Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

U.S. Unveils Cybersecurity Policies for Space Systems

A presidential memorandum made public on Friday by the White House details the cybersecurity principles that should govern space systems.

A presidential memorandum made public on Friday by the White House details the cybersecurity principles that should govern space systems.

Space systems, the memorandum points out, are essential to global communications, explorations, navigation, positioning, timing, weather monitoring, national security, and other applications, and should be kept safe from cyberattacks.

These systems rely on information systems and networks for flight operations, data transmission, and more, which makes them susceptible to malicious activities varying from manipulating sensors to sending unauthorized commands, and injecting malicious code to cause data loss, loss of space vehicle control, or shortened system lifespan.

According to the memorandum (SPD-5), space systems should be governed by the same cybersecurity principles and practices that apply to terrestrial systems, although some of these principles are of particular importance to space systems, such as the ability to remotely receive updates and incident response, which should be integrated into space vehicles before launch.

“For this reason, integrating cybersecurity into all phases of development and ensuring full life-cycle cybersecurity are critical for space systems. Effective cybersecurity practices arise out of cultures of prevention, active defense, risk management, and sharing best practices,” the memorandum reads.

Principles detailed in the memorandum demand that space systems are designed in anticipation of cyberattacks, that positive control of a vehicle can be regained when necessary, that critical space vehicle functions are protected against unauthorized access and against jamming and spoofing, and that physical protections reduce vulnerabilities of specific space vehicle systems.

Ground systems, information processing systems, and operational technology should be protected as well, through cybersecurity best practices and hygiene practices, as well as physical security for automated information systems. Keeping a close eye on the supply chain should also diminish risks impacting the cybersecurity of space systems.

“Implementation of these principles, through rules, regulations, and guidance, should enhance space system cybersecurity, including through the consideration and adoption, where appropriate, of cybersecurity best practices and norms of behavior,” the memorandum reads.

Advertisement. Scroll to continue reading.

Furthermore, the document encourages collaboration between space system owners and operators for promoting the development of best practices. It also states that threat, warning, and incident data should be shared within the space industry.

Related: How the Secure Development Lifecycle Can Help Protect IIoT Deployments

Related: The Fundamentals of Developing Effective DevSecOps

Related: Connected Cars Moving Targets for Hackers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...