Op-ed | Protecting low Earth orbit from becoming the new Wild West


This op-ed originally appeared in the March 11, 2019 issue of SpaceNews magazine.

Assuring national and economic security is an urgent responsibility, especially as low Earth orbit (LEO) is opening to many new players.

Private companies of all kinds are sending up payloads for research, technological, commercial and educational gains. Space tourists are lining up to buy tickets, entrepreneurs and high school students are putting up cubesats, and commercial satellites are providing everything from worldwide internet access to tracking a retailer’s fleet of trucks, or monitoring fishing and land development.

It’s the stuff of sci-fi—and economic — dreams. And it’s mostly a very good thing. The United States government actively supports space commercialization. At a U.S. Chamber of Commerce-sponsored Space Summit in December, Secretary of Commerce Wilbur Ross suggested that with adequate support it could become a $1 trillion-plus industry worldwide within 10 to 15 years.

As Matthew Scholl, chief of the Computer Security Division at the National Institute of Standards and Technology’s Information Technology Laboratory, said at a recent event at MITRE, “The commercialization of low Earth orbit is currently deep into effect. It’s building an infrastructure of many things: communications, manufacturing, research, and ones we’re not even aware of yet—but will emerge. Like other infrastructures, there are significant resiliency and safety issues.”

Commercial communications satellites have long operated in the more distant geosynchronous (GEO) orbital belt around Earth, forming a vital part of the world’s “nervous system,” through which information flows that is essential to our day-to-day lives and national security. The large commercial GEO space companies have invested in the people and resources necessary to ensure cybersecurity for their satellites and ground systems. Although there have been exceptions — cyber protection of GEO systems is still an issue— these systems have been comparatively well protected, with the companies generally knowing and accepting the rules, norms, and practices for design and operational behavior.

But now commercial imaging satellites are proliferating in LEO. We’ve all read about plans for “mega constellations,” in which several hundred (or even thousands) of satellites will provide continuous worldwide coverage. The challenges become even more complex as many new startups begin to operate in LEO, literally and figuratively trying to get their businesses off the ground.

These companies have investors, insurers and ultimately, customers counting on their success. Some of them are quite small, with 25 or fewer employees. And they’ll be launching products that must operate for years to come.

The companies developing these systems depend on continuous and resilient operations, not only for themselves, but for the orbital neighborhood. Everyone shares challenges in LEO — we’ve seen this in other domains like air traffic control. For example, satellites could be maneuvered into the International Space Station, threatening the lives of astronauts, or into spent rocket bodies, creating an enormous amount of space debris.

If we’re not careful, we face the potential of the “tragedy of the commons,” where companies will focus on near-term business success rather than long-term sustainability and shared safety of operations.

Let’s talk about cyber threats to LEO. Many of the businesspeople I talk to recognize that there are cyber threats—and they want to adopt practices that will make their businesses more secure. They want to know how they can protect their operating systems and do their software updates reliably. They also want to keep their businesses safe from adversaries who might damage their reputation by taking their businesses offline—or worse, use their satellites as pawns in warfare.

But they’re also concerned about their bottom lines. They want to know how they can take advantage of the deep cyber protection thinking the national security community has developed, but on a public level.

The U.S. government is required to maintain effective oversight, licensing and regulation of these companies. It must help set the international standards and norms for all players. Of course, the government could insist on exquisite measures for cyber protection, but potentially at the expense of space commerce in the United States.

So, what to do?

Commercial space businesses must take the long view by doing everything possible today to build capacity into their satellites for future software and firmware upgrades, while designing for both resilience and security. We are still in the infancy of developing standard metrics for cyber resiliency that can be practically used in system designs. We need to find a workable balance: using design guidelines that will truly make space systems secure and safe in a measurable way, while being affordable.

To meet our current safety obligations without stifling innovation, I believe we should establish a “resilient space best practices” level of guidelines. Imagine a guidebook developed in collaboration with government, industry, and other stakeholders that documents these practices. Such a guidebook, titled “Cyber Hygiene for Space,” would be readily available to new companies to ensure LEO space is a secure domain. It would include straightforward approaches, such as the encryption of command/control channels between ground and satellite; the use of design practices to segregate major subsystems onboard a satellite to reduce system-to-system coupling vulnerabilities; and the separation of downlinked mission data and ground-based processors using protected interfaces.

While we could create an endless list of cyber protection approaches, that’s not helpful. Instead, what are the “top N” things a company must do to be allowed to fly? The goal shouldn’t be to become invulnerable to attack—which is likely impossible at a price most companies can bear. Rather, the goal should be to use the most efficient and robust approaches for the larger population of businesses.

This concept is not new. Other industries have adopted it, such as for wireless medical devices. I believe we can apply this approach to LEO commercial satellites.

In addition to creating guidelines, commercial space companies could coordinate threat-sharing and real-time operations, and use advanced information sharing infrastructure. We do this in other critical infrastructures such as energy, transportation and manufacturing.

Of course, unlike the American Wild West, LEO isn’t just a part of the U.S. It’s shared across all nations, complete with all our Earthbound differences and competitive instincts. America is committed to preserving a leadership role in space. Per Space Policy Directives from the National Space Council and cyber policy from the National Security Council, the U.S. is establishing new licensing and operations guidelines that seek to balance the need for good space stewardship (including cyber guidelines) with the imperative of not losing LEO companies to less restrictive nations.

Recognizing that space is so critical to our lives and that commercial use of space is growing, U.S. government officials are weighing the possibility of establishing it as a separate element on the list of 16 critical infrastructure sectors such as water, electricity and health care. Doing so could lay the groundwork for a thorough plan, but this first step may not happen for years. That’s all the more reason to establish some practical cyber guidance for commercial LEO companies now.

Scott Kordella is the director of outer space systems at Mitre, a not-for-profit company that operates federal R&D centers.