Minimum Requirements for Space System Cybersecurity - Ensuring Cyber Access to Space

Space systems are continuously under cyber attack. Minimum cybersecurity design requirements are necessary to preserve our access to space. This paper proposes a scalable, ex- tensible method for developing minimum cyber design principles and subsequent requirements for a space system based on any given mission priority. To test our methodology, we selected the fundamental mission priority of preserving access to space by preventing the permanent loss of control of a satellite. We then generate the minimum number of secure-by-design principles that can result in the permanent loss of control of a satellite and translate these into example minimum requirement ‘shall’ statements. Our proposed minimum requirements methodology and example can serve as a starting point for policymakers aiming to establish security requirements for the sector. Further, our methodology for establishing minimum requirements will be engaged for prioritizing the efforts of the emergent IEEE International Technical Standard for Space Cybersecurity (Working Group P3349).