Following the natural evolution of edge devices, satellites are becoming smarter and more connected. They are now capable of quickly changing their configuration while in orbit to better accommodate market changes or customer requests. This new functionality shortens the time to value and maximizes the return on investment for satellite operators, but it comes at the expense of greater cyber risks related to the integrity, confidentiality and availability of the transmitted data.
To combat these risks, as well as environmental risks that impact satellite reliability, CYSEC and HEPIA formed a consortium to submit a project as part of the Swiss Space Office’s 2020 Mesures de Positionnement—an annual program that “fosters and promotes Swiss technological and scientific competences that have a clear potential for space products and services/applications.” CYSEC and HEPIA’s winning project proposes to develop a new security architecture implemented on a fault-resistant FGPA board that will facilitate secure, reliable in-orbit reconfiguration of small satellites.
With more than 1’000 small satellites launching as part of constellations every year, each collecting and transmitting valuable data, cybersecurity can no longer be ignored. Indeed, one can imagine a scenario in which an attacker manages to upload and execute malicious software on board, thus taking complete control of the satellite. Hacking an in-orbit satellite presents a new threat to satellite operators and manufacturers, as historically space engineers have prioritized building reliable systems often at the expense of security.
Cyber risks are just one of the possible fail scenarios preventing safe in-orbit reconfiguration of the on-board computer. Solar radiations can also cause alterations of information transmitted to the satellite. Research on in-orbit satellites has shown that ionizing radiation can be responsible for so-called single event effects (SEEs) that can generate faults on the on-board electronic components, e.g., bit status swaps, incorrect computations or communication errors.
The CYSEC and HEPIA project, which launched in November and will run for 15 months, aims to develop a security architecture based on asymmetric cryptography that will be implemented on a fault-tolerant FPGA board that simulates the on-board computer of a small satellite. A demonstration between HEPIA, simulating the satellite from Geneva, and CYSEC, simulating mission control from Lausanne, will prove out the capabilities of this innovative approach.
This project falls within CYSEC’s overall strategy of leveraging its ARCA confidential computing solution in applications such as the Internet of Things, Space or Maritime, where connected objects need to securely collect, transmit, store and process sensitive data.
Mathieu Bailly, VP Space at CYSEC said: “Our goal at CYSEC is to provide easy-to-access, end-to-end security to satellite operators, who now face the challenge of finding solutions to secure space assets and data. This project with our partner HEPIA will be instrumental in demonstrating that our product portfolio of ARCA on ground and ARCASPACE on board can securely and safely enable the critical satellite operation of in-orbit reconfiguration.”
About CYSEC SA
CYSEC SA is a cybersecurity company based at the EPFL Innovation Park in Lausanne, Switzerland. CYSEC developed a hardware-based trusted execution environment called ARCA that enables running container-based workloads in a plug-and-play confidential computing solution. CYSEC partners with leading cybersecurity research centers to develop technological innovations and delivers its cybersecurity solutions in four vertical sectors, namely financial services, IoT, critical infrastructure and space. In the space market, CYSEC offers end-to-end protection of satellite communications thanks to its off-the-shelf family of trusted execution environment appliances including ARCA on ground and ARCASPACE on board. For more information, please visit www.cysec.com/space
Mathieu Bailly, VP Space