THE MISSION AS A TREE: A NOVEL APPROACH TO IDENTIFYING CYBER THREATS TO SATELLITES

Bonnart, Sebastian; Pickard, Aaron; Mantı, Nebile; Jha, D.

THE MISSION AS A TREE: A NOVEL APPROACH TO IDENTIFYING CYBER THREATS TO SATELLITES

Bonnart S., Pickard A., Mantı N. P., Jha D.

International Astronautical Congress Proceedings IAC-20, E9, 2.D5.4, 7, x59767., cilt.1, sa.1, ss.1-10, 2020 (Düzenli olarak gerçekleştirilen hakemli kongrenin bildiri kitabı)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 1 Sayı: 1
Basım Tarihi: 2020
Dergi Adı: International Astronautical Congress Proceedings IAC-20, E9, 2.D5.4, 7, x59767.
Sayfa Sayıları: ss.1-10
İstanbul Üniversitesi Adresli: Evet

Özet

The authors present a novel approach to identifying cyber threats to satellite missions. The methodology is innovative in both its applicability across domains of space actors in terms of satellite function and ground station location, and its further generalizability to

address other kinds of threats to uncrewed spacecraft. A threat analysis is conducted, following the four categories defined by the Open Threat Taxonomy: threat agents, threat targets, threats actions, and threat consequences. This up-to-date assessment is conducted by cybersecurity and subsystem technical experts, and varies by mission type, geopolitical context, and other factors. Similar to mindmapping diagrams, the results of the analysis are visualised in a “tree” (structure) which has 4 main branches.A threat target-branch is populated using the result of a detailed unctional analysis of the space mission under consideration. A threat agents-branch is populated with general cybersecurity concepts that are not specific to space missions. The threat actions-branch s populated by inventorying all imaginable actions that could be taken against each item of the threat target-branch. Evaluation of the potential impacts of each action may add new items in the threat consequences-branch. The most important contribution from this paper is to provide detailed lists of threat actions and threat consequences that have been synthesised during this generic threat analysis.

These lists draw from recognized cybersecurity frameworks, yet diverge from the usual cybersecurity traits as they specifically focus on actions and consequences that are related to the space environment. The presented analysis lays ground

for enhanced cybersecurity threat and risk evaluations for space missions as it provides a significant number of combinations of threat agents, targets, actions, and consequences so that better informed decisions can be taken. Better decisions ultimately lead to augmented security for a critical infrastructure the world has come to rely on.