With the completion of our Milestone 1 report, DISC delivered a design review and threat assessment of its first target for the Security Testing for Space Segment within Cybersecurity Makerspace program. Using a commodity cubesat designed for Earth Observation missions, DISC analyzed the documentation and vendor materials provided to understand the functioning of each element. The goal was to review the satellite as a customer would when trying to assess the satellite purchased from a 3rd-party. With the growth of satellite use across all industries the key questions are: Is the satellite I just purchased secure, and how can I know?
Based on this design understanding, DISC performed a threat assessment of the satellite to determine the attack surface and weaknesses in the design. This assessment allows for an informed understanding of mission risk by the customer and the opportunity to either mitigate the risk or explicitly accept it (always a choice). Unsurprisingly, supply-chain concerns emerged as a significant component of the risk to the satellite. However, these concerns extend beyond the initial procurement and into the downstream suppliers that the satellite manufacturer itself utilizes – a level of scrutiny often overlooked. Another high-level example of the findings focuses on the trust model within the satellite. While it may be isolated in space and believed to be resistant to tampering, the internal trust model cannot be a single domain and must employ internal compartmentalization to prevent or even limit attacks.
Milestone 2 will see DISC map these weaknesses to the existing Space Shield and SPARTA frameworks to discover techniques, points of attack, and mitigations to be included in design or operations.