Military and Strategic Journal
Issued by the Directorate of Morale Guidance at the General Command of the Armed Forces
United Arab Emirates
Founded in August 1971

2021-11-07

No Scope for Laxity in Space Infrastructure Security

The knowledge gap between space and humans has been shrinking by the day with space exploration becoming an indispensable part of humanity. 
 
The important contribution of space science and technology in achieving sustainable development goals and increasing the well-being of sates and peoples is now well recognised by countries across the globe. 
 
The human dependence on space is greater than ever before, and it will continue to deepen at a near-exponential rate.
In the United States — and arguably all industrialised nations — the lifestyle, economy, and national security depend upon thousands of space systems in orbit. 
 
Take the example of the Global Positioning System (GPS). It makes daily activities for individual citizens easier and enables global shipping and transportation, including ground, air traffic, and marine navigation. 
Much of the activity enabling modern communications networks and information processing leverages space-based infrastructure, which will be connected, in turn, to global cloud networks. 
 
The U.S. Armed Forces have long relied upon satellite capabilities for command and control, missile guidance, early warning, and intelligence capabilities. 
According to the Bank of America, the space industry could triple to US$1.4 trillion by 2030. By then an estimated 50,000 satellites could be in orbit, many connected to public communication networks. 
 
With the commercial space sector maturing rapidly and introducing ever more potential targets into a cyber-contested domain, it’s vital to bolster space system resiliency now to foster continuing growth and innovation into the future.
It is pertinent to note, in this background, that Edward Swallow and Samuel Visner, founding members of the Space Information Sharing and Analysis Center (Space ISAC), are calling on U.S. Congress to support a recent proposal to include space assets as crucial to national security and economic well-being.
 
The U.S. space enterprise is in the midst of a transformative policy era that will significantly shape the future of its society, the robustness of economy, and America’s role within the global community. 
The public and private sectors are on the right track collaborating to conceptualise and invest in the development of a vibrant, near-future space economy and the engineering, manufacturing, and infrastructural commitments that will underpin it. 
 
The world recently witnessed at great cost how supply chain disruptions and cyberattacks on critical infrastructure like fuel pipelines could wreak havoc on the lifeblood of domestic communities and global trade alike. Such an attack on key technology in the space domain could have similarly devastating effects.
 
As leaders in the White House and Congress discuss how to shore up America’s terrestrial infrastructure, they are also turning their eyes skyward to consider a specific, crucial, and feasible policy action for securing space. 
A bipartisan bill recently introduced in Congress would designate space systems as critical infrastructure in the national interest — a concept that has wide support within the space enterprise. Doing so is an imperative to ensure the resiliency of space assets.
 
Bolstering Space Resiliency
This discussion is not merely about space as a place; otherwise, the argument could be made for oceans and airspace likewise being critical sectors. This is, rather, a discussion about space systems — and the data they gather, distribute, and process. 
Just two decades ago, space operations were limited to large, specialised, and expensive systems. These systems were managed by a small group of space operators and featured their own dedicated networks. Today, there are more than 4,000 active satellites — and far more in prospect — operating in a complex, emerging space ecosystem that comprises assets of the U.S. government, commercial, and foreign-government and foreign-owned nongovernmental space operators and systems.
 
The dramatically decreasing cost of access to low Earth orbit and the swiftly increasing capability of small satellites to do big things have altered the name of the game. 
The degree to which space systems impact our society is the result of such a rapidly evolving space ecosystem. 
 
Need to Tackle Vulnerabilities
While the benefits offered by outer space for the betterment of humankind are numerous, one cannot afford to shut eyes to the risks that tag along. 
Space systems are increasingly vulnerable to cyber disruption. Going as far back as 1998, a U.S.-German ROSAT X-Ray satellite reportedly was compromised, causing its power systems to fail. In a more recent incident, the command and control of NASA satellites were compromised, and other efforts to compromise space systems have also been observed. 
 
Lt. Gen. Stephen Whiting, commander of Space Operations Command, said last year while serving as U.S. Space Force deputy commander: “We know that cyberattack is where we are most likely to face the enemy in space.” 
 
Inadequate cybersecurity requirements and governance have led to major cybersecurity vulnerabilities throughout space system infrastructure, including insider threats, supply chain vulnerabilities, communications cryptography, cyber best practices for ground systems, and diminished situational awareness. 
 
Previous attempts to protect space systems assumed that safeguarding ground segments meant protecting the whole system. However, modern attack vectors are more diverse and dispersed, with global exposure to user, on-orbit, and link segments. 
Ground systems, which are connected to public information networks, are built from commoditised parts and technologies that lack uniform cyber resiliency. Modern satellites — while subject to equal physical, power, and cost constraints — are built from disparate parts with varying cyber protections. There is a dire need to ensure that cybersecurity is built into all of these systems. 
 
