Until recently, the traditional approach to operating spacecraft involved a single party operating the craft, the payload, and its ground network. This vertical integration allowed for the information security of the spacecraft to be built around the trust within an organization.
We are moving into an era where operators are now using third-party ground stations, splitting the roles of spacecraft, and even sharing payload operators with other entities. This multi-party/global approach to operations has improved speed and efficiencies, but it has also exposed a growing cyber-risk to our global satellite network, due to:
- Hosted payloads, shared space vehicle busses
- A growing reliance on third-party architecture components
- Complex supply chains, thousands of moving parts, some outside the USA
- Human error, unpatched systems, misconfigured software, or insider threats
Any of these can result in the disruption of command, control, and communication, or even worse: alter the functionality or sensor data of systems. In this hybrid, multi-party environment, security can no longer be based on trust. Updated communications software is crucial.