Cybersecurity and Space Course
Understanding Data Security in the New Space Age
April 13, 2021 | Online :: Central Time

Download PDF
 

Overview

“Excellent material and knowledgeable speakers”

“The Session was extremely beneficial to a beginner in the space industry like me”

“Absolutely fantastic, covers the broad spectrum of questions from theory and modelling to development of test and materials used. Highly useful for a growing test department!”

Mark Watney’s character in The Martian takes over a system in space without permission in order to survive. He comes to the conclusion that doing so constitutes piracy and as such dubs himself a “space pirate.” This class is not about the fantasy of being stranded on another planet but about the reality of vulnerable space systems in a rapidly growing space age. It won’t be an astronaut on Mars that will be commandeering your space system, it will be maliciously motivated cyber agents here on Earth. The focus of this day of presentations is to demonstrate how the rapid evolution of space technologies has created a potentially precarious position regarding the cybersecurity and the exploitability of small satellites and other space systems.

The operating environment and obstacles tied to space systems present unique challenges to the implementation of adequate cybersecurity. An extremely limited set of resources, non-standard operational windows and the rigors of space are just some of the challenges that cybersecurity efforts must overcome if hackers are to be stopped. I will discuss how real the threat of cyber-attack is to small satellites, especially, and space systems in general by covering how a hacker could compromise such systems. I will walk through a case study involving real vulnerabilities and exploits of common space system software, firmware, and operating systems to illustrate how they can be hacked. I will also provide an outline on the types of threats faced and how those threats will be manifested via the multi-faceted attack surface architectures of space systems which include traditional IT, IoT and ICS SCADA systems as well as open air communications. Further, I will provide some guidance for a path forward by outlining the foundational problems which must be addressed to promote resilience and keep hackers out of space.

This course will train cybersecurity professionals on the unique technical and operational constraints that are involved in operating a space system. Furthermore, this course will convey to the attendees the various attack surface, threats to space systems, and vectors those threats could manifest themselves through. We will discuss the institutional problems cybersecurity implementation and integration will face in space systems themselves and within the space community to prepare them for an evolving space system.

Learning Objectives

  • Review space systems
  • Identify space system architectures
  • Assess space system attacks
    • Threats
    • Vectors
    • Vulnerabilities
  • Discuss cyber operations
  • Review the anatomy of a space system compromise
    • Micro level
    • Macro level
  • Discuss foundational problem-sets for cybersecurity in space

Credits

AP_Logo

LRA has been accredited as an Authorized Provider by the International Association for Continuing Education and Training (IACET).  In obtaining this accreditation, LRA has demonstrated that it  complies with the ANSI/IACET Standard which is recognized internationally as a standard of good practice. As a result of their Authorized Provider status, LRA is authorized to offer IACET CEUs for its programs that qualify under the ANSI/IACET Standard.

LRA is authorized by IACET to offer 0.6 CEUs for this event.

Requirements for Successful Completion of Program

Participants must log in and be in attendance for the entirety of the course

Instructional Methods

Power Point presentations and open discussion will be used

Who Should Attend?

Engineers, Engineering Managers and Corporate Managers involved in or are interested in learning about the challenges of cybersecurity for space systems. Also relevant to Information Systems/Information Security professionals as well as students and faculty interested in the field of data security and cyber protection.

Agenda

Tuesday, April 13, 2021 :: Central Time

8:45 – 9:00 a.m. :: Log In and Welcome

9:00 a.m.  – 4:00 p.m. :: Course Timing

12:00 – 12:30 p.m. :: Break for Lunch


Part 1: Space systems

  • 1 Tipping point
  • 2 Introduction to computers in space
  • 3 Environmental challenges
  • 4 Operational challenges
  • 5 LEO systems and their unique challenges
  • 6 MEO / GEO systems and their unique challenges
  • 7 Constellations / Meshes and their unique challenges
  • 8 Special systems and their unique challenges

Part 2: Introduction to Cyber Operations / Warfare

  • 2.1 Background
  • 2.2 Introduction to warfare & cyber
  • 2.3 Types of cyber warfare activity
  • 2.4 Aspects of cyber warfare activity
  • 2.5 Resources
  • 2.6 Misconceptions
  • 2.7 Suitability to space

Part 3: Threats to Vehicles

  • 1 Vehicle: Electrical power system
  • 2 Vehicle: Communication
  • 3 Vehicle: Guidance navigation and control
  • 4 Vehicle: De-orbit
  • 5 Vehicle: Non-Leo

Part 4: Threats to Missions

  • 1 Safeguards
  • 2 Sensing missions
  • 3 Emitting missions
  • 4 Communication missions
  • 5 Weapon missions
  • 6 Life mission support

Part 5: Vectors of Attack

  • 1 Pre-operational
  • 2 Communications
  • 3 Terrestrial

Part 6: Compromise Examples

  • 1 Microsystem resilience & protection
  • 2 Macrosystem resilience & protection

Part 7: Problems

  • 1 Cost and investment challenges
  • 2 Understanding the cyber warfare landscape
  • 3 Issues with testing & evaluation
  • 4 Adaptation and implementation
  • 5 Comprehensive look at defense & security
  • 6 The modernization issue
  • 7 Failure analysis and vulnerability assessments

Instructor

Dr. Jacob Oakley

Dr. Oakley received his Doctor of Science in Information Technology from Towson University and his Master of Science in Information Technology from Eastern Michigan University. He has published three technical books, Professional Red Teaming, Waging Cyber War, and Cybersecurity for Space through Apress, a Division of Springer Nature. Dr. Oakley was on the team of hackers that won the international IoT CTF at DEFCON 27 in 2019 (Team SIXGEN). He has spoken at multiple security conferences including BSides Huntsville and the NASA Flight Software Symposium.

He has over 15 years of cybersecurity experience specialized in offensive cyber operations to include red teaming and penetration testing. During his seven-year career in the United States Marine Corps (USMC) he was an original member of Lima Company, the operational component of Marine Corps Forces Cyberspace Command (MARFORCYBER) as a part of the U.S. CYBERCOM stand up in 2010. He left the Marine Corps in 2013 as the senior most operator in MARFORCYBER and remained as a defense contractor at Ft. Meade supporting the Department of Defense until moving to Huntsville, AL in 2016. In Huntsville he was the principal cybersecurity advisor to a government CISO and most recently supports his current employer as Principal Technical Advisor, Cyber R&D.

Online Delivery

We will be using Microsoft Teams to facilitate your participation in the upcoming event. You do not need to have an existing Teams account in order to participate in the broadcast – the course will play in your browser and you will have the option of using a microphone to speak with the room and ask questions, or type any questions in via the chat window and our on-site representative will relay your question to the instructor.

  • You will receive a meeting invitation will include a link to join the meeting.
  • Separate meeting invitations will be sent for the morning and afternoon sessions of the course.
    • You will need to join the appropriate meeting at the appropriate time.
  • If you are using a microphone, please ensure that it is muted until such time as you need to ask a question.
  • The remote meeting connection will be open approximately 30 minutes before the start of the course. We encourage you to connect as early as possible in case you experience any unforeseen problems.

Register

Please Note: This event is being conducted entirely online. All attendees will connect and attend from their computer, one connection per purchase. For details please see our FAQ

Academics and students qualify for a reduced rate

Event Standard RateAttendees
All of our courses can be tailored to your needs and brought directly to your company’s location. For more information on our In-House Training options please contact Aaron Voss at [email protected]