Satellites are beholden to orbital mechanics and cannot simply be told to avoid threats. They must be active to do their jobs. Bad actors can always see and reach out to the central nodes of the system. There is no uniform approach to “zero trust” for space systems that is now a standard of modern IT systems. If a threat breaches the communications link between physical ground and space segments or compromises any component within a segment, the entire system is compromised. 
 
Open-source and commercial solutions available today are insufficient to fully inoculate space systems from cyber threats. Legacy space systems are particularly at risk. 
 
While the Communications Critical Infrastructure sector protects communications satellites, the question remains who is coordinating policy, strategies, programmes, and resources to protect the systems that launch and operate them, along with GPS and other satellites? What about the companies that manufacture, launch, or operate space vehicles or the supply chains that sustain all these space systems? 
No government entity currently coordinates this important national responsibility. It is vital to designate this responsibility to help foster consensus on standards and best practices among spacefaring governments and commercial entities. 
Ignoring these vulnerabilities could lead to graver, longer-term security risks to the entire space domain. A critical infrastructure designation would help alleviate these vulnerabilities.
 
Critical Infrastructure Designation
Taking the deliberate policy action to designate space systems as critical infrastructure would accomplish much towards securing space and ensuring a robust space economy.
A critical infrastructure designation would add protections to manufacturing and supply chains for other satellites, space vehicles, and components while extending the protections already in place for communications satellites to their launch and mission systems. 
The U.S. would make clear that space systems security and resilience are national priorities through such a declaration, which would send a caution signal to those who would harm its systems. 
 
A critical infrastructure designation would enable the industry to consolidate and amplify efforts to build collaboration among manufacturers, suppliers, owners, and operators while driving global consensus regarding best practices and information sharing, building on the work of the Space Information Sharing and Analysis Center (Space ISAC) and its Threat Intelligence Watch Center. 
Collaboration would drive consensus on prioritising defence-in-depth (DiD) risk management postures to harden space systems. All systems, hardware, firmware, and software — whether developed through traditional or agile engineering— should feature cyber-hardened designs with risk-based DiD cyber protections applied across all segments to detect, deter, and attribute attacks and overcome the risk of adversaries breaching systems and operating unhindered inside them. 
 
Additionally, space system owners and operators would be empowered to adopt baseline, threat-informed, risk-based engineering and design cybersecurity postures because they would have better ability to document and identify threats. 
With such knowledge, owners and operators can adopt appropriate risk tolerances and tailored controls and requirements for mission duration, spacecraft size, and manoeuvrability in space while minimising undue burden.
 
Promising Policy Developments
There is a global momentum to prioritise the security of space infrastructure. Last year, the European Commission — the European Union’s (EU) executive body — authored legislation to revise governance of Union-wide cybersecurity standards for critical economic and societal sectors; space systems have been added to the EU’s list of critical sectors. 
 
Recently, U.S. Reps. Ted Lieu (D-California) and Ken Calvert (R-California) introduced bipartisan legislation to establish space as a 17th sector of critical infrastructure as classified by the Department of Homeland Security (DHS). “Space is infrastructure,” Lieu argued in a joint press release, noting the pivotal role space plays in daily life. “We have to ensure that we’re protecting these critical systems by directing the right minds and resources towards them.” 
 
The Space Infrastructure Act as introduced in the House of Representatives ensures that U.S. assets in space — including orbiting satellites, space vehicles, launch systems and infrastructure, manufacturing facilities, supply chains, and associated communications and information technology — receive thorough security scrutiny and analysis. 
 
If passed, the bill would direct the DHS to partner with other federal agencies and departments and the Space ISAC to issue guidance about space infrastructure’s scope. This would designate the U.S. government’s leadership team on this issue, including a Sector Risk Management Agency to oversee space infrastructure and appropriate entities to support this oversight.
The UN has already expressed its deep conviction of the common interest of mankind in promoting and expanding the exploration and use of outer space, as the province of all mankind, for peaceful purposes and in continuing efforts to extend to all states the benefits derived there from.
 
By designating the space systems as critical national infrastructure, the U.S. can secure these pivotal capabilities to assume and maintain a stronger space position within the international community, today and in the future.
 
Reference Text: https://s-isac.org
 
 

Add Comment

Your comment was successfully added!

Visitors Comments

No Comments

Related Topics

Tracked, Turreted, Digital & Combat-Proven

Read More

Australia on the Lookout for Future Lead-In Fighter Training System

Read More

Naval Combat Management Systems

Read More

Ambitious Visions for UK Air Combat

Read More

Darpa Searches For Intelligent Imaging Sensors

Read More

Boeing’s century of innovation

Read More
Close

2022-08-01 Current issue
Pervious issues
2017-05-13
2014-03-16
2012-01-01
2014-01-01
2021-02-25
2021-02-22
2021-02-21
2022-03-01
.

Voting

?What about new design for our website

  • Excellent
  • Very Good
  • Good
Voting Number 1647