Cybersecurity in Space

Thank you to to be here and I'm happy to see that much people here. uh also the sponsors thank you uh to make uh possible this event and uh yeah we are part of um my name is Hiro I'm working u for redwire space in ki I'm the security assurance manager there and the export control officer I do a lot more but this is the main focus what I'm doing so what is the the goal of the function uh I'm busy with physical security with cyber security and with the security in the projects. So who is require space? We are making satellites and space instruments. That's what we are doing. Okay. Wait to switch here. Wait, wait,

wait wait.

Okay. Space is one of the fastest growing sectors nowadays. Uh everything in today's world exists within or is connected into space. Meaning we must address cyber security as a top priority. Cyber attacks may compromise the functionality of satellites and this impacts not only the military where it in fact comes from. Satellites are more present in our daily life. Think about fleet management, uh banking applications, energy grids, uh communication, internet, uh navigation and so on, broadcasting, all what you can think is uh connected to space, the unique operating environment, the distance factor because it's it's far away and the complex architectures of space, ground, and optical and of uh RF um interfaces makes it a potential vulnerable uh

interface. This means that access to any communication of uh one of these interfaces is the start of a possible cyber attack.

It's do it like this. Yeah. Okay. So here I will give you some examples of uh recent uh satellite attacks uh mainly uh by the following components jamming spoofing or disabling uh GPS communications. So the multi-dommain attack on viaat disrupting the satellite connectivity in Europe via an internet connected VPN appliance uh was happening in 2022 while uh the the war in Ukraine breakout. Um the so this was disrupting uh the communication here in Europe. And you see here all the access points on on the figure. Yeah. That were uh involved. Uh an other um attack was the 12-day war in June 25 between Israel and Iran. Nobody has heard about it, but it happened really. 72 space cyber attacks

occurred, mainly DDS attacks, uh data leaks and data breaches. who was involved, the Israeli space agency, two Israeli defense companies and NAZA. To protect us against uh intercept moni data intercept monitoring, data corruption and seizure of control, we need to do more uh than the basic stuff that we know in cyber security. So why is cyber security in space so critical today? As I said, we are using a lot of services that we don't know or or don't uh yeah see physically on your phone. Yeah, you are watching a movie on YouTube. that's quite possible that it is transferred or or uh sent to your uh mobile phone via a satellite and that's why the space sector is

included in the NS2 directives imposing stricture cyber security uh requirements. We as a company we need to be N2 compliant as well because we will perform uh ground station activities. Suppose you want to go from point A to B where you have never been before. What you will use? Write your mobile phone or your car using GPS. And this is data produced in the space. Due to the importance of the space sector, it makes it the prime target for cyber threats and attacks. We want to explain some key high-risk space cyber threats. Jamming and spoofing. Satellites use different frequency bands. Using senals to block or to spoof communications lead to fraudulent data and senial interception. for your

information uh below 60 GHz it's a game to just listening to all satellite communication and to try to decode them. the satellite hijacking and command infiltration, the unauthorized access to uh satellites uh and to the command of and control sorry the C2 like we say uh allow hackers to take control of satellites. ransomware. The introduction of malicious coder into software even in the company or outside and to the satellites uh can disrupt operation the data exfiltration they know what you know that's very clear it's very simple an insider threat I was telling it already so malicious actions by uh personal that have access authorized access to sensitive uh space data and uh mission data. This

is really an very hard topic for me as a security assurance managers. And then the nation state attacks. It's a real concern for the Russians, the Iranians, the Chinese and so on. So these are the Yeah, like we say in Flemish, the starter. So they are uh very hard in uh in jamming and spoofing of satellites. So the risk of sophisticated and disruptive threats grow. It's up to the industry to uplift the security in space. when things go wrong in space in orbit uh we can't send uh out a physical uh person to do repairs or there is zero physical access to the satellite. So that's the big problem we have. So we are facing special challenges like

the distance, the delay and the high cost of assets which turn every second into a critical window to prevent mission failures or even even the loss of the satellites because of the latency. We can't physically patch satellites satellites sorry that are facing bit flipping due to radiation. This is also something we have to take into account. This means that based on these examples uh conventional incident response as we know here on ground yeah are not applicable anymore in space. Yeah. So we we have to have other techniques to to work towards a satellite in case something happens. An update of the firmware on satellites is a gamble. Yeah. A failed push. Yeah. Can break vital infrastructure links as

well. So and then we lose the satellite.

