A Space Cybersecurity Approach
September 2020 by Jamel Metmati, Space Cybersecurity Engineer, Telecom Paris Tech.
The Space cybersecurity is one part of the cybernetic science. it deals with the space networks and communications between the ground station, the orbital objects, and theirs technical and cognitive skills through the machine-human gateway. Space and cybersecurity are associates in the study of the signal process between the ground control, the orbital objects, and the embedded system.
Space vulnerability context
The space systems are vulnerable for all support concerned by the digital signal in transit : the ground station, the object on orbit, the relay, the machine-human gateway. With a cyberspace extension in the vacuum of space, the cybersecurity ensures the satellite functionalities for the execution of many services : GPS for navigation, the transports, the imagery and detection for the ground, and above all the Internet full access potential from Space thanks to Starlink constellation, OneWeb system and the VSAT networks.
As a Space command was created in many countries getting the Space skills : The United States, India, China, France, Russia, the United Arab Emirates, the space cybersecurity spreads out on the other topics.
Since the first Apollo mission, the human kind is faced to face with its own image, with the Earth observation capabilities, the Artemis programme with private contractors, the solar system exploration, the embedded cybersecurity system for all orbital objects. In addition to the risks linked to the Space territory, the main vulnerabilities are connected with the encryption, the password policies, the insecure protocol and the misconfiguration software.
Moreover, the orbital position are concerned too by these vulnerabilities. Indeed, satellites next to the equator with a low inclination get an advantage on the others. As potential target, they may be more vulnerable against the cyberattacks.
Secure Space communication
In the purpose to give the value of the available services from Space, the data and the signal must be secured. Thanks to data to make allowing public or private decision, the signal analysis shows the potential of action and the hardening solution to improve the signal security. The first point is the properties of cyberspace to be considered : the signal transmission and reception crosses several context with the use of C and K band frequencies : the Ether, the atmosphere, the Earth electromagnetic field, the Space itself, the gravitation, and the space meteorology. One more point is the others conditions which appear in the Space Telecommunication Architecture for a system.
The Starlink Internet service, with 600 hundreds satellites in low orbit for 42000 planned, with 12000 satellites authorized for launch in 2020, a signal test reaching a bandwidth of 60,24 Mbits/s down and 17,64 Mbits/ up with 20ms latency announced, demonstrates an innovative network for the applying of security standard : roaming check, satellite move towards the receivers, satellite laser synchronization, data packets with ground station, between the satellites, signal double jump. Concerning the 0,48 meters receivers antenna, a jamming and man-of-the-middle attack could be launched.
The second point deals with the network vulnerability when there is a transmission and reception signal between orbital objects and the ground station. The command and control system works with the protocols which are not unknown. The computer design is the same, the input and the ouput as Ethernet gateway, Shell, UDP, TCP, Wireshark and in more Red Team Hackers and Green Team owning materials as DVB card, transponder, antenna.
Following this general process, the IP and UDP datagram analysis highlights the ID, the type of encryption, the satellite orbit, the frequency, the polarisation, the synchronization. The 3D visualization provides the right time to connect to the satellite. Then, the "US catalog of space objects" use gives some information about satellite orbital data too.
Act on the Embebbed cognitive cybersecurity
The globalized economy, through the space networks, needs an embedded space cybersecurity. This cybersecurity describes the embedded digital system inside the shuttle, the modules, the rockets, and the satellites for most of them. The cybersecurity framework applying for the satellites and the Space communication in generally is sitll to be built in a strong digitalization context.
The satellites own a weight, a height control, the solar panels for the electric power, an orbital period, an inclination, an antenna, the instruments on board. And to execute the automatic process from the crew and the ground station, each command answers with a specific action for which a computer on board or printed circuit do a computation.
At the last Hack-a-Sat organized by the Air Force and the Digital Defense service in 2020, the hack of "Stars tracker" mechanism provoked an orientation change of the solar panels to the sun. Some examples exist since the year 2000.
This type of cybersecurity gets the machine-human gateway where the cognitive security studies the correct data understanding from the computer to mitigate the action in the ground station or in Space. During the Apollo 11 mission, some alarms switched on from the computer on board at the moment the module started its move toward the lunar ground. The crew report mentioned an alarm that only the ground station could understand. It means that the 1201 and 1202 alarms had been simulated by the engineer Jack Garman and Steves Bales, a flight officer. The crew was too concentrate and its approach of the ground submitted at "the shuttle effect". The point was the computation of landing radar and the accelerator command algorithm. And the 72 Ko memory from the computer had some difficulties to interprate the data incoming.
The space cybersecurity introduces a methodology and the add-on extensions at the web environment. At least, the first quantum signal between satellites turns on closely a space cybersecurity to the particle physics.