Daniel Kline, Johns Hopkins University
Keywords: Cybersecurity, AI, ML, Intrusion Detection, Intrusion Prevention, Cyber Kill Chain
Abstract:
The use of Artificial Intelligence and Machine Learning (AI/ML) algorithms designated for semi-autonomous environments continues to rise in operational technology (OT) networks. While using the ‘latest’ and ‘greatest’ technology helps in the realization of strategic advantages for overall mission success, there are safeguard measures that should be used in operational scenarios. The actionable intelligence gathered from these algorithms must be trusted for the systems to make best use of this technology. Space Domain Awareness (SDA) objectives stand to gain much from the improved processing innovations especially as it pertains to spacecraft collision avoidance. These AI/ML workloads grow more vital with the increasing number of both satellites and debris in orbit. The users of this data rely on up-to-date records under the assumption that they have not been manipulated and are serving in the best interest of the space vehicle mission objective. For collision avoidance determinations, both false-positive and false-negative errors can prove detrimental to the mission. Compromise of the satellite sub-systems can mean putting the expensive hardware on a collision course with objects that could have been avoided.
Both Industry and Government are eager to supplement the human workforce with AI solutions, but there are so many unknowns right now that limit the widespread and repeatable adoption of these tools. Through the investigation of a comprehensive data security strategy for SDA applications, teams can responsibly integrate with next-generation AI solutions. Most of the highly publicized cyber events relating to space enterprises begin at traditional network ingress points on ground. These points still provide the easiest access to large quantities of data. As there are rapid innovations in the satellite community, there will also be novel exploit techniques with which to contend that target these next-generation systems. With more emphasis being placed on increased processing power in orbit, these satellites become highly visible targets that must turn towards a more proactive cybersecurity approach like any device on an enterprise network. Siloed network operations are not enough to comfortably protect the vehicles in orbit due to the interconnected nature of satellite links and distributed data processing and storage. Instead, the security teams must analyze the vulnerabilities of the data paths and associated incident response techniques that will best assure SDA objectives.
Appropriate preventative controls must be put in place during this uncertain time in responsible AI usage until there are standards put in place for streamlined operation across the board. AI/ML workflow integration methodologies should be mapped with cyber security strategies for escalating attack phase. Case studies into the adoption and integration of available network technologies that aid in SDA missions will provide critical insight into robust AI/ML-enabled architecture solutions. Ultimately, SDA mission objectives can have the added benefit of increased operational efficiency while implementing a strategized cyber risk management policy.
Date of Conference: September 16-19, 2025
Track: Space Domain Awareness