Categories
Space Bits

Cosmos 2542 meeting USA 245

Interesting thread where some ESA‘s 2012 slides containing threats models are commented while “Cosmos 2542, a Russian satellite, has recently synchronized its orbit with USA 245, a NRO KH11” sat”.

By the way, CCSDS’ SEA-SEC Working group is in the process of updating its 2015 Security Threats against Space Missions Green Book. Issue 2. December 2015 – (CCSDS 350.1-g-2 PDF file).

Categories
Space Bits

CubeSat Postmortem

HackADay has a “Lessons Learned from a CubeSat Postmortem” article on “KRAKsat Sattellite Mission – Lessons Learned” paper published by the mission team from AGH University of Science and Technology in Cracow, Poland. No crucial error described in the paper is directly linked to cyber, however some are interesting:

  • Problems with clearing the flash memory (testing and implementation issues),
  • Impossibility to download data from the flash memory by radio UHF2 (different implementations and behaviour of two redundant components). This one particularly highlight the issue we may face with safety measures that requires different implementations but are not done properly. I remember datacenters provider implementing different controllers and software for HVAC and power. I wonder if this is still the case.
  • No emergency option to shutdown satellite subsystems permanently. Kind of reverse kill-switch.
  • The lack of an own ground station. Ground stations are costly. I wonder what would be the price comparing to the overall cost of a Cubesat mission. Maybe the solution would be to plan for emergency services.
  • Inaccurate analysis of the missions requirements. No comment, space is hard.

Others errors are listed as well and interesting : file systems issues (or lack-of fs in this case), data encoding, hard coded parameters, etc.

Categories
Space Bits

ESA practices (Cyber)security

Considering the context, I highly doubt the contrary could be announced but nevertheless, some bits on cybersecurity at ESA are detailed in this ESA’s publications “ESA practices security” from November 2019.

This general publication perfectly introduces what was discussed at Space19+.

September 30, 2019:

A presentation from ESA on Cyber Resilience from “ESA Cyber Resilience Team” gives us hints on what is ahead for ESA :

December 13, 2019 :

RHEA, has operations at ESA European Space Security Centre (ESEC) in Redu, Belgium (mentioned in the publication) and few news about it :

A New Leading Cybersecurity Operations Center for Space in Europe. Not much said apart from the fact that this CYCS is blending a Cyber range / training center too. In case you were wondering how much could cost a “Cybersecurity Operational Center” (definition required at it looks to be more than a Security Operations Center), the answer is around €37 million. €14 million from Belgium, €10 million from RHEA. More than the previous source.

Categories
Space Bits

Fall (partial) press review

Actualy this is a very limited press review but I have noted some articles, mainly articles from November 2019 Via Satellite issue published before or after 2019’s Cybersat Summit, all related to Access Intelligence LLC (yeah, that one was easy to find):

The Growing Risk of a Major Satellite Cyber Attack (November, 2019) : comments on Vulnerabilities (Satellite network, supply chain), Small satellites (ground stations and Open Source software- COTS perceived as threats). Vulenrabilities may come from absence of Security Maintenance, weak encryption and old it equipment, few words on Newspace

Different Industries Face Divergent Cyber Challenges (November 15, 2019)

Satellite Providers Stymied by Lack of Cyber Standards (November 14, 2019)

Three trends we see everywhere have also impacts on our cyber posture when it comes to space systems :

–          Blockchain : Blockchain: The Next Big Disruptor in Space

–          SDN Sat : The Software-Defined Future of Satellites

–          IA : Space 2.0: Taking AI Far Out (December, 2019)

Categories
Space Bits

LoRaWAN Security

Bits on LoRaWAN Security:

LoRa Security – Building a Secure LoRa Security by Robert Miller

Security Review of LoRaWan networks by Renaud Lifchitz .

Renaud est intervenu pour la COMET du 18/09/2018 : Space’s Industrial Control Systems Security 2nd Edition : IoT Devices Vulnerabilities : Aeronautics and aerospace security.

Categories
Space Bits

Les mutations de la guerre (thread Twitter)- Université d’été de la défense

Categories
Space Bits

AIAA is looking for a Program Manager, Aerospace Cybersecurity

AIAA has a listing in its current openings for a Program Manager, Aerospace Cybersecurity. Job description is in this pdf.

Categories
Space Bits

MITRE joins Space ISAC

From a MITRE’s news:

spaceisac

The Space Information Sharing and Analysis Center (ISAC) and National Cybersecurity Center announced on Aug. 26 that MITRE will become the Space ISAC’s newest founding member, joining Kratos Defense & Security Solutions and Booz Allen Hamilton. Scott Kordella, MITRE’s executive director for space, will serve on the Space ISAC board of directors.
The Space ISAC aims to “facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member firms; and to serve as the primary communications channel for the sector with respect to this information,” according to an Aug. 26 press release.

MITRE is known in cybersecurity for many publications and tools among them the not-aging Ten Strategies of a World-Class Cybersecurity Operations Center (pdf, I have seen discussed in some space cybersecurity workshops) and the ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) project.

Space ISAC has a website and a Twitter account.

More on Dark Reading.

Categories
Space Bits

Has a (cyber-)crime been committed on the ISS ?

Not strictly space cybersecurity related but it could be the first identity theft case seen in space (if confirmed): an astronaut may have fraudulently accessed a bank account from an ISS’ computer.

Issues like juridiction, forensics and legal use of NASA’s assets are dealt with in few articles:

Categories
Space Bits

2019 Challenges to Security in Space

U.S. Defense Intelligence Agency has released in February 2019 a report on challenges to U.S. Security in Space (newsreport in pdf).