Nick Tsamis, MITRE; Harvey Reed, MITRE; David Vivanco, The MITRE Corporation
Keywords: cybersecurity, space operations, ssa, metrics, measure, effectiveness, operational relevance
Abstract:
Space operations continue to grow in complexity due to the increased participation and population of on-orbit space system assets. New operational activities within space require a re-evaluation of the methods and processes we use to define a clear understanding of the domain. As operations grow in complexity, the space domain requires more efficient and accurate information to support a consistent and trusted common understanding of space situational awareness.
The current space ecosystem is continuing to expand, leading to organizations now finding themselves in a situation where large amounts of data needs to be processed and analyzed for current and future space activity. The expansion leads to an increase in computing systems required and complexity of the architectures used to support system-to-system communication, potentially spanning across different physical regions. From a cybersecurity perspective, this can be viewed as a significant increase in the attack surface that must be addressed increasing the challenges to cybersecurity practitioners in facilitating trustworthy data exchanges among space community stakeholders.
The space domain is not immune from cybersecurity threats. As a quickly developing critical infrastructure, space remains an attractive target for cyber adversaries. Risks from a cyber-attack that has ability to disrupt accurate space situational awareness affects not only a single space stakeholder, but rather all space faring participants. These risks impose consequences far beyond the cybersecurity community, threatening the safe, endured, and sustainable access to space resources. Aligning and integrating cybersecurity solutions based on common operational space activities, e.g. tailored specifically to support space situational awareness, can yield solutions that will allow space operators to more effectively address these risks.
Traditional approaches to cybersecurity often do not consider the unique operational functions carried out within the domains into which they are integrated. Identifying such operational activities from the space situational awareness community can be an effective enabler in guiding a tailored approach to cybersecurity. As approaches, methodologies, and policies to cybersecurity are all actively being developed and implemented, it is now a valuable time to ensure the solutions being developed are indeed effective and useful to space domain stakeholders.
By better understanding cybersecurity needs unique to the functions carried out in the space domain, solutions can be integrated to support real-time operational activities more effectively and efficiently. As a step towards better understanding the domains needs, it is proposed to start with a common vernacular to describe space domain operations. Using a common space language helps align cybersecurity goals (e.g. outcomes) and requirements (e.g. implemented controls) to space functions generically, rather than overfitting solutions to a single user or implementation. This allows cybersecurity solutions developed to be highly applicable across mission sets, yet tailored where necessary, to accommodate mission-specific constraints.
While not an end solution for all the challenges faced, using a common language to describe space operations reduces the overfitting to individual stakeholders perspectives and allows for solutions to be effectively coordinated across the domain, incorporating a diverse set of operators and users. A characterization of space missions can then be described in a more consistent and concrete way. Further, by characterizing different missions, identified similarities in space functions needed presents a ripe opportunity to take a consistent and modular approach to cybersecurity.
Future efforts to help further coordinate defense in the domain can make use of a common understanding to develop more standard cybersecurity playbooks (i.e. sets of standard operating procedures) for effective multi-stakeholder monitoring, protection, and response. From this perspective, cybersecurity can serve as a conduit to increased collaboration amongst space domain stakeholders in helping to define interfaces, standards, and new normative measures for driving towards a clearer and more trustworthy picture of space situational awareness.
Starting with the application of such a common lexicon proposed, a more effective means to communicate across stakeholders provides a clearer understanding of space situational awareness cybersecurity success criteria. The need for space domain-integrated cybersecurity can serve as a call to action for overall increased community collaboration, ultimately moving the domain towards agreement on acceptable performance standards facilitating more sustainable, if increasingly congested, space domain activity.
Date of Conference: September 19-22, 2023
Track: SDA