Sunteți pe pagina 1din 4
Space
Space

Use of COTS products for data processing & communications

Use of COTS products for data processing & communications Bus technologies with inadequate security controls

Bus technologies

with inadequate

security controls

Crew & passenger Internet connectivity

Cyber security risks for the space industry

connectivity Cyber security risks for the space industry Eavesdropping attack on data Satellite or manned/unmanned
connectivity Cyber security risks for the space industry Eavesdropping attack on data Satellite or manned/unmanned
connectivity Cyber security risks for the space industry Eavesdropping attack on data Satellite or manned/unmanned

Eavesdropping attack on data

Satellite or manned/unmanned space vehicle

Hostile surveillance tracking & profiling

Software updates

to unmanned

space assets

profiling Software updates to unmanned space assets Hiijacking and remote control attacks on TT&C
profiling Software updates to unmanned space assets Hiijacking and remote control attacks on TT&C

Hiijacking and

remote control

attacks on

TT&C

Hiijacking and remote control attacks on TT&C TT&C Data Comms (Tracking, Telemetry &
Hiijacking and remote control attacks on TT&C TT&C Data Comms (Tracking, Telemetry &
Hiijacking and remote control attacks on TT&C TT&C Data Comms (Tracking, Telemetry &

TT&C

Data

Comms

(Tracking,

TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)
TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)
TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)
TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)
TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)

Telemetry &

TT&C Data Comms (Tracking, Telemetry & Telemetry d o w n l i n k Control)

Telemetry

downlink

(Tracking, Telemetry & Telemetry d o w n l i n k Control) Jamming attack on

Control)

Jamming attack on TT&C and data

TT&C uplink

Data

Downlink

Data uplink

and data TT&C uplink Data Downlink Data uplink Satellite control ground station Communications ground

Satellite control ground station

Downlink Data uplink Satellite control ground station Communications ground station Ground station systems Of all
Downlink Data uplink Satellite control ground station Communications ground station Ground station systems Of all

Communications ground station

Ground station systems

Of all the systems within the satellite communications infrastructure, the ground stations are most likely to be targeted. This is purely because of their accessibility, both physically and from a network perspective. They therefore carry a higher risk profile. Tracking, Telemetry & Control (TT&C) stations are used to control physical operation of the satellite as well as perform calibration and software changes. These systems have traditionally suffered the greatest number of network intrusion attacks where the attacker’s goal has been to hijack or control the satellite or steal technical operational data. Data communication stations process imagery, voice, or other data and provide a link to ground-based terrestrial networks. These systems are targeted with eavesdropping or Denial of Service (DoS) attacks, where the attacker’s goal is to either intercept the data being transmitted or prevent data from reaching its intended destination.

Ground to space communications

The availability of low-cost, easily configurable Software Defined Radio (SDR) products has increased the likelihood that attackers will target the radio communications between terrestrial stations and space. This could take the form of active attacks against satellite telemetry systems, passive data interception attacks against data being sent via the satellite downlink to a terrestrial station and also less sophisticated radio frequency based jamming attacks to prevent access to data or services.

The use of COTS technologies

Historically many of the technologies deployed on-board satellites and manned spacecraft were proprietary. However, increasingly we are seeing the use of Commercial-Off-The-Shelf (COTS) products. This is primarily due to cost, but also the availability of developers with an understanding of the technologies being used. As the use of COTS products increases, so does the attack surface, as the attacker community has considerably more expertise with regards to exploiting commercial operating systems.

Furthermore, modern commercial operating systems are regularly updated with security patches as new software vulnerabilities are discovered. Therefore, robust mechanisms must be in place to remotely install these updates to systems on unmanned space assets. This can prove to be difficult for an industry such as aerospace where the operational lifetime of space-bound assets can span multiple decades and mission-critical software used for TT&C can often not be changed or upgraded. This puts the overall network at risk as mission-critical software becomes locked-in to legacy systems that are not upgraded over time and for which security patches for discovered vulnerabilities are not released by the vendor.

Bus technologies with inadequate security controls

The ECSS-E-ST-50-15C document was created by European Space Agency (ESA) to standardise the Controller Area Network (CAN) protocol for the communication between systems on-board spacecraft. The primary reasons for ESA advocating the use of CAN as a bus communication technology are: robust error detection and correction, low cost, low power consumption and the fact that it is widely used and validated in terrestrial applications.

