Defending Small Satellites from Malicious Cybersecurity Threats

Abstract

The connection between space and cyberspace domains is increasingly intertwined. Advancements in space technology, decreasing costs for satellite development, and the use of commercial off-the-shelf products present many cybersecurity challenges to space infrastructure.  Additionally, space-based global critical infrastructure makes the space domain a prime target for malicious cyber threats.  Software-defined radios introduce a potential attack vector for adversaries planning malicious satellite activity.  This paper demonstrates how an adversary would send malicious commands via a software-defined radio to affect the integrity of the sensors on the satellite running NASA's core Flight System software. The experiment demonstrates one possible threat vector using a commercially available USRP N210 software-defined radio. The results show that well-constructed messages can be created to manipulate sensors on a target small satellite system.  Identifying cybersecurity vulnerabilities like these in space systems can improve security and prevent disruptions for the global space enterprise.