Towards a Threat Model and Security Analysis of Spacecraft Computing Systems

Abstract

Spacecrafts are increasingly getting dependent on software-based systems for operation, safety, communication, and other issues. In the early days of space exploration, the primary focus had been on the function, efficiency, and reliability of the spacecraft. However, similar emphasis has not been given to cybersecurity issues that can impact a spacecraft. With increased dependence on computerized systems in a spacecraft, we must now turn our attention towards ensuring the security of a spacecraft from various attacks from malicious parties. As spaceflight becomes more common and many national and commercial entities vie for commercial and territorial dominance of space, the risk of conflicts and attacks against a spacecraft's computer systems will become commonplace in the near future. To prepare for and defend against such attacks, we need a systematic analysis of the threat model and security issues of a spacecraft and its various systems. In this paper, we provide a thorough and systematic threat model and security analysis of a spacecraft system. Utilizing the widely used STRIDE threat modeling technique, we analyze the assets, entry points, vulnerabilities, and mitigation strategies and provide a guideline for spacecraft designers and researchers in developing secure and trustworthy spacecraft systems.