The Cyberspace Operational Environment
Emerging technologies have the potential to change the way information assurance and mission resilience are achieved. The Aerospace Corporation has been investigating various technologies that may eventually influence the development of space and cyber systems. Some of these include virtualized computers, protected terrestrial networks, cognitive radios, and biologically inspired mechanisms. These technologies tend to fall into one of three categories (see below) and may seem unrelated; however, when considered collectively, they suggest the sort of grand synthesis that space and cyber systems will need to achieve in the coming years.
- System security engineering and mission assurance
- Space, ground, user, and launch segment security
- Threat analysis, vulnerability/risk assessments
- Source selection and acquisition security guidance
- Cyber resiliency and program protection planning
- Cyber command, control, and situational awareness
- Architecture analysis and Independent Program Assessments
Cyber Software and Testing
- Advanced cyber effects and research
- Network, complex computing, and enterprise security
- Security test and evaluation, and penetration testing
- Wireless and mobility security exploitation
- Wargame support
- Space cyber and secure coding guidance
- Virtual machine and cloud computing
- Technology Assessments and malware analysis
Information Assurance Technology
- COTS evaluation strategies and trade studies
- Cryptographic and key management architecture/plans
- Certification and accreditation
Crosslink Focus on Cyber Security
Cyberspace and cybersecurity are increasingly important to all businesses, and space is no exception when it comes to the necessity of protection in this realm. There is no shortage of news stories related to computer hacking, intrusion, theft, and exfiltration into and out of an array of corporate computer networks and their security systems. The 2012 issue of Aerospace’s Crosslink magazine dealt with many of these issues, as shown below.
Growing concern over emerging cyber threats is shifting attention to mission resilience—the ability to operate through new and evolving threats in the cyberspace domain.
Aerospace researchers are pursuing diverse means of endowing space systems with the intelligence, autonomy, and adaptability needed to overcome a range of future threats.
Transition to net-centricity encourages users throughout the Department of Defense to share information, but it also introduces cybersecurity vulnerabilities. Recognizing, understanding, and addressing these vulnerabilities are essential to successful transition.
Space systems need enhanced resiliency to ensure performance of critical functions and overall mission operations during a cyberattack. Aerospace is investigating various approaches to achieving such resilience for current and future programs.
Space systems will undoubtedly be targeted for future cyberattacks—but by focusing on capabilities, rather than components, developers can ensure that space assets will deliver critical functionality when it is needed most.
Tactics, techniques, and procedures used by the authors of the Stuxnet computer worm that attacked Iran’s nuclear program can be used by advanced persistent threat actors in attacking other targets, including national security space systems. Architects must consider these capabilities as they design and implement modern space systems.
The Aerospace Corporation has worked closely with the NSA since the 1980s to assess the security of computer information systems and space cryptography equipment. Today, the broader focus is on the protection of critical information and systems with the need to operate through potential cyber incidents.