Securing new space means operators must adapt beyond custom, unscalable models to systems where trust is constantly questioned–a zero-trust architecture.
NSR’s newly released white paper, Space Cybersecurity – Current State and Future Needs, finds that security practices related to the burgeoning satellite industry are insufficient and the move to a Zero-Trust Architecture (ZTA) in software design and systems management is a must to address emerging threats.
The white paper is timely given the rapid expansion of the space industry. NSR forecasts that from 2020 to 2030, the satellite and space sector will yield $1.2 trillion in retail revenues and see over 24,850 satellites launched into space. They will generate more than 504,000 petabytes in data volume. Clearly, the attack surface for malign cyber actors is increasing.
The paper examines what is driving the great migration of traditional vertical space value chains to distributed hybrid architectures, examining the introduction of commercial service providers and their unintended consequences. Commercial operators are expanding their services-based business models, mirroring terrestrial stations as-a-service offerings in response. Scaling these business models amid growing cyber risks requires new solutions leveraging ZTA-based capabilities to make inter-connected networks far more resilient.
NSR looks at several companies on the forefront of the new space cybersecurity domain. Washington, D.C.-based SpiderOak Mission Systems’ OrbitSecure platform is a ZTA-based software solution specifically designed for ground and space platforms that require high security. OrbitSecure enables security when application owners differ from infrastructure owners by managing permissions using distributed ledger technology (blockchain). Chantilly, Virginia-based TriSept Corporation has developed a satellite security software solution called TriSept Security Enhanced Layer (TSEL), a Linux-based operating system for embedded devices, with an initial focus on providing a general-purpose OS for securing and maintaining the integrity of satellites of all sizes.
The paper argues that traditional cybersecurity approaches will not meet the requirements of new space. Traditional cybersecurity encompasses the principles of perimeter defense and access control and accountability.
Dave Pearah, SpiderOak Mission Systems CEO states: “You can’t expect cyber products designed for ground-based operations to meet the extreme requirements of securing space assets.”
Historically, entities independently build protective walls around their infrastructure to safeguard systems and data from theft and manipulation. In both terrestrial and space applications, with technological advancements taking place in an increasingly heterogeneous and multi-disciplinary environment, those traditional cybersecurity methods are no longer sufficient to prevent cyber breaches from happening. The industry must move away from perimeter security measures and technologies to a comprehensive and evolving cybersecurity strategy.
TriSept CEO Rob Spicer, observes: “A satellite that can survive launch and initiate operations in space is no longer the benchmark for excellence. A satellite must be capable of defending itself against all sorts of threats–with security built into every layer of operations, in space and on the ground.”
The White Paper contemplates a shift to a holistic, integrated approach to security and design. The next era of space-focused products and services must adapt beyond unscalable models of bespoke ground control infrastructure, customized onboard processing/operating systems, and instead operate in an era where trust is constantly questioned–in a zero-trust architecture.
For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.