Cybersecurity Testbeds at The Aerospace Corporation
Aerospace has developed several testbeds for prototyping candidate architectures and testing their vulnerabilities and proposed defenses.
For example, the flight cybersecurity defense testbeds contain realistic satellite hardware and software to allow investigation of cyberattack and defense. These testbeds employ technologies such as CubeSats, software-defined radios, modular space components, and flight-hardware emulation environments. They include emulation as well as system components from various programs. The knowledge and expertise gained from these testbeds is helping Aerospace diagnose cyber defense problems, recommend countermeasures, and develop practices that thwart cyberattacks by identifying key design attributes and performing trade-off analyses.
Additional cybersecurity resources include a distributed command and control testbed, a wireless testbed, a virtualization testbed, a configurable “cross-domain solutions” testbed (with hardware and software perimeter defense mechanisms), and an advanced-protocols research testbed. The infrastructure, components, and software from each testbed can be used to support any experiment. The combined capabilities allow researchers to investigate attacks, defenses, and their effects in the presence of different hardware, software, and procedural mechanisms.
Vital research is also performed on each testbed individually. For example, the distributed command and control testbed provides a test environment for the cyber defense equivalent of command and control and battle management systems that are key to integrating technologies and weapons platforms and managing warfighting operations. This testbed serves as a platform for testing new cyber defense tools, techniques, and procedures. It also provides an integration environment for command and control and battle management technologies tested in the center’s other testbeds. It presents an environment where cyber domain wargame scenarios can be defined, executed, and evaluated and where the integration of physical and virtual command and control approaches can be investigated.
Other examples of how Aerospace is using these testbeds to support space mission resilience include:
- using the wireless testbed to support cybersecurity investigations into advanced wireless protocols such as the new 802.11 mesh networking standard;
- using the virtualization testbed to support development of a secure virtualization platform;
- using the cross-domain solutions and advanced-protocols research testbeds to investigate remote attestation capabilities.
The testbeds are administered by Aerospace’s Trusted Systems Laboratory, a bicoastal organization with offices in El Segundo, California, and Columbia, Maryland. The lab has investigated trust models, secure information flows, and virtualization technologies. In recent years, the lab has enhanced its ability to support service-oriented architectures—a major component of the military’s move toward network-centered information systems. The Trusted Systems Laboratory has integrated network equipment and edge-security appliances (such as gateways and firewalls) suitable for such architectures. The lab is also developing generic versions of typical services that might be offered in such an environment to test their security properties under different configurations.