Just for your information, there are four distinct segments and what to protect in space. Um I speak here about four. Sometimes we have five and even six uh segments but I will uh uh explain the most important ones. The space segment this is including the satellites and other space space vehicles. above 100 kilometers above Earth. Sorry. Yeah. Uh where what are we protecting there? The onboard computers. Yeah. So in a satellite there are onboard computers even redundant. Well to to make sure that we have a lot of uh reliability. We protect the software from malware, the unauthorized access and we prevent hijacking and spoofing and we ensure the secure firmware and software updates. How we will do this? We will have

armored shielding of the satellite. I don't know if you have ever the the chance uh to visit us. Uh a couple of years ago we had an open door uh and there you could see the last uh launched satellites. Yeah. In the clean room and they are completely packed because in space there is a lot of radiation uh what creates a lot of uh problems to the hardware to electronics uh encryption. Yeah, we use encryption as well and secure command links. The ground segments is everything on earth general infrastructure where people, hardware, networks and physical locations are and this is the most challenging segment as it is an interesting target for cyber attacks. What are we protecting there? The

telecom and telemetry. So telecom is the commands to the satellites. Telemetry is the health of the satellite. All the information, the position and so on that is coming back to earth. How we do this? This is a layered security uh of encryption. So we have building blocks in the satellites and all these are uh the communications between the building blocks are encrypted and protected. We protect also the authentication of the data to maintain the integrity. How we are doing this by strong encryption, zero trust network access. This is a term that we know here on earth very well and the continuous monitoring for threads. I will explain this uh in the next part of the presentation.

The link segment uh and then I have again a question. Do you think most of the space senials are encrypted? >> You're right. No. Why? Due to older technology. Yeah. Or not needed for data coming from weather satellites or environmental situations like high radiation bit flipping as I mentioned already. And there is a certain area on earth where this is a very high radiation and this is the South Atlantic anomaly they name it. Yeah. Sorry. So the communication link is uh between ground and space mainly as I said ref links and optical links introducing enhanced security by design and that's the topic of the second uh part that stain normally will give but uh I will I will do that now.

What are we protecting uh in the link segments? The encryption of the telemetry tracking and control and we prevent jamming and spoofing and even eavesdropping on communications. How we are doing this? Thanks to encryption, authentication protocols and secure protocols. Then we have the user segments. User segments uh is all user electronics like your mobile phone, like a car, uh all other things that you're using uh where you get data from satellites where we protect the secure communication link. Uh we prevent the unauthorized access and we ensure the data integrity. How we are doing this again? encryption, secure protocols and authentication in case the customer is asking to store the satellite data uh in the cloud

environment which is uh possible today. Yeah, we have also a cloud segment but I I will go not go into detail uh uh right now on this topic. What is the attack surface in space? I I made it visible here. Um, as you know, there are a lot of satellites uh in orbit. How many do you think? Uh, how many satellites are in orbits at the moment?

>> 40,000 14. That's correct. Yeah, that's correct. That's correct. And as as as you see that uh other space manufacturers are uh or will launch like 2,600 satellites, you know, for the next coming years. So this this figure is is growing a lot. So a successful space attack uh requires four main components. That's the access to the space uh satellite to the a vulnerability like we know here on earth, a malicious payload and the command and control system. The potential cyber attack factors are in the space segments, the target uh the communication, the control and the coordination system in the ground segment who are still hackable and are the easiest way to hack or to

attack providing direct access to the command and control of the satellites to take over the satellites. the link segments. So it are intermittent communication links between space and ground and relies on RF or other uh interfaces and the user segments unauthorized access compromising service integrity and confidentiality in the supply chain also very important or becoming very important here uh and nowadays uh even in this too this is requirements in ISO 27,01 it's a requirement in the CRI is a is a it's a requirement so all these together all these uh standards together yeah we have to be compliant and uh supply chain management is a very important factor there why because we don't want to have

back doors in our hardware or in the softwares we are working together with other companies writing the software or delivering the software. Uh uh we don't want this. So we have to check this. So during uh manufacturing we have to have a look at this. Yeah. We have to know what uh our partners are doing. But not only in the development phase also the security in the launch and the deployment process is important. Something that that we have to take into account as well.

