Orbital Security

Results of an Academic Work on New Space Satellite Security

Johannes Willbold

/jwillbold

  • Satellite & Space Systems Security
  • Doctoral Student
    • Ruhr University Bochum, DE
  • Visiting Researcher
    • Cyber-Defence Campus, CH
  • General Chair @ SpaceSec
  • IEEE S2CY Integration Layer Chair
  • Hack-a-Sat 2 & 4 Finals

$whoami

Space Odyssey

44th IEEE Symposium on Security and Privacy (S&P)

Firmware Attacks

ViaSat Incident

Ground Segment

Space Segment

User Segment

Firmware Attacks

Ground Segment

Space Segment

Attackers

?

Attacker Goals

Denial of Service

Malicious Data Interaction

Seizure of Control

Attacker Goals

Seizure of Control

Components

Payload

Bus

?

Components

COM

Payload

CDHS

EPS

ADCS

System Chart

Experimenter

Operated by ESA

Open for Research

Peripherals

S-/X-Band, SDR, Optical Rx., Camera, ...

Bus

Payload

System Chart

CDHS

Payload

Satellite

Bus

COM

S-Band COM

Bus-Pl. Link

COM

PDHS

All Potential Attack Path

Our Attack Paths

System Chart

COM

CDHS

Satellite

  • Bypass Access Control
    • Missing Access Control
  • Vulnerable TC
    • Stack Buffer Overflow
  • Arbitrary Code Execution
    • Missing OS Defenses

Bus

Mission accomplished: Control seized

OPS-Sat

Developer Survey

 Survey

19

Professionals

Space Agencies

Universities

Companies

Fully Anonymous

17

Satellites

10 x    1-50 kg

2 x 50-100 kg

5 x   > 100 kg

TC Protection

Question: Are any measures deployed to prevent 3rd parties from controlling your satellite?

Unknown*:

Prefer not to say / Don't know

2

4

6

8

9

3

5

Yes

No

Unknown*

 TC Obscurity

Question: What measures are deployed to prevent 3rd parties from controlling your satellite? (Multiple Answers)

2

4

4

5

Access Control

Encryption

3

*: Special knowledge about ....

Special permit needed

* ... Frequences, Modulation, etc.

* ... Protocols

3

2

Security Testing

Question: Which, if any, methods, tools or techniques were used to ensure/improve code quality? (Multiple Answers Possible)

5

1

14

Penetration Testing

Bounded Model Checking

2

Hardware/Software in the Loop

Unit Testing

10

14

But it's different for *my* satellite

Impact

1. Hack a Satellite

2.   ???

 Scenarios

Orbital Access

1

Attacking Inter-Sat Links

2

Orbital Traffic Interception

3

Orbital Denial-of-Service

Kessler Syndrome

4

Attacker Perspective

Hack-a-Sat

Math? Math!

Q&A

  • Firmware Attacks on Satellites
  • Satellite Exploitation Objectives
  • Satellite Developer Survey
  • Attacker Perspective

Johannes Willbold - johannes.willbold@rub.de

/jwillbold

@jwillbold