Detection of resource exhaustion on spacecraft systems due to attacks involving invalid inputs. This indicator focuses on identifying high memory and CPU utilization caused by the processing of numerous invalid inputs, which may lead to critical errors, safe mode transitions, or reboots of flight software (FSW) and applications. Such activity can be indicative of a deliberate attempt to exhaust spacecraft resources, resulting in a denial of service (DoS) condition or other operational impacts. Monitoring for these conditions is essential to maintaining spacecraft stability and ensuring mission success.
| ID | Name | Description | |
| EX-0013 | Flooding | Threat actors use flooding attacks to disrupt communications by injecting unexpected noise or messages into a transmission channel. There are several types of attacks that are consistent with this method of exploitation, and they can produce various outcomes. Although, the most prominent of the impacts are denial of service or data corruption. Several elements of the spacecraft may be targeted by jamming and flooding attacks, and depending on the time of the attack, it can have devastating results to the availability of the system. | |
| EX-0013.02 | Erroneous Input | Threat actors inject noise/data/signals into the target channel so that legitimate messages cannot be correctly processed due to impacts to integrity or availability. Additionally, while this technique does not utilize system-relevant signals/commands/information, the target spacecraft may still consume valuable computing resources to process and discard the signal. | |