How do we hard the satellite cyber security? So we are thinking uh a lot far ahead. Yeah, we are doing a developments but we must think ahead and we need a secure by design approach as this the new cyber standards are asking more and more. So we embed cyber security in all phases of a space project. So from development to decommissioning even at the commissioning we are taking this uh into account cyber security. A major challenge that we have is to establish a trusted control. Like I said, the ground segments uh is one of the most important ones that are attackable directly here on ground and we have to control who can command what across the space and the ground segments

uh relying on the uh communication links. Data in space must be available on those who need it uninterrupted anytime transferred and stored securely. And that's why we use up-to-date frameworks like like I have listed here some frameworks and standards which provide guidelines to keep space systems consistent and more secure across borders. That's the first part. I will now switch uh to the other presentation. Sorry for that.

Sorry the presentation is not in the format that you were expecting but uh

okay what has redwire done in the past? Redwire has five satellites in orbit. Proba 1, proba 2, proba v and proba 3. Whereas number four, you don't know. Well, proba 3 was in fact the launch of two satellites. If you have seen the launch in December 2024 where two satellites were launched, one satellite is used to make uh to make a shadow on the other satellite to study the corona of uh the sun. Yeah, that's the the goal of the two set satellites flying in information in space 144 m distance from each other. These satellites uh were launched uh respectively in 2001, 2009, 2013 and 2024 as I said. So the design phase of of such a satellite starts mainly 3 to 5

years in advance. That makes that the technology is already outdated that we are using. Yeah. uh certainly for the platform. So the platform is the satellite itself. Yeah. But less applicable for the payload. A payload is for example a camera to study the corona of the sun or to study the uh vegetation of the earth. That's the probab the v from vegetation. Yeah. Or uh earth observation uh which are the other two satellites probab. So reliability is more important than performance and security due to the long-term mission. That's the idea of the customers. Oops. Okay. We are not making satellites for our own. So we have a customer. Yeah. And is choosing the satellite prime contractors which we were lucky.

We were the prime contractor for all these satellites and ISA is also the final owners and the operators and ISA determines the security in the satellites. So we cannot change that. We cannot say look this must be more secure. No, IA says these are the specs you have to follow and this is the the thing that you have to develop and to to to produce and to launch point. So to communicate with satellites uh in the past this was a high initial cost in the past such antenna such an antenna cost a lot of money modems amplifiers it's it's because the long distance you it's not a a normal amplifier that you are using a special

developed uh material and so on mainly as well if it comes or there are parts coming from the Yes, you have uh the export control regulation and so on and so on. So all these things together yeah uh make that communication in the past was already a difficult thing but there is a very low risk for cyber attacks to our satellites that was the meaning of ASA in the past it was security was not a priority but last year I was visiting Cisot in Paris as a yearly uh exhibition for cyber security in space and IA for ISA security was a top top priority or is a top top priority. So things are changing. Uh in addition, it's very expensive to

implement good authentication and uh encryption in satellites because it's all uh yeah it's it's not standardized. It's it's it's it's it's a development that that you are thinking how we make things secure. So we have guidelines but we are modifying the final development for security reasons. So I cannot disclose any information about this but this means that a high level of security is implemented for specific missions as for example the Galileo. you know they call it Leo that's the European navigation satellites and more recently last year uh also for the Sentinel 5A it's a satellite that was launched for earth observation usually in uh science missions there is no security or a light security uh

included in the satellites Oops.

So, and diff a difficult thing is to choose between reliability versus security. That's the customer who is deciding that. So, uh we have a special sat satellite operating model. We name it the clear motor. So we are able to send special commands to satellites. Yeah. You can think how this works. I will not go into detail but you can think how this works. There are certain back doors based on this safe mode. Yeah. because then a consequence can be that the satellite can become unusual.

