A curated list of awesome resources about the security of space systems.
If you would like to contribute, please read CONTRIBUTING.md first. It contains a lot of tips and guidelines to help keep things organized. Just click README.md to submit a pull request. If this list is not complete, you can contribute to make it so. Here is a great video tutorial to learn how to contribute on Github.
Please, help organize these resources so that they are easy to find and understand for newcomers.
If you see a link here that is not (any longer) a good fit, you can fix it by submitting a pull request to improve this file. Thank you!
Inspired by awesome-python.
- Draft 🚧
- Paid 💲
- Abandoned 💀
2020.03.31Cybersecurity for Space: Protecting the Final Frontier: The first book focused on the implementation of cybersecurity for space systems 💲
2018.11.29NAS9933: Critical Security Controls for Effective Capability in Cyber Defense 💲
2012.11.28CNSSP-12: National Information Assurance Policy for Space Systems used to Support National Security Missions
2011.11CCSDS 350.6-G-1: Space Missions Key Management Concept2012.11CCSDS 351.0-M-1: Security Architecture for Space Data Systems2014.12CCSDS 350.9-G-1: CCSDS Cryptographic Algorithms2018.06CCSDS 350.5-G-1: Space Data Link Security Protocol - Summary of Concept and Rationale2018.06CCSDS 356.0-B-1: Network Layer Security Adaptation Profile2018.06CCSDS A13.1-Y-1: CCSDS Recommended Procedures for Cloud-Based Interoperability Testing2019.03CCSDS 350.0-G-3: The Application of Security to CCSDS Protocols2019.04CCSDS 350.4-G-2: CCSDS Guide for Secure System Interconnection2019.04CCSDS 350.7-G-2: Security Guide for Mission Planners2019.07CCSDS 357.0-B-1: CCSDS Authentication Credentials2019.08CCSDS 352.0-B-2: CCSDS Cryptographic Algorithms2020.02CCSDS 350.8-M-2: Information Security Glossary of Terms2020.02CCSDS 355.1-B-1: Space Data Link Security Protocol - Extended Procedures2022.02CCSDS 350.1-G-3: Security Threats against Space Missions2022.07CCSDS 355.0-B-2: Space Data Link Security Protocol
1994.10ESA PSS-05-0 Issue 2: ESA software engineering standards2000.03.30BSSC(2000)1 Issue 1: ESA C and C++ Coding Standards2009.03.06ECSS-E-ST-40C: Software2013.12.11ECSS-E-HB-40A: Software engineering handbook2017.02.15ECSS-Q-ST-80C: Software product assurance2017.11.22ECSS-Q-HB-80-03A Rev.1: Software dependability and safety2022.05.31ECSS-E-ST-10-03C Rev.1: Testing
2022.06.30IT baseline protection profile for space infrastructures: Minimum Protection for Satellites Covering their Entire Life Cycle2023.07.28Technical Guideline BSI TR-03184: Information Security for Space Systems - Part 1: Space segment
2011.11NASA/SP-2010-580: NASA System Safety Handbook Volume 1: System Safety Framework and Concepts for Implementation2014.11NASA/SP-2014-612: NASA System Safety Handbook Volume 2: System Safety Concepts, Guidelines, and Implementation Examples2020.09.04SPD-5: Cybersecurity Principles for Space Systems2020.12.16MRPP.CPS.20201216: Candidate Protection Strategies2022.07.15NASA-STD-1006A: Space System Protection Standard
1994.08.01SEL-94-003: NASA C Coding Standard and Style Guide2004.03.31NASA-GB-8719.13: NASA Software Safety Guidebook2005.05.24SEL-94-003: NASA C++ Coding Standard and Style Guide2020.09NIST SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations2021.02NIST IR 8323: Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services2022.02NIST IR 8270: Introduction to Cybersecurity for Commercial Satellite Operations 🚧2022.05NIST SP 800-161r1: Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations2022.12NIST IR 8401: Satellite Ground Segment: Applying the Cybersecurity Framework to Satellite Command and Control
2016.04.30Satellite Network Hacking & Security Analysis, International Journal of Computer Science and Security (IJCSS)2018.12Cybersecurity Principles for Space Systems, Journal of Aerospace Computing, Information and Communication2021.07CubeSat Security Attack Tree Analysis, 8th IEEE International Conference on Space Mission Challenges for Information Technology (SMC-IT 2021)2023.05.26PCspooF: Compromising the Safety of Time-Triggered Ethernet, IEEE Symposium on Security and Privacy 2023
2019.11Defending Spacecraft in the Cyber Domain2020.10Establishing Space Cybersecurity Policy, Standards, & Risk Management Practices2021.04.29Cybersecurity Protections for Spacecraft: A Threat Based Approach2023.04Space Threat Assessment: A Report of the CSIS Aerospace Security Project
2009.02.18Satellite Hacking for Fun and Profit, Black Hat DC 20092014.08.06SATCOM Terminals: Hacking by Air, Sea, and Land, Black Hat USA 20142015.08.05Spread Spectrum Satcom Hacking Attacking The Globalstar Simplex Data Service, Black Hat USA 20152020.08.05Whispers Among the Stars: A Practical Look at Perpetrating Satellite Eavesdropping Attacks, Black Hat USA 2020
2022.04.07Cyber range for space a way to optimize the cybersecurity process, CYSAT 2022
2012.10.31Satellite Hacking: An Introduction, DEF CON Switzerland 20122020.08.07Exploiting Spacecraft, DEF CON 28 Aerospace Village2021.08.06Unboxing the Spacecraft Software BlackBox Hunting for Vulnerabilities, DEF CON 29 Aerospace Village2022.08.13Hunting for Spacecraft Zero Days using Digital Twins, DEF CON 30 Aerospace Village
2016.07.24Iridium Satellite Hacking, HOPE XI 20162016.12.27Reverse Engineering Outernet, 33C32017.01.27Reverse Engineering Satellite Based IP Content Distribution, ReCon Brussels 20172018.10.12Hacking Yachts Remotely via Satcom or Maritime Internet Router2020.02GPS As An Attack Vector, S4 Conference 20202022.09.10Satellite Communications Reverse Engineering, GambiConf EU 2022
- MITRE ATT&CK® Matrix for ICS: Knowledge base of adversary tactics and techniques against Industrial Control Systems (ICS) based on real-world observations
- Space Attack Research & Tactic Analysis (SPARTA): Knowledge base of unclassified information to space professionals about how spacecraft may be compromised via cyber and traditional counterspace means
- Space Attacks and Countermeasures Engineering Shield (SPACE-SHIELD): A MITRE ATT&CK® like knowledge-base framework for Space Systems. It is a collection of adversary tactics and techniques, and a security tool applicable in the Space environment to strengthen the security level.
- CITEF: Next Generation Cyber-Range Services for space missions 💲
- CryptoLib: Provide a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
- QA707: Fully configurable GNSS Software Defined Radio (SDR) simulator for flexible generations of GNSS signals, interferences and authentication schemes up to RF level 💲
- iSAFT: Advanced solutions for the validation of satellite/spacecraft on-board data networks including SpaceWire, SpaceFibre, MIL-STD-1553, Time-Triggered Ethernet, CAN/CANOpen, WizardLink and others 💲
If you have any question about this opinionated list, do not hesitate to contact me @Peco602 on Twitter or open an issue on GitHub.