New Orleans, Louisiana
June 26, 2016
June 26, 2016
August 28, 2016
The satellite communications (satcoms) sector is a prime example of a complex aerospace cyber-physical system. To provide a secure, robust communications capability, satcoms systems are designed to implement defense in depth from targeted attacks and component failure as well as operate effectively in harsh environmental conditions. Due to the prohibitive cost of replacement, satcoms spacecraft are frequently designed with lifespans of over a decade and must provide a continual service – where any downtime is seen as unacceptable.
Recently, several international governments have developed cyber-strategies that go against the traditional ‘quarantine, resolve, remediate’ methodology. For example, the United States government now requires the continuation of operational capabilities as a priority – over and above that of the isolation and quarantine of systems that may be impacted in a cyber-attack. This new approach will require not only multiple levels of redundancy and a structured approach to cyber-defense, but multiple information and service pathways that use independent protocol and vendor pathways to provide ongoing operational capabilities.
While new cyber-strategies are requiring systems architects to rethink their approach to cyber-defense, there is actually no cause to re-invent the wheel. Effective lessons can be learned from a satcoms industry that has faced such requirements for many decades. Indeed, the Aerospace domain is, by its nature, required to produce systems that are designed to survive the simultaneous failure or attack of multiple components. For cyber-strategists and systems architects, this requires a shift in thinking away from the protection of information and towards the continuity of service.
In this paper, we present a methodology, adapted from aerospace practices, that facilitates the design of systems designed to provide continuity of service even while under attack. We also leverage established best practices in the cyber-security space and suggest enhancements to common methodologies found within the aerospace industry. For example, due to complex mission-critical requirements, legacy interoperability and multiple vendors, aerospace projects are frequently resistant to implement recommendations from penetration tests – as such changes require extensive retesting and validation. We believe, and demonstrate proof-of-concept, that our presented methodology will enhance both the resilience and security of traditional cyber-systems, as well as aerospace cyber-physical systems – and that this approach can minimize associated time, resource and cost expenses. We conclude our approach by the application of our methodology in various hypothetical, and tangible project architectures, and compare this to traditional approaches.
Mercado, J. M., & Rowe, D. C. (2016, June), Cyber-Security, Aerospace, and Secure Satellite Communications - Evolving our Approach Paper presented at 2016 ASEE Annual Conference & Exposition, New Orleans, Louisiana. 10.18260/p.26634
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2016 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015