So what is the danger of open science satellites? EA missions make science public anyway. So you if you look at the internet you can search all these things uh and the biggest threat is to make a satellite unusable or you can use satellite collisions that could happen but this is technically extremely difficult. In the meantime it gets much easier for attackers. Yeah, the price of devices is very low and available. As I said, for €300, you can have an antenna and an SDR to listen to satellite data and try to decode them. Here you see a picture from a forum TE 45. Yeah, it's coming from a better uh satellite. So, you can view this

online. Uh that's not a problem. that's available for everybody. Due to the outdated and difficult uh to update space segments, uh IA has chosen to invest in the high level security of ground stations. They receive all the data from the satellites, the interfaces, the modems, the frequencies, the modulation types, the coding, the session keys, master keys, everything to protect your data. These uh ground stations are needed to send commands to a satellite and receive uh the information that is also processed in the satellite and coming back to earth and for the daily command and telemetry data. So the physical security of the ground stations is a high priority. Um I explained already how this is done.

So we have a lot of things that we are investing in network security. And here you see a picture who knows it. This is the picture of Redu in Belgium the Ural space Red Space Center uh in in Wonia in the Ardans. So this is uh from Isa has also a cyber security test center built recently. Yeah. So uh they have the security cyber center of excellence and the cyber safety and security operations center. Belgium companies are playing a big role in this uh to make this happen. Yeah. and something to be proud of what we have in Belgium. This is rather unique in Europe. Yeah. For example, the launch of the Proban 3 satellites was completely controlled in

radio by the operations team of Ratire.

Here you see a quantum computers. Why better security is needed in space and also applicable in space. So quantum computers will break the traditional encryption standards as you know already. We are busy with postquantum uh communication encryption and they have the possibility to decrypt sensitive information. So we usually use a typical asymmetric encryption using a public and a private key. This is not considered as postquantum secure. So we are looking for postquantum safe algorithms. And here you see an example. You have Alice and you have Bob. And you will share the same symmetric key to Alice and to Bob. But the big question is how do you get these keys to Alice and Bob? And therefore we use quantum key

distribution. How does this work? So a random generated key communicated to Bob via quantum features of photons guard uh enables users immediately to detect eavesdropping attempts. Why? Because reading photons is changing the state of the photons which result in data errors. And if this error rate is uh higher than a certain threshold, yeah, the receiver knows that the the key is compromised. These data errors are detected by Bob and this day is a proven effectiveness and is 100% safe. This is statistically uh based. This you can use on earth with a distance of 200 kilometers. Yeah. And in lab it's more than thousand kilometer. But this is not uh I in practice used. So how we will um do this? So we are

proud to say that we are having a product a project sorry together with ASA and with Honeywell a cooker desert projects where uh we are working on and in space we are facing bigger distances and this project makes it possible to overcome this uh limit. Yeah, we have usually two methods uh entanglement and the cucad protocol here and and this is a a way the cucad protocol we name it the sequential radioop um which is more flexible as the satellite will store the random keys. The satellite has also the keys on board which is a security issue and uh it's possible to transfer these keys to the second user at the other side of the world. That's

high level how it uh is how it is can be explained. I cannot go into details. I cannot disclose any more data about this. If you want have a look at internet to know more about quantum key distribution uh there is the general the general protocols are explained there but for security reasons I cannot disclose more uh about this protocol. Here you see um a picture of people of retwe our minister president of flounders people of Isa and the people of Honeywell when the contract was signed. So we are proud to be in that project. Um and one thing that I have to mention here is that the security measures also in this type of projects uh to attack a

satellite from orbit is uh that means that if that happens the keys must be destroyed. Yeah. The master keys and the session keys must be destroyed. Otherwise if they have this information they can communicate again to other parties. Um that's something we want to prevent. So this is a a typical technique like for example if an F16 of an F-35 crashes also there in that uh airplane certain devices are destroyed automatically. Yeah. So feel free to contact us if you need uh quicker s communications in the future. Yeah, we are working on it. I'm I'm quite sure this this question will come. Um Oops. Hello. That was what I wanted to present to give you a better idea of uh cyber

security in space. Yeah, I hope this will help you uh a bit and uh so we are facing a lot of challenges on earth and in space which we have to overcome and that's why we are working on to protect you.