24 August 2018

No Encryption, No-Fly Rule,’ Proposed For Small Satellites


“Small satellites that have propulsion systems, but don’t have encrypted commanding systems, pose a small — but. real threat of being hacked and endangering other satellites,” according to a new report by a team of researchers from Stanford, Yale, and the University of Colorado. Jeff Foust, in an August 9, 2018 article he posted on SpaceNews.com, provided details of the recently completed study. Mr. Foust wrote that “the research by a team of graduate students, presented at the AIAA/Utah State University Conference on Small Satellites held on August 9, “recommended the space industry take steps to prevent the launch of such satellites to avoid an incident to lead to “regulatory over-reaction” by government agencies.” “We would propose a policy that, for those cubesats, and smallsats that have propulsion, the industry adopt a ‘no encryption, no-fly rule,’ said Andrew Kurzrok of Yale University.

“That recommendation comes,” Mr. Foust noted, “as cubesat developers, who once had few, if any options for onboard propulsion, are now looking to make use of more advanced chemical and electrical propulsion systems. Some of those technologies can provide smallsats with large [and swift] changes in velocity, which can enable major orbital changes.”

Mr. Foust explained that “Kurzrok and his colleagues at Stanford and the University of Colorado modeled several different propulsion systems on a notional, 10-kilogram nanosatellite, assuming the spacecraft was in a 300-kilometer orbit; and, that the propulsion systems accounted for half the spacecraft’s mass. The results ranged from the satellites reaching medium-Earth-orbit altitudes, within two hours when using chemical propulsion to passing geostationary orbit in about a year, with an electrical propulsion system.

“The scenario involving the nanosatellite with chemical propulsion, is particularly troubling,” Dr. Kurzrok told SpaceNews.com. “What are the abilities, within two hours, to track that something isn’t where it is supposed to be; and then war, or take some sort of secondary action?,” he said, concluding that the satellite reaching GEO in a year — is a much less plausible threat.”

“The concern then is, a scenario where hackers are able to take control of a satellite, and redirect it quickly,” Mr. Foust wrote. As he notes, “government as well as many commercial satellites,” employ encryption and other measures that make hacking them problematical. Not impossible, but much more difficult to hack than those that do no utilize encryption. As you might guess, employing those kinds of measures and encryption comes with a cost that many academic institutions and other nation-states aren’t willing to pay. In essence, they’ll take their chances.

“There’s been no known case where a smallsat with propulsion has been hacked,” Mr. Foust wrote; but, Dr. Kurzrok suggested it may be [likely is] only a matter of time. “If something can be hacked, eventually…..it will be hacked,” Dr. Kurzrok remarked. Something that I have written many times on this blog.

The cyber threat to our overhead satellite communications is not new; and, has had the attention of our national security and critical infrastructure protection experts for over at least a decade. Last May/2017, the U.S. Defense Science Board (DSB) completed a study assessing the vulnerability of our military and intelligence satellite constellation and concluded: “The U.S. military’s satellite communications are facing a crisis, threatened by a growing array of foreign weapons, including cyber attack capabilities, lasers, jammers, and anti-satellite weapons.” 

The DSB added that “military satellite communications will be contested [and confronted] by a myriad of effects [and threats], ranging from reversible, to destructive. The estimated and projected electronic threats against satellite communication (SATCOM), have rapidly escalated in the last few years; and, will continue to increase for the foreseeable future.”

“Advances and proliferation in advanced Electronic Warfare (EW), kinetic space, cyber capabilities threaten our ability to maintain information superiority,” the study notes, adding that “under severe stress situations, jamming can render all commercial SATCOM and most defense SATCOM — inoperable,” the DSB warned. 

As with a lot of our serious vulnerabilities, it is difficult to spend the kind of money, resources, time, etc., to address a threat that has yet to materialize. Yes, out network dependency makes us especially vulnerable. But, what do we/should we do — that gets us the biggest bang for the buck in the least amount of time, resources, and effort — lacks consensus. How you see the answer to that — likely depends on where you sit. It has long been known that our communications satellites are susceptible to interception, tampering, blocking, and so on.

The idea of a catastrophic cyber attack on our overhead satellite communications constellation is what we would call a ‘known surprise,’ or a known Black Swan-type event. One country that seems determined to employ encryption throughout their overhead satellite constellation is China, who in 2016 launched the world’s first, ‘unhackable,’ quantum communications satellite network.

Lastly, the kind of catastrophic, deliberate cyber attack on our overhead satellite constellation would be considered an act of war; and, not all of our weapons are dependent on satellites — to retaliate. It is those incidents that are carried out by rouge actors, and fall well outside what would be considered an act of war — that are the most troublesome and gnarly.

No comments: