Asee peer logo

Cyber-Security, Aerospace, and Secure Satellite Communications - Evolving our Approach

Download Paper |

Conference

2016 ASEE Annual Conference & Exposition

Location

New Orleans, Louisiana

Publication Date

June 26, 2016

Start Date

June 26, 2016

End Date

August 28, 2016

ISBN

978-0-692-68565-5

ISSN

2153-5965

Conference Session

Aerospace Engineering Education

Tagged Division

Aerospace

Page Count

13

DOI

10.18260/p.26634

Permanent URL

https://peer.asee.org/26634

Download Count

1452

Request a correction

Paper Authors

author page

Jonathan Michael Mercado

biography

Dale C Rowe Brigham Young University

visit author page

Dr. Rowe has worked for nearly two decades in security and network architecture with a variety of industries in international companies. He has provided secure enterprise architecture on both military and commercial satellite communications systems. He has also advised and trained both national and international governments on cyber-security.
Since joining Brigham Young University in 2010, he has designed a variety of courses on Information Assurance, Cyber Security, Penetration Testing, Cyber Forensics and Systems Administration and published over a dozen papers in cyber-security.

visit author page

Download Paper |

Abstract

STUDENT PAPER

The satellite communications (satcoms) sector is a prime example of a complex aerospace cyber-physical system. To provide a secure, robust communications capability, satcoms systems are designed to implement defense in depth from targeted attacks and component failure as well as operate effectively in harsh environmental conditions. Due to the prohibitive cost of replacement, satcoms spacecraft are frequently designed with lifespans of over a decade and must provide a continual service – where any downtime is seen as unacceptable.

Recently, several international governments have developed cyber-strategies that go against the traditional ‘quarantine, resolve, remediate’ methodology. For example, the United States government now requires the continuation of operational capabilities as a priority – over and above that of the isolation and quarantine of systems that may be impacted in a cyber-attack. This new approach will require not only multiple levels of redundancy and a structured approach to cyber-defense, but multiple information and service pathways that use independent protocol and vendor pathways to provide ongoing operational capabilities.

While new cyber-strategies are requiring systems architects to rethink their approach to cyber-defense, there is actually no cause to re-invent the wheel. Effective lessons can be learned from a satcoms industry that has faced such requirements for many decades. Indeed, the Aerospace domain is, by its nature, required to produce systems that are designed to survive the simultaneous failure or attack of multiple components. For cyber-strategists and systems architects, this requires a shift in thinking away from the protection of information and towards the continuity of service.

In this paper, we present a methodology, adapted from aerospace practices, that facilitates the design of systems designed to provide continuity of service even while under attack. We also leverage established best practices in the cyber-security space and suggest enhancements to common methodologies found within the aerospace industry. For example, due to complex mission-critical requirements, legacy interoperability and multiple vendors, aerospace projects are frequently resistant to implement recommendations from penetration tests – as such changes require extensive retesting and validation. We believe, and demonstrate proof-of-concept, that our presented methodology will enhance both the resilience and security of traditional cyber-systems, as well as aerospace cyber-physical systems – and that this approach can minimize associated time, resource and cost expenses. We conclude our approach by the application of our methodology in various hypothetical, and tangible project architectures, and compare this to traditional approaches.

Mercado, J. M., & Rowe, D. C. (2016, June), Cyber-Security, Aerospace, and Secure Satellite Communications - Evolving our Approach Paper presented at 2016 ASEE Annual Conference & Exposition, New Orleans, Louisiana. 10.18260/p.26634

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2016 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015