Security-Minded Verification of Space Systems

Abstract

Modern space systems are increasing in complexity. The advent of the Internet of Space Things, coupled with the commercialisation of space has resulted in an ecosystem that is difficult to control and brings about new security challenges. In such critical systems, it is common to conduct verification strategies to ensure that the underpinning software is correct. Formal verification is achieved by modelling the system and verifying that the model obeys particular functional and safety properties. Many connected systems are now the target of a variety of threat actors attempting to realise different goals. Threat modelling is the approach employed to analyse and manage the threats from adversaries. Common practice is that these two approaches are conducted independently of one another. In this paper, we argue that the two should be mutually informed, and describe a methodology for security-minded formal verification that combines these analysis techniques. This approach will streamline the development process and give a more formal grounding to the security properties identified during threat analysis.