conflict – Adapting to the new reality, CyCon 2021 will provide a virtual meeting point for decision-makers, opinion-leaders, law and technology experts from the governments, military, academia and industry. CyCon is organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
(EN) « Cyber, Space, Cubed » panel at the CyCon2021 – Erin M. Miller (Executive Director, Space ISAC) and Ryan Speelman (Principal director for the Cyber Security Subdivision at the Aerospace Corporation) hold a session at CyCon 2021 for the « Cyber, Space, Cubed » panel.
(EN) James Pavur at the CyCon2021 – James Pavur hold a session by presenting his new paper « On Small Satellites, Big Rockets, and Cyber Trust », as part of a panel NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)’s CyCon2021 conference. Definitely check it out if you’re interested in launch vehicle and CubeSat cyber security.
(EN) June 1 – 3, 2021 : 5th ESA CubeSat Industry Days – Join Mathieu Bailly (CYSEC SA). If you’re curious to understand why cybersecurity matters even for smallsats missions and what they have up to at CYSEC SA, join them LIVE on June 2nd!
(EN) June 8 – 9, 2021 : Military Space USA (online virtual event , United Kingdom) – To support the warfighter through transformation and innovation within the US approach to space
Secure World Foundation is holding a Future Space Sustainability Leaders Essay Contest as part of our 2021 Space Sustainability Summit! Get your essays in by May 25th to have a chance at $1,000! More details and the topics can be found here.
(EN) June 23 – 14, 2021 : Milsatcom USA (online virtual event , USA) – To achieve and maintain overmatch against its adversaries.
(EN) October 5 – 7, 2021 : CyberSatGov – To bring together the satellite community with the government and military markets to have a comprehensive, progressive discussion about cybersecurity.
(EN) October 19 – 21, 2021 : 11th IAASS conference : Managing Risk in Space – The 11th IAASS Conference “Managing Risk in Space”, organized in cooperation with the Japan Aerospace Exploration Agency (JAXA) is an invitation to reflect and exchange information on a number of space safety and sustainability topics of national and international interest.
D5 is 54th IAA Symposium on Safety, Quality and Knowledge Management in Space Activities (D5.4 will be more technical : Cybersecurity in space systems, risks and countermeasures)
E9 is IAF Symposium on Space Security (E9.2 is more strategic and legal focused : Cyber-based security threats to space missions – establishing the legal, institutional and collaborative framework to counteract them)
Papers have been selected and the program will be published shortly
This work is not exhaustive, so comments and observations are welcome.
Disclaimer
Please be informed that the analysis detailed in this article is entirely separate from the hacking experiment conducted by the Thales team on the...
Disclaimer
Please be informed that the analysis detailed in this article is entirely separate from the hacking experiment conducted by the Thales team on the...
Introduction
In the complex landscape of modern cybersecurity, understanding the intricate mechanisms of sophisticated cyber attacks has become paramount.
On February 24, 2022, Viasat, a global...
I’m very proud and honored to be featured in the Angelina Tsuboi's course on Satellite Cybersecurity Foundations hosted on Udemy. Thank you very much...
Avec l'aimable autorisation de Martial Le Guédard, nous reproduisons ci-dessous sa cartographie au sujet des différents acteurs étatiques évoluant dans le domaine du Cyber...
L'illustration ci-dessous est une carte heuristique qui présente les services spécialisés de la communauté du renseignement du 1er cercle. Cette cartographie est mise à...
A la différence des attaques électroniques qui interférent avec la transmission des signaux de Radio Fréquence, les cyberattaques visent quant à elles, les données...
Avec l'aimable autorisation de Martial Le Guédard, nous reproduisons ci-dessous sa cartographie au sujet des différents acteurs étatiques évoluant dans le domaine du Cyber...
L'illustration ci-dessous est une carte heuristique qui présente les services spécialisés de la communauté du renseignement du 1er cercle. Cette cartographie est mise à...
A la différence des attaques électroniques qui interférent avec la transmission des signaux de Radio Fréquence, les cyberattaques visent quant à elles, les données...
Nous utilisons des cookies pour vous garantir la meilleure expérience sur notre site web. Si vous continuez à utiliser ce site, nous supposerons que vous en êtes satisfait.
