Space Systems and Services
A strategy focused on securing space systems and services.
Space is one of the fastest-growing markets of the global economy. The rapid expansion of the space services market and the competitive advantage gained from being a first mover, increases the potential for lax security. It takes a holistic approach to assess risks associated with the space systems enterprise and understand the impacts to all critical infrastructure and National Critical Functions (NCFs), including terrestrial infrastructure as well as on-orbit vehicles that conduct operations in the space environment.
CISA’s Role
CISA works with public and private sector partners to advance space system security and resilience by identifying and assessing risks and expanding industry and international partnerships to ensure the responsible use of space.
Announcements
June 6, 2024: NRMC is pleased to announce the publication of the Recommendations to Space System Operators for Improving Cybersecurity which urges space system stakeholders to consider common cyber risks outlined in this report to inform their profile and carefully analyze the risks for each segment of their space system. This report, written by the public and private sector members of the Space Systems Critical Infrastructure Working Group, recommends useful actions that will support a stronger defense response to these cyber risks of space-based systems.
Recommendations to Space System Operators for Improving Cybersecurity
JUNE 6, 2024: NRMC is pleased to announce the publication of the Space Systems Security and Resilience Landscape: Zero Trust in the Space Environment which analyzes and defines opportunities for applying zero trust tenets across space infrastructure. This report, written by the public and private sector members of the Space Systems Critical Infrastructure Working Group, relies on components of the framework and seeks to analyze where and how they can be applied across the space infrastructure.
Space System Security and Resilience Landscape: Zero Trust in the Space Environment
Overview
Projections suggest the space economy will more than triple in size in the next decade with an expected value of $1.4 trillion by 2030. As more satellites and satellite systems occupy the near-Earth space domain and as terrestrial systems increasingly rely on space technology, increasing cyber, kinetic, and energy threats to space systems put national security and economies at risk. Cyber threats to space enterprise elements cross the spectrum from cyber criminals to advanced persistent threats from nation-states.
Space systems require evaluation of risk at all levels of its life cycle. From manufacture to final disposition at end-of-life, commercial and government space activities continue to be regulated by multiple government organizations with the regulatory environment evolving as both the military and commercial space landscape continues to grow. To mitigate risk, the NRMC is striving for public-private information sharing around identified vulnerabilities, threat information, space weather, and space intelligence.
Space Weather
Space weather events such as Geomagnetic Disturbances pose the risk for widespread and long-lasting damage to critical infrastructure.
Positioning, Navigation, and Timing
All 16 critical infrastructure sectors rely on accurate PNT provided by space systems.
DHS Space Policy
Space-based systems play a critical role in securing the homeland security enterprise as Department of Homeland Security (DHS) components and partners rely heavily on space systems to provide information and communications necessary for mission success. The DHS Space Policy (signed April 14, 2022), guides component efforts internally and across the homeland security enterprise.
DHS will assume a leading role in three primary areas: promotion of cybersecurity of space systems, homeland security mission assurance planning and execution, and contingency planning to respond to and recover from potential impacts to the homeland resulting from a denied or degraded space environment.
Engaging with Partners and Stakeholders
Nearly 50 Federal agencies and organizations participate in one or more aspects of space operations or activities, coordination between these organizations is vital in maintaining the security of space systems and services. The list of information sharing organizations includes, but is not limited to:
| Organization or Group | Purpose |
Critical Infrastructure Partnership Advisory Council Space Systems Enterprise Critical Infrastructure Working Group (SSCIWG) | The Working Group consists of both government and industry members whose primary goal is developing sound strategies and well-informed risk management processes for space systems and for critical infrastructure operators who rely on space systems. The Working Group operates under the Critical Infrastructure Partnership Advisory Council (CIPAC) framework, and serves as the primary mechanism for DHS to collaborate and coordinate on strategies and policies to increase or enhance space system security and resiliency to the wide array of threats faced daily. |
Space Weather Prediction Center (SWPC) | A laboratory and service center of the U.S. National Weather Service (NWS), part of the National Oceanic and Atmospheric Administration (NOAA). SWPC continually monitors and forecasts Earth's space environment, providing solar-terrestrial information. SWPC is the official source of space weather alerts and warnings for the United States. |
Space Information Sharing and Analysis Center (ISAC)
| The Space ISAC serves to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the space sector with respect to this information. |
National Defense Information Sharing and Analysis Center (ISAC)
| The ISAC for the Defense Industrial Base, offering defense sector companies, their suppliers, and related interests a community and forum for sharing cyber and physical security threat indicators, best practices and mitigation strategies. The National Defense ISAC serves as the national defense sector’s principal focal point for all hazards to the sector. |
Resources
The following resources are some of CISA's tools and products that focus heavily on the security and resilience of Positioning, Navigation, and Timing (PNT) technologies and satellites. Space defense activities within CISA and outside the PNT realm is a nascent initiative.
National Space Policy
Space Policy Directive 5
Space Policy Directive 7
Best Practices for Improved Robustness of Time and Frequency Sources in Fixed Locations
GPS Receiver Allow List Development Guide
Time Guidance for Network Operators CIOs CISOs
Resilient PNT Conformance Framework (Version 2.0)
PNT Integrity Library
Recommendations to Space System Operators for Improving Cybersecurity
Space System Security and Resilience Landscape: Zero Trust in the Space Environment
Contact Us
For questions or comments, email nrmc.intake@cisa.dhs.gov