Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have conducted a comprehensive evaluation of the security mechanisms of satellites currently orbiting the Earth. The team examined three low-earth orbit satellites to assess their security from an IT perspective. Their findings revealed that while some modern security concepts were implemented, various security mechanisms commonly found in mobile phones and laptops were absent. Additionally, interviews with satellite developers indicated that the industry primarily relies on security through obscurity.
The team, led by Johannes Willbold, a PhD student from Bochum, along with Dr. Ali Abbasi from Saarbrücken and Professor Thorsten Holz, analyzed two small research satellites and one medium-sized satellite used by a commercial company to observe the Earth. Gaining access to the satellites and their software proved challenging as commercial providers rarely disclose such details. However, through collaboration with the European Space Agency (ESA), universities involved in satellite construction, and a commercial enterprise, the researchers obtained the necessary access.
The researchers conducted a thorough security analysis of the three satellite models, examining the software functionalities and communication protocols used. To simulate the systems, the team virtually rebuilt them and tested the software as if it were running on a real satellite. Thorsten Holz emphasized the unique nature of the study, stating, “It was a very different world from the systems we usually study. For example, completely different communication protocols were used.”
Satellites in orbit have specific requirements due to their limited accessibility within short time windows and their need for robustness against space radiation. Additionally, they operate on low power and have data rates comparable to 1990s modems. The researchers used their software analysis findings to develop various attack scenarios and demonstrated their capability to disconnect the satellites from ground control and seize control of their systems. However, Holz noted that redirecting the satellite to another location would not be as straightforward, making potential collisions or crashes unlikely.
To understand the approach to security taken by satellite developers, the research team distributed a questionnaire to research institutions, the ESA, the German Aerospace Centre, and various enterprises. The anonymous responses revealed that the industry’s understanding of security differs from other domains, primarily relying on security through obscurity. Many respondents believed that satellites were impervious to attacks due to the lack of documentation about the systems. Only a few mentioned encrypting data or utilizing authentication to restrict communication between the ground station and the satellite.
Moritz Schloegel, co-author of the paper, emphasized that a lack of documentation does not protect against attacks. Today, reverse engineering can be employed to discover system vulnerabilities. The researchers aimed to bridge the gap between the satellite and security communities through this project, promoting a mutual understanding of the challenges faced by space applications and the current security standards in use.
In conclusion, the researchers’ assessment of the security mechanisms of satellites orbiting the Earth exposed the limited implementation of modern security concepts in these systems. The industry’s reliance on security through obscurity was a common theme among satellite developers. The study highlights the need for increased collaboration between the satellite and security communities to enhance security standards in space applications.