CCSDS Security Working Group Program

1. CCSDS Security Working Group Program Space IT Security Standards Products Howard Weiss SPARTA, Inc. (a Parsons Company) howard.weiss@sparta.com 443-430-8090

2. Agenda • Purpose • Problem statement • Example threats • Documents • The Security Portfolio

3. Security WG Purpose • Develop Security Recommendations • Develop security guides and informative documents • Provide advice and guidance to all CCSDS WGs • Space Data Link Security Protocol (joint dev) • S/C monitor & Control, Space Link • Encryption Protocols, • Authentication Protocols • Key Management Protocols

4. Problem Statement • “Low cost” acquisition and transmitting equipment and services • Unencrypted “cleartext” Commands and Telemetry • What if the information is intercepted by unfriendly adversary • Replay commands at later time • Modify then replay commands at another time • Use your data against you (“unencrypted UAV syndrome”) • Unauthenticated Telemetry and Commands • What if you don’t care if an adversary gets the data ; “It’s just science data!” • Dual use technology • Did the command arrive unmodified? (authentic) • Did authorized organization transmit it? (authenticated, not replayed) • “Proprietary/Legacy” solutions lack cross support • Many security standards but so few work well in space environments.

5. Example Threats Space Elements • Space Debris • Replay • Link Jamming • Unauthorised Access • Software Threats Users System / Network Control • Replay • Link Jamming • Interception (theft) • Unauthorised Access • Software Threats • Traffic Analysis • Interception • Software Threats • Social Hacking • Physical Attacks • Replay • Unauthorised Access • Software Threats • Social Hacking • Physical Attacks Hardware Failure

6. Satellite owned by company A Relay Satellite owned By company B Instrument owned by agency F Instrument owned by agency B DB OBDH RF RF DB RF Bus TT&C Owned by Agency A RF DB Owned by company B Ground Tracking Network Spacecraft Control Centre GSG University A Science Facility Agency B DB Instrument Control Centre DB • Replay • Unauthorised Access • Software Threats • Jamming • Eavesdropping • Replay • Unauthorized Access • Traffic Analysis • Data Modification • Replay • Unauthorised Access • Software Threats • Denial of Service • Social Hacking • Replay • Unauthorised Access • Software Threats • Eavesdropping • Denial of Service • Data Modification • Replay • Unauthorised Access • Software Threats • Denial of Service • Social Hacking SLE SLE • Denial of Service • Eavesdropping • Replay • Unauthorized Access • Traffic Analysis • Data Modification FTP

8. Security WG Document Tree

9. Security WG Document Conception

10. Published Document Links • The Application of CCSDS Protocols to Secure Systems. Green Book. Issue 2. January 2006. http://public.ccsds.org/publications/archive/350x0g2.pdf • Security Threats against Space Missions. Green Book. Issue 1. October 2006. http://public.ccsds.org/publications/archive/350x1g1.pdf • Encryption Algorithm Trade Survey. Green Book. Issue 1. March 2008. http://public.ccsds.org/publications/archive/350x2g1.pdf • Authentication/Integrity Algorithm Issues Survey. Green Book. Issue 1. March 2008. http://public.ccsds.org/publications/archive/350x3g1.pdf • CCSDS Guide for Secure System Interconnection. Green Book. Issue 1. November 2007. http://public.ccsds.org/publications/archive/350x4g1.pdf • Space Missions Key Management Concept. Green Book. Issue 1. November 2011. http://public.ccsds.org/publications/archive/350x6g1.pdf • Security Guide for Mission Planners. Green Book. Issue 1. October 2011. http://public.ccsds.org/publications/archive/350x7g1.pdf