CA-2(2) - Control Assessments | Specialized Assessments
Include as part of control assessments, [Assignment: organization-defined frequency], [Selection: announced; unannounced], [Selection (one or more): in-depth monitoring; security instrumentation; automated security test cases; vulnerability scanning; malicious user testing; insider threat assessment; performance and load testing; data leakage or data loss assessment [Assignment: organization-defined other forms of assessment]
].
Independent assessment can surface issues mission teams may normalize. Consider assessors with both space systems and cybersecurity depth who can evaluate specialized areas, TT&C, propulsion safety interlocks, payload isolation, key management, without losing operational realism. Independence is most effective when assessors have access to representative environments (twin/flatsat), clear rules of engagement, and traceability from findings to corrective actions feasible within pass and power/thermal constraints.
The A&A process establishes the extent to which a particular design and implementation, meet a set of specified security requirements defined by the organization, government guidelines, and federal mandates into a formal authorization package.
Software reuse, COTS dependence, and standardization of onboard systems using building block approach with addition of open-source technology leads to supply chain threat
On-orbit software updates/upgrades/patches/direct memory writes. If TT&C is compromised or MOC or even the developer's environment, the risk exists to do a variation of a supply chain attack where after it is in orbit you inject malicious code
Software defined radios - SDR is also another computer, networked to other parts of the spacecraft that could be pivoted to by an attacker and infected with malicious code. Once access to an SDR is gained, the attacker could alter what the SDR thinks is correct frequencies and settings to communicate with the ground.
Software can be broken down into three levels (operating system and drivers’ layer, data handling service layer, and the application layer). Highest impact on system is likely the embedded code at the BIOS, kernel/firmware level. Attacking the on-board operating systems. Since it manages all the programs and applications on the computer, it has a critical role in the overall security of the system. Since threats may occur deliberately or due to human error, malicious programs or persons, or existing system vulnerability mitigations must be deployed to protect the OS.
Hardware failure (i.e., tainted hardware) {ASIC and FPGA focused}
Sample Requirements
SPARTA ID
Requirement
Rationale/Additional Guidance/Notes
SPR-379
The [organization] shall conduct specialized assessments that are specifically tailored for space systems or space missions more generally, as opposed to traditional terrestrial IT systems.{SV-MA-6}{CA-2(2)}
Space missions require threat models distinct from terrestrial IT. Tailored assessments address unique operational constraints. Specialized evaluation improves relevance. Mission-specific review strengthens assurance.