End-to-End Cyber Security Protection for Satellite Communications
Leaf Space, an Italian company providing ground segment services for smallsats has signed an MoU consolidating a partnership agreement with CYSEC, a Swiss cybersecurity company, to offer end-to-end cyber security protection for satellite communications.
Small satellites with a size ranging from a shoebox to the size of a washing machine are revolutionising the space industry by combining excellent capabilities with lower development costs and a shorter time-to-market, making them attractive for a whole new range of services relying on data collected in space.
Known as the ‘Newspace’, this segment is the fastest growing of the industry, fuelled by venture capitals betting on shorter return on investments.
Cybersecurity has not been historically a priority for space engineers, focusing on maximising the available mass on board rather than adding extra security features. Today the situation is changing as small satellites are capable to collect very sensitive and valuable data, raising numerous questions on the resilience of the ground and space infrastructure against cyber attacks.
CYSEC is a cybersecurity company with a mission to offer smallsat operators the first off-the-shelf solutions protecting their infrastructure and data against cyber risks. Initially supported by the ESA Business Incubation programme to research the gap in the market and develop dedicated solutions, CYSEC is now releasing a full product portfolio for both the ground and space segments providing end-to-end cyber security protection for satellite communications.
Jonata Puglia, CEO of Leaf Space commented, “Cybersecurity is now a major concern for certain Newspace actors and will become always more relevant in the near future in our industry. As a provider of ground infrastructure we want our customers to benefit from the best level of protection available today. CYSEC is the first to propose pragmatic solutions to this issue.”
Because of the complexity of satellite architectures, there are many possible entry points for a hacker from which to eavesdrop, tamper with information, cause a service interruption or even worse take control of the satellites.
However a few simple steps can efficiently discourage criminals as Mathieu Bailly, VP Space at CYSEC explained: “Our goal is to offer operators accessible tools that show the best compromise between the level of protection and the impact on the satellite design and operations. With the help of Leaf Space, we can now easily secure all ground operations using our ARCA platform.”
ARCA, CYSEC’s flagship product consists of a secured backend infrastructure that can run critical software and store sensitive data. Its main advantage is the simplicity of its integration as it is compatible with modern virtualisation tools that software developers use today such as Docker, Kubernetes, VMWare, etc while using state-of-the-art certified hardware.
The collaboration between CYSEC and Leaf Space offers an end-to-end protection covering the ground station network and the mission control software on the ground hosted by the satellite operator.
Giovanni Pandolfi, Leaf Space CTO added: “ARCA truly makes cyber security finally accessible for smallsat operators without even having to change their current habits. Combining the Leaf Space network engine with the mission control software in the ARCA trusted execution environment is a game-changer in terms of cyber resilience.”
The two partners will extend their collaboration by offering smallsat operators and manufacturers the possibility of adding a dedicated root of trust on board the satellites. Bailly added: “In addition to the ground segment, we want to stress the importance of having a root of trust on board the satellite to prevent any attack prior to launch. We designed our ARCASpace product line to secure the minimum amount of information required to trust all operations performed on board.”
Alexandre Karlov, CYSEC CTO, said: “We understood very quickly that in the smallsat market there is no cybersecurity culture yet. In particular about the generation, storage, management and handling of the cryptographic secrets that will be used on board the satellite during the mission, for example to encrypt the payload data collected in space. If these secrets are compromised then the entire mission is at risk.”
The two partners are in advanced discussions with several operators to implement a common security architecture on the ground combining the Leaf Space network of ground stations and the mission control software in ARCA.