There is clearly a disconnect between aerospace and other industries which have decades of operational experience with the CAN protocol, such as automotive. The automotive world is rapidly trying to move away from CAN technology, due to cyber security concerns. The CAN protocol was never designed with cyber security considerations in mind and therefore it is open to attack by malicious actors. The aviation industry is beginning to share these concerns and while aviation protocol standards based on CAN have been heavily customised for use in an airborne network, these protocols are still vulnerable to the same attacks as their ground-based counterparts.

Ethernet provides far superior capabilities with regard to segmentation, segregation and multi-layer access-control and we are seeing the proliferation of this technology across both industries.

Crew and passenger Internet connectivity and In-Flight Entertainment (IFE)

As commercial spaceflight becomes a reality, many of the security concerns associated with aircraft IFE systems will also start to apply to spacecraft. In addition, astronauts on manned space missions also need to communicate via the Internet. Therefore, the security of those devices and the communications path between computer systems on- board a spacecraft and the Internet needs to be robustly configured to prevent targeted attacks and malware infection.

2

Space Sector

Space Sector

3

Cyber security capability

With the increased accessibility of SDR technologies, we have developed a range of tools to assess the security of complex radio frequency communications protocols used in space applications.Cyber security capability Surveillance & control systems Radio systems Monitoring, surveillance and control systems

Surveillance & control systemscommunications protocols used in space applications. Radio systems Monitoring, surveillance and control systems

Radio systems

Monitoring, surveillance and control systems are used within satellite ground stations and as such we are regularly exposed to them during large security assessment engagements.

Both hardware and software-based security assessments of embedded computer technology form a large part of the engagements we perform in the Transport Assurance Practice.to them during large security assessment engagements. Embedded systems Telephony The tools, techniques and

Embedded systems

Telephonyin the Transport Assurance Practice. Embedded systems The tools, techniques and methodologies that we have

The tools, techniques and methodologies that we have developed enable us to comprehensively assess both traditional Plain Old Telephony Systems (POTS) and Voice over IP (VoIP) systems.

Vehicles networksTelephony Systems (POTS) and Voice over IP (VoIP) systems. We have been assessing the security posture

We have been assessing the security posture of dedicated vehicle networks and communication busses for more than five years and therefore, our capabilities in this area are well established.

Of all the technologies assessed by NCC Group, IT systems and web applications, for example, used in satellite ground stations, are those that have been most prevalent during client engagements. The expertise we have in these fields is unrivalled.our capabilities in this area are well established. IT & web presence 4 Space Sector Other

IT & web presence

4

Space Sector

Other services

Application availability IT & web presence 4 Space Sector Other services Within a sector increasingly reliant on business

Within a sector increasingly reliant on business critical applications our escrow agreements provide a fundamental level of security, protecting business continuity.

Source code verification level of security, protecting business continuity. We verify the source code behind applications ensuring that

We verify the source code behind applications ensuring that should it ever need to be recreated from the raw source code all of the component elements and knowledge are available.

Secure verificationall of the component elements and knowledge are available. Using our in-house technical teams and experienced

elements and knowledge are available. Secure verification Using our in-house technical teams and experienced

Using our in-house technical teams and experienced consultants we provide an independent assessment to identify any critical vulnerabilities within the application source code.

SaaS continuity

With low set-up costs, rapid deployment and high scalability the sector is making the move to Software-as-a-Service (SaaS) applications. Our SaaS Assured services provide the reassurance that in the event of SaaS provider failure you can have access to verified deposits, the documented processes and supporting information required to put your SaaS continuity plan into action.

Bespoke software testing service

The software testing division provides a professional, tailored service with a flexible delivery model that ensures that the software used in the rail industry functions as designed and meets the requirements of the users.Our testing solution architects work with customers in the rail sector to identify the best solution for their needs.plan into action. Bespoke software testing service Specialist testing services The software testing division

Specialist testing services

The software testing division delivers test excellence across all forms of functional, non-functional, digital and specialist testing services to include performance and automation.best solution for their needs. Specialist testing services The Transport Assurance Practice provides clients with

The Transport Assurance Practice provides clients with access to a pool of over 300 highly-qualified software testing professionals to deliver our services on-site or from our dedicated testing facilities.

Space Sector

5

About NCC Group

NCC Group is a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape.

With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.

We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.

the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please
the way in which organisations think about cyber security. For more information from NCC Group, please

For more information from NCC Group, please contact:

+44 (0) 161 209 5111

NCCGSCSPACEV10617

transportsecurity@nccgroup.trust

www.nccgroup.trust/transport