Session

Session 12: Advanced Technologies 3

Abstract

The days of “dumb” satellites in LEO are numbered. As many CubeSat missions have proven, commercial off the shelf (COTS) processors – orders of magnitude more powerful than traditional rad-hard parts – can fly. Powerful processors give satellite designers the horsepower they need to collect, analyze, and process big datasets on-orbit. The extra headroom also accommodates rapid development using traditionally-terrestrial COTS and open-source operating systems and software stacks. Unfortunately, these large software ecosystems bring their terrestrial cyber sins into orbit with them. We need to understand and mitigate the cyber threat now, before bad patterns become entrenched and propagated.

This paper reviews a set of cybersecurity guidelines that help developers craft more securable designs for small satellites. The guidelines highlight ways that satellite security and ground system security can strengthen each other. Since system compromise remains possible even if best practices are followed, the guidelines suggest ways to recover control. We further describe ongoing work in a reference implementation that honors the guidelines, building on the seL4 microkernel as the security foundation and NASA’s Core Flight Software (cFS) as the functionality foundation.

Comments

alternates

kyle_ingols.pdf (1821 kB)
Presentation

Share

COinS
 
Aug 10th, 12:00 AM

Cyber in a World of Plenty: Secure High-Performance On-Orbit Processing

The days of “dumb” satellites in LEO are numbered. As many CubeSat missions have proven, commercial off the shelf (COTS) processors – orders of magnitude more powerful than traditional rad-hard parts – can fly. Powerful processors give satellite designers the horsepower they need to collect, analyze, and process big datasets on-orbit. The extra headroom also accommodates rapid development using traditionally-terrestrial COTS and open-source operating systems and software stacks. Unfortunately, these large software ecosystems bring their terrestrial cyber sins into orbit with them. We need to understand and mitigate the cyber threat now, before bad patterns become entrenched and propagated.

This paper reviews a set of cybersecurity guidelines that help developers craft more securable designs for small satellites. The guidelines highlight ways that satellite security and ground system security can strengthen each other. Since system compromise remains possible even if best practices are followed, the guidelines suggest ways to recover control. We further describe ongoing work in a reference implementation that honors the guidelines, building on the seL4 microkernel as the security foundation and NASA’s Core Flight Software (cFS) as the functionality foundation.