Cyber Defense of Space-based Assets: Verifying and Validating Defensive Designs and Implementations

The evolving nature of a malicious and persistent threat is unlike traditional environmental hazards to space flight missions, such as radiation. Consequently, engineering mission systems to be resilient to this new generation of threats may require extending or modifying traditional systems engineering processes and paradigms so as to effectively address the more dynamic behavior and characteristics of the intelligent adversary. This paper steps through a live deployment of a common reconnaissance attack on mission systems that have been deemed “secure” by traditional means, e.g., via compliance to the canonical IT Security Plan. The observations and lessons learned from studying a live attack in a mission context enabled us to identify and map out those critical areas that must be addressed in future systems engineering efforts. Particularly those that aim to build more resilient mission systems to the cyber adversary. In short, the simple reconnaissance demonstration presented here illustrates how a collection of “secure” machines can be assembled into an insecure system requiring that we explore cyber-defensive testing facilities, methodologies, toolsets, and how these can be linked to testing goals.