Nick Tsamis, The MITRE Corporation; Ruth Stilwell, Aerospace Policy Solutions, LLC; Harvey Reed, The MITRE Corporation; Nathaniel Dailey, The MITRE Corporation
Keywords: space operations, cyber security, cyber threats
Abstract:
Cyber threats pose a risk to every industry, space is not immune. As an emerging critical infrastructure, space operations become a more attractive target. The risks from a cyber attack, particulalry a lose of control, have consequences that reach far outside the cyber community and put other operators in shared orbits at risk. Under exisiting structures, that risk may not be shared with the operational community in a timely manner. This became apparent in Table Top Exercises (TTX) conducted by the Space ISAC in 2021. This paper proposes an approach to determine operationally relevant space information, and the means to broadcast this information. The approach leverages an assessment of workflows used in prior TTXs in which existing data types and willingness to share is analyzed against operational needs and risks. Further, this approach includes a process intended to encourage space stakeholders to engage in operational impact mapping, data sanitization, and information sharing with an international community, balanced against proprietary and nation-sensitive concerns.
Establishing an accepted space cyber information sharing process encourages definition and agreement of information sharing norms within the space community. The approach produces Minimum Viable Information (MVI) sets of operationally relevant space cyber information suitable for broadcasting to the space community. Such an approach seeks to build upon the current state of cybersecurity information sharing in the domain, heavily reliant on public-released hardware and software vulnerabilities, superficial information regarding cybersecurity incidents with ambiguous applicability to the space domain, and general cybersecurity news.
Removing ambiguity, minimizing required interpretation, and providing concrete guidance on how to broadcast and consume shared operationally relevant space cyber information will increase space stakeholders ability to understand potential operational risk, and incorporate that understanding in their decision processes. This, in turn, enables the international space community to actively and authoritatively collaborate towards addressing cybersecurity issues threatening the space domain.
The paper closes with a call to action, to focus on a subset of data with which to prototype an example of broadcasting and consuming operationally relevant space cyber information. Such a prototype can leverage work done in the SISE effort (general information sharing).
Date of Conference: September 27-20, 2022
Track: SSA/SDA