Practical Cybersecurity for Space
Description
While space system cybersecurity literature is expanding to address needs of an expanding space-cyber convergence, this book is a first-of-its-kind technical resource acting as a practical introduction to readers with a background in space operations as well as those in both offensive and defensive cybersecurity, introducing the unique constraints, challenges, and methodologies performing space system cybersecurity. This book will prime the reader with the knowledge needed to understand space operations and foundational knowledge of what impacts cyber threats can have on space systems and how cybersecurity must rise to meet them.
The book will then introduce readers to resources and processes necessary to establish best-practices in applying cybersecurity services and solutions to space system attack surfaces. The Space Attack Research & Tactic Analysis framework will be leveraged as a foundation for developing requisite knowledge on the art of the possible regarding space system cyber threat actors and mitigation.
Case studies and methodologies will be presented to build on the introductory space-cyber convergence information and frameworks, enabling readers to perform their own cybersecurity activities on space systems. Readers will then follow-along and/or perform the applied exercises and labs contained within the book to develop practical space system cybersecurity skills.
What You Will Learn:
-
How space systems and their components operate as cyber domain attack surface.
-
Processes and resources necessary to perform safe, secure, and effective cybersecurity practices on space systems and understand the challenges to implementing space system cybersecurity solutions and mitigations.
-
Hands on experience covering various cybersecurity services that one might perform on space systems such as adversarial assessment, forensics, and defense.
Who This Book is for:
This book is written for anyone curious about learning practical and applied methods and tradecraft for conducting cybersecurity activities such as penetration testing or red teaming, threat hunting, defensive and protective measures, or forensics and analysis on space systems such as satellites.
More details
Persons
Jacob Oakley , PhD, DSc, is a cybersecurity journeyman, author, speaker, and educator with 20 years of experience. A foremost expert on offensive cybersecurity, cyber warfare, and space system cybersecurity, he has advised Department of Defense (DoD) and Fortune 500 executives on strategic mitigation of risks and threats to globally distributed, multi-domain network architectures. He served on the Steering Committee for the IEEE Space System Cybersecurity Standards Working Group and is the Space Lead for the DEFCON Aerospace Village. An adjunct professor at Embry-Riddle Aeronautical University writing/teaching graduate courses on space cyber, he develops and teaches satellite hacking courses at Black Hat and DEF CON.
Brandon Bailey is a leading expert in space cybersecurity, specializing in adversarial threat analysis, offensive and defensive cyber operations for space systems, and the protection of national-level space infrastructure. For more than a decade, he has advanced the state of practice in securing spacecraft, ground systems, and mission operations through hands-on penetration testing, high-fidelity digital-twin environments, and applied cyber research.
Bailey is best known for architecting and leading the development of SPARTA (Space Attack Research and Tactic Analysis) which is the first unclassified space-focused cyber threat framework that documents how spacecraft can be targeted, the behaviors adversaries exhibit, and the countermeasures needed to disrupt them. His work on SPARTA has become foundational across government, industry, and academia, shaping threat-informed engineering approaches and driving the creation of space-specific intrusion detection, secure-by-design practices, and cyber resilience methodologies.
Michael Butler , is a 15-year veteran of the offensive cybersecurity industry. Originally a cyber warfare operator with the US Army at NSA, his service in the Army and Intelligence Community was followed by building three iterations of industry leading penetration testing teams at progressively complex and competitive organizations. His journey from Director of Red Teaming to Vice President of Offensive Cyber Operations at two separately acquired companies, followed by his role as Founder and CEO inspired him to author his first book, The Business of Hacking. He founded Final Frontier Security to elevate quality assessments and client experience through all aspects of offensive cybersecurity, including the emergent challenges where the Space and Cybersecurity domains converge. An internationally recognized instructor on hacking space systems, AWS, Azure, and GCP environments, he continues his role as a thought leader in the cybersecurity community teaching at Black Hat, DEF CON, and many other conferences around the world.
Content
1.The intersection of Space and Cyber.- 2.Understanding the attack surface.- 3.Assessing a satellite.- 4.CROPSAT.- 5.SPARTA.- 6.Lab 1: NOS3 and ground station ops.- 7.Lab 2: Insider threat / malicious tasking (torque / reaction wheels).- 8.Lab 3: Exploiting ground to space without SW.- 9.Lab 4: Command Interceptor & Cloaking Device.- 10.Lab 5: cFS Backdoor.- 11.Lab 6: Subverting camera payload (make a cron to rename file or something).- 12.Lab 7: Satellite to Satellite.- 13.Lab 8: Hard-mode lab with time delays.- 14.Lab 9: Vxworks exploitation.- 15.OpenC3 / cFS cFE CVE's.- 16.Summary.