Abstract:The security of satellite and space systems has become a pressing concern in recent years as various high-profile incidents involving satellite-based internet access have been observed in the context of the war in Ukraine. An increase in threat level is partly due to a) rapid advancements in affordable software-defined communications equipment, which have made it easier for attackers to gain communication capabilities with orbital assets and b) the increasing adoption of commercial off-the-shelf hardware and software components in spacecraft enhancing affordability and exposing potential vulnerabilities more easily. A recent study revealed that satellite software typically lacks sufficient protection against unauthorized access. However, it remains unclear how this inherent lack of security is critical to other satellites in orbit as no public work exists on cybersecurity reconnaissance. Hence, to date, identifying non-standard commands and assessing potential vulnerabilities are deemed challenging steps for attackers to perform.In light of this current state, this paper analyzes how attackers may conduct reconnaissance on satellites’ capabilities without targeting the ground segment. We develop strategies that attackers may employ to evaluate satellites’ capabilities using a satellite implementation that adheres to the ECSS-standardized Telecommand on top of a CCSDS protocol stack. Our considered strategies encompass enumeration methods to identify the subset of the standard implemented, including non-standardized functionalities. Additionally, we present strategies to analyze implementation-specific aspects of CCSDS’ Space Data Link Security (SDLS) Protocol, which serves as the primary security protocol within the CCSDS protocol family. Our strategies test the potential for timing side channels, fault-message-based enumeration, and payload length enumeration testing. To evaluate the effectiveness of our strategies, we apply them to a real-world satellite and measure their success rate.

Satellite Cybersecurity Reconnaissance: Strategies and their Real-world Evaluation

A Risk Analysis of Communication, Navigation and Sensing Satellite Systems Threats

Evaluating the Security of Satellite Systems

Building a launchpad for satellite cyber-security research: lessons from 60 years of spaceflight

Securing Satellite Link Segment: A Secure-by-Component Design

SOK: Building a Launchpad for Impactful Satellite Cyber-Security Research

Satellite-based communications security: A survey of threats, solutions, and research challenges

Towards a Unified Cybersecurity Testing Lab for Satellite, Aerospace, Avionics, Maritime, Drone (SAAMD) technologies and communications

Cyber Threat Landscape Analysis for Starlink Assessing Risks and Mitigation Strategies in the Global Satellite Internet Infrastructure

Updated Standard for Secure Satellite Communications: Analysis of Satellites, Attack Vectors, Existing Standards, and Enterprise and Security Architectures

Securing SatCom user segment: A study on cybersecurity challenges in view of IRIS

A Survey of Secure Communications for Satellite Internet Based on Cryptography and Physical Layer Security

Sanctuary lost: a cyber-physical warfare in space

A Survey of Security for Satellite Communication System

Space Digital Twin for Secure Satellite Internet: Vulnerabilities, Methodologies and Future Directions

Exploring active attacks for three incorrect implementations of the ISO/IEC 9798 in satellite networks

Security Analysis of Low Earth Orbit Satellites Based on Different Software-Defined Networking Structure

A Link Planning and DDoS Attack Detection in SDN Based Integrated Space-Terrestrial Networks

Outer Space Cyberattacks: Generating Novel Scenarios to Avoid Surprise

The Dark Side of Scale: Insecurity of Direct-to-Cell Satellite Mega-Constellations

Low Earth Orbit Satellite Security and Reliability: Issues, Solutions, and the Road Ahead