Space Oddity: Space Cybersecurity Lessons from a Simulated OPS-SAT Attack

Thumbnail Image

Files

master_Calabrese_Matteo_2023.pdf (5.33 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2023-08-21

Department

Major/Subject

Security and Cloud Computing

Mcode

SCI3113

Degree programme

Master’s Programme in Security and Cloud Computing (SECCLO)

Language

en

Pages

64

Series

Abstract

The space industry is currently experiencing a rapid transformation, driven by innovations both in space and on the ground. Lower access barriers to orbit and the widespread use of commercial off-the-shelf components have facilitated the rise of CubeSats. These small satellites, with their modular design and cost-effectiveness, enable smaller teams to engage in space operations and larger players to conduct groundbreaking technological demonstrations. Furthermore, decreasing launch costs and on-demand access to ground station services have encouraged more players to join the space industry, fostering an agile and diverse environment for experimentation. However, this growth is accompanied by significant cybersecurity challenges that demand urgent attention. Historically, the space industry has relied on security-through-obscurity, but this approach can no longer be tolerated as the industry opens up to new players and technologies. This work aims to address the often-dismissed matter of securing space vehicles, using OPS-SAT, one of the most advanced CubeSat missions, as a case study. Despite its remarkable capabilities, OPS-SAT is not immune to the general dismissal of cybersecurity that plagues the industry. This work will employ a demonstrative approach, devising and implementing an attack scenario against OPS-SAT. The chosen attacker model for this scenario is that of a malicious user with limited to no cybersecurity knowledge, reflecting the reality that attackers with varying degrees of expertise can pose a threat. While keeping the attack as simple as possible, the goal is to demonstrate the potential damage that could be caused. The findings of this work illustrate that the rapid pace of development in the space industry should be accompanied by an equally enthusiastic and vigilant security force. The importance of addressing cybersecurity concerns becomes evident as the industry evolves and attracts more players, emphasizing the need for a proactive and robust security posture to safeguard space missions and future infrastructures.

Description

Supervisor

Praks, Jaan

Thesis advisor

Falco, Gregory
Kavallieratos, Georgios

Keywords

CubeSat cybersecurity, threat modelling, SPARTA matrix, OPS-SAT, attack trees, nanosatellites

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202308275215

Collections

[dipl] Perustieteiden korkeakoulu / SCI