As part of pioneering the security of satellite communication in space, NASA is funding a groundbreaking project at the University of Miami’s Frost Institute for Data Science and Computing (IDSC) which will enable augmenting traditional large satellites with nanosatellites or constellations of nanosatellites.
These nanosatellites are designed to accomplish diverse goals, ranging from communication and weather prediction to Earth science research and observational data gathering. Technical innovation is a hallmark of NASA, a global leader in the development of novel technologies that enable US space missions and translate to a wide variety of applications from Space and Earth science to consumer goods and to national and homeland security.
With advances in satellite technology and reduced cost of deployment and operation, nanosatellites also come with significant challenges for the protection of their communication networks. Specifically, small satellites are owned and operated by a wide variety of public and private sector organizations, expanding the attack surface for cyber exploitation. The scenario is similar to Wi-Fi network vulnerabilities. These systems provide an opportunity for adversaries to threaten national security as well as raise economic concerns for satellite companies, operators, and users.
In the spring of 2023, a team of cybersecurity researchers from Thales, a multinational technology company, successfully hacked into the European Space Agency's (ESA) nanosatellite, OPS-SAT, during the ESA's cybersecurity exercise known as the Hack CYSAT challenge. This ethical hack attempt revealed potential vulnerabilities in satellite systems and aimed to understand the real impact of a cyberattack on space infrastructure.
Thales researchers were able to gain access to OPS-SAT's onboard system using standard access rights, enabling control of its application environment. The intrusion allowed manipulation of the satellite's global positioning system, attitude control system, and onboard camera. Exploiting vulnerabilities, the hackers injected malicious code, compromising data transmitted back to Earth and modifying captured images.
The primary objective of this exercise: raise awareness about potential flaws and vulnerabilities in satellite systems, fostering effective remediation. Pierre-Yves Jolivet, VP Cyber Solutions at Thales, emphasized the need to enhance the cyber resilience of satellites and space programs, pointing to both ground segments and orbital systems.
While the ESA's satellite vulnerabilities are concerning, commercial satellites face even greater risks. Previous instances include a hacker building a $25 tool to breach SpaceX's Starlink system, which boasts a constellation of around 3,600 satellites in low-Earth orbit. Additionally, reports indicated that Russia successfully hacked mainstream satellite internet systems, and Anonymous claimed to have infiltrated Russian spy satellites in response to geopolitical events.
These incidents underscore the significance of addressing cybersecurity in satellite systems as the world witnesses an increase in private players entering space exploration and satellite deployment.
NASA’s science programs often engage academic institutions to explore national challenges leading to research efforts that produce insights and strategic solutions.
Dr. Yelena Yesha, Knight Foundation Endowed Chair, Professor of Computer Science and Director of IDSC AI and Machine Learning, was approached by NASA to help address this critical issue. What resulted is a project to investigate the efficacy of emerging zero trust architectures for small satellite networks and to facilitate the translation of recent research to meet the needs of a growing security problem.
Yesha is leading this project as its Principal Investigator, with extensive experience in cybersecurity and satellite communication through the Center of Excellence in Space Data and Information Sciences (CESDIS) at the NASA Goddard Space Flight Center. Yesha assembled the team to work on this project: Stephen Dennis, Dr. Phuong Nguyen, Dr. Yusen Wu, Alex Pissinou-Makki and Kevin Padron.
The project is examining recently developed blockchain technology to improve protection for inter-satellite communication. It is clear that blockchain architectures may offer additional controls for transactions between users, devices, and services, that can improve security. Stephen Dennis explains, “Our system will enforce zero trust cybersecurity principles by scrutinizing every transaction in the system, examining user credentials and permissions for requested operations, and further inhibiting malicious actors from attacking system resources."
The project will document operationally relevant use cases, which can be used to demonstrate a proof of concept that can inform cybersecurity for the simulation environment as well as be an important indicator for potential applications in satellite systems. Dennis elaborates,“In addition to the controls blockchain offers, it allows for the simulation of concepts in a low-cost environment. Because nanosatellites are lower cost and will be more prolific. the potential scale of operations is more expansive. It will be important to examine large-scale system simulations to ensure that security designs can keep pace with the expanding network of satellites. For instance, there is a prediction for 2,080 nanosatellites to be deployed by 2027.”
Beyond the economic and security implications for NASA science and space missions, the initiative also takes into account the multifaceted role of satellites. From monitoring weather patterns, crops, and movements on Earth to providing commercial support to government organizations, satellites play a pivotal role in a variety of critical domains. With the emergence of the U.S. Space Force, military activities in space have gained prominence, adding an additional layer of national security interest.
Yesha emphasized the urgency of securing communication in space due to the increasing reliance on satellites across different sectors, clarifying the project aims: “The goal is to bridge the existing gap in commercial satellite communication security, acknowledging the potential risks associated with unauthorized access and corruption. This sits at the intersection of AI, blockchain technology, and space exploration, and this technological convergence marks a significant leap to address the complex challenges of securing communication in space.”
Yesha noted that NASA is simulating the space environment for validating the effectiveness of the integrated technologies, so while still in its nascency, the exploration of AI and blockchain offers a glimpse to potentially reshape how we approach satellite-based activities in various sectors.
Stephen Dennis surfaced some of the implications of hacking nanosatellites. He explained that hacking a nanosatellite isn't fundamentally different from hacking any other resource, but rather, “it's about exploiting access points and understanding what a compromised satellite can offer in terms of connecting to interesting assets.”
The significance of the nanosatellite as an access point, itself, potentially leads to the control or disablement of resources. The subsequent compromise may then be used across internal or connected systems and networks. Securing communications is a crucial countermeasure, with a prime objective to restrict access for specific roles. Dennis confirmed, “in this project we scrutinize transactions involving the satellite, e.g. tasking, access, and operation, to verify that only authorized individuals can perform appropriate actions using authorized services.”
Dennis explained the current role of satellites, particularly those initiatives involving NASA's Earth Observation Projects: "From NASA's perspective for this specific project, it's all about Earth observation." He recounted attending a recent workshop where researchers shared ideas and algorithms aimed at enhancing the science around Earth observation. He further noted the diverse applications of satellite technology to improve weather and climate monitoring, hydrology, and the study of water resources. Dennis added these problem domains are representative of strategic issues related to satellite systems:
“We believe that the results of this research will have broader implications for space-based applications as well as other critical infrastructure systems. For instance, satellites contribute to observing changes in the state of Florida's water systems due to urban development. Beyond this, nanosatellites are also instrumental in studying volcanic activity, ocean ecology, atmospheric chemistry, and other critical elements shaping the Earth's environment.”
Dennis highlighted the work of researchers at the University of Miami studying reefs and coral reef destruction, and he stressed the importance of understanding these ecosystems and finding ways to support ecological balance. In addition, researchers have also focused on atmospheric chemistry, examining pollution, including the impact of volcanic emissions and its effects on the Earth.
Where Open Source/Open Research are concerned, Dennis expressed the importance of ensuring that appropriate components of this initiative be made transparent to project constituents: "It's part of the innovation process," he stated, highlighting the satisfaction of having a community form around an idea, and noted the push from organizations like the National Science Foundation and NASA to make data sets and software open for repeatable experiments.
Dennis justified the significance of openness in academia as a “leveling force, raising the bar on academic work and reducing the potential for scientific fraud.” From an economic perspective, he stressed the importance of the open-source model to accelerate the transformation of great ideas into commercially viable endeavors, “Remember, the Hadoop file systems became commercially supported open source, leading to the emergence of successful businesses like Cloudera and Hortonworks.”
"Open source" he continued, enables scalability, articulating, "it allows for a shift to the marketplace, and a natural way for very strong ideas to be vetted."
When it comes to managing multiple projects and algorithms within the initiative, Dennis explained that as systems become more modular, there are ways to take out modules and replace them with others. While open-source implementations might be suitable for certain aspects, businesses might opt for proprietary implementations to maintain their IP privilege and revenue streams.
The initiative is currently underway, with an immediate focus on registering users and devices while establishing loose integration with the simulation system. The approach involves running a service alongside the simulation system, which enables the development of APIs. Over the next six months, the team aims to conduct a few use cases, laying the foundation for subsequent testing and refinement. The plan is to iterate on these use cases, and report findings. The cyclical process involves close collaboration with NASA, ensuring that the evolving nature of the project aligns with the overall expectations.
Dennis revealed a core focus will be on resource allocation and vetting within simulation systems. Specifically, the team will simulate satellite resources, registering and authenticating them within a network with key implementations including administrator operations, multi-party registration, and exploring smart contracts to automate processes and streamline authentication methods.
IDSC’s approach that combines these two technologies will leverage federated learning, which minimizes the risk of data leakage, and further eliminates the need to merge isolated data sets for the development of machine learning models.
Dennis highlighted the common challenge that arises when organizations perceive their data as sensitive and are hesitant to share it for the collective benefit of achieving organizational goals. He emphasized, "the fine-grained data access controls available within our permissioned blockchain represent one approach to controlling data access related to machine learning applications."
For instance, instead of aggregating datasets, only the algorithm parameters (NOT the data) are exchanged among organizations. The sharing of these weights allows the creation of a unified model that is aligned with collective objectives. Dennis noted they have implemented this approach on an Internet of Things (IoT) application where different organizations own different devices as part of a common network:
"In the nanosatellite context, there are multiple applications whereby a satellite, resource, or data owner is unwilling to share raw data sets but could be convinced to share representational information, such as machine learning parameters that enable the community to benefit from a representation of the data that has been collected."
For Dr. Jacqueline Le Moigne, Advanced Information Systems Technology (AIST) Program Manager, from NASA Earth Science Technology Office, this partnership is integral to advancing their goals:
“By developing zero trust architectures to enhance small satellites communication security, IDSC will provide an essential cornerstone in building novel observation strategies, where large NASA satellites interact with nano- and micro-satellites as well as in-situ sensors to create an "Internet-of-Earth Things” and optimize Earth observation from multiple vantage points, at various resolutions, using NASA and non-NASA sources.”
The team is just getting started in translating their university research capabilities to meet public and private sector security needs. The exploration of vulnerabilities in nanosatellite systems, the imperative need for robust cybersecurity measures, and the novel efforts to secure inter-satellite communication highlight the evolving challenges, as more and more attention is paid